Ir ao conteúdo
  • Cadastre-se

leonardomqs

Membros Juniores
  • Total de itens

    9
  • Registro em

  • Última visita

  • Qualificações

    N/D
  1. Não. No computador desinstalei o chrome e reinstalei novamente, e resetei as configurações só para garantir. O celular não apresenta mais nenhum problema. Desativei a sincronização por completo. No computador o problema persiste.
  2. Sim. A proposito, no post inicial comentei que estava enfrentando um problema similar com o celular também, mas a alguns dias aparentemente no celular o problema sumiu.
  3. Continua do mesmo jeito. Se não houver solução eu formato a máquina mesmo, meu medo é apenas de ter algum programa de spyware que roube meus dados e tal. E mais uma vez, obrigado pela ajuda.
  4. RogueKiller Anti-Malware V13.4.2.0 [Aug 9 2019] (Free) by Adlice Software mail : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits Started in : Normal mode User : Leonardo [Administrator] Started from : C:\Users\Leonardo\Desktop\RogueKiller_portable32.exe Signatures : 20190809_122242, Driver : Loaded Mode : Standard Scan, Scan -- Date : 2019/08/10 20:26:28 (Duration : 00:44:17) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
  5. Desculpe a demora, seguem os logs. Malwarebytes: Adwceaner: ZHPCleaner (S): ZHPCleaner (R) Edit: Não sei porque o último log saiu com a letra riscada, editei mas aparentemente é algo do fórum, espero que não atrapalhe no entendimento. Edit 2: Reiniciei a máquina e continua no mesmo estado.
  6. Resultado da Correção pela Farbar Recovery Scan Tool (x86) Versão: 15-07-2019 01 Executado por Leonardo (22-07-2019 12:20:21) Run:1 Executando a partir de C:\Users\Leonardo\Desktop Perfis Carregados: Leonardo (Perfis Disponíveis: Leonardo) Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** CreateRestorePoint: CloseProcesses: Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll => Nenhum Arquivo VirusTotal: C:\Windows\system32\PhotoScreensaver.scr VirusTotal: C:\Windows\system32\vorbis.acm S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x32.sys [X] S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] HKU\S-1-5-21-2986364124-4249652038-960724708-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATENÇÃO WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] CMD: ipconfig /flushdns RemoveProxy: EmptyTemp: CreateRestorePoint: ***************** Ponto de Restauração criado com sucesso. Processos fechados com sucesso. HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000007 => removido (a) com sucesso. VirusTotal: C:\Windows\system32\PhotoScreensaver.scr => https://www.virustotal.com/file/7e4a5275bb117d156f2a0545cd6ea7096e09f3d56c1c5423d7e09afa2c830389/analysis/1562826459/ VirusTotal: C:\Windows\system32\vorbis.acm => https://www.virustotal.com/file/264e08bc8ed6276638195b36e37e3c3e539fe5189d57fa6c206f0c5db59b30d0/analysis/1555885598/ HKLM\System\CurrentControlSet\Services\cpuz143 => removido (a) com sucesso. cpuz143 => serviço removido (a) com sucesso. HKLM\System\CurrentControlSet\Services\IntcAzAudAddService => removido (a) com sucesso. IntcAzAudAddService => serviço removido (a) com sucesso. S3 VGPU; System32\drivers\rdvgkmd.sys [X] => Erro: Nenhuma correção automática foi encontrada para esta entrada. HKU\S-1-5-21-2986364124-4249652038-960724708-1001\Software\Classes\regfile => removido (a) com sucesso. "CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"" => removido (a) com sucesso. "BVTFilter" => removido (a) com sucesso. "BVTConsumer" => removido (a) com sucesso. ========= ipconfig /flushdns ========= Configura‡Æo de IP do Windows Libera‡Æo do Cache do DNS Resolver bem-sucedida. ========= Fim de CMD: ========= ========= RemoveProxy: ========= HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removido (a) com sucesso. "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso. "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso. "HKU\S-1-5-21-2986364124-4249652038-960724708-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso. "HKU\S-1-5-21-2986364124-4249652038-960724708-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso. ========= Fim de RemoveProxy: ========= Ponto de Restauração criado com sucesso. =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 25457205 B Java, Flash, Steam htmlcache => 0 B Windows/system/drivers => 4089485 B Edge => 0 B Chrome => 39940199 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 66228 B Public => 0 B ProgramData => 0 B systemprofile => 46328185 B LocalService => 66228 B NetworkService => 72068 B Leonardo => 89855212 B RecycleBin => 33197526 B EmptyTemp: => 236 MB de dados temporários Removidos. ================================ O sistema precisou ser reiniciado. ==== Fim de Fixlog 12:22:47 ====
  7. Seguem os logs: Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 15-07-2019 01 Executado por Leonardo (administrador) em LEONARDO-PC (Intelbras S41ILx) (21-07-2019 11:41:03) Executando a partir de C:\Users\Leonardo\Desktop Perfis Carregados: Leonardo (Perfis Disponíveis: Leonardo) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Google Inc -> Google LLC) C:\Program Files\Google\Update\1.3.34.11\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\avpui.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKU\S-1-5-21-2986364124-4249652038-960724708-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [16667424 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2986364124-4249652038-960724708-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [413696 2010-11-20] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\system32\vorbis.acm [1456448 2017-03-01] (Image Line -> HMS hxxp://hp.vector.co.jp/authors/VA012897/) [Arquivo não assinado] HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\system32\tsccvid.dll [602624 2014-09-02] (TechSmith Corporation) [Arquivo não assinado] HKLM\...\Drivers32: [vidc.tsc2] => C:\Windows\system32\tsc2_codec32.dll [234496 2014-08-27] (TechSmith Corporation) [Arquivo não assinado] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-15] (Google LLC -> Google LLC) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {0C8F4C05-6813-40CA-B6BC-1D1739BE0724} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-05-25] (Google Inc -> Google Inc.) Task: {1D03F5EB-5C28-4B5B-BC56-1C6AE91BE8A5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16667424 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd) Task: {94A5731B-DB87-41BC-943C-C07F7F772081} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd) Task: {9B5BE022-1DE6-46EF-8163-1073FC0C7ADA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-05-25] (Google Inc -> Google Inc.) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll => Nenhum Arquivo Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{44952D2E-207D-4936-BD21-38B2C3FA5EC8}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{B2724CF0-E0B9-48A2-AF6B-7E362CB1EEEA}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== BHO: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2019-06-25] (Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll [2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll [2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) Toolbar: HKU\S-1-5-21-2986364124-4249652038-960724708-1001 -> Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll [2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxps://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Profile: C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default [2019-07-21] CHR Extension: (Material Incognito Dark Theme) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahifcnpnjgbadkjdhagpfjfkmlapfoel [2019-01-21] CHR Extension: (Kaspersky Protection) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2018-12-20] CHR Extension: (Google Drive) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16] CHR Extension: (YouTube) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-25] CHR Extension: (uBlock Origin) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-06-21] CHR Extension: (LastPass: Free Password Manager) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2019-06-28] CHR Extension: (Video Blocker) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jknkjnpcbbgcbdbaampbjlhkcghmgfhk [2018-05-25] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-25] CHR Extension: (Gmail) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29] CHR Extension: (Chrome Media Router) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-21] CHR Profile: C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-07-11] CHR Profile: C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\System Profile [2019-07-11] CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd CHR HKLM\...