Ir ao conteúdo
  • Cadastre-se
vozdoseven

Lentidão, bloqueia, iniciação muito lenta

Posts recomendados

Cumprimentos

PC sempre lento. A iniciação é demorada, o chrome, por vezes não responde. Por vezes o PC bloqueia obrigando à reinicialização. 

Segue o log do ZA- Scan

Agradecendo 

António Neves

ZA-Scan.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @vozdoseven

 

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.

 

Por favor, atente para o seguinte:

  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Sempre coloque suas respostas neste tópico... Não abra outro!
  • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  • Respeite a ordem das instruções passadas.

Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

 

# Etapa nº 1 #
 
Baixe o AdwCleaner e salve em sua Área de trabalho (Desktop)

Execute o arquivo adwcleaner.exe Como Administrador

  • Clique na aba Opções e deixe marcado apenas "Restaurar Políticas do IE" e "Restaurar Políticas do Chrome"
  • Clique no botão Verificar e aguarde o exame finalizar.
  • Clique no botão Limpar.
  • Abrirá um bloco de notas com o resultado.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.
  • O log também será salvo em C:\AdwCleaner


NOTA: Se o AdwCleaner encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC. Faça isso imediatamente, ao ser perguntado se quer reiniciar.
 
# Etapa nº 2 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Faça o download do ZHPCleaner e salve em sua Área de trabalho (Desktop)

 

Execute o arquivo ZHPCleaner.exe Como Administrador

  • Clique no botão Scanner.
  • A ferramenta começara o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Em seguida clique no botão Reparar.
  • Será gerado um log chamado ZHPCleaner.txt
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Cumprimentos Diego

Fiz o que recomendou

Seguem os logs

Agradecendo

António Neves

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    05-29-2019
# Duration: 00:00:04
# OS:       Windows 7 Professional
# Cleaned:  2
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

***** [ Chromium (and derivatives) ] *****

Deleted       Handy Tab

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1351 octets] - [29/05/2019 17:53:49]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
 

 

~ ZHPCleaner v2019.5.29.79 by Nicolas Coolman (2019/05/29)
~ Run by Neves (Administrator)  (29/05/2019 18:06:21)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Scan
~ Report : C:\Users\Neves\Desktop\ZHPCleaner (S).txt
~ Quarantine : C:\Users\Neves\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)


---\\  Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.


---\\  Services (0)
~ No malicious or unnecessary items found.


---\\  Browser internet (0)
~ No malicious or unnecessary items found.


---\\  Hosts file (1)
~ The hosts file is legitimate (22)


---\\  Scheduled automatic tasks. (1)
FOUND task: [AutoKMS] [C:\Windows\Tasks\AutoKMS.job]  =>HackTool.AutoKMS


---\\  Explorer ( File, Folder) (35)
FOUND folder: C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\clgckgfbhciacomhlchmgdnplmdiadbj  =>PUP.Optional.HandyTab
FOUND file: C:\Windows\Tasks\AutoKMS.job    =>HackTool.AutoKMS
FOUND file: C:\Windows\Installer\MSI2849.tmp    =>.SUP.MSIInstaller
FOUND file: C:\Windows\Installer\MSI9D59.tmp    =>.SUP.MSIInstaller
FOUND file: C:\Windows\Installer\MSIDE59.tmp    =>.SUP.MSIInstaller
FOUND file: C:\Windows\Installer\1049e1.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\5142a0.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\53a8f.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\a5bea.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\be25e.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\be4c7.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\c1ba4.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\c1df1.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\c3816.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\c5381.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\c56f7.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\c6963.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\c6f34.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\c7751.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\c82fa.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\cca55a.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\ccecb8.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\cd3bc1.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\cdf20.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\cf3b9.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\cfb9f.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\efd0a.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\AutoKMS\AutoKMS.exe [CODYQX4 & Bosh - AutoKMS]  =>HackTool.AutoKMS
FOUND file: C:\Windows\AutoKMS\AutoKMS.log    =>HackTool.AutoKMS
FOUND file: C:\Windows\AutoKMS\AutoKMS.ini    =>HackTool.AutoKMS
FOUND folder: C:\Windows\AutoKMS  =>HackTool.AutoKMS
FOUND folder: C:\Program Files (x86)\QuickTime  =>Riskware.QuickTime
FOUND folder: C:\Users\Neves\AppData\LocalLow\EmieBrowserModeList  =>.SUP.Empty
FOUND folder: C:\Users\Neves\AppData\LocalLow\EmieSiteList  =>.SUP.Empty
FOUND folder: C:\Users\Neves\AppData\LocalLow\EmieUserList  =>.SUP.Empty


---\\  Registry ( Key, Value, Data) (21)
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\clgckgfbhciacomhlchmgdnplmdiadbj []  =>PUP.Optional.HandyTab
FOUND key: [X64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool]  =>Toolbar.Ask
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Windows\system32\WFS.exe [Microsoft  Windows Fax and Scan]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe [FormatFactory]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Windows Photo Viewer\PhotoViewer.dll [Visualizador de Fotos do Windows]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Windows\system32\mspaint.exe [Paint]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe [Galeria de Fotos]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Adobe\Photoshop 7.0\Photoshop.exe [Adobe Photoshop]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Google Chrome]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe [Movie Maker]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Windows\eHome\ehshell.exe [Windows Media Center]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\PROGRA~1\MICROS~1\Office14\OIS.EXE [Microsoft Office 2010]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Microsoft Office\Office14\POWERPNT.EXE [Microsoft PowerPoint]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\NCH Software\WavePad\wavepad.exe [WavePad Sound Editor]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Windows Media Player\wmplayer.exe [Windows Media Player]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Anvsoft\Any Video Converter\AVCFree.exe [Any Video Converter]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe [AVG Antivirus]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FOXITREADER.EXE [Foxit Reader 8.3]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe [Adobe Acrobat Reader DC ]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Internet Explorer\iexplore.exe [Internet Explorer]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\WINDOWS\system32\notepad.exe [Bloco de notas]  =>.SUP.Orphan.MUICache


---\\  Summary of the elements found (8)
https://nicolascoolman.eu/2017/02/02/hacktool-autokms/  =>HackTool.AutoKMS
https://nicolascoolman.eu/2017/09/22/adware-handytab/  =>PUP.Optional.HandyTab
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.MSIInstaller
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Obsolete.Adobe
https://nicolascoolman.eu/2017/01/15/riskware-quicktime/  =>Riskware.QuickTime
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Empty
https://nicolascoolman.eu/2017/02/28/toolbar-ask/  =>Toolbar.Ask
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Orphan.MUICache


---\\ Result of repair
~ Any repair made
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)


---\\ Statistics
~ Items scanned : 80690
~ Items found : 84
~ Items cancelled : 0
~ Items options : 12/12
~ Space saving (bytes) : 0


~ End of search in 00h05mn16s

---\\  Reports (2)
ZHPCleaner--09032018-04_44_44.txt
ZHPCleaner--29052019-18_11_37.txt
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @vozdoseven

 

Execute novamente o ZHPCleaner e peça para remover (Repair) o que for encontrado.

 

Poste o log.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Tarde Diego

Peço desculpa por não ter feito correctamente o ZHP.

Agora acho que fiz bem

Agradecendo

António Neves

 

~ ZHPCleaner v2019.5.29.79 by Nicolas Coolman (2019/05/29)
~ Run by Neves (Administrator)  (31/05/2019 16:33:46)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version KO
~ Certificate ZHPCleaner: Legal
~ Type : Scan
~ Report : C:\Users\Neves\Desktop\ZHPCleaner (S).txt
~ Quarantine : C:\Users\Neves\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)


---\\  Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.


---\\  Services (0)
~ No malicious or unnecessary items found.


---\\  Browser internet (0)
~ No malicious or unnecessary items found.


---\\  Hosts file (1)
~ The hosts file is legitimate (22)


---\\  Scheduled automatic tasks. (1)
FOUND task: [AutoKMS] [C:\Windows\Tasks\AutoKMS.job]  =>HackTool.AutoKMS


---\\  Explorer ( File, Folder) (40)
FOUND folder: C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\clgckgfbhciacomhlchmgdnplmdiadbj  =>PUP.Optional.HandyTab
FOUND file: C:\Windows\Tasks\AutoKMS.job    =>HackTool.AutoKMS
FOUND file: C:\Windows\Installer\MSI2849.tmp    =>.SUP.MSIInstaller
FOUND file: C:\Windows\Installer\MSI9D59.tmp    =>.SUP.MSIInstaller
FOUND file: C:\Windows\Installer\MSIDE59.tmp    =>.SUP.MSIInstaller
FOUND file: C:\Windows\Installer\1049e1.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\5142a0.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\53a8f.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\a5bea.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\be25e.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\be4c7.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\c1ba4.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\c1df1.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\c3816.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\c5381.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\c56f7.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\c6963.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\c6f34.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\c7751.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\c82fa.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\cca55a.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\ccecb8.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\cd3bc1.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\cdf20.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\cf3b9.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\cfb9f.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\Installer\efd0a.msp    =>.SUP.Obsolete.Adobe
FOUND file: C:\Windows\AutoKMS\AutoKMS.exe [CODYQX4 & Bosh - AutoKMS]  =>HackTool.AutoKMS
FOUND file: C:\Windows\AutoKMS\AutoKMS.log    =>HackTool.AutoKMS
FOUND file: C:\Windows\AutoKMS\AutoKMS.ini    =>HackTool.AutoKMS
FOUND folder: C:\Windows\AutoKMS  =>HackTool.AutoKMS
FOUND folder: C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\File System\000  =>.SUP.Temporary.Chrome
FOUND folder: C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\File System\001  =>.SUP.Temporary.Chrome
FOUND folder: C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\File System\002  =>.SUP.Temporary.Chrome
FOUND folder: C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\File System\003  =>.SUP.Temporary.Chrome
FOUND folder: C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\File System\004  =>.SUP.Temporary.Chrome
FOUND folder: C:\Program Files (x86)\QuickTime  =>Riskware.QuickTime
FOUND folder: C:\Users\Neves\AppData\LocalLow\EmieBrowserModeList  =>.SUP.Empty
FOUND folder: C:\Users\Neves\AppData\LocalLow\EmieSiteList  =>.SUP.Empty
FOUND folder: C:\Users\Neves\AppData\LocalLow\EmieUserList  =>.SUP.Empty


