Ir ao conteúdo
  • Cadastre-se

leonardomqs

Membros Juniores
  • Total de itens

    16
  • Registro em

  • Última visita

  • Qualificações

    N/D
  1. Formatei o notebook, o uso de CPU ainda está diminuindo só quando abro o gerenciador de tarefas, mas to começando a achar que isso não tem nada demais.
  2. Adwcleaner: Malwarebytes: ZHPCleaner (S): ZHPCleaner (R): Sabia que tinha algo de estranho com o Chrome, apareceu do nada aquele aviso de confirmação de quando abre um programa que precisa de confirmação de administrador, sendo que eu não tinha aberto nada, e o Chrome nem pede isso, tambem teve o caso do site do banco, foi removido pelo ZHPCleaner, havia outra pasta no mesmo diretório com o nome de "Origins" mas não foi removida, removi manualmente. Estava pensando em formatar, mesmo que o problema seja resolvido, mas não sei se mudo pra outro sistema operacional, já que acabará o suporte ao windows 7 e minha máquina não suporta as versões superiores, acho que acabarei tendo que descarta-lá mesmo.
  3. Da sua primeira resposta ou esse do Process Explorer?
  4. Aparentemente não. E a propósito, acabo de perceber que aparentemente peguei um vírus de DNS ou algo parecido, o site do meu banco redireciona pra uma cópia com um URL estranho, reparei e não botei nenhum dado importante, só agência e conta.
  5. O que acontece é que o uso de CPU fica 80%-100%, e quando abro o gerenciador de tarefas ele diminui rapidamente pra menos de 10% de uso. Fiz o procedimento novamente. System Idle Process: junk:
  6. Conteúdo do primeiro arquivo (System Idle Process.txt): Conteúdo do bloco de notas (junk.txt):
  7. Não. No computador desinstalei o chrome e reinstalei novamente, e resetei as configurações só para garantir. O celular não apresenta mais nenhum problema. Desativei a sincronização por completo. No computador o problema persiste.
  8. Sim. A proposito, no post inicial comentei que estava enfrentando um problema similar com o celular também, mas a alguns dias aparentemente no celular o problema sumiu.
  9. Continua do mesmo jeito. Se não houver solução eu formato a máquina mesmo, meu medo é apenas de ter algum programa de spyware que roube meus dados e tal. E mais uma vez, obrigado pela ajuda.
  10. RogueKiller Anti-Malware V13.4.2.0 [Aug 9 2019] (Free) by Adlice Software mail : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits Started in : Normal mode User : Leonardo [Administrator] Started from : C:\Users\Leonardo\Desktop\RogueKiller_portable32.exe Signatures : 20190809_122242, Driver : Loaded Mode : Standard Scan, Scan -- Date : 2019/08/10 20:26:28 (Duration : 00:44:17) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
  11. Desculpe a demora, seguem os logs. Malwarebytes: Adwceaner: ZHPCleaner (S): ZHPCleaner (R) Edit: Não sei porque o último log saiu com a letra riscada, editei mas aparentemente é algo do fórum, espero que não atrapalhe no entendimento. Edit 2: Reiniciei a máquina e continua no mesmo estado.
  12. Resultado da Correção pela Farbar Recovery Scan Tool (x86) Versão: 15-07-2019 01 Executado por Leonardo (22-07-2019 12:20:21) Run:1 Executando a partir de C:\Users\Leonardo\Desktop Perfis Carregados: Leonardo (Perfis Disponíveis: Leonardo) Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** CreateRestorePoint: CloseProcesses: Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll => Nenhum Arquivo VirusTotal: C:\Windows\system32\PhotoScreensaver.scr VirusTotal: C:\Windows\system32\vorbis.acm S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x32.sys [X] S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] HKU\S-1-5-21-2986364124-4249652038-960724708-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATENÇÃO WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] CMD: ipconfig /flushdns RemoveProxy: EmptyTemp: CreateRestorePoint: ***************** Ponto de Restauração criado com sucesso. Processos fechados com sucesso. HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000007 => removido (a) com sucesso. VirusTotal: C:\Windows\system32\PhotoScreensaver.scr => https://www.virustotal.com/file/7e4a5275bb117d156f2a0545cd6ea7096e09f3d56c1c5423d7e09afa2c830389/analysis/1562826459/ VirusTotal: C:\Windows\system32\vorbis.acm => https://www.virustotal.com/file/264e08bc8ed6276638195b36e37e3c3e539fe5189d57fa6c206f0c5db59b30d0/analysis/1555885598/ HKLM\System\CurrentControlSet\Services\cpuz143 => removido (a) com sucesso. cpuz143 => serviço removido (a) com sucesso. HKLM\System\CurrentControlSet\Services\IntcAzAudAddService => removido (a) com sucesso. IntcAzAudAddService => serviço removido (a) com sucesso. S3 VGPU; System32\drivers\rdvgkmd.sys [X] => Erro: Nenhuma correção automática foi encontrada para esta entrada. HKU\S-1-5-21-2986364124-4249652038-960724708-1001\Software\Classes\regfile => removido (a) com sucesso. "CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"" => removido (a) com sucesso. "BVTFilter" => removido (a) com sucesso. "BVTConsumer" => removido (a) com sucesso. ========= ipconfig /flushdns ========= Configura‡Æo de IP do Windows Libera‡Æo do Cache do DNS Resolver bem-sucedida. ========= Fim de CMD: ========= ========= RemoveProxy: ========= HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removido (a) com sucesso. "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso. "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso. "HKU\S-1-5-21-2986364124-4249652038-960724708-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso. "HKU\S-1-5-21-2986364124-4249652038-960724708-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso. ========= Fim de RemoveProxy: ========= Ponto de Restauração criado com sucesso. =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 25457205 B Java, Flash, Steam htmlcache => 0 B Windows/system/drivers => 4089485 B Edge => 0 B Chrome => 39940199 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 66228 B Public => 0 B ProgramData => 0 B systemprofile => 46328185 B LocalService => 66228 B NetworkService => 72068 B Leonardo => 89855212 B RecycleBin => 33197526 B EmptyTemp: => 236 MB de dados temporários Removidos. ================================ O sistema precisou ser reiniciado. ==== Fim de Fixlog 12:22:47 ====