\Chrome\Extension: [dhancbnhabhandieicagelcddkdfgoif] - C:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.17.6.7130\BVDChromeExt.crx [2019-07-13] CHR HKU\S-1-5-21-2986364124-4249652038-960724708-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx ==================== Serviços (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 AVP19.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe [619640 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [178368 2018-01-27] (Kaspersky Lab -> AO Kaspersky Lab) S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [109456 2018-09-10] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2018-08-03] (Disc Soft Ltd -> Disc Soft Ltd) S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2018-08-03] (Disc Soft Ltd -> Disc Soft Ltd) S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2018-11-23] (LogMeIn, Inc. -> LogMeIn, Inc.) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2018-09-09] (Martin Malik - REALiX -> REALiX(tm)) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [151240 2018-02-20] (Kaspersky Lab -> AO Kaspersky Lab) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63824 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [102016 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) R1 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [75392 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [172160 2019-06-05] (Kaspersky Lab -> AO Kaspersky Lab) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [548480 2019-06-05] (Kaspersky Lab -> AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [871552 2019-06-05] (Kaspersky Lab -> AO Kaspersky Lab) R1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [49488 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [51560 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [51832 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45184 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75488 2017-11-07] (Kaspersky Lab -> AO Kaspersky Lab) R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [152704 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [167760 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [173512 2019-07-10] (Malwarebytes Corporation -> Malwarebytes) R3 RTL8167; C:\Windows\System32\DRIVERS\Rt86win7.sys [139776 2009-07-13] (Microsoft Windows -> Realtek Corporation ) R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [347136 2009-07-13] (Microsoft Windows -> Realtek Semiconductor Corporation ) R3 smserial; C:\Windows\System32\DRIVERS\smserial.sys [1068032 2009-07-13] (Microsoft Windows -> Motorola Inc.) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [147344 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x32.sys [X] S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2019-07-21 11:41 - 2019-07-21 11:43 - 000012528 _____ C:\Users\Leonardo\Desktop\FRST.txt 2019-07-21 11:40 - 2019-07-21 11:41 - 000000000 ____D C:\FRST 2019-07-21 11:38 - 2019-07-21 11:40 - 001446912 _____ (Farbar) C:\Users\Leonardo\Desktop\FRST.exe 2019-07-16 00:16 - 2019-07-16 00:16 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\Adobe 2019-07-15 22:19 - 2019-07-15 22:19 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\Visual Studio Code 2019-07-15 22:00 - 2019-07-15 22:00 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\Google 2019-07-15 15:16 - 2019-07-15 15:16 - 000000000 ____D C:\Users\Leonardo\AppData\Local\VirtualStore 2019-07-13 18:22 - 2019-06-21 00:05 - 000628224 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2019-07-13 18:22 - 2019-06-20 22:41 - 001251840 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2019-07-13 18:22 - 2019-06-18 00:56 - 020274688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2019-07-13 18:22 - 2019-06-18 00:51 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2019-07-13 18:22 - 2019-06-18 00:39 - 000496128 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2019-07-13 18:22 - 2019-06-18 00:38 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2019-07-13 18:22 - 2019-06-18 00:37 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2019-07-13 18:22 - 2019-06-18 00:35 - 002297344 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2019-07-13 18:22 - 2019-06-18 00:32 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2019-07-13 18:22 - 2019-06-18 00:30 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2019-07-13 18:22 - 2019-06-18 00:29 - 000663040 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2019-07-13 18:22 - 2019-06-18 00:21 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2019-07-13 18:22 - 2019-06-18 00:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2019-07-13 18:22 - 2019-06-18 00:16 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2019-07-13 18:22 - 2019-06-18 00:13 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2019-07-13 18:22 - 2019-06-18 00:11 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2019-07-13 18:22 - 2019-06-18 00:07 - 004494336 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2019-07-13 18:22 - 2019-06-17 23:44 - 004386304 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2019-07-13 18:22 - 2019-06-12 12:24 - 000135912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2019-07-13 18:22 - 2019-06-12 12:21 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2019-07-13 18:22 - 2019-06-12 12:21 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2019-07-13 18:22 - 2019-06-12 12:21 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 001329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 001072640 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000555520 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000442368 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000261632 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000167936 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 001177088 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000474624 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000373248 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:16 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2019-07-13 18:22 - 2019-06-12 12:06 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2019-07-13 18:22 - 2019-06-12 12:06 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2019-07-13 18:22 - 2019-06-12 12:04 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2019-07-13 18:22 - 2019-06-12 12:04 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2019-07-13 18:22 - 2019-06-12 11:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll 2019-07-13 18:22 - 2019-06-12 11:50 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2019-07-13 18:22 - 2019-06-12 11:50 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2019-07-13 18:22 - 2019-06-12 11:47 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2019-07-13 18:22 - 2019-06-12 11:47 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2019-07-13 18:22 - 2019-06-12 11:46 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 11:46 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 11:46 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 11:46 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2019-07-13 18:22 - 2019-06-07 12:18 - 001425920 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2019-07-13 18:22 - 2019-06-07 12:18 - 000380416 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2019-07-13 18:22 - 2019-05-22 22:58 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll 2019-07-13 18:22 - 2019-05-22 22:58 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll 2019-07-13 18:22 - 2019-05-22 21:31 - 000910336 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2019-07-13 18:22 - 2019-05-09 12:18 - 002368000 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2019-07-13 18:22 - 2019-05-09 12:18 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2019-07-13 18:22 - 2019-05-09 11:51 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2019-07-13 18:22 - 2019-04-18 23:54 - 000027880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys 2019-07-13 18:22 - 2019-04-16 12:17 - 000583680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2019-07-13 18:22 - 2019-04-16 10:15 - 000419648 _____ C:\Windows\system32\locale.nls 2019-07-13 18:22 - 2019-04-14 02:40 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll 2019-07-13 18:22 - 2019-04-14 02:39 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2019-07-13 18:22 - 2019-04-14 02:39 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2019-07-13 18:22 - 2019-04-14 02:39 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2019-07-13 18:22 - 2019-04-14 02:12 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2019-07-13 18:22 - 2019-04-09 12:05 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2019-07-13 18:22 - 2019-04-09 12:05 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2019-07-13 18:22 - 2019-04-07 12:17 - 000382976 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2019-07-13 