---\\  Registry ( Key, Value, Data) (22)
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\clgckgfbhciacomhlchmgdnplmdiadbj []  =>PUP.Optional.HandyTab
FOUND key: [X64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool]  =>Toolbar.Ask
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Windows\system32\WFS.exe [Microsoft  Windows Fax and Scan]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe [FormatFactory]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Windows Photo Viewer\PhotoViewer.dll [Visualizador de Fotos do Windows]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Windows\system32\mspaint.exe [Paint]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe [Galeria de Fotos]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Adobe\Photoshop 7.0\Photoshop.exe [Adobe Photoshop]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Google Chrome]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe [Movie Maker]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Windows\eHome\ehshell.exe [Windows Media Center]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\PROGRA~1\MICROS~1\Office14\OIS.EXE [Microsoft Office 2010]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Microsoft Office\Office14\POWERPNT.EXE [Microsoft PowerPoint]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\NCH Software\WavePad\wavepad.exe [WavePad Sound Editor]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Windows Media Player\wmplayer.exe [Windows Media Player]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Anvsoft\Any Video Converter\AVCFree.exe [Any Video Converter]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe [AVG Antivirus]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FOXITREADER.EXE [Foxit Reader 8.3]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe [Adobe Acrobat Reader DC ]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Internet Explorer\iexplore.exe [Internet Explorer]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\WINDOWS\system32\notepad.exe [Bloco de notas]  =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Neves\AppData\Roaming\ZHP\ZHPCleaner.exe [ZHPCleaner]  =>.SUP.Orphan.MUICache


---\\  Summary of the elements found (9)
https://nicolascoolman.eu/2017/02/02/hacktool-autokms/  =>HackTool.AutoKMS
https://nicolascoolman.eu/2017/09/22/adware-handytab/  =>PUP.Optional.HandyTab
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.MSIInstaller
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Obsolete.Adobe
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Chrome
https://nicolascoolman.eu/2017/01/15/riskware-quicktime/  =>Riskware.QuickTime
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Empty
https://nicolascoolman.eu/2017/02/28/toolbar-ask/  =>Toolbar.Ask
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Orphan.MUICache


---\\ Result of repair
~ Any repair made
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)


---\\ Statistics
~ Items scanned : 80731
~ Items found : 91
~ Items cancelled : 0
~ Items options : 12/12
~ Space saving (bytes) : 0


~ End of search in 00h05mn38s

---\\  Reports (3)
ZHPCleaner--09032018-04_44_44.txt
ZHPCleaner--29052019-18_11_37.txt
ZHPCleaner--31052019-16_39_24.txt
 

 

~ ZHPCleaner v2019.5.29.79 by Nicolas Coolman (2019/05/29)
~ Run by Neves (Administrator)  (31/05/2019 16:41:00)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version KO
~ Certificate ZHPCleaner: Legal
~ Type : Repair
~ Report : C:\Users\Neves\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\Neves\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)


---\\  Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.


---\\  Services (0)
~ No malicious or unnecessary items found.


---\\  Browser internet (0)
~ No malicious or unnecessary items found.


---\\  Hosts file (1)
~ The hosts file is legitimate (22)


---\\  Scheduled automatic tasks. (1)
DELETED task: [AutoKMS] [C:\Windows\Tasks\AutoKMS.job (Not File) ]  =>HackTool.AutoKMS


---\\  Explorer ( File, Folder) (39)
MOVED file: C:\Windows\Tasks\AutoKMS.job    =>HackTool.AutoKMS
MOVED file: C:\Windows\Installer\MSI2849.tmp    =>.SUP.MSIInstaller
MOVED file: C:\Windows\Installer\MSI9D59.tmp    =>.SUP.MSIInstaller
MOVED file: C:\Windows\Installer\MSIDE59.tmp    =>.SUP.MSIInstaller
MOVED file: C:\Windows\Installer\1049e1.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\5142a0.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\53a8f.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\a5bea.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\be25e.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\be4c7.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\c1ba4.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\c1df1.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\c3816.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\c5381.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\c56f7.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\c6963.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\c6f34.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\c7751.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\c82fa.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\cca55a.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\ccecb8.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\cd3bc1.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\cdf20.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\cf3b9.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\cfb9f.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\Installer\efd0a.msp    =>.SUP.Obsolete.Adobe
MOVED file: C:\Windows\AutoKMS\AutoKMS.exe [CODYQX4 & Bosh - AutoKMS]  =>HackTool.AutoKMS
MOVED file: C:\Windows\AutoKMS\AutoKMS.log    =>HackTool.AutoKMS
MOVED folder: C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\clgckgfbhciacomhlchmgdnplmdiadbj  =>PUP.Optional.HandyTab
MOVED folder: C:\Windows\AutoKMS  =>HackTool.AutoKMS
MOVED folder: C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\File System\000  =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\File System\001  =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\File System\002  =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\File System\003  =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\File System\004  =>.SUP.Temporary.Chrome
MOVED folder: C:\Program Files (x86)\QuickTime  =>Riskware.QuickTime
MOVED folder: C:\Users\Neves\AppData\LocalLow\EmieBrowserModeList  =>.SUP.Empty
MOVED folder: C:\Users\Neves\AppData\LocalLow\EmieSiteList  =>.SUP.Empty
MOVED folder: C:\Users\Neves\AppData\LocalLow\EmieUserList  =>.SUP.Empty


---\\  Registry ( Key, Value, Data) (22)
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\clgckgfbhciacomhlchmgdnplmdiadbj []  =>PUP.Optional.HandyTab
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool]  =>Toolbar.Ask
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Windows\system32\WFS.exe [Microsoft  Windows Fax and Scan]  =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe [FormatFactory]  =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Windows Photo Viewer\PhotoViewer.dll [Visualizador de Fotos do Windows]  =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Windows\system32\mspaint.exe [Paint]  =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe [Galeria de Fotos]  =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Adobe\Photoshop 7.0\Photoshop.exe [Adobe Photoshop]  =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Google Chrome]  =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe [Movie Maker]  =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Windows\eHome\ehshell.exe [Windows Media Center]  =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\PROGRA~1\MICROS~1\Office14\OIS.EXE [Microsoft Office 2010]  =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Microsoft Office\Office14\POWERPNT.EXE [Microsoft PowerPoint]  =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\NCH Software\WavePad\wavepad.exe [WavePad Sound Editor]  =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Windows Media Player\wmplayer.exe [Windows Media Player]  =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Anvsoft\Any Video Converter\AVCFree.exe [Any Video Converter]  =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe [AVG Antivirus]  =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FOXITREADER.EXE [Foxit Reader 8.3]  =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe [Adobe Acrobat Reader DC ]  =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Internet Explorer\iexplore.exe [Internet Explorer]  =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\WINDOWS\system32\notepad.exe [Bloco de notas]  =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Neves\AppData\Roaming\ZHP\ZHPCleaner.exe [ZHPCleaner]  =>.SUP.Orphan.MUICache


---\\  Summary of the elements found (9)
https://nicolascoolman.eu/2017/02/02/hacktool-autokms/  =>HackTool.AutoKMS
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.MSIInstaller
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Obsolete.Adobe
https://nicolascoolman.eu/2017/09/22/adware-handytab/  =>PUP.Optional.HandyTab
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Chrome
https://nicolascoolman.eu/2017/01/15/riskware-quicktime/  =>Riskware.QuickTime
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Empty
https://nicolascoolman.eu/2017/02/28/toolbar-ask/  =>Toolbar.Ask
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Orphan.MUICache


---\\  Other deletions. (3)
~ Registry Keys Tracing deleted (2)
~ Remove the old reports ZHPCleaner. (1)


---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)


---\\ Statistics
~ Items scanned : 616
~ Items found : 0
~ Items cancelled : 0
~ Items options : 12/12
~ Space saving (bytes) : 0


~ End of clean in 00h00mn18s

---\\  Reports (3)
ZHPCleaner--29052019-18_11_37.txt
ZHPCleaner--31052019-16_39_24.txt
ZHPCleaner-[R]-31052019-16_41_18.txt
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @vozdoseven

 

Sem problemas, tudo certo! :)

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Baixe o Farbar Recovery Scan Tool e salve-o na Área de Trabalho (Desktop).