  13. Seguem os logs: Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 15-07-2019 01 Executado por Leonardo (administrador) em LEONARDO-PC (Intelbras S41ILx) (21-07-2019 11:41:03) Executando a partir de C:\Users\Leonardo\Desktop Perfis Carregados: Leonardo (Perfis Disponíveis: Leonardo) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Google Inc -> Google LLC) C:\Program Files\Google\Update\1.3.34.11\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\avpui.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKU\S-1-5-21-2986364124-4249652038-960724708-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [16667424 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2986364124-4249652038-960724708-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [413696 2010-11-20] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\system32\vorbis.acm [1456448 2017-03-01] (Image Line -> HMS hxxp://hp.vector.co.jp/authors/VA012897/) [Arquivo não assinado] HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\system32\tsccvid.dll [602624 2014-09-02] (TechSmith Corporation) [Arquivo não assinado] HKLM\...\Drivers32: [vidc.tsc2] => C:\Windows\system32\tsc2_codec32.dll [234496 2014-08-27] (TechSmith Corporation) [Arquivo não assinado] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-15] (Google LLC -> Google LLC) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {0C8F4C05-6813-40CA-B6BC-1D1739BE0724} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-05-25] (Google Inc -> Google Inc.) Task: {1D03F5EB-5C28-4B5B-BC56-1C6AE91BE8A5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16667424 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd) Task: {94A5731B-DB87-41BC-943C-C07F7F772081} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd) Task: {9B5BE022-1DE6-46EF-8163-1073FC0C7ADA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-05-25] (Google Inc -> Google Inc.) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll => Nenhum Arquivo Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{44952D2E-207D-4936-BD21-38B2C3FA5EC8}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{B2724CF0-E0B9-48A2-AF6B-7E362CB1EEEA}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== BHO: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2019-06-25] (Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll [2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll [2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) Toolbar: HKU\S-1-5-21-2986364124-4249652038-960724708-1001 -> Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll [2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxps://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Profile: C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default [2019-07-21] CHR Extension: (Material Incognito Dark Theme) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahifcnpnjgbadkjdhagpfjfkmlapfoel [2019-01-21] CHR Extension: (Kaspersky Protection) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2018-12-20] CHR Extension: (Google Drive) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16] CHR Extension: (YouTube) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-25] CHR Extension: (uBlock Origin) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-06-21] CHR Extension: (LastPass: Free Password Manager) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2019-06-28] CHR Extension: (Video Blocker) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jknkjnpcbbgcbdbaampbjlhkcghmgfhk [2018-05-25] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-25] CHR Extension: (Gmail) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29] CHR Extension: (Chrome Media Router) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-21] CHR Profile: C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-07-11] CHR Profile: C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\System Profile [2019-07-11] CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd CHR HKLM\...\Chrome\Extension: [dhancbnhabhandieicagelcddkdfgoif] - C:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.17.6.7130\BVDChromeExt.crx [2019-07-13] CHR HKU\S-1-5-21-2986364124-4249652038-960724708-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx ==================== Serviços (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 AVP19.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe [619640 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [178368 2018-01-27] (Kaspersky Lab -> AO Kaspersky Lab) S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [109456 2018-09-10] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2018-08-03] (Disc Soft Ltd -> Disc Soft Ltd) S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2018-08-03] (Disc Soft Ltd -> Disc Soft Ltd) S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2018-11-23] (LogMeIn, Inc. -> LogMeIn, Inc.) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2018-09-09] (Martin Malik - REALiX -> REALiX(tm)) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [151240 2018-02-20] (Kaspersky Lab -> AO Kaspersky Lab) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63824 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [102016 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) R1 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [75392 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [172160 2019-06-05] (Kaspersky Lab -> AO Kaspersky Lab) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [548480 2019-06-05] (Kaspersky Lab -> AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [871552 2019-06-05] (Kaspersky Lab -> AO Kaspersky Lab) R1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [49488 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [51560 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [51832 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45184 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75488 2017-11-07] (Kaspersky Lab -> AO Kaspersky Lab) R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [152704 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [167760 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [173512 2019-07-10] (Malwarebytes Corporation -> Malwarebytes) R3 RTL8167; C:\Windows\System32\DRIVERS\Rt86win7.sys [139776 2009-07-13] (Microsoft Windows -> Realtek Corporation ) R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [347136 2009-07-13] (Microsoft Windows -> Realtek Semiconductor Corporation ) R3 smserial; C:\Windows\System32\DRIVERS\smserial.sys [1068032 2009-07-13] (Microsoft Windows -> Motorola Inc.) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [147344 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x32.sys [X] S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2019-07-21 11:41 - 2019-07-21 11:43 - 000012528 _____ C:\Users\Leonardo\Desktop\FRST.txt 2019-07-21 11:40 - 2019-07-21 11:41 - 000000000 ____D C:\FRST 2019-07-21 11:38 - 2019-07-21 11:40 - 001446912 _____ (Farbar) C:\Users\Leonardo\Desktop\FRST.exe 2019-07-16 00:16 - 2019-07-16 00:16 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\Adobe 2019-07-15 22:19 - 2019-07-15 22:19 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\Visual Studio Code 2019-07-15 22:00 - 2019-07-15 22:00 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\Google 2019-07-15 15:16 - 2019-07-15 15:16 - 000000000 ____D C:\Users\Leonardo\AppData\Local\VirtualStore 2019-07-13 18:22 - 2019-06-21 00:05 - 000628224 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2019-07-13 18:22 - 2019-06-20 22:41 - 001251840 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2019-07-13 18:22 - 2019-06-18 00:56 - 020274688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2019-07-13 18:22 - 2019-06-18 00:51 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2019-07-13 18:22 - 2019-06-18 00:39 - 000496128 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2019-07-13 18:22 - 2019-06-18 00:38 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2019-07-13 18:22 - 2019-06-18 00:37 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2019-07-13 18:22 - 2019-06-18 00:35 - 002297344 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2019-07-13 18:22 - 2019-06-18 00:32 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2019-07-13 18:22 - 2019-06-18 00:30 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2019-07-13 18:22 - 2019-06-18 00:29 - 000663040 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2019-07-13 18:22 - 2019-06-18 00:21 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2019-07-13 18:22 - 2019-06-18 00:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2019-07-13 18:22 - 2019-06-18 00:16 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2019-07-13 18:22 - 2019-06-18 00:13 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2019-07-13 18:22 - 2019-06-18 00:11 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2019-07-13 18:22 - 2019-06-18 00:07 - 004494336 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2019-07-13 18:22 - 2019-06-17 23:44 - 004386304 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2019-07-13 18:22 - 2019-06-12 12:24 - 000135912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2019-07-13 18:22 - 2019-06-12 12:21 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2019-07-13 18:22 - 2019-06-12 12:21 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2019-07-13 18:22 - 2019-06-12 12:21 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 001329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 001072640 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000555520 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000442368 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000261632 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000167936 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2019-07-13 18:22 - 2019-06-12 12:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 001177088 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000474624 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000373248 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 12:16 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2019-07-13 18:22 - 2019-06-12 12:06 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2019-07-13 18:22 - 2019-06-12 12:06 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2019-07-13 18:22 - 2019-06-12 12:04 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2019-07-13 18:22 - 2019-06-12 12:04 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2019-07-13 18:22 - 2019-06-12 11:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll 2019-07-13 18:22 - 2019-06-12 11:50 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2019-07-13 18:22 - 2019-06-12 11:50 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2019-07-13 18:22 - 2019-06-12 11:47 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2019-07-13 18:22 - 2019-06-12 11:47 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2019-07-13 18:22 - 2019-06-12 11:46 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 11:46 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 11:46 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2019-07-13 18:22 - 2019-06-12 11:46 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2019-07-13 