18:22 - 2019-04-04 21:23 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\cryptdll.dll 2019-07-13 18:22 - 2019-03-20 22:36 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll 2019-07-13 18:22 - 2019-03-11 18:33 - 001391616 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2019-07-13 18:22 - 2019-03-11 18:33 - 001241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2019-07-13 18:22 - 2019-03-11 18:33 - 000527872 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2019-07-13 18:22 - 2019-03-11 18:33 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll 2019-07-13 18:22 - 2019-03-04 23:40 - 000026368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2019-07-13 18:22 - 2019-02-16 02:50 - 000781824 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2019-07-13 18:22 - 2019-02-16 02:50 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2019-07-13 18:22 - 2019-02-10 13:43 - 001214176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2019-07-13 18:22 - 2019-02-10 13:18 - 000247296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys 2019-07-13 18:22 - 2019-02-10 13:18 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys 2019-07-13 18:22 - 2019-02-10 13:18 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys 2019-07-13 18:22 - 2019-02-10 13:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys 2019-07-13 18:22 - 2019-02-07 12:42 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\brdgcfg.dll 2019-07-13 18:22 - 2018-12-07 23:56 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll 2019-07-13 18:22 - 2018-12-04 12:55 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll 2019-07-13 18:22 - 2018-10-27 00:04 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\dispex.dll 2019-07-13 18:22 - 2018-09-22 23:37 - 001549312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2019-07-13 18:22 - 2018-09-22 23:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2019-07-13 18:22 - 2018-09-22 23:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll 2019-07-13 18:22 - 2018-09-22 23:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll 2019-07-13 18:22 - 2018-09-22 23:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll 2019-07-13 18:22 - 2018-09-22 23:22 - 000427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2019-07-13 18:22 - 2018-09-22 23:22 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2019-07-13 18:22 - 2018-09-22 23:21 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe 2019-07-13 18:22 - 2018-08-29 22:47 - 001230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2019-07-13 18:22 - 2018-08-15 23:14 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2019-07-13 18:22 - 2018-08-13 18:48 - 000940784 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2019-07-13 18:22 - 2018-08-10 12:41 - 000564736 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll 2019-07-13 18:22 - 2018-08-10 12:40 - 000463360 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll 2019-07-13 18:22 - 2018-06-29 12:40 - 000549376 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll 2019-07-13 18:22 - 2018-06-29 12:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll 2019-07-13 18:22 - 2018-06-29 12:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll 2019-07-13 18:22 - 2018-06-08 12:54 - 000269824 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2019-07-13 18:22 - 2018-06-08 12:54 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll 2019-07-13 18:22 - 2018-05-15 00:13 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll 2019-07-13 18:22 - 2018-05-10 21:40 - 000741888 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2019-07-13 18:22 - 2018-04-25 12:54 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll 2019-07-13 18:21 - 2019-06-28 02:23 - 000829440 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll 2019-07-13 18:21 - 2019-06-28 02:23 - 000428032 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll 2019-07-13 18:21 - 2019-06-28 02:23 - 000392704 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll 2019-07-13 18:21 - 2019-06-28 02:23 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll 2019-07-13 18:21 - 2019-06-28 02:23 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll 2019-07-13 18:21 - 2019-06-20 23:44 - 002406912 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2019-07-13 18:21 - 2019-06-20 05:15 - 000348976 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2019-07-13 18:21 - 2019-06-18 00:50 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2019-07-13 18:21 - 2019-06-18 00:39 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2019-07-13 18:21 - 2019-06-18 00:38 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2019-07-13 18:21 - 2019-06-18 00:32 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2019-07-13 18:21 - 2019-06-18 00:29 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2019-07-13 18:21 - 2019-06-18 00:29 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2019-07-13 18:21 - 2019-06-18 00:29 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2019-07-13 18:21 - 2019-06-18 00:23 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2019-07-13 18:21 - 2019-06-18 00:16 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2019-07-13 18:21 - 2019-06-18 00:13 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2019-07-13 18:21 - 2019-06-18 00:10 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2019-07-13 18:21 - 2019-06-18 00:04 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2019-07-13 18:21 - 2019-06-18 00:03 - 013706752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2019-07-13 18:21 - 2019-06-18 00:03 - 002060288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2019-07-13 18:21 - 2019-06-18 00:03 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2019-07-13 18:21 - 2019-06-18 00:03 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2019-07-13 18:21 - 2019-06-18 00:02 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2019-07-13 18:21 - 2019-06-17 23:41 - 001323008 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2019-07-13 18:21 - 2019-06-17 23:39 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2019-07-13 18:21 - 2019-06-13 00:23 - 000135400 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2019-07-13 18:21 - 2019-06-13 00:17 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2019-07-13 18:21 - 2019-06-12 12:25 - 001310520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2019-07-13 18:21 - 2019-06-12 12:24 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll 2019-07-13 18:21 - 2019-06-12 12:24 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2019-07-13 18:21 - 2019-06-12 12:24 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2019-07-13 18:21 - 2019-06-12 12:23 - 004057320 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2019-07-13 18:21 - 2019-06-12 12:23 - 003964136 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2019-07-13 18:21 - 2019-06-12 12:23 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll 2019-07-13 18:21 - 2019-06-12 12:23 - 000078568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2019-07-13 18:21 - 2019-06-12 12:21 - 012574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2019-07-13 18:21 - 2019-06-12 12:21 - 011411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2019-07-13 18:21 - 2019-06-12 12:21 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2019-07-13 18:21 - 2019-06-12 12:20 - 003207168 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2019-07-13 18:21 - 2019-06-12 12:20 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2019-07-13 18:21 - 2019-06-12 12:20 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2019-07-13 18:21 - 2019-06-12 12:20 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2019-07-13 18:21 - 2019-06-12 12:20 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2019-07-13 18:21 - 2019-06-12 12:20 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2019-07-13 18:21 - 2019-06-12 12:20 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2019-07-13 18:21 - 2019-06-12 12:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2019-07-13 18:21 - 2019-06-12 12:20 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2019-07-13 18:21 - 2019-06-12 12:20 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll 2019-07-13 18:21 - 2019-06-12 12:20 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2019-07-13 18:21 - 2019-06-12 12:20 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2019-07-13 18:21 - 2019-06-12 12:20 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2019-07-13 18:21 - 2019-06-12 12:19 - 001005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2019-07-13 18:21 - 2019-06-12 12:19 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2019-07-13 18:21 - 2019-06-12 12:19 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2019-07-13 