32 bit (x86) ou 64 bit (x64)

  • Clique com o botão direito e escolha Executar como Administrador;
  • Marque a caixa Arquivos 90 dias,  e clique no botão Examinar;
  • Aguarde e ao final os logs FRST.txt e Addition.txt serão salvos em sua Área de Trabalho (Desktop);
  • Selecione, copie e cole o conteúdo do log  FRST.txt em sua próxima resposta;
  • Anexe o log Addition.txt.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa tarde

Seguem os logs

Agradecendo

Ant. Neves

 

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 01-06-2019
Executado por Neves (administrador) em NEVES-PC (02-06-2019 15:06:05)
Executando a partir de C:\Users\Neves\Desktop
Perfis Carregados: Neves (Perfis Disponíveis: Neves)
Platform: Windows 7 Professional Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(GAS INFORMATICA LTDA -> GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(GAS INFORMATICA LTDA -> GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe

==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [309680 2019-05-23] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Arquivo não assinado]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-22] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> 
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2017-08-10] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrição <==== ATENÇÃO

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {05031D3A-C9A8-4B67-B555-F93034BC8D19} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_161_pepper.exe [1348096 2018-02-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {1C4F5170-1D01-4E6E-B3A3-B5C324FC7A6E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2F1F815B-D912-41A9-967D-2840DDD73501} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3906829491-772124867-3683219445-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {38A92DFE-A48E-4CBF-89D6-6E6683A2D961} - System32\Tasks\{D154281E-3A1E-4F94-B63E-44F3511F9290} => C:\Windows\system32\pcalua.exe -a "C:\Arquivos de Programas RFB\IRPF2016\IRPF2016.exe" -d "C:\Arquivos de Programas RFB\IRPF2016"
Task: {3CAB101F-63B0-4F84-BBB7-3C8161917E7F} - System32\Tasks\{E8A37ABA-B71D-47F2-858E-60E1C25A9DB8} => C:\Windows\system32\pcalua.exe -a C:\WINDOWS\ISUN0416.EXE -c -f"C:\Program Files (x86)\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files (x86)\Adobe\Photoshop 7.0\Uninst.dll"
Task: {4702D105-E2A1-4A73-94CB-AFCABE36A435} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3906829491-772124867-3683219445-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {49C1D814-9DEC-4741-A38E-DCD12AD37482} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3906829491-772124867-3683219445-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {4BEF28B8-0D4E-481B-AAB4-AD90A34E6ACB} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2408496 2019-04-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {4D1438B6-2B77-4DBC-9113-72E0228B1EE6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {50A7643C-5176-4FBD-923E-827CC50C5B65} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {5BBAF9FC-1296-4491-93BC-EC29AEF8520B} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [116480 2009-09-23] (Panda Security S.L -> )
Task: {5E608626-BD90-44D5-856B-E5924BB9D0CE} - System32\Tasks\{81E89B82-F74D-4C57-8574-49A29CEFAFA0} => C:\Windows\system32\pcalua.exe -a C:\Users\Neves\Desktop\wlsetup-web.exe -d C:\Users\Neves\Desktop
Task: {6443A59F-92FB-4727-8C7C-71FE1AC3EE99} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16571320 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9807AC21-EB2F-467C-A85E-0FDF0972D98A} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {B8F4FB49-F687-4133-ADB5-585B14432233} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
Task: {DA72912A-84F5-4CAC-B8F5-3937615BEBFB} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {E6A2CDB2-A168-46A7-AB5C-DEE8CDAEDF25} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1183256 2018-02-09] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {EC52D973-F86C-4240-8EA0-E1A770300BB7} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2981808 2019-05-23] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)


==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{FB1ED1A9-79E2-4151-B5DA-EB3A4E3103AB}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3906829491-772124867-3683219445-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com.br/
SearchScopes: HKU\S-1-5-21-3906829491-772124867-3683219445-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3906829491-772124867-3683219445-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3906829491-772124867-3683219445-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll [2019-04-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Auxiliar de Conexão de Conta da Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540007} -> C:\Program Files (x86)\GbPlugin\gbiehabn.dll [2014-11-18] (BANCO SANTANDER BRASIL SA -> Banco Real)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-04-21] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) [Arquivo não assinado]
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) [Arquivo não assinado]
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) [Arquivo não assinado]
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) [Arquivo não assinado]
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) [Arquivo não assinado]
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) [Arquivo não assinado]

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-22] (Adobe Systems Incorporated -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-22] (Adobe Systems Incorporated -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-04-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-04-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3906829491-772124867-3683219445-1000: gastecnologia.com.br/sf/abn -> C:\Users\Neves\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll [Nenhum Arquivo]
FF Plugin HKU\S-1-5-21-3906829491-772124867-3683219445-1000: gastecnologia.com.br/sf/abn64 -> C:\Users\Neves\AppData\Local\GAS Tecnologia\GBBD\npsf_abn_64.dll [Nenhum Arquivo]