18:22 - 2019-06-07 12:18 - 001425920 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2019-07-13 18:22 - 2019-06-07 12:18 - 000380416 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2019-07-13 18:22 - 2019-05-22 22:58 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll 2019-07-13 18:22 - 2019-05-22 22:58 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll 2019-07-13 18:22 - 2019-05-22 21:31 - 000910336 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2019-07-13 18:22 - 2019-05-09 12:18 - 002368000 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2019-07-13 18:22 - 2019-05-09 12:18 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2019-07-13 18:22 - 2019-05-09 11:51 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2019-07-13 18:22 - 2019-04-18 23:54 - 000027880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys 2019-07-13 18:22 - 2019-04-16 12:17 - 000583680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2019-07-13 18:22 - 2019-04-16 10:15 - 000419648 _____ C:\Windows\system32\locale.nls 2019-07-13 18:22 - 2019-04-14 02:40 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll 2019-07-13 18:22 - 2019-04-14 02:39 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2019-07-13 18:22 - 2019-04-14 02:39 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2019-07-13 18:22 - 2019-04-14 02:39 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2019-07-13 18:22 - 2019-04-14 02:12 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2019-07-13 18:22 - 2019-04-09 12:05 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2019-07-13 18:22 - 2019-04-09 12:05 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2019-07-13 18:22 - 2019-04-07 12:17 - 000382976 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2019-07-13 18:22 - 2019-04-04 21:23 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\cryptdll.dll 2019-07-13 18:22 - 2019-03-20 22:36 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll 2019-07-13 18:22 - 2019-03-11 18:33 - 001391616 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2019-07-13 18:22 - 2019-03-11 18:33 - 001241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2019-07-13 18:22 - 2019-03-11 18:33 - 000527872 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2019-07-13 18:22 - 2019-03-11 18:33 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll 2019-07-13 18:22 - 2019-03-04 23:40 - 000026368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2019-07-13 18:22 - 2019-02-16 02:50 - 000781824 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2019-07-13 18:22 - 2019-02-16 02:50 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2019-07-13 18:22 - 2019-02-10 13:43 - 001214176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2019-07-13 18:22 - 2019-02-10 13:18 - 000247296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys 2019-07-13 18:22 - 2019-02-10 13:18 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys 2019-07-13 18:22 - 2019-02-10 13:18 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys 2019-07-13 18:22 - 2019-02-10 13:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys 2019-07-13 18:22 - 2019-02-07 12:42 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\brdgcfg.dll 2019-07-13 18:22 - 2018-12-07 23:56 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll 2019-07-13 18:22 - 2018-12-04 12:55 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll 2019-07-13 18:22 - 2018-10-27 00:04 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\dispex.dll 2019-07-13 18:22 - 2018-09-22 23:37 - 001549312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2019-07-13 18:22 - 2018-09-22 23:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2019-07-13 18:22 - 2018-09-22 23:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll 2019-07-13 18:22 - 2018-09-22 23:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll 2019-07-13 18:22 - 2018-09-22 23:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll 2019-07-13 18:22 - 2018-09-22 23:22 - 000427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2019-07-13 18:22 - 2018-09-22 23:22 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2019-07-13 18:22 - 2018-09-22 23:21 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe 2019-07-13 18:22 - 2018-08-29 22:47 - 001230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2019-07-13 18:22 - 2018-08-15 23:14 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2019-07-13 18:22 - 2018-08-13 18:48 - 000940784 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2019-07-13 18:22 - 2018-08-10 12:41 - 000564736 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll 2019-07-13 18:22 - 2018-08-10 12:40 - 000463360 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll 2019-07-13 18:22 - 2018-06-29 12:40 - 000549376 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll 2019-07-13 18:22 - 2018-06-29 12:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll 2019-07-13 18:22 - 2018-06-29 12:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll 2019-07-13 18:22 - 2018-06-08 12:54 - 000269824 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2019-07-13 18:22 - 2018-06-08 12:54 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll 2019-07-13 18:22 - 2018-05-15 00:13 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll 2019-07-13 18:22 - 2018-05-10 21:40 - 000741888 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2019-07-13 18:22 - 2018-04-25 12:54 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll 2019-07-13 18:21 - 2019-06-28 02:23 - 000829440 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll 2019-07-13 18:21 - 2019-06-28 02:23 - 000428032 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll 2019-07-13 18:21 - 2019-06-28 02:23 - 000392704 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll 2019-07-13 18:21 - 