18:21 - 2019-06-12 12:19 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2019-07-13 18:21 - 2019-06-12 12:19 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2019-07-13 18:21 - 2019-06-12 12:19 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2019-07-13 18:21 - 2019-06-12 12:19 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2019-07-13 18:21 - 2019-06-12 12:19 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2019-07-13 18:21 - 2019-06-12 12:06 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2019-07-13 18:21 - 2019-06-12 12:05 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2019-07-13 18:21 - 2019-06-12 11:58 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2019-07-13 18:21 - 2019-06-12 11:55 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2019-07-13 18:21 - 2019-06-12 11:55 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2019-07-13 18:21 - 2019-06-12 11:55 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2019-07-13 18:21 - 2019-06-12 11:55 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2019-07-13 18:21 - 2019-06-12 11:54 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2019-07-13 18:21 - 2019-06-12 11:52 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2019-07-13 18:21 - 2019-06-12 11:51 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2019-07-13 18:21 - 2019-06-12 11:51 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys 2019-07-13 18:21 - 2019-06-12 11:50 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2019-07-13 18:21 - 2019-06-12 11:49 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\Dism.exe 2019-07-13 18:21 - 2019-06-12 11:48 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2019-07-13 18:21 - 2019-06-12 11:48 - 000314880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2019-07-13 18:21 - 2019-06-12 11:48 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2019-07-13 18:21 - 2019-06-12 11:48 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2019-07-13 18:21 - 2019-06-12 11:48 - 000116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2019-07-13 18:21 - 2019-06-12 11:48 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2019-07-13 18:21 - 2019-06-12 11:47 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2019-07-13 18:21 - 2019-06-12 11:47 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys 2019-07-13 18:21 - 2019-06-12 11:47 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys 2019-07-13 18:21 - 2019-06-12 11:47 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys 2019-07-13 18:21 - 2019-06-12 11:47 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys 2019-07-13 18:21 - 2019-06-12 11:47 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys 2019-07-13 18:21 - 2019-06-12 11:47 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys 2019-07-13 18:21 - 2019-06-12 11:47 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2019-07-13 18:21 - 2019-06-10 23:59 - 002703360 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2019-07-13 18:21 - 2019-06-10 23:59 - 001460224 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2019-07-13 18:21 - 2019-06-10 23:59 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2019-07-13 18:21 - 2019-06-10 23:59 - 000535040 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2019-07-13 18:21 - 2019-06-10 23:59 - 000378368 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2019-07-13 18:21 - 2019-06-10 23:59 - 000366080 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2019-07-13 18:21 - 2019-06-10 23:59 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2019-07-13 18:21 - 2019-06-10 23:59 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2019-07-13 18:21 - 2019-06-09 12:20 - 003229184 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2019-07-13 18:21 - 2019-06-09 12:19 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2019-07-13 18:21 - 2019-06-09 12:04 - 001053184 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2019-07-13 18:21 - 2019-06-09 12:04 - 000223744 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2019-07-13 18:21 - 2019-06-09 12:04 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2019-07-13 18:21 - 2019-06-07 12:18 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll 2019-07-13 18:21 - 2019-06-07 11:55 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll 2019-07-13 18:21 - 2019-06-03 20:10 - 000751104 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2019-07-13 18:21 - 2019-06-03 20:10 - 000304640 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll 2019-07-13 18:21 - 2019-06-02 01:07 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe 2019-07-13 18:21 - 2019-05-24 20:59 - 012880384 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2019-07-13 18:21 - 2019-05-24 20:58 - 001499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2019-07-13 18:21 - 2019-05-22 22:58 - 000307200 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2019-07-13 18:21 - 2019-05-22 21:31 - 001988096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2019-07-13 18:21 - 2019-05-17 15:14 - 000251112 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2019-07-13 18:21 - 2019-05-13 11:44 - 001311744 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll 2019-07-13 18:21 - 2019-05-13 11:44 - 000353280 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll 2019-07-13 18:21 - 2019-05-13 11:44 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll 2019-07-13 18:21 - 2019-05-13 11:44 - 000313344 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll 2019-07-13 18:21 - 2019-05-13 11:44 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll 2019-07-13 18:21 - 2019-05-09 12:20 - 000105192 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2019-07-13 18:21 - 2019-05-09 12:18 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll 2019-07-13 18:21 - 2019-05-09 12:17 - 001806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2019-07-13 18:21 - 2019-05-09 12:17 - 000805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll 2019-07-13 18:21 - 2019-05-09 12:17 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2019-07-13 18:21 - 2019-04-29 22:56 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2019-07-13 18:21 - 2019-04-25 12:18 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll 2019-07-13 18:21 - 2019-04-24 12:20 - 001311464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2019-07-13 18:21 - 2019-04-24 12:20 - 000240864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2019-07-13 18:21 - 2019-04-24 12:19 - 000187624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2019-07-13 18:21 - 2019-04-18 23:55 - 000053992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys 2019-07-13 18:21 - 2019-04-18 23:54 - 000154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys 2019-07-13 18:21 - 2019-04-18 23:54 - 000104680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS 2019-07-13 18:21 - 2019-04-18 23:54 - 000057064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS 2019-07-13 18:21 - 2019-04-18 23:54 - 000052968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys 2019-07-13 18:21 - 2019-04-18 23:54 - 000052968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VIAAGP.SYS 2019-07-13 18:21 - 2019-04-18 23:54 - 000052968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys 2019-07-13 18:21 - 2019-04-18 23:54 - 000051944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SISAGP.SYS 2019-07-13 18:21 - 2019-04-18 23:54 - 000046312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys 2019-07-13 18:21 - 2019-04-18 23:54 - 000032488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys 2019-07-13 18:21 - 2019-04-18 23:54 - 000021736 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll 2019-07-13 18:21 - 2019-04-18 23:54 - 000013544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys 2019-07-13 18:21 - 2019-04-18 23:54 - 000011880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys 2019-07-13 18:21 - 2019-04-18 23:53 - 000052968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AMDAGP.SYS 2019-07-13 18:21 - 2019-04-14 02:42 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000914584 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000065784 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000021752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000018680 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000017352 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000017144 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000015608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000015096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000013560 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000013560 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000013048 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000011728 