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com.br/
CHR StartupUrls: Default -> "hxxps://www.google.com.br/"
CHR Profile: C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default [2019-06-02]
CHR Extension: (Apresentações) - C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Flash Video Downloader) - C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2019-05-07]
CHR Extension: (Documentos) - C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-15]
CHR Extension: (YouTube) - C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-15]
CHR Extension: (Google Search) - C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-15]
CHR Extension: (Planilhas) - C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Video Downloader PLUS) - C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2019-04-22]
CHR Extension: (Documentos Google off-line) - C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-14]
CHR Extension: (AdBlock) - C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-05-28]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-02]
CHR Extension: (Gmail) - C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-23]
CHR Profile: C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-06-02]
CHR Profile: C:\Users\Neves\AppData\Local\Google\Chrome\User Data\System Profile [2019-06-02]
CHR HKU\.DEFAULT\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3906829491-772124867-3683219445-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [409280 2019-05-23] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [6893160 2019-05-28] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [555320 2014-10-31] (GAS INFORMATICA LTDA -> GAS Tecnologia)
S4 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [5249008 2018-01-24] (IBM -> IBM Corp.)
S4 Unchecky; C:\Program Files (x86)\Unchecky\bin\Unchecky_svc.exe [241400 2015-10-13] (Reason Software Company Inc. -> RaMMicHaeL)
S4 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [847160 2015-02-13] (GAS INFORMATICA LTDA -> GAS Tecnologia LTDA)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [37160 2019-05-23] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [207496 2019-05-23] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [263056 2019-05-23] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [206408 2019-05-23] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [61520 2019-05-23] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [42336 2019-05-23] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [167920 2019-05-23] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [112360 2019-05-23] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [87992 2019-05-23] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1030832 2019-05-23] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [477632 2019-05-23] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S2 avgStm; C:\Windows\System32\drivers\avgStm.sys [225144 2019-05-23] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [385904 2019-05-30] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [5337184 2012-11-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 PAEAFLT.sys; C:\Windows\System32\DRIVERS\PAEAFLT.sys [9472 2007-09-26] (Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Incorporation)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [489616 2018-01-24] (IBM -> IBM Corp.)
R1 RapportCerberus_1908103; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1908103.sys [1635344 2018-02-04] (IBM -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [703056 2018-01-24] (IBM -> IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [338384 2018-01-24] (IBM -> IBM Corp.)
S3 RapportIaso; não ImagePath
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [597976 2018-01-24] (IBM -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [743568 2018-01-24] (IBM -> IBM Corp.)
S3 SPC230NC; C:\Windows\System32\DRIVERS\SPC230NC.SYS [531968 2008-01-03] (Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Inc.)
S3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2014-10-31] (GAS INFORMATICA LTDA -> GAS Tecnologia LTDA)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-09-21] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-09-21] (Zemana Ltd. -> Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três meses (criados) ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2019-06-02 15:06 - 2019-06-02 15:09 - 000024707 _____ C:\Users\Neves\Desktop\FRST.txt
2019-06-02 15:04 - 2019-06-02 15:06 - 000000000 ____D C:\FRST
2019-06-02 15:04 - 2019-06-02 15:04 - 002433536 _____ (Farbar) C:\Users\Neves\Desktop\FRST64.exe
2019-06-01 10:50 - 2019-06-01 10:50 - 000022774 _____ C:\Users\Neves\Desktop\D7-Q1IyXsAAhX0k.jpg_large
2019-05-31 16:41 - 2019-05-31 16:41 - 000009513 _____ C:\Users\Neves\Desktop\ZHPCleaner (R).txt
2019-05-29 18:11 - 2019-05-31 16:39 - 000009394 _____ C:\Users\Neves\Desktop\ZHPCleaner (S).txt
2019-05-29 18:05 - 2019-05-31 16:32 - 000000830 _____ C:\Users\Neves\Desktop\ZHPCleaner.lnk
2019-05-29 18:05 - 2019-05-29 18:05 - 003145600 _____ (Nicolas Coolman) C:\Users\Neves\Desktop\ZHPCleaner.exe
2019-05-29 17:59 - 2019-05-29 17:59 - 000001497 _____ C:\Users\Neves\Desktop\AdwCleaner[C00].txt
2019-05-29 17:51 - 2019-05-29 17:54 - 000000000 ____D C:\AdwCleaner
2019-05-29 17:51 - 2019-05-29 17:51 - 007025360 _____ (Malwarebytes) C:\Users\Neves\Desktop\adwcleaner_7.3.exe
2019-05-23 17:29 - 2019-05-23 17:42 - 000002199 _____ C:\Users\Neves\Desktop\mundial.htm
2019-05-23 06:22 - 2019-05-23 06:22 - 000363440 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2019-05-19 20:50 - 2019-05-19 20:50 - 000023803 _____ C:\Users\Neves\Desktop\ZA-Scan.txt
2019-05-19 20:43 - 2019-05-19 20:43 - 000023803 _____ C:\ZA-Scan.txt
2019-05-19 20:35 - 2019-05-19 20:35 - 000000000 ____D C:\zoek_backup
2019-05-19 20:33 - 2019-05-19 20:33 - 006102389 _____ C:\Users\Neves\Desktop\zoek.zip
2019-05-16 06:11 - 2019-04-25 01:01 - 025730560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-05-16 06:11 - 2019-04-18 23:54 - 004057320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-05-16 06:11 - 2019-04-18 23:53 - 003963624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-05-16 06:11 - 2019-04-18 23:53 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-05-16 06:11 - 2019-04-18 23:51 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-05-16 06:11 - 2019-04-18 23:51 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-05-16 06:11 - 2019-04-18 23:51 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-05-16 06:11 - 2019-04-18 23:51 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-05-16 06:11 - 2019-04-18 23:51 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-05-16 06:11 - 2019-04-18 23:51 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-05-16 06:11 - 2019-04-18 23:51 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-05-16 06:11 - 2019-04-18 23:51 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-05-16 06:11 - 2019-04-18 23:51 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-05-16 06:11 - 2019-04-18 23:51 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-05-16 06:11 - 2019-04-18 23:51 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-05-16 06:11 - 2019-04-18 23:51 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:44 - 000095456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-05-16 06:11 - 2019-04-18 23:42 - 005552864 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-05-16 06:11 - 2019-04-18 23:42 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-05-16 06:11 - 2019-04-18 23:42 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-05-16 06:11 - 2019-04-18 23:40 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-05-16 06:11 - 2019-04-18 23:40 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-05-16 06:11 - 2019-04-18 23:40 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-05-16 06:11 - 2019-04-18 23:40 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-05-16 06:11 - 2019-04-18 23:40 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-05-16 06:11 - 2019-04-18 23:40 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-05-16 06:11 - 2019-04-18 23:40 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-05-16 06:11 - 2019-04-18 23:40 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-05-16 06:11 - 2019-04-18 23:40 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:20 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-05-16 06:11 - 2019-04-18 23:20 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-05-16 06:11 - 2019-04-18 23:18 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-05-16 06:11 - 2019-04-18 23:15 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-05-16 06:11 - 2019-04-18 23:11 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-05-16 06:11 - 2019-04-18 23:08 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-05-16 06:11 - 2019-04-18 23:08 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-05-16 06:11 - 2019-04-18 23:08 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-05-16 06:11 - 2019-04-18 23:08 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-05-16 06:11 - 2019-04-18 23:08 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-05-16 06:11 - 2019-04-18 23:07 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-05-16 06:11 - 2019-04-18 23:07 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-05-16 06:11 - 2019-04-18 23:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-05-16 06:11 - 2019-04-18 23:07 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-05-16 06:11 - 2019-04-18 23:07 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-05-16 06:11 - 2019-04-18 23:07 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-05-16 06:11 - 2019-04-18 23:07 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-05-16 06:11 - 2019-04-16 12:17 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-05-16 06:11 - 2019-04-16 12:17 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-05-16 06:11 - 2019-04-16 12:17 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-05-16 06:11 - 2019-04-16 12:05 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-05-16 06:11 - 2019-04-16 12:05 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-05-16 06:11 - 2019-04-16 12:05 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-05-16 06:11 - 2019-04-16 12:05 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-05-16 06:10 - 2019-04-30 16:28 - 000397112 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-05-16 06:10 - 2019-04-30 15:37 - 000348984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-05-16 06:10 - 2019-04-29 21:51 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-05-16 06:10 - 2019-04-29 21:51 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-05-16 06:10 - 2019-04-25 00:52 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-05-16 06:10 - 2019-04-25 00:52 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-05-16 06:10 - 2019-04-25 00:40 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-05-16 06:10 - 2019-04-25 00:38 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-05-16 06:10 - 2019-04-25 00:38 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-05-16 06:10 - 2019-04-25 00:38 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-05-16 06:10 - 2019-04-25 00:37 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-05-16 06:10 - 2019-04-25 00:31 - 020279296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-05-16 06:10 - 2019-04-25 00:31 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-05-16 06:10 - 2019-04-25 00:30 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-05-16 06:10 - 2019-04-25 00:28 - 005775360 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-05-16 06:10 - 2019-04-25 00:28 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-05-16 06:10 - 2019-04-25 00:26 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-05-16 06:10 - 2019-04-25 00:26 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-05-16 06:10 - 2019-04-25 00:26 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-05-16 06:10 - 2019-04-25 00:26 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-05-16 06:10 - 2019-04-25 00:24 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-05-16 06:10 - 2019-04-25 00:19 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-05-16 06:10 - 2019-04-25 00:16 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-05-16 06:10 - 2019-04-25 00:12 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-05-16 06:10 - 2019-04-25 00:12 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-05-16 06:10 - 2019-04-25 00:11 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-05-16 06:10 - 2019-04-25 00:11 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-05-16 06:10 - 2019-04-25 00:09 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-05-16 06:10 - 2019-04-25 00:09 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-05-16 06:10 - 2019-04-25 00:09 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-05-16 06:10 - 2019-04-25 00:08 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-05-16 06:10 - 2019-04-25 00:06 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-05-16 06:10 - 2019-04-25 00:05 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-05-16 06:10 - 2019-04-25 00:05 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-05-16 06:10 - 2019-04-25 00:05 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-05-16 06:10 - 2019-04-25 00:04 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-05-16 06:10 - 2019-04-25 00:03 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-05-16 06:10 - 2019-04-25 00:03 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-05-16 06:10 - 2019-04-25 00:02 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-05-16 06:10 - 2019-04-25 00:02 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-05-16 06:10 - 2019-04-25 00:01 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-05-16 06:10 - 2019-04-24 23:54 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-05-16 06:10 - 2019-04-24 23:52 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-05-16 06:10 - 2019-04-24 23:50 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-05-16 06:10 - 2019-04-24 23:50 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-05-16 06:10 - 2019-04-24 23:50 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-05-16 06:10 - 2019-04-24 23:49 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-05-16 06:10 - 2019-04-24 23:49 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-05-16 06:10 - 2019-04-24 23:48 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-05-16 06:10 - 2019-04-24 23:47 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-05-16 06:10 - 2019-04-24 23:47 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-05-16 06:10 - 2019-04-24 23:46 - 015285248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-05-16 06:10 - 2019-04-24 23:46 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-05-16 06:10 - 2019-04-24 23:45 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-05-16 06:10 - 2019-04-24 23:43 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-05-16 06:10 - 2019-04-24 23:40 - 004493312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-05-16 06:10 - 2019-04-24 23:38 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-05-16 06:10 - 2019-04-24 23:37 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-05-16 06:10 - 2019-04-24 23:36 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-05-16 06:10 - 2019-04-24 23:35 - 013682176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-05-16 06:10 - 2019-04-24 23:35 - 005303808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-05-16 06:10 - 2019-04-24 23:35 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-05-16 06:10 - 2019-04-24 23:24 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-05-16 06:10 - 2019-04-24 23:18 - 004831232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-05-16 06:10 - 2019-04-24 23:14 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-05-16 06:10 - 2019-04-24 23:14 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-05-16 06:10 - 2019-04-24 23:12 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-05-16 06:10 - 2019-04-18 23:51 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-05-16 06:10 - 2019-04-18 23:51 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-05-16 06:10 - 2019-04-18 23:51 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-05-16 06:10 - 2019-04-18 23:51 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-05-16 06:10 - 2019-04-18 23:51 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-05-16 06:10 - 2019-04-18 23:50 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-05-16 06:10 - 2019-04-18 23:50 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-05-16 06:10 - 2019-04-18 23:50 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-05-16 06:10 - 2019-04-18 23:44 - 000185064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2019-05-16 06:10 - 2019-04-18 23:43 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-05-16 06:10 - 2019-04-18 23:43 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-05-16 06:10 - 2019-04-18 23:43 - 000153832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-05-16 06:10 - 2019-04-18 23:43 - 000064232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
2019-05-16 06:10 - 2019-04-18 23:43 - 000063208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2019-05-16 06:10 - 2019-04-18 23:43 - 000060648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
2019-05-16 06:10 - 2019-04-18 23:43 - 000031976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
2019-05-16 06:10 - 2019-04-18 23:43 - 000023784 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
2019-05-16 06:10 - 2019-04-18 23:43 - 000020200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2019-05-16 06:10 - 2019-04-18 23:42 - 000122600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
2019-05-16 06:10 - 2019-04-18 23:42 - 000068328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2019-05-16 06:10 - 2019-04-18 23:42 - 000036064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2019-05-16 06:10 - 2019-04-18 23:42 - 000015080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
2019-05-16 06:10 - 2019-04-18 23:42 - 000012136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
2019-05-16 06:10 - 2019-04-18 23:40 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-05-16 06:10 - 2019-04-18 23:40 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-05-16 06:10 - 2019-04-18 23:40 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-05-16 06:10 - 2019-04-18 23:40 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-05-16 06:10 - 2019-04-18 23:40 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-05-16 06:10 - 2019-04-18 23:40 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-05-16 06:10 - 2019-04-18 23:40 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-05-16 06:10 - 2019-04-18 23:40 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-05-16 06:10 - 2019-04-18 23:40 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-05-16 06:10 - 2019-04-18 23:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-05-16 06:10 - 2019-04-18 23:40 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-05-16 06:10 - 2019-04-18 23:40 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-05-16 06:10 - 2019-04-18 23:40 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-05-16 06:10 - 2019-04-18 23:39 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-05-16 06:10 - 2019-04-18 23:39 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-05-16 06:10 - 2019-04-18 23:39 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-05-16 06:10 - 2019-04-18 23:39 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-05-16 06:10 - 2019-04-18 23:39 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-05-16 06:10 - 2019-04-18 23:27 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-05-16 06:10 - 2019-04-18 23:26 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-05-16 06:10 - 2019-04-18 23:20 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-05-16 06:10 - 2019-04-18 23:20 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-05-16 06:10 - 2019-04-18 23:19 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-05-16 06:10 - 2019-04-18 23:15 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-05-16 06:10 - 2019-04-18 23:15 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-05-16 06:10 - 2019-04-18 23:14 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-05-16 06:10 - 2019-04-18 23:12 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-05-16 06:10 - 2019-04-18 23:11 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-05-16 06:10 - 2019-04-18 23:08 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-05-16 06:10 - 2019-04-16 12:17 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-05-16 06:10 - 2019-04-16 12:17 - 000628224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2019-05-16 06:10 - 2019-04-16 12:17 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-05-16 06:10 - 2019-04-16 12:16 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2019-05-16 06:10 - 2019-04-16 12:05 - 014184448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-05-16 06:10 - 2019-04-16 12:05 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-05-16 06:10 - 2019-04-16 12:05 - 000806400 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-05-16 06:10 - 2019-04-16 12:05 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-05-16 06:10 - 2019-04-16 12:05 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-05-16 06:10 - 2019-04-16 11:55 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-05-16 06:10 - 2019-04-16 10:15 - 000419648 _____ C:\Windows\SysWOW64\locale.nls
2019-05-16 06:10 - 2019-04-16 10:15 - 000419648 _____ C:\Windows\system32\locale.nls
2019-05-16 06:10 - 2019-04-14 02:42 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2019-05-16 06:10 - 2019-04-14 02:40 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-05-16 06:10 - 2019-04-14 02:40 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2019-05-16 06:10 - 2019-04-14 02:39 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-05-16 06:10 - 2019-04-14 02:39 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2019-05-16 06:10 - 2019-04-14 02:28 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-05-16 06:10 - 2019-04-14 02:26 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-05-16 06:10 - 2019-04-14 02:26 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-05-16 06:10 - 2019-04-14 02:26 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2019-05-16 06:10 - 2019-04-14 02:26 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2019-05-16 06:10 - 2019-04-14 02:26 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2019-05-16 06:10 - 2019-04-14 02:12 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2019-05-16 06:10 - 2019-04-07 12:17 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2019-05-16 06:10 - 2019-04-07 12:17 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-05-16 06:10 - 2019-04-07 12:17 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2019-05-16 06:10 - 2019-04-07 12:17 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-05-16 06:10 - 2019-04-07 12:17 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-05-16 06:10 - 2019-04-07 12:17 - 000160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-05-16 06:10 - 2019-04-07 12:16 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-05-16 06:10 - 2019-04-07 12:16 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-05-16 06:10 - 2019-04-07 12:16 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2019-05-16 06:10 - 2019-04-07 12:16 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2019-05-16 06:10 - 2019-04-07 12:16 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-05-16 06:10 - 2019-04-07 12:16 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2019-05-16 06:10 - 2019-04-07 12:16 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2019-05-16 06:10 - 2019-04-07 12:16 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-05-16 06:10 - 2019-04-07 12:16 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2019-05-16 06:10 - 2019-04-07 12:16 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2019-05-16 06:10 - 2019-04-07 12:15 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-05-16 06:10 - 2019-04-07 12:15 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-05-16 06:10 - 2019-04-07 12:15 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2019-05-16 06:10 - 2019-04-07 12:15 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2019-05-16 06:10 - 2019-04-07 12:15 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2019-05-16 06:10 - 2019-04-07 12:15 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2019-05-16 06:10 - 2019-04-07 12:15 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-05-16 06:10 - 2019-04-07 12:15 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-05-16 06:10 - 2019-04-07 12:15 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2019-05-16 06:10 - 2019-04-07 12:15 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2019-05-16 06:10 - 2019-04-07 12:15 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2019-05-16 06:10 - 2019-04-07 12:05 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-05-16 06:10 - 2019-04-07 12:03 - 014637568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-05-16 06:10 - 2019-04-07 12:03 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-05-16 06:10 - 2019-04-07 12:03 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-05-16 06:10 - 2019-04-07 12:03 - 001281536 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2019-05-16 06:10 - 2019-04-07 12:03 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-05-16 06:10 - 2019-04-07 12:03 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-05-16 06:10 - 2019-04-07 12:03 - 000486400 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-05-16 06:10 - 2019-04-07 12:03 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-05-16 06:10 - 2019-04-07 12:03 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-05-16 06:10 - 2019-04-07 12:03 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-05-16 06:10 - 2019-04-07 12:03 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-05-16 06:10 - 2019-04-07 12:03 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2019-05-16 06:10 - 2019-04-07 12:03 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-05-16 06:10 - 2019-04-07 12:03 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2019-05-16 06:10 - 2019-04-07 12:03 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-05-16 06:10 - 2019-04-07 12:03 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-05-16 06:10 - 2019-04-07 12:03 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-05-16 06:10 - 2019-04-07 12:03 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-05-16 06:10 - 2019-04-07 12:02 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-05-16 06:10 - 2019-04-07 12:02 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-05-16 06:10 - 2019-04-07 12:02 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-05-16 06:10 - 2019-04-07 12:02 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-05-16 06:10 - 2019-04-07 12:02 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-05-16 06:10 - 2019-04-07 12:02 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-05-16 06:10 - 2019-04-07 12:02 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-05-16 06:10 - 2019-04-07 12:02 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-05-16 06:10 - 2019-04-07 12:02 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-05-16 06:10 - 2019-04-07 12:02 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-05-16 06:10 - 2019-04-07 12:02 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-05-16 06:10 - 2019-04-07 12:02 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-05-16 06:10 - 2019-04-07 12:02 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-05-16 06:10 - 2019-04-07 12:02 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-05-16 06:10 - 2019-04-07 12:02 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-05-16 06:10 - 2019-04-07 12:02 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-05-16 06:10 - 2019-04-07 12:02 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-05-16 06:10 - 2019-04-07 12:02 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-05-16 06:10 - 2019-04-07 12:02 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-05-16 06:10 - 2019-04-07 12:02 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-05-16 06:10 - 2019-04-07 12:02 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2019-05-16 06:10 - 2019-04-07 12:02 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2019-05-16 06:10 - 2019-04-07 12:02 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2019-05-16 06:10 - 2019-04-07 12:02 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-05-16 06:10 - 2019-04-07 12:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2019-05-16 06:10 - 2019-04-07 12:01 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2019-05-16 06:10 - 2019-04-07 11:57 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-05-16 06:10 - 2019-04-07 11:49 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-05-16 06:10 - 2019-04-07 11:48 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-05-16 06:10 - 2019-04-07 11:45 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-05-16 06:10 - 2019-04-07 11:45 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-05-16 06:10 - 2019-04-07 11:45 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-05-16 06:10 - 2019-04-07 11:42 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-05-16 06:10 - 2019-04-07 11:42 - 000376320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2019-05-16 06:10 - 2019-04-07 11:42 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-05-16 06:10 - 2019-04-07 11:42 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-05-16 06:10 - 2019-04-07 11:42 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-05-16 06:10 - 2019-04-07 11:38 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-05-16 06:10 - 2019-04-07 11:35 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-05-16 06:10 - 2019-04-07 11:33 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-05-16 06:10 - 2019-04-07 11:33 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-05-16 06:10 - 2019-04-07 10:05 - 000634312 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-05-16 06:10 - 2019-04-04 21:34 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\cryptdll.dll
2019-05-16 06:10 - 2019-04-04 21:23 - 000057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdll.dll
2019-04-30 17:42 - 2019-04-30 17:42 - 000010107 _____ C:\Users\Neves\Desktop\maio.pdf
2019-04-26 17:47 - 2019-04-26 17:47 - 000000000 ____D C:\Users\Neves\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2019
2019-04-26 17:47 - 2019-04-26 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB2019
2019-04-14 09:11 - 2019-04-17 08:31 - 000002857 _____ C:\Users\Neves\Desktop\inez carolina.htm
2019-04-12 14:52 - 2019-04-24 19:16 - 000000077 _____ C:\Windows\system32\Drivers\avgSP.sys.sum
2019-04-10 05:44 - 2019-04-01 22:57 - 003229696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-04-10 05:44 - 2019-03-28 22:36 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2019-04-10 05:44 - 2019-03-26 21:40 - 003181568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-04-10 05:44 - 2019-03-20 23:10 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll
2019-04-10 05:44 - 2019-03-16 01:11 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-04-10 05:44 - 2019-03-16 01:09 - 003247616 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-04-10 05:44 - 2019-03-16 01:09 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2019-04-10 05:44 - 2019-03-16 01:09 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-04-10 05:44 - 2019-03-16 01:09 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-04-10 05:44 - 2019-03-16 01:09 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-04-10 05:44 - 2019-03-16 01:08 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-04-10 05:44 - 2019-03-16 01:08 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2019-04-10 05:44 - 2019-03-16 00:58 - 002368000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-04-10 05:44 - 2019-03-16 00:58 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-04-10 05:44 - 2019-03-16 00:58 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2019-04-10 05:44 - 2019-03-16 00:58 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-04-10 05:44 - 2019-03-16 00:58 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2019-04-10 05:44 - 2019-03-16 00:58 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2019-04-10 05:44 - 2019-03-16 00:42 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2019-04-10 05:44 - 2019-03-16 00:38 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2019-04-10 05:44 - 2019-03-13 11:35 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2019-04-10 05:44 - 2019-03-11 18:41 - 002009600 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-04-10 05:44 - 2019-03-11 18:41 - 001894912 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-04-10 05:44 - 2019-03-11 18:41 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-04-10 05:44 - 2019-03-11 18:41 - 000688128 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2019-04-10 05:44 - 2019-03-11 18:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll
2019-04-10 05:44 - 2019-03-11 18:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2019-04-10 05:44 - 2019-03-11 18:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2019-04-10 05:44 - 2019-03-11 18:33 - 001391616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-04-10 05:44 - 2019-03-11 18:33 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2019-04-10 05:44 - 2019-03-11 18:33 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-04-10 05:44 - 2019-03-11 18:33 - 000107520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleprn.dll
2019-04-10 05:44 - 2019-03-11 18:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2019-04-10 05:44 - 2019-03-11 18:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2019-04-10 05:44 - 2019-02-21 12:48 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2019-04-10 05:44 - 2019-02-21 12:43 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2019-04-10 05:44 - 2019-02-21 12:37 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2019-04-10 05:44 - 2019-02-08 13:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-04-10 05:44 - 2019-02-08 13:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-03-18 07:26 - 2019-04-26 18:13 - 000000000 ____D C:\Users\Neves\Desktop\IMPOSTO RENDA 2019
2019-03-12 19:41 - 2019-02-16 02:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2019-03-12 19:41 - 2019-02-16 02:30 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2019-03-12 18:59 - 2019-03-04 23:44 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2019-03-12 18:59 - 2019-03-04 23:44 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-03-12 18:59 - 2019-02-21 23:35 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-03-12 18:59 - 2019-02-16 03:02 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2019-03-12 18:59 - 2019-02-16 03:02 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2019-03-12 18:59 - 2019-02-16 02:50 - 000321536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2019-03-12 18:59 - 2019-02-15 13:09 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-03-12 18:59 - 2019-02-15 12:58 - 000320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-03-12 18:59 - 2019-02-15 12:40 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-03-12 18:59 - 2019-02-15 12:40 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-03-12 18:59 - 2019-02-15 12:38 - 000360960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-03-12 18:59 - 2019-02-15 12:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2019-03-12 18:59 - 2019-02-10 13:10 - 001680104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-03-12 18:59 - 2019-02-10 12:36 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2019-03-12 18:59 - 2019-02-10 12:36 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2019-03-12 18:59 - 2019-02-10 12:36 - 000195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2019-03-12 18:59 - 2019-02-10 12:35 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2019-03-12 18:59 - 2019-02-08 13:07 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2019-03-12 18:59 - 2019-02-08 12:59 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2019-03-12 18:59 - 2019-02-07 13:06 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\brdgcfg.dll
2019-03-12 18:59 - 2019-02-07 13:06 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\bridgeres.dll
2019-03-12 18:59 - 2019-02-07 13:01 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2019-03-12 18:59 - 2019-02-07 12:46 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\bridgeunattend.exe
2019-03-12 18:59 - 2019-02-03 12:36 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
2019-03-12 18:59 - 2019-01-04 13:13 - 000143592 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-03-12 18:59 - 2019-01-04 13:07 - 000727040 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-03-12 18:59 - 2019-01-04 11:05 - 002862592 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-03-12 18:59 - 2019-01-04 11:05 - 001635328 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-03-12 18:59 - 2019-01-04 11:05 - 000799744 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-03-12 18:59 - 2019-01-04 11:05 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-03-12 18:59 - 2019-01-04 11:05 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-03-12 18:59 - 2019-01-04 11:05 - 000451584 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-03-12 18:59 - 2019-01-04 11:05 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-03-12 18:59 - 2019-01-04 11:05 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-03-12 18:58 - 2019-03-04 23:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys

==================== Três meses (modificados) ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2019-06-02 15:08 - 2018-07-21 14:03 - 000067871 _____ C:\Windows\ZAM.krnl.trace
2019-06-02 15:08 - 2018-07-21 14:03 - 000045236 _____ C:\Windows\ZAM_Guard.krnl.trace
2019-06-02 13:22 - 2009-07-14 01:45 - 000034704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-06-02 13:22 - 2009-07-14 01:45 - 000034704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-06-02 13:17 - 2017-09-21 08:02 - 000002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-06-02 13:13 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-01 16:02 - 2017-06-01 12:21 - 000004174 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2019-05-31 16:41 - 2018-03-09 04:39 - 000000000 ____D C:\Users\Neves\AppData\Roaming\ZHP
2019-05-30 06:23 - 2017-06-01 12:21 - 000385904 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2019-05-29 18:05 - 2018-03-09 04:39 - 000000000 ____D C:\Users\Neves\AppData\Local\ZHP
2019-05-28 22:14 - 2015-03-02 14:55 - 000000000 ____D C:\Windows\Minidump
2019-05-28 22:10 - 2009-07-14 02:08 - 000032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-05-23 10:19 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2019-05-23 06:22 - 2019-02-23 18:42 - 000087992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2019-05-23 06:22 - 2019-01-04 10:20 - 000037160 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArDisk.sys
2019-05-23 06:22 - 2018-10-19 10:19 - 000042336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
2019-05-23 06:22 - 2017-11-12 05:20 - 000207496 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2019-05-23 06:22 - 2017-06-01 12:21 - 000477632 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2019-05-23 06:22 - 2017-06-01 12:21 - 000225144 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2019-05-23 06:22 - 2017-06-01 12:21 - 000167920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2019-05-23 06:22 - 2017-06-01 12:21 - 000112360 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2019-05-23 06:21 - 2019-01-14 11:58 - 000263056 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys
2019-05-23 06:21 - 2019-01-04 10:20 - 000206408 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys
2019-05-23 06:21 - 2019-01-04 10:20 - 000061520 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys
2019-05-23 06:21 - 2017-06-01 12:21 - 001030832 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2019-05-21 11:19 - 2018-06-14 19:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-05-18 13:45 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\rescache
2019-05-16 17:55 - 2017-11-02 22:15 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-05-16 08:41 - 2011-01-27 20:29 - 000708378 _____ C:\Windows\system32\prfh0416.dat
2019-05-16 08:41 - 2011-01-27 20:29 - 000148158 _____ C:\Windows\system32\prfc0416.dat
2019-05-16 08:41 - 2009-07-14 02:13 - 001642390 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-16 08:34 - 2009-07-14 01:45 - 000409744 _____ C:\Windows\system32\FNTCACHE.DAT
2019-05-16 08:28 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-05-16 08:28 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\system32\Dism
2019-05-16 06:35 - 2015-02-27 11:03 - 000000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2019-05-16 06:30 - 2015-02-27 20:49 - 000000000 ____D C:\Windows\system32\MRT
2019-05-16 06:20 - 2015-02-27 20:48 - 132445408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-05-16 06:15 - 2015-02-28 06:28 - 001606776 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-05-14 22:22 - 2015-02-27 12:05 - 000003502 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-14 22:22 - 2015-02-27 12:05 - 000003374 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-05 16:32 - 2018-02-17 11:26 - 000000000 ____D C:\Users\Neves\Desktop\BRIOSA