2019-06-28 02:23 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll 2019-07-13 18:21 - 2019-06-28 02:23 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll 2019-07-13 18:21 - 2019-06-20 23:44 - 002406912 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2019-07-13 18:21 - 2019-06-20 05:15 - 000348976 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2019-07-13 18:21 - 2019-06-18 00:50 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2019-07-13 18:21 - 2019-06-18 00:39 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2019-07-13 18:21 - 2019-06-18 00:38 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2019-07-13 18:21 - 2019-06-18 00:32 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2019-07-13 18:21 - 2019-06-18 00:29 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2019-07-13 18:21 - 2019-06-18 00:29 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2019-07-13 18:21 - 2019-06-18 00:29 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2019-07-13 18:21 - 2019-06-18 00:23 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2019-07-13 18:21 - 2019-06-18 00:16 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2019-07-13 18:21 - 2019-06-18 00:13 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2019-07-13 18:21 - 2019-06-18 00:10 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2019-07-13 18:21 - 2019-06-18 00:04 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2019-07-13 18:21 - 2019-06-18 00:03 - 013706752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2019-07-13 18:21 - 2019-06-18 00:03 - 002060288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2019-07-13 18:21 - 2019-06-18 00:03 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2019-07-13 18:21 - 2019-06-18 00:03 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2019-07-13 18:21 - 2019-06-18 00:02 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2019-07-13 18:21 - 2019-06-17 23:41 - 001323008 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2019-07-13 18:21 - 2019-06-17 23:39 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2019-07-13 18:21 - 2019-06-13 00:23 - 000135400 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2019-07-13 18:21 - 2019-06-13 00:17 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2019-07-13 18:21 - 2019-06-12 12:25 - 001310520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2019-07-13 18:21 - 2019-06-12 12:24 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll 2019-07-13 18:21 - 2019-06-12 12:24 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2019-07-13 18:21 - 2019-06-12 12:24 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2019-07-13 18:21 - 2019-06-12 12:23 - 004057320 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2019-07-13 18:21 - 2019-06-12 12:23 - 003964136 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2019-07-13 18:21 - 2019-06-12 12:23 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll 2019-07-13 18:21 - 2019-06-12 12:23 - 000078568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2019-07-13 18:21 - 2019-06-12 12:21 - 012574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2019-07-13 18:21 - 2019-06-12 12:21 - 011411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2019-07-13 18:21 - 2019-06-12 12:21 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2019-07-13 18:21 - 2019-06-12 12:20 - 003207168 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2019-07-13 18:21 - 2019-06-12 12:20 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2019-07-13 18:21 - 2019-06-12 12:20 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2019-07-13 18:21 - 2019-06-12 12:20 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2019-07-13 18:21 - 2019-06-12 12:20 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2019-07-13 18:21 - 2019-06-12 12:20 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2019-07-13 18:21 - 2019-06-12 12:20 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2019-07-13 18:21 - 2019-06-12 12:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2019-07-13 18:21 - 2019-06-12 12:20 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2019-07-13 18:21 - 2019-06-12 12:20 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll 2019-07-13 18:21 - 2019-06-12 12:20 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2019-07-13 18:21 - 2019-06-12 12:20 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2019-07-13 18:21 - 2019-06-12 12:20 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2019-07-13 18:21 - 2019-06-12 12:19 - 001005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2019-07-13 18:21 - 2019-06-12 12:19 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2019-07-13 18:21 - 2019-06-12 12:19 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2019-07-13 18:21 - 2019-06-12 12:19 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2019-07-13 18:21 - 2019-06-12 12:19 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2019-07-13 18:21 - 2019-06-12 12:19 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2019-07-13 18:21 - 2019-06-12 12:19 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2019-07-13 18:21 - 2019-06-12 12:19 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2019-07-13 18:21 - 2019-06-12 12:06 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2019-07-13 18:21 - 2019-06-12 12:05 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2019-07-13 18:21 - 2019-06-12 11:58 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2019-07-13 18:21 - 2019-06-12 11:55 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2019-07-13 18:21 - 2019-06-12 11:55 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2019-07-13 18:21 - 2019-06-12 11:55 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2019-07-13 18:21 - 2019-06-12 11:55 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2019-07-13 