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll 2019-07-13 18:21 - 2019-04-09 12:17 - 002953216 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2019-07-13 18:21 - 2019-04-09 12:17 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2019-07-13 18:21 - 2019-04-09 12:14 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2019-07-13 18:21 - 2019-04-09 12:05 - 002092032 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2019-07-13 18:21 - 2019-04-09 12:05 - 000573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2019-07-13 18:21 - 2019-04-09 12:05 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2019-07-13 18:21 - 2019-04-09 12:05 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2019-07-13 18:21 - 2019-04-09 12:05 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2019-07-13 18:21 - 2019-04-09 12:05 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2019-07-13 18:21 - 2019-04-07 12:17 - 001064448 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll 2019-07-13 18:21 - 2019-04-07 12:17 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll 2019-07-13 18:21 - 2019-04-07 11:52 - 000335872 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe 2019-07-13 18:21 - 2019-04-07 11:49 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll 2019-07-13 18:21 - 2019-04-07 11:49 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe 2019-07-13 18:21 - 2019-04-07 11:48 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2019-07-13 18:21 - 2019-04-07 11:42 - 000475648 _____ (Microsoft Corporation) C:\Windows\system32\msxbde40.dll 2019-07-13 18:21 - 2019-04-07 11:42 - 000376320 _____ (Microsoft Corporation) C:\Windows\system32\mspbde40.dll 2019-07-13 18:21 - 2019-04-07 10:04 - 000535656 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2019-07-13 18:21 - 2019-03-28 22:35 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys 2019-07-13 18:21 - 2019-03-11 18:33 - 000827904 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2019-07-13 18:21 - 2019-03-11 18:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2019-07-13 18:21 - 2019-03-11 18:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2019-07-13 18:21 - 2019-03-11 18:19 - 000920576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2019-07-13 18:21 - 2019-03-11 18:19 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2019-07-13 18:21 - 2019-03-11 18:19 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys 2019-07-13 18:21 - 2019-03-04 23:40 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2019-07-13 18:21 - 2019-03-04 23:40 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys 2019-07-13 18:21 - 2019-02-21 12:43 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe 2019-07-13 18:21 - 2019-02-21 12:36 - 000188928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys 2019-07-13 18:21 - 2019-02-15 12:58 - 000320512 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll 2019-07-13 18:21 - 2019-02-15 12:38 - 000360960 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2019-07-13 18:21 - 2019-02-15 12:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe 2019-07-13 18:21 - 2019-02-07 12:57 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\bridgeres.dll 2019-07-13 18:21 - 2019-02-07 12:53 - 000078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys 2019-07-13 18:21 - 2019-02-07 12:42 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\bridgeunattend.exe 2019-07-13 18:21 - 2019-02-03 12:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys 2019-07-13 18:21 - 2018-12-07 23:56 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll 2019-07-13 18:21 - 2018-12-07 23:56 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp 2019-07-13 18:21 - 2018-12-07 23:41 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys 2019-07-13 18:21 - 2018-12-07 23:41 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys 2019-07-13 18:21 - 2018-12-07 23:41 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp 2019-07-13 18:21 - 2018-12-07 23:41 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll 2019-07-13 18:21 - 2018-12-07 23:41 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll 2019-07-13 18:21 - 2018-12-07 23:41 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys 2019-07-13 18:21 - 2018-12-04 12:55 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll 2019-07-13 18:21 - 2018-11-11 13:49 - 000162536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys 2019-07-13 18:21 - 2018-10-27 00:27 - 000173568 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll 2019-07-13 18:21 - 2018-10-27 00:27 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2019-07-13 18:21 - 2018-10-27 00:27 - 000121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2019-07-13 18:21 - 2018-10-27 00:04 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe 2019-07-13 18:21 - 2018-10-27 00:04 - 000126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2019-07-13 18:21 - 2018-10-27 00:04 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll 2019-07-13 18:21 - 2018-09-22 23:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2019-07-13 18:21 - 2018-09-22 23:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll 2019-07-13 18:21 - 2018-09-22 23:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2019-07-13 18:21 - 2018-09-22 23:21 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll 2019-07-13 18:21 - 2018-09-08 21:46 - 000730824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2019-07-13 18:21 - 2018-09-08 21:46 - 000219336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2019-07-13 18:21 - 2018-09-08 21:44 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll 2019-07-13 18:21 - 2018-09-08 21:42 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2019-07-13 18:21 - 2018-08-28 02:41 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys 2019-07-13 18:21 - 2018-08-12 17:14 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll 2019-07-13 18:21 - 2018-08-10 12:40 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll 2019-07-13 18:21 - 2018-08-10 12:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys 2019-07-13 18:21 - 2018-08-10 12:20 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll 2019-07-13 18:21 - 2018-08-03 12:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll 2019-07-13 18:21 - 2018-07-18 12:14 - 000068608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys 2019-07-13 18:21 - 2018-07-06 12:54 - 000713408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2019-07-13 18:21 - 2018-06-29 12:40 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll 2019-07-13 18:21 - 2018-06-29 12:10 - 000389632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys 2019-07-13 18:21 - 2018-06-27 12:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll 2019-07-13 18:21 - 2018-06-08 12:55 - 000330240 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll 2019-07-13 18:21 - 2018-06-08 12:28 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe 2019-07-13 18:21 - 2018-05-10 21:40 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll 2019-07-13 18:21 - 2018-05-02 12:30 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2019-07-13 18:21 - 2018-05-02 12:30 - 000259584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2019-07-13 18:21 - 2018-05-02 12:30 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2019-07-13 18:21 - 2018-05-02 12:30 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2019-07-13 18:21 - 2018-05-02 12:30 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2019-07-13 18:21 - 2018-05-02 12:30 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2019-07-13 18:21 - 2018-05-02 12:29 - 000006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2019-07-13 18:21 - 2018-04-25 12:17 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys 2019-07-13 15:12 - 2018-11-17 23:59 - 000410080 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2019-07-13 15:12 - 2018-11-17 23:43 - 000374872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2019-07-13 12:50 - 2019-07-13 12:51 - 005660510 _____ (Swearware) C:\Users\Leonardo\Downloads\ComboFix.exe 2019-07-13 12:50 - 2019-07-13 12:50 - 000001001 _____ C:\Users\Public\Desktop\RogueKiller.lnk 2019-07-13 12:50 - 2019-07-13 12:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller 2019-07-13 12:50 - 2019-07-13 12:50 - 000000000 ____D C:\Program Files\RogueKiller 2019-07-13 12:18 - 2019-07-21 09:57 - 000000000 ____D C:\Users\Leonardo\AppData\Local\CrashDumps 2019-07-13 10:30 - 2019-07-13 10:33 - 000000000 ____D C:\Users\Todos os Usuários\RogueKiller 2019-07-13 10:30 - 2019-07-13 10:33 - 000000000 ____D C:\ProgramData\RogueKiller 2019-07-13 10:27 - 2019-07-13 10:29 - 027535928 _____ C:\Users\Leonardo\Downloads\RogueKiller_portable32.exe 2019-07-13 10:13 - 2019-07-13 10:13 - 000000000 ____D C:\Users\Leonardo\AppData\Local\Malware_Research 