==================== Arquivos na raiz de alguns diretórios =======

2017-07-31 22:39 - 2017-07-31 22:39 - 000000268 ___RH () C:\Users\Neves\AppData\Roaming\Image Manipulation
2017-07-31 22:41 - 2017-07-31 22:41 - 000000268 ___RH () C:\Users\Neves\AppData\Roaming\Image Units
2017-07-31 22:39 - 2017-07-31 22:39 - 000000268 ___RH () C:\Users\Neves\AppData\Roaming\Images
2015-03-02 12:20 - 2015-10-27 12:22 - 000033787 _____ () C:\Users\Neves\AppData\Roaming\unins000.dat
2015-04-05 07:05 - 2016-08-02 18:54 - 000003584 _____ () C:\Users\Neves\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-03-14 06:23 - 2017-03-14 06:23 - 000000036 _____ () C:\Users\Neves\AppData\Local\housecall.guid.cache
2015-07-29 19:37 - 2015-08-03 20:45 - 000004096 ____H () C:\Users\Neves\AppData\Local\keyfile3.drm
2015-11-15 20:44 - 2017-06-07 20:24 - 000007598 _____ () C:\Users\Neves\AppData\Local\resmon.resmoncfg

==================== SigCheck ===============================

(Não há correção automática para arquivos que não passaram na verificação.)