18:21 - 2019-06-12 11:54 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2019-07-13 18:21 - 2019-06-12 11:52 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2019-07-13 18:21 - 2019-06-12 11:51 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2019-07-13 18:21 - 2019-06-12 11:51 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys 2019-07-13 18:21 - 2019-06-12 11:50 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2019-07-13 18:21 - 2019-06-12 11:49 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\Dism.exe 2019-07-13 18:21 - 2019-06-12 11:48 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2019-07-13 18:21 - 2019-06-12 11:48 - 000314880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2019-07-13 18:21 - 2019-06-12 11:48 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2019-07-13 18:21 - 2019-06-12 11:48 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2019-07-13 18:21 - 2019-06-12 11:48 - 000116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2019-07-13 18:21 - 2019-06-12 11:48 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2019-07-13 18:21 - 2019-06-12 11:47 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2019-07-13 18:21 - 2019-06-12 11:47 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys 2019-07-13 18:21 - 2019-06-12 11:47 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys 2019-07-13 18:21 - 2019-06-12 11:47 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys 2019-07-13 18:21 - 2019-06-12 11:47 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys 2019-07-13 18:21 - 2019-06-12 11:47 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys 2019-07-13 18:21 - 2019-06-12 11:47 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys 2019-07-13 18:21 - 2019-06-12 11:47 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2019-07-13 18:21 - 2019-06-10 23:59 - 002703360 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2019-07-13 18:21 - 2019-06-10 23:59 - 001460224 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2019-07-13 18:21 - 2019-06-10 23:59 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2019-07-13 18:21 - 2019-06-10 23:59 - 000535040 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2019-07-13 18:21 - 2019-06-10 23:59 - 000378368 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2019-07-13 18:21 - 2019-06-10 23:59 - 000366080 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2019-07-13 18:21 - 2019-06-10 23:59 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2019-07-13 18:21 - 2019-06-10 23:59 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2019-07-13 18:21 - 2019-06-09 12:20 - 003229184 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2019-07-13 18:21 - 2019-06-09 12:19 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2019-07-13 18:21 - 2019-06-09 12:04 - 001053184 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2019-07-13 18:21 - 2019-06-09 12:04 - 000223744 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2019-07-13 18:21 - 2019-06-09 12:04 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2019-07-13 18:21 - 2019-06-07 12:18 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll 2019-07-13 18:21 - 2019-06-07 11:55 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll 2019-07-13 18:21 - 2019-06-03 20:10 - 000751104 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2019-07-13 18:21 - 2019-06-03 20:10 - 000304640 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll 2019-07-13 18:21 - 2019-06-02 01:07 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe 2019-07-13 18:21 - 2019-05-24 20:59 - 012880384 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2019-07-13 18:21 - 2019-05-24 20:58 - 001499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2019-07-13 18:21 - 2019-05-22 22:58 - 000307200 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2019-07-13 18:21 - 2019-05-22 21:31 - 001988096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2019-07-13 18:21 - 2019-05-17 15:14 - 000251112 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2019-07-13 18:21 - 2019-05-13 11:44 - 001311744 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll 2019-07-13 18:21 - 2019-05-13 11:44 - 000353280 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll 2019-07-13 18:21 - 2019-05-13 11:44 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll 2019-07-13 18:21 - 2019-05-13 11:44 - 000313344 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll 2019-07-13 18:21 - 2019-05-13 11:44 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll 2019-07-13 18:21 - 2019-05-09 12:20 - 000105192 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2019-07-13 18:21 - 2019-05-09 12:18 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll 2019-07-13 18:21 - 2019-05-09 12:17 - 001806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2019-07-13 18:21 - 2019-05-09 12:17 - 000805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll 2019-07-13 18:21 - 2019-05-09 12:17 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2019-07-13 18:21 - 2019-04-29 22:56 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2019-07-13 18:21 - 2019-04-25 12:18 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll 2019-07-13 18:21 - 2019-04-24 12:20 - 001311464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2019-07-13 18:21 - 2019-04-24 12:20 - 000240864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2019-07-13 18:21 - 2019-04-24 12:19 - 000187624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2019-07-13 18:21 - 2019-04-18 23:55 - 000053992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys 2019-07-13 18:21 - 2019-04-18 23:54 - 000154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys 2019-07-13 18:21 - 2019-04-18 23:54 - 000104680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS 2019-07-13 18:21 - 2019-04-18 23:54 - 000057064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS 2019-07-13 18:21 - 2019-04-18 23:54 - 000052968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys 2019-07-13 18:21 - 2019-04-18 23:54 - 000052968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VIAAGP.SYS 2019-07-13 18:21 - 2019-04-18 23:54 - 000052968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys 2019-07-13 18:21 - 2019-04-18 23:54 - 000051944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SISAGP.SYS 2019-07-13 18:21 - 2019-04-18 23:54 - 000046312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys 2019-07-13 18:21 - 2019-04-18 23:54 - 000032488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys 2019-07-13 18:21 - 2019-04-18 23:54 - 000021736 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll 2019-07-13 18:21 - 2019-04-18 23:54 - 000013544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys 2019-07-13 18:21 - 2019-04-18 23:54 - 000011880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys 2019-07-13 18:21 - 2019-04-18 23:53 - 000052968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AMDAGP.SYS 2019-07-13 18:21 - 2019-04-14 02:42 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000914584 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000065784 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000021752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000018680 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000017352 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000017144 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000015608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000015096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000013560 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000013560 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000013048 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000011728 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll 2019-07-13 18:21 - 2019-04-12 10:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll 2019-07-13 18:21 - 2019-04-09 12:17 - 002953216 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2019-07-13 18:21 - 2019-04-09 12:17 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2019-07-13 18:21 - 2019-04-09 12:14 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2019-07-13 18:21 - 2019-04-09 12:05 - 002092032 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2019-07-13 18:21 - 2019-04-09 12:05 - 000573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2019-07-13 18:21 - 2019-04-09 12:05 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2019-07-13 18:21 - 2019-04-09 12:05 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2019-07-13 18:21 - 2019-04-09 12:05 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2019-07-13 18:21 - 2019-04-09 12:05 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2019-07-13 18:21 - 2019-04-07 12:17 - 001064448 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll 2019-07-13 18:21 - 2019-04-07 12:17 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll 2019-07-13 18:21 - 2019-04-07 11:52 - 000335872 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe 2019-07-13 18:21 - 2019-04-07 11:49 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll 2019-07-13 18:21 - 2019-04-07 11:49 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe 2019-07-13 18:21 - 2019-04-07 11:48 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2019-07-13 18:21 - 2019-04-07 11:42 - 000475648 _____ (Microsoft Corporation) C:\Windows\system32\msxbde40.dll 2019-07-13 18:21 - 2019-04-07 11:42 - 000376320 _____ (Microsoft Corporation) C:\Windows\system32\mspbde40.dll 2019-07-13 18:21 - 2019-04-07 10:04 - 000535656 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2019-07-13 18:21 - 2019-03-28 22:35 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys 2019-07-13 18:21 - 2019-03-11 18:33 - 000827904 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2019-07-13 18:21 - 2019-03-11 18:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2019-07-13 18:21 - 2019-03-11 18:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2019-07-13 18:21 - 2019-03-11 18:19 - 000920576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2019-07-13 18:21 - 2019-03-11 18:19 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2019-07-13 18:21 - 2019-03-11 18:19 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys 2019-07-13 18:21 - 2019-03-04 23:40 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2019-07-13 18:21 - 2019-03-04 23:40 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys 2019-07-13 18:21 - 2019-02-21 12:43 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe 2019-07-13 18:21 - 2019-02-21 12:36 - 000188928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys 2019-07-13 18:21 - 2019-02-15 12:58 - 000320512 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll 2019-07-13 18:21 - 2019-02-15 12:38 - 000360960 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2019-07-13 18:21 - 2019-02-15 12:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe 2019-07-13 18:21 - 2019-02-07 12:57 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\bridgeres.dll 2019-07-13 18:21 - 2019-02-07 12:53 - 000078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys 2019-07-13 18:21 - 2019-02-07 12:42 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\bridgeunattend.exe 2019-07-13 18:21 - 2019-02-03 12:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys 2019-07-13 18:21 - 2018-12-07 23:56 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll 2019-07-13 18:21 - 2018-12-07 23:56 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp 2019-07-13 18:21 - 2018-12-07 23:41 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys 2019-07-13 18:21 - 2018-12-07 