2019-07-11 22:45 - 2019-07-11 22:45 - 000000000 ____D C:\Users\Leonardo\AppData\Local\A 2019-07-11 22:45 - 2017-05-04 21:53 - 000000184 _____ C:\Users\Todos os Usuários\dbdems.dll 2019-07-11 22:45 - 2017-05-04 21:53 - 000000184 _____ C:\ProgramData\dbdems.dll 2019-07-11 21:04 - 2019-07-11 21:04 - 000033280 _____ (Geeky Productions) C:\Users\Leonardo\Downloads\folder-vanity-remover-1.5.exe 2019-07-10 23:03 - 2019-07-10 23:04 - 000000000 _____ C:\Windows\system32\wmic 2019-07-10 22:38 - 2019-07-10 22:38 - 000000000 ____D C:\Windows\pss 2019-07-10 22:37 - 2019-07-10 22:37 - 000184060 _____ C:\Users\Leonardo\Downloads\cc_20190710_223719.reg 2019-07-10 22:25 - 2019-07-10 22:25 - 000000965 _____ C:\Users\Public\Desktop\CCleaner.lnk 2019-07-10 22:25 - 2019-07-10 22:25 - 000000000 ____D C:\Program Files\CCleaner 2019-07-10 21:39 - 2019-07-13 10:50 - 000007628 _____ C:\Users\Leonardo\AppData\Local\Resmon.ResmonCfg 2019-07-10 19:34 - 2019-07-10 19:34 - 000173512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2019-07-10 19:29 - 2019-07-10 19:29 - 000002020 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-07-10 19:29 - 2019-07-10 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-07-10 19:29 - 2019-07-10 19:29 - 000000000 ____D C:\Program Files\Malwarebytes 2019-07-10 19:29 - 2019-01-08 16:32 - 000128552 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys 2019-07-09 23:39 - 2019-07-09 23:39 - 004389701 _____ C:\Users\Leonardo\Downloads\ResilientWebDesign.epub 2019-07-09 19:46 - 2019-07-09 19:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote 2019-07-09 19:26 - 2019-07-09 19:26 - 007025360 _____ (Malwarebytes) C:\Users\Leonardo\Desktop\adwcleaner_7.3.exe 2019-07-08 13:50 - 2019-04-01 11:49 - 000288768 _____ (Microsoft Corporation) C:\Windows\system32\sipnotify.exe 2019-07-04 22:41 - 2019-07-04 22:49 - 006732110 _____ C:\Users\Leonardo\Downloads\PRODUTOS ORGÂNICOS (Hidequileni Santos) (Hidequileni Santos) (Hidequileni Santos).pptx 2019-07-01 14:09 - 2019-07-01 14:13 - 002570046 _____ C:\Users\Leonardo\Downloads\Um Piano Para Cavalos Altos - Sandro William Junqueira.epub 2019-06-28 14:16 - 2019-06-28 14:16 - 000046266 _____ C:\Users\Leonardo\Downloads\BO.pdf 2019-06-27 11:59 - 2019-06-27 11:59 - 000092532 _____ C:\Users\Leonardo\Downloads\E__INTERFACE_DEDIC_INT_PROD_TempPDF_DV18713210189_20190627115848.pdf_11-58.pdf 2019-06-27 11:59 - 2019-06-27 11:59 - 000000088 _____ C:\Users\Leonardo\Downloads\Finalização do Comunicado.txt 2019-06-26 18:21 - 2019-06-26 18:49 - 000000000 ____D C:\Users\Leonardo\Downloads\backup 2019-06-25 22:54 - 2019-06-25 22:54 - 000801191 _____ C:\Users\Leonardo\Downloads\Encontro com Rama - Arthur C. Clarke.epub 2019-06-25 22:52 - 2019-06-25 22:52 - 001012608 _____ C:\Users\Leonardo\Downloads\Duna - Frank Herbert.epub ==================== Um mês (modificados) ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2019-07-21 11:40 - 2009-07-14 01:34 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-07-21 11:40 - 2009-07-14 01:34 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-07-21 11:32 - 2018-05-25 17:23 - 000000000 ____D C:\Users\Todos os Usuários\Kaspersky Lab 2019-07-21 11:32 - 2018-05-25 17:23 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2019-07-21 11:31 - 2009-07-14 01:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-07-21 09:56 - 2018-09-15 22:53 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\Mp3tag 2019-07-18 22:52 - 2018-10-28 21:21 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\MusicBee 2019-07-18 16:05 - 2018-05-28 00:47 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\vlc 2019-07-18 14:08 - 2018-05-23 22:30 - 000000000 ____D C:\Users\Leonardo\Desktop\Filmes 2019-07-17 21:06 - 2019-03-08 08:48 - 001179648 ___SH C:\Users\Leonardo\Desktop\Thumbs.db 2019-07-17 14:10 - 2011-04-12 01:47 - 000706004 _____ C:\Windows\system32\prfh0416.dat 2019-07-17 14:10 - 2011-04-12 01:47 - 000147848 _____ C:\Windows\system32\prfc0416.dat 2019-07-17 14:10 - 2010-11-20 18:01 - 001635822 _____ C:\Windows\system32\PerfStringBackup.INI 2019-07-17 14:10 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\inf 2019-07-16 23:03 - 2018-11-23 19:04 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\Code 2019-07-15 21:30 - 2018-05-25 16:32 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-07-15 21:30 - 2018-05-25 16:32 - 000002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-07-15 15:45 - 2018-05-25 23:56 - 000000000 ___RD C:\Users\Leonardo\Google Drive 2019-07-13 19:59 - 2019-03-28 22:33 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\calibre 2019-07-13 19:59 - 2018-09-23 10:23 - 000000000 ____D C:\Users\Leonardo\Documents\Allavsoft 2019-07-13 19:59 - 2018-09-23 10:23 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\Allavsoft 2019-07-13 19:03 - 2018-05-25 15:26 - 000000000 ____D C:\Users\Leonardo 2019-07-13 19:00 - 2009-07-14 01:33 - 000296408 _____ C:\Windows\system32\FNTCACHE.DAT 2019-07-13 18:58 - 2018-06-05 23:08 - 000000000 ___SD C:\Windows\system32\CompatTel 2019-07-13 18:58 - 2018-06-05 23:08 - 000000000 ____D C:\Windows\system32\appraiser 2019-07-13 18:58 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\system32\Dism 2019-07-13 18:40 - 2018-06-04 23:51 - 000000000 ____D C:\Program Files\Microsoft Office 2019-07-13 18:34 - 2018-09-29 16:10 - 000000000 ____C C:\Windows\system32\MRT.exe 2019-07-13 18:05 - 2018-05-26 16:44 - 000000000 ____D C:\Users\Leonardo\AppData\Local\Spotify 2019-07-13 18:05 - 2018-05-26 16:42 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\Spotify 2019-07-13 18:02 - 2019-02-04 16:35 - 000000000 ____D C:\Users\Leonardo\Downloads\Playlists 2019-07-13 14:31 - 2018-09-23 10:23 - 000001264 _____ C:\Users\Public\Desktop\Allavsoft.lnk 2019-07-13 14:22 - 2018-11-04 12:26 - 000000989 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk 2019-07-13 14:22 - 2018-06-10 07:19 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\Notepad++ 2019-07-13 14:22 - 2018-06-10 07:19 - 000000000 ____D C:\Program Files\Notepad++ 2019-07-13 12:06 - 2018-09-10 00:23 - 000000000 ____D C:\Windows\system32\RTCOM 2019-07-13 12:06 - 2018-09-10 00:23 - 000000000 ____D C:\Windows\system32\DAX3 2019-07-13 12:06 - 2018-09-10 00:23 - 000000000 ____D C:\Windows\system32\DAX2 2019-07-11 22:38 - 2018-05-25 17:33 - 000068536 _____ C:\Users\Leonardo\AppData\Local\GDIPFONTCACHEV1.DAT 2019-07-11 21:26 - 2019-03-28 22:33 - 000000000 ____D C:\Users\Leonardo\Biblioteca do calibre 2019-07-11 21:09 - 2018-09-18 21:49 - 000000000 ___RD C:\Users\Leonardo\Documents\Scanned Documents 2019-07-11 21:09 - 2018-09-09 23:55 - 000000000 ____D C:\Users\Leonardo\AppData\LocalLow\IObit 2019-07-11 21:09 - 2017-04-15 22:24 - 000000000 ____D C:\Users\Leonardo\Desktop\Séries 2019-07-11 21:08 - 2019-01-23 00:54 - 000000000 ____D C:\Users\Leonardo\AppData\Local\Movavi 2019-07-11 21:08 - 2018-05-25 15:34 - 000000000 ____D C:\Users\Leonardo\AppData\Local\Google 2019-07-10 22:50 - 2018-05-26 00:52 - 000001187 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2019-07-10 22:50 - 2018-05-26 00:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2019-07-10 22:35 - 2018-05-25 14:45 - 000000000 ____D C:\Windows\Panther 2019-07-10 22:35 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\ModemLogs 2019-07-09 17:04 - 2018-07-30 19:22 - 000606264 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2019-07-09 16:16 - 2018-11-23 19:04 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code 2019-07-08 22:27 - 2018-09-07 22:47 - 000000000 ____D C:\Users\Leonardo\Documents\Folhas 2019-07-08 12:42 - 2018-05-25 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google 2019-07-07 14:35 - 2009-07-14 01:53 - 000032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2019-07-05 23:50 - 2019-06-10 21:09 - 000000132 _____ C:\Users\Leonardo\AppData\Roaming\Preferências do Formato PNG do Adobe CS6 2019-07-03 16:48 - 2018-09-30 20:05 - 000000000 ____D C:\Users\Leonardo\Documents\Mestrado 2019-07-02 21:06 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\system32\NDF 2019-07-01 12:07 - 2019-03-28 22:34 - 000000000 ____D C:\Users\Leonardo\AppData\Local\calibre-cache 2019-06-28 14:31 - 2018-05-28 00:46 - 000001024 _____ C:\Users\Public\Desktop\VLC media player.lnk ==================== Arquivos na raiz de alguns diretórios ================ 2019-07-11 22:45 - 2017-05-04 21:53 - 000000184 _____ () C:\ProgramData\dbdems.dll 2019-07-11 22:45 - 2017-05-04 21:53 - 000000184 _____ () C:\Users\Todos os Usuários\dbdems.dll 2019-06-10 21:09 - 2019-07-05 23:50 - 000000132 _____ () C:\Users\Leonardo\AppData\Roaming\Preferências do Formato PNG do Adobe CS6 2019-07-10 21:39 - 2019-07-13 10:50 - 000007628 _____ () C:\Users\Leonardo\AppData\Local\Resmon.ResmonCfg ==================== FCheck ================================ (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) FCheck: C:\Windows\system32\MRT.exe [2019-07-13]<==== ATENÇÃO (zero byte Arquivo/Pasta) ==================== SigCheck =============================== (Não há correção automática para arquivos que não passaram na verificação.) LastRegBack: 2019-07-02 16:11 ==================== Fim de FRST.txt ============================ Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão: 15-07-2019 01 Executado por Leonardo (21-07-2019 11:45:51) Executando a partir de C:\Users\Leonardo\Desktop Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2018-05-25 18:26:41) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-2986364124-4249652038-960724708-500 - Administrator - Disabled) Convidado (S-1-5-21-2986364124-4249652038-960724708-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2986364124-4249652038-960724708-1002 - Limited - Enabled) Leonardo (S-1-5-21-2986364124-4249652038-960724708-1001 - Administrator - Enabled) => C:\Users\Leonardo ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: Kaspersky Free (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8} AS: Kaspersky Free (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) 4K Video Downloader 4.4 (HKLM\...