LastRegBack: 2019-05-23 13:20
==================== Fim de FRST.txt ============================

Addition.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @vozdoseven

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Baixe o arquivo (fixlist.txt) no anexo deste post e salve-o na Área de Trabalho (Desktop).

Execute o FRST.exe (ou FRST64.exe) e clique no botão Corrigir.

Aguarde... ao final será gerado o log Fixlog.txt  salvo em sua Área de Trabalho (Desktop).

Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 

Abraços :D

fixlist.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa tarde caro Diego

Assim fiz

Segue o log

Agradecendo

Ant. Neves

 

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 04-06-2019
Executado por Neves (04-06-2019 15:59:19) Run:1
Executando a partir de C:\Users\Neves\Desktop
Perfis Carregados: Neves (Perfis Disponíveis: Neves)
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrição <==== ATENÇÃO
SearchScopes: HKU\S-1-5-21-3906829491-772124867-3683219445-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3906829491-772124867-3683219445-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3906829491-772124867-3683219445-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-09-21] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-09-21] (Zemana Ltd. -> Zemana Ltd.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Nenhum Arquivo
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> [CC]{A94757A0-0226-426F-B4F1-4DF381C630D3} =>  -> Nenhum Arquivo
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> Nenhum Arquivo
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Nenhum Arquivo
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Nenhum Arquivo
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> [CC]{A94757A0-0226-426F-B4F1-4DF381C630D3} =>  -> Nenhum Arquivo
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> Nenhum Arquivo
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Nenhum Arquivo
Reboot:

*****************

Ponto de Restauração criado com sucesso.
Processos fechados com sucesso.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removido (a) com sucesso.
HKLM\SOFTWARE\Policies\Mozilla => removido (a) com sucesso.
"HKU\S-1-5-21-3906829491-772124867-3683219445-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removido (a) com sucesso.
HKU\S-1-5-21-3906829491-772124867-3683219445-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => não encontrado (a)
HKU\S-1-5-21-3906829491-772124867-3683219445-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => não encontrado (a)
ZAM => Serviço finalizado com sucesso.
HKLM\System\CurrentControlSet\Services\ZAM => removido (a) com sucesso.
ZAM => serviço removido (a) com sucesso.
ZAM_Guard => Serviço finalizado com sucesso.
HKLM\System\CurrentControlSet\Services\ZAM_Guard => removido (a) com sucesso.
ZAM_Guard => serviço removido (a) com sucesso.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => não encontrado (a)
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Foxit_ConvertToPDF_Reader => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\[CC]{A94757A0-0226-426F-B4F1-4DF381C630D3} => não encontrado (a)
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\[CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => não encontrado (a)
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\[CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => não encontrado (a)
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => não encontrado (a)
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Foxit_ConvertToPDF_Reader => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\[CC]{A94757A0-0226-426F-B4F1-4DF381C630D3} => não encontrado (a)
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\[CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => não encontrado (a)
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\[CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => não encontrado (a)


O sistema precisou ser reiniciado.

==== Fim de Fixlog 16:00:30 ====

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @vozdoseven

 

Acesse o site Malwarebytes, clique em Download Gratuito e baixe o arquivo para sua Área de Trabalho (Desktop).

 

Desative antivírus, antispywares, enfim, programas de prevenção para não causar conflitos.

 

Clique com o botão direito do mouse no arquivo setup.exe e escolha: Executar como Administrador

 

  • Siga os passos para a instalação;
  • Ao clicar em Concluir aguarde o programa ser aberto;
  • No alto à direita clique em Atualizar agora;
  • O navegador irá abrir, pode fechá-lo e aguarde o término das atualizações;
  • No painel à esquerda clique em Configurações;
  • Na aba Proteção ative Procurar rootkits;
  • Depois clique em Análise no painel à esquerda;
  • Então clique no botão Iniciar Análise e aguarde;
  • Quando o scan terminar uma janela irá se abrir próximo ao relógio;
  • Nela clique em Ver Resultado;
  • Deixe todas as entradas marcadas e clique no botão Colocar em Quarentena;
  • Na janela que abrir clique em Sim para que o computador seja reiniciado;
  • Uma vez reiniciado, abra novamente o Malwarebytes e clique em Histórico e cliquem em Excluir Tudo (opcional);
  • O log será salvo automaticamente pelo programa.
  • Para exportá-lo, clique na aba Histórico > Registros do aplicativo na janela principal do programa;
  • Clique duas vezes em cima do log mais atual e exporte em .TXT;
  • Poste em sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa tarde Diego

... problemas...

Pois após fazer a análise e colocar em quarentena , o PC reiniciou, mas a partir daqui o caos...

O Chrome quase sempre não responde nomeadamente com a pagina do  Clube Hardware...  o PC bloqueia também, por vezes [já reiniciei o computador umas 20 vezes] ...  com o Malwarebytes a mesma coisa, bloqueia... o IE também bloqueia com algumas páginas entre as quais o Clube Hardware.

Lembrei-me de vir para o modo de segurança e aqui consegui ... nem sei como será depois de sair daqui. 

Penso ser este o log pedido [trabalhar em modo segurança é confuso].

 

Malwarebytes
www.malwarebytes.com

-Detalhes de registro-
Data da análise: 07/06/2019
Hora da análise: 12:16
Arquivo de registro: 41760308-8937-11e9-b50b-382c4a8d39ff.json

-Informação do software-
Versão: 3.7.1.2839
Versão de componentes: 1.0.586
Versão do pacote de definições: 1.0.10942
Licença: Versão de Avaliação

-Informação do sistema-
Sistema operacional: Windows 7 Service Pack 1
CPU: x64
Sistema de arquivos: NTFS
Usuário: Neves-PC\Neves

-Resumo da análise-
Tipo de análise: Análise de Ameaças
Análise Iniciada Por: Manual
Resultado: Concluído
Objetos verificados: 271921
Ameaças detectadas: 4
Ameaças em quarentena: 4
Tempo decorrido: 16 min, 10 seg

-Opções da análise-
Memória: Habilitado
Inicialização: Habilitado
Sistema de arquivos: Habilitado
Arquivos compactados: Habilitado
Rootkits: Habilitado
Heurística: Habilitado
PUP: Detectar
PUM: Detectar

-Detalhes da análise-
Processo: 0
(Nenhum item malicioso detectado)

Módulo: 0
(Nenhum item malicioso detectado)

Chave de registro: 0
(Nenhum item malicioso detectado)

Valor de registro: 0
(Nenhum item malicioso detectado)

Dados de registro: 0
(Nenhum item malicioso detectado)

Fluxo de dados: 0
(Nenhum item malicioso detectado)

Pasta: 0
(Nenhum item malicioso detectado)

Arquivo: 4
Generic.Malware/Suspicious, C:\USERS\NEVES\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\AUTOKMS.EXE, Quarentena, [0], [392686],1.0.10942
PUP.Optional.InstallCore.Generic, C:\USERS\NEVES\DESKTOP\Atalhos não utilizados da área de trabalho\aTube Catcher.lnk, Quarentena, [561], [621110],1.0.10942
PUP.Optional.InstallCore.Generic, C:\PROGRAM FILES (X86)\DSNET CORP\ATUBE CATCHER 2.0\YCT.EXE, Quarentena, [561], [621110],1.0.10942
Generic.Malware/Suspicious, C:\USERS\NEVES\DESKTOP\NEVES\ATIVADOR 1 OFFICE 2010 [WESLEY FERREIRA].RAR, Quarentena, [0], [392686],1.0.10942

Setor físico: 0
(Nenhum item malicioso detectado)

Instrumentação do Windows (WMI): 0
(Nenhum item malicioso detectado)

 

Agradecendo António Neves


(end)

 

 

EDIÇÃO

... peço desculpa, mas vou fazer um acrescento

"como não conseguia navegar, o PC sempre a bloquear, [até o programa de imagens photobucket] deduzi que fosse algo com o Malwarebytes e a verdade é que não consegui desinstalá-lo... tentei fazer restauração, mas bloqueava e fui ao modo de segurança...  permitiu-me restaurar o computador ... escolhi o ponto FRST de 4 de Junho e a verdade é que agora consigo navegar".

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @vozdoseven

 

Patrício, meu amigo, por favor, da próxima vez que acontecer algo assim, me informe antes de tomar qualquer medida. ;)

 

Faça o download do ESET Online Scanner e salve-o em sua Área de Trabalho (Desktop).