\{AA5C80E7-8876-4026-A0D0-582D8EFBA2E1}) (Version: 4.4.7.2307 - Open Media LLC) Allavsoft 3.17.6.7130 (HKLM\...\{6EBED4D8-13D9-4270-8D44-B57DDB7A787C}_is1) (Version: - Allavsoft Corporation) ASIO4ALL (HKLM\...\ASIO4ALL) (Version: 2.12 - Michael Tippach) Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft) Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft) Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft) Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft) Backup and Sync from Google (HKLM\...\{2220EB12-4C3F-4203-996A-2D55BD1FF3A6}) (Version: 3.45.5545.5747 - Google, Inc.) calibre (HKLM\...\{ED468F84-6B55-4FFD-A0C2-3C2064696A88}) (Version: 3.40.1 - Kovid Goyal) CCleaner (HKLM\...\CCleaner) (Version: 5.59 - Piriform) Epic Games Launcher Prerequisites (x86) (HKLM\...\{B633DAAD-9294-4C7D-A625-D5B741A8C2B6}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Estúdio Conversor de Vídeo Apowersoft V4.4.8 (HKLM\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.4.8 - APOWERSOFT LIMITED) Evernote v. 6.19.2 (HKLM\...\{B02117F0-97C1-11E9-9D3F-005056951CAD}) (Version: 6.19.2.8555 - Evernote Corp.) FL Studio 12 (HKLM\...\FL Studio 12) (Version: - Image-Line) FL Studio ASIO (HKLM\...\FL Studio ASIO) (Version: - Image-Line) Google Chrome (HKLM\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC) Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden HP Deskjet 2050 J510 series Ajuda (HKLM\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard) HP Deskjet 2050 J510 series Software básico do dispositivo (HKLM\...\{6A653EE1-F8B9-4885-BB4A-E9D9481F626C}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) IL Download Manager (HKLM\...\IL Download Manager) (Version: - Image-Line) Kaspersky Free (HKLM\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden Kaspersky Free (HKLM\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Launcher Prerequisites (x86) (HKLM\...\{ec50c375-be9a-4642-9b8c-86dcc42e39c3}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Malwarebytes versão 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes) Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation) Microsoft .NET Framework 4.7.2 (Português (Brasil)) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.7.03062 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2986364124-4249652038-960724708-1001\...\{D628A17A-9713-46BF-8D57-E671B46A741E}_is1) (Version: 1.36.1 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) MKVToolNix 31.0.0 (32-bit) (HKLM\...\MKVToolNix) (Version: 31.0.0 - Moritz Bunkus) Mp3tag v2.90 (HKLM\...\Mp3tag) (Version: 2.90 - Florian Heidenreich) MusicBee 3.2 (HKLM\...\MusicBee) (Version: 3.2 - Steven Mayall) Notepad++ (32-bit x86) (HKLM\...\Notepad++) (Version: 7.7.1 - Notepad++ Team) Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.) RogueKiller version 13.3.1.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.3.1.0 - Adlice Software) SoundWire Server version 2.5 (HKLM\...\{E15658BC-7742-4397-999F-98B1BD11B784}_is1) (Version: 2.5 - GeorgieLabs) Spotify (HKU\S-1-5-21-2986364124-4249652038-960724708-1001\...\Spotify) (Version: 1.1.9.383.g9f48828e - Spotify AB) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN) WinRAR 5.50 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-2986364124-4249652038-960724708-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2986364124-4249652038-960724708-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2986364124-4249652038-960724708-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2986364124-4249652038-960724708-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2986364124-4249652038-960724708-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2986364124-4249652038-960724708-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2019-06-27] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2019-06-27] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2019-06-27] (Google LLC -> Google) ContextMenuHandlers1: [ANotepad++] -> {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-06-16] (Notepad++ -> ) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2019-06-27] (Google LLC -> Google) ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\shellex.dll [2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell32.dll [2018-07-12] (Florian Heidenreich) [Arquivo não assinado] ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\shellex.dll [2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell32.dll [2018-07-12] (Florian Heidenreich) [Arquivo não assinado] ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2019-06-27] (Google LLC -> Google) ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\shellex.dll [2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell32.dll [2018-07-12] (Florian Heidenreich) [Arquivo não assinado] ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-02-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\shellex.dll [2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ==================== Atalhos & WMI ======================== (As entradas podem ser listadas para serem restauradas ou removidas.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] ShortcutWithArgument: C:\Users\Leonardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b8da4a38624bbb1e\Feedback.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gfdkimpbcpahaombhbimeihdjnejgicl ==================== Módulos Carregados (Whitelisted) ============== 2018-07-12 13:17 - 2018-07-12 13:17 - 000307712 _____ (Florian Heidenreich) [Arquivo não assinado] C:\Program Files\Mp3tag\Mp3tagShell32.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) HKU\S-1-5-21-2986364124-4249652038-960724708-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATENÇÃO ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) ==================== Hosts Conteúdo: ========================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-13 23:04 - 2014-09-01 09:39 - 000000970 _____ C:\Windows\system32\drivers\etc\hosts 127.0.0.1 activation.cloud.techsmith.com 127.0.0.1 oscount.techsmith.com 127.0.0.1 65.52.240.48 127.0.0.1 69.167.144.18 ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-2986364124-4249652038-960724708-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Leonardo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == Se uma entrada for incluída na fixlist, será removida. MSCONFIG\startupfolder: C:^Users^Leonardo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\Windows\pss\EvernoteClipper.lnk.Startup ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{8D8B880C-A62A-4028-8128-ED1105024BE6}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{E13F6084-980C-4734-A2EE-31913416C8E4}C:\users\leonardo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leonardo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{0A74798A-196D-4159-B6AF-08A355EF861D}C:\users\leonardo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leonardo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{3F97924A-263F-4D79-9FA8-020F7E9C3ABF}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{AA0749E3-D1B2-45CF-9DDB-BE8CD8156F6A}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [{988DB853-98C3-422A-9F84-9B9F5AC9AA50}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [TCP Query User{0F5CA984-0915-4A07-BF4D-B0D07AECBEB8}C:\users\leonardo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\leonardo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{700F6FF0-939B-44C3-9D72-CDD5EB80F445}C:\users\leonardo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\leonardo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{7BCFE7DE-B442-4FB9-ABAE-77CF627C5BC7}] => (Allow) C:\Program Files\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft) FirewallRules: [{60289707-739D-4C17-B89F-6E94470A3032}] => (Allow) C:\Program Files\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft) FirewallRules: [TCP Query User{E3649298-6344-42E1-9899-9AFC40144ED6}C:\program files\musicbee\musicbee.exe] => (Allow) C:\program files\musicbee\musicbee.exe (Steven Mayall) [Arquivo não assinado] FirewallRules: [UDP Query User{67302FCF-7FAC-45F4-8786-C353CDFC1A35}C:\program files\musicbee\musicbee.exe] => (Allow) C:\program files\musicbee\musicbee.exe (Steven Mayall) [Arquivo não assinado] FirewallRules: [TCP Query User{96AFEB35-F737-4111-9F87-E6EFF55D3CAF}C:\program files\soundwire server\soundwireserver.exe] => (Allow) C:\program files\soundwire server\soundwireserver.exe (GeorgieLabs) [Arquivo não assinado] FirewallRules: [UDP Query User{818687F5-2C10-41FC-9C61-10D6AA815C5F}C:\program files\soundwire server\soundwireserver.exe] => (Allow) C:\program files\soundwire server\soundwireserver.exe (GeorgieLabs) [Arquivo não assinado] FirewallRules: [TCP Query User{4808DC2E-B12D-49E0-913D-0B9D32E8B5E4}C:\program files\soundwire server\soundwireserver.exe] => (Allow) C:\program files\soundwire server\soundwireserver.exe (GeorgieLabs) [Arquivo não assinado] FirewallRules: [UDP Query User{68DABDB7-0540-425D-A72B-506F01639C2B}C:\program files\soundwire server\soundwireserver.exe] => (Allow) C:\program files\soundwire server\soundwireserver.exe (GeorgieLabs) [Arquivo não assinado] FirewallRules: [TCP Query User{23F93359-2492-41F0-8B65-4D123A5C0A6E}C:\users\leonardo\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\leonardo\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{EDD87850-4B4C-493C-A4FB-7231169C6C9F}C:\users\leonardo\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\leonardo\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{1D5A43C9-4D40-4ECC-AA29-A8E10C710678}C:\users\leonardo\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\leonardo\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{5A426BEE-7475-4674-8EC2-C0AE5E10B793}C:\users\leonardo\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\leonardo\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8BAA25CB-DF2E-4D8F-B644-871AC887F8F3}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Pontos de Restauração ========================= 09-07-2019 19:36:03 Installed Evernote v. 6.19.2 13-07-2019 15:13:02 Windows Update 13-07-2019 18:23:19 Windows Update ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (07/21/2019 11:33:19 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/21/2019 09:56:58 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: 4kvideodownloader.exe, versão: 4.7.3.2742, carimbo de hora: 0x5cfa8ad1 Nome do módulo de falhas: unknown, versão: 0.0.0.0, carimbo de hora: 0x00000000 Código de exceção: 0xc0000005 Deslocamento com falha: 0xd898f400 Identificação do processo com falha: 0x1628 Hora de início do aplicativo com falha: 0x01d53fc34256c572 Caminho do aplicativo com falha: C:\Program Files\4KDownload\4kvideodownloader\4kvideodownloader.exe FCaminho do módulo de falhas: unknown Identificação do Relatório: 05de7509-abb7-11e9-a18a-00030de347c7 Error: (07/21/2019 09:49:01 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/18/2019 10:25:03 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/18/2019 03:46:22 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/18/2019 02:08:31 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/17/2019 07:59:29 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/17/2019 02:03:30 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Erros de Sistema: ============= Error: (07/21/2019 10:05:04 AM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: O serviço Diagnostics Tracking Service não foi desligado corretamente após receber um controle de pré-desligamento. Error: (07/21/2019 09:59:12 AM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT) Description: O seguinte alerta fatal foi recebido: 70. Error: (07/21/2019 09:59:12 AM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT) Description: O seguinte alerta fatal foi recebido: 70. Error: (07/18/2019 03:50:46 PM) (Source: Disk) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR2. Error: (07/18/2019 03:50:45 PM) (Source: Disk) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR2. Error: (07/18/2019 03:50:45 PM) (Source: Disk) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR2. Error: (07/18/2019 03:50:44 PM) (Source: Disk) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR2. Error: (07/18/2019 03:50:44 PM) (Source: Disk) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR2. Windows Defender: =================================== Date: 2018-10-11 12:52:51.930 Description: Digitalização de Windows Defender interrompida antes da conclusão. ID da Digitalização:{32FAA14D-9763-4CE6-A1C3-0A682A952821} Tipo da Digitalização:Anti-spyware Parâmetros da Digitalização:Verificação Rápida Usuário:Leonardo-PC\Leonardo CodeIntegrity: =================================== Date: 2018-06-05 23:01:02.396 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Free 18.0.0\klelam_X86\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2018-06-05 23:01:02.396 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Free 18.0.0\klelam_X86\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2018-06-05 23:01:02.380 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Free 18.0.0\klelam_X86\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2018-06-05 23:01:02.365 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Free 18.0.0\klelam_X86\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2018-06-05 23:01:02.365 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Free 18.0.0\klelam_X86\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2018-06-05 23:01:02.349 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Free 18.0.0\klelam_X86\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2018-06-04 20:36:19.444 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Free 18.0.0\klelam_X86\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2018-06-04 20:36:19.444 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Free 18.0.0\klelam_X86\klelam.sys because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== BIOS: Intelbras 1.02.INT 06/23/2009 Motherboard: Intelbras S41ILx Processador: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz Percentagem de memória em uso: 80% RAM física total: 2008.88 MB RAM física disponível: 391.43 MB Virtual Total: 4017.76 MB Virtual disponível: 2049.59 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:232.79 GB) (Free:39.95 GB) NTFS \\?\Volume{77a74c84-6043-11e8-93be-806e6f6e6963}\ (Reservado pelo Sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 9CB84DA0) Partition 1: (Active) - (Size=99 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================
  8. Bom dia/tarde/noite. Alguns dias atrás reparei que ao abrir o gerenciador de tarefas o uso de CPU - que gira em torno de 30-60% - cai drasticamente para 1-6%, alguns processos que eu desconheço são encerrados imediatamente sem que eu consiga lê-los. Não entendo quase nada disso, mas tenho quase certeza que se trata de um malware ou spyware, o desempenho do notebook ficou um pouco mais lento, eu não jogo, então não notei muita diferença. O motivo de eu acreditar que ele foi infectado é que essa discrepância do gerenciador de processos aconteceu logo após eu acessar um site não muito confiável e também ter baixado uma extensão. Outro ponto é que o mesmo aconteceu com meu celular, percebi hoje que ele aparenta estar usando mais RAM do que o necessário, e percebi que ficou mais lento, raramente travava e agora é frequente, e dois jogos que eu jogava sem problema agora travam bastante. Não instalei nada nele nem entupi de arquivos. Também acessei no site duvidoso com ele, então descartei a extensão. Rodei o Malwarebytes, Adwcleaner e Kaspersky (free) e não foi detectado nada. Rodei o RogueKiller e detectou 3 malwares, foram deletados mas o problema continua. Estou disposto a rodar esses ou outros programas novamente para uma melhor análise de alguém que entenda. Hoje uma conta minha da EA foi invadida, não sei se tem relação mas de qualquer forma fica a informação. Desde já agradeço.

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...

GRÁTIS: minicurso “Como ganhar dinheiro montando computadores”

Gabriel TorresGabriel Torres, fundador e editor executivo do Clube do Hardware, acaba de lançar um minicurso totalmente gratuito: "Como ganhar dinheiro montando computadores".

Você aprenderá sobre o quanto pode ganhar, como cobrar, como lidar com a concorrência, como se tornar um profissional altamente qualificado e muito mais!

Inscreva-se agora!