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

  • Clique com o botão direito do mouse em esetonlinescanner_enu.exe e selecione Executar Como Administrador.
  • Clique em Get Started (Começar).
  • Uma nova janela irá aparecer - selecione Get Started (Começar).
  • Selecione, se desejar, enviar dados anônimos para a ESET.
  • Clique na opção Full Scan (Scan Completo).
  • Clique na opção Enable ESET (Ativar ESET) para detectar e remover.
  • Selecione Start scan (Iniciar verificação).
  • Aguarde, a verificação poderá ser demorada.
  • Ao término, clique em Save scan log (salvar log do scan)
  • Salve-o em sua Área de Trabalho com o nome de ESETlog.txt.
  • Clique em Continue (Continuar).
  • Poderá ser questionado se deseja ativar Periodic Scan feature (recurso Scan Periódico).
  • Clique em Continue (Continuar).
  • Na próxima tela, você pode deixar um feedback sobre o programa, se desejar.
  • Marque a caixa  Delete application data on closing (Apagar dados da aplicação ao fechar).
  • Se deixou um feedback, clique em Submit (Enviar) e continue. Se não, feche (Close) sem feedback.
  • Em sua Área de Trabalho será criado um arquivo chamado ESETlog.txt.
  • Abra-o, copie e cole o seu conteúdo em sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite caro Diego

Pois, desculpe lá ter-me antecipado e ter feito o que fiz, mas fiquei "desesperado" e, além do mais, necessitava de acabar uns trabalhos que tinha em mãos.

Agradecendo

António Neves

 

Segue o log do ESET 

 

10/06/2019 18:21:34
Files scanned: 299548
Infected files: 3
Cleaned threats: 3
Total scan time 01:27:45
Scan status: Finished


C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc\31.2.9_0\js\contentScripts\contentScript.js    JS/Chromex.Agent.AP trojan    cleaned by deleting
C:\Users\Neves\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\AutoKMS.exe    MSIL/HackKMS.A potentially unsafe application    cleaned by deleting
C:\Users\Neves\Desktop\Atalhos não utilizados da área de trabalho\Toolkit-GT.exe    a variant of MSIL/HackKMS.G potentially unsafe application    cleaned by deleting
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @vozdoseven

 

Ok, sem problemas. :)

 

Baixe Security Check, by glax24 e salve em sua Área de trabalho (Desktop).

 

Execute o arquivo como Administrador

  • Aguarde enquanto a ferramenta faz o exame.
  • Ao final salve log como SecurityCheck.html
  • Abra o arquivo com o bloco de notas;
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia caro Diego

Segue o log

Cumprimentos 

 

SecurityCheck by glax24 & Severnyj v.1.4.0.53 [27.10.17]
WebSite: www.safezone.cc
DateLog: 14.06.2019 05:59:02
Path starting: C:\Users\Neves\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Neves
VersionXML: 6.54is-13.06.2019
___________________________________________________________________________

Windows 7(6.1.7601) Service Pack 1 (x64) Professional Lang: Portuguese(0416)
Installation date OS: 27.02.2015 14:01:53
LicenseStatus: Windows(R) 7, Professional edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
SystemDrive: 😄 FS: [NTFS] Capacity: [298 Gb] Used: [182 Gb] Free: [116 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.19377
User Account Control enabled (Level 3)
Notify before download
Date install updates: 2019-06-13 00:53:12
Windows Update (wuauserv) - The service is running
Central de Segurança (wscsvc) - The service is running
Registro remoto (RemoteRegistry) - The service has stopped
Descoberta SSDP (SSDPSRV) - The service is running
Serviços de Área de Trabalho Remota (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office XP v.10.0.6626.0
Microsoft Office 2010 x64 v.14.0.7015.1000
---------------------------- [ Antivirus_WMI ] ----------------------------
AVG Antivirus (enabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Firewall do Windows (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
AVG Antivirus (enabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
AVG AntiVirus FREE v.19.5.3093
ESET Online Scanner v3
-------------------------- [ SecurityUtilities ] --------------------------
Unchecky v0.4 v.0.4
--------------------------- [ OtherUtilities ] ----------------------------
Microsoft .NET Framework 4.7.2 v.4.7.03062
Microsoft .NET Framework 4.7.2 (PTB) v.4.7.03062
Microsoft Silverlight v.5.1.50918.0
Microsoft .NET Framework 4.7.2 (Português (Brasil)) v.4.7.03062
Foxit Reader v.8.3.2.25013 Warning! Download Update
Microsoft Office XP Professional com FrontPage v.10.0.6626.0 Warning! This software is no longer supported. Please use latest Microsift Office, Office Online or LibreOffice
-------------------------------- [ Arch ] ---------------------------------
WinRAR 5.50 (64-bit) v.5.50.0 Warning! Download Update
--------------------------------- [ IM ] ----------------------------------
Skype versão 8.45 v.8.45 Warning! Download Update
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 211 v.8.0.2110.12
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Flash Player 31 ActiveX v.31.0.0.122 Warning! Download Update
Adobe Flash Player 27 NPAPI v.27.0.0.130 Warning! Download Update
Adobe Flash Player 28 PPAPI v.28.0.0.161 Warning! Download Update
Adobe Acrobat Reader DC v.18.011.20038 Warning! Download Update
^Please run Acrobat Reader DC and go Help - Check for updates...^
------------------------------- [ Browser ] -------------------------------
Google Chrome v.75.0.3770.80 Warning! Download Update
----------------------------- [ EmailClient ] -----------------------------
Windows Live Essentials v.16.4.3528.0331 Warning! This software is no longer supported.
------------------ [ AntivirusFirewallProcessServices ] -------------------
C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe v.19.5.4.2336
AVG Antivirus (AVG Antivirus) - The service is running
C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe v.19.5.4444.0
C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe v.19.5.4444.0
Unchecky (Unchecky) - The service has stopped
Windows Defender (WinDefend) - The service has stopped
----------------------------- [ End of Log ] ------------------------------
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @vozdoseven

 

# Etapa nº 1 #

 

Baixe o Delfix by Xplode e salve na sua área de trabalho.

 

Clique duas vezes no delfix.exe para executá-lo como Administrador

 

Marque as caixas conforme imagem abaixo.

 

2mez6ld.png

 

Obs: Caso a imagem não abra automaticamente no tópico clique no link para visualizá-la.

 

Clique no botão Executar.

 

Ao final será gerado um log, mas não é necessário postar.

# Etapa nº 2 #

Versões antigas de programas têm vulnerabilidades que alguns malwares podem usar para infectar o seu sistema.

Por isso, é recomendável atualizar os programas que o Security Check apontou como desatualizados (os updates opcionais ficam ao seu critério).

Basta clicar no Download Update de cada aviso (post acima), que irá para o site do desenvolvedor.

<<@>> Mantenha sempre seu Windows atualizado; mantenha uma vigilância constante com o firewall e antivírus e por fim, lembre-se que, a melhor forma de prevenir começa pelas nossas atitudes!

 

# Etapa nº 3 #

 

O Ccleaner é um excelente utilitário de limpeza para o computador.

 

Faça o download dele aqui Ccleaner

 

  • Após a instalação vá até o local onde o programa foi instalado, geralmente em C:\Arquivos de programas\CCleaner.
  • Clique duas vezes nesta pasta;
  • Numa área vazia desta janela, clique com o botão direito do mouse e escolha Novo > pasta e crie uma nova pasta;
  • Coloque o nome de backups.
  • Abra o programa e clique em Executar Limpeza;
  • Clique no botão Registro > Procurar Erros > Corrigir erro(s) seleciona(s)...
  • Observação: Não se esqueça de aceitar o backup das correções, e salvá-los nas pasta criada acima!

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro Diego

Peço desculpa de só agora responder. Entendi tudo o qu eme disse, mas o "delfix"... já era.

Envio um print screen da página que abre após clicar no "delfix". 

Agradecimento por tudo... o PC tá normal [só após iniciar a página da internet demora sempre um pouco a abarir]. 

Ant. Neves

 

 

EDIÇÃO

... pensei duas vezes e procurei o "delfix" no google... consegui baixar de um página qualquer e fiz a limpeza. 

 

zzzzz.png

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @vozdoseven

 

Fiquei com dengue e agora me recuperei.

 

Ok, tudo certo! :)

 

Podemos finalizar?

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Eh pá, as melhoras... espero que esteja tudo bem.

Sim, Diego... está tudo correcto... obrigado por tudo e boa sorte nesse "sonho" de rumar a outras paragens.

Ah... o PC começou a fazer barulho quando inicia, é de certeza da fonte... amanhã vou tratar de a limpar [já uma vez vez limpeza a uma e saí-me bem] e quem sabe se o desempenho do PC ainda não será melhor.

Forte abraço

Atenciosamente

António Neves

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...

GRÁTIS: minicurso “Como ganhar dinheiro montando computadores”

Gabriel TorresGabriel Torres, fundador e editor executivo do Clube do Hardware, acaba de lançar um minicurso totalmente gratuito: "Como ganhar dinheiro montando computadores".

Você aprenderá sobre o quanto pode ganhar, como cobrar, como lidar com a concorrência, como se tornar um profissional altamente qualificado e muito mais!

Inscreva-se agora!