23:41 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys 2019-07-13 18:21 - 2018-12-07 23:41 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp 2019-07-13 18:21 - 2018-12-07 23:41 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll 2019-07-13 18:21 - 2018-12-07 23:41 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll 2019-07-13 18:21 - 2018-12-07 23:41 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys 2019-07-13 18:21 - 2018-12-04 12:55 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll 2019-07-13 18:21 - 2018-11-11 13:49 - 000162536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys 2019-07-13 18:21 - 2018-10-27 00:27 - 000173568 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll 2019-07-13 18:21 - 2018-10-27 00:27 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2019-07-13 18:21 - 2018-10-27 00:27 - 000121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2019-07-13 18:21 - 2018-10-27 00:04 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe 2019-07-13 18:21 - 2018-10-27 00:04 - 000126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2019-07-13 18:21 - 2018-10-27 00:04 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll 2019-07-13 18:21 - 2018-09-22 23:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2019-07-13 18:21 - 2018-09-22 23:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll 2019-07-13 18:21 - 2018-09-22 23:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2019-07-13 18:21 - 2018-09-22 23:21 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll 2019-07-13 18:21 - 2018-09-08 21:46 - 000730824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2019-07-13 18:21 - 2018-09-08 21:46 - 000219336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2019-07-13 18:21 - 2018-09-08 21:44 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll 2019-07-13 18:21 - 2018-09-08 21:42 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2019-07-13 18:21 - 2018-08-28 02:41 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys 2019-07-13 18:21 - 2018-08-12 17:14 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll 2019-07-13 18:21 - 2018-08-10 12:40 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll 2019-07-13 18:21 - 2018-08-10 12:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys 2019-07-13 18:21 - 2018-08-10 12:20 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll 2019-07-13 18:21 - 2018-08-03 12:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll 2019-07-13 18:21 - 2018-07-18 12:14 - 000068608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys 2019-07-13 18:21 - 2018-07-06 12:54 - 000713408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2019-07-13 18:21 - 2018-06-29 12:40 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll 2019-07-13 18:21 - 2018-06-29 12:10 - 000389632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys 2019-07-13 18:21 - 2018-06-27 12:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll 2019-07-13 18:21 - 2018-06-08 12:55 - 000330240 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll 2019-07-13 18:21 - 2018-06-08 12:28 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe 2019-07-13 18:21 - 2018-05-10 21:40 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll 2019-07-13 18:21 - 2018-05-02 12:30 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2019-07-13 18:21 - 2018-05-02 12:30 - 000259584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2019-07-13 18:21 - 2018-05-02 12:30 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2019-07-13 18:21 - 2018-05-02 12:30 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2019-07-13 18:21 - 2018-05-02 12:30 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2019-07-13 18:21 - 2018-05-02 12:30 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2019-07-13 18:21 - 2018-05-02 12:29 - 000006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2019-07-13 18:21 - 2018-04-25 12:17 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys 2019-07-13 15:12 - 2018-11-17 23:59 - 000410080 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2019-07-13 15:12 - 2018-11-17 23:43 - 000374872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2019-07-13 12:50 - 2019-07-13 12:51 - 005660510 _____ (Swearware) C:\Users\Leonardo\Downloads\ComboFix.exe 2019-07-13 12:50 - 2019-07-13 12:50 - 000001001 _____ C:\Users\Public\Desktop\RogueKiller.lnk 2019-07-13 12:50 - 2019-07-13 12:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller 2019-07-13 12:50 - 2019-07-13 12:50 - 000000000 ____D C:\Program Files\RogueKiller 2019-07-13 12:18 - 2019-07-21 09:57 - 000000000 ____D C:\Users\Leonardo\AppData\Local\CrashDumps 2019-07-13 10:30 - 2019-07-13 10:33 - 000000000 ____D C:\Users\Todos os Usuários\RogueKiller 2019-07-13 10:30 - 2019-07-13 10:33 - 000000000 ____D C:\ProgramData\RogueKiller 2019-07-13 10:27 - 2019-07-13 10:29 - 027535928 _____ C:\Users\Leonardo\Downloads\RogueKiller_portable32.exe 2019-07-13 10:13 - 2019-07-13 10:13 - 000000000 ____D C:\Users\Leonardo\AppData\Local\Malware_Research 2019-07-11 22:45 - 2019-07-11 22:45 - 000000000 ____D C:\Users\Leonardo\AppData\Local\A 2019-07-11 22:45 - 2017-05-04 21:53 - 000000184 _____ C:\Users\Todos os Usuários\dbdems.dll 2019-07-11 22:45 - 2017-05-04 21:53 - 000000184 _____ C:\ProgramData\dbdems.dll 2019-07-11 21:04 - 2019-07-11 21:04 - 000033280 _____ (Geeky Productions) C:\Users\Leonardo\Downloads\folder-vanity-remover-1.5.exe 2019-07-10 23:03 - 2019-07-10 23:04 - 000000000 _____ C:\Windows\system32\wmic 2019-07-10 22:38 - 2019-07-10 22:38 - 000000000 ____D C:\Windows\pss 2019-07-10 22:37 - 2019-07-10 22:37 - 000184060 _____ C:\Users\Leonardo\Downloads\cc_20190710_223719.reg 2019-07-10 22:25 - 2019-07-10 22:25 - 000000965 _____ C:\Users\Public\Desktop\CCleaner.lnk 2019-07-10 22:25 - 2019-07-10 22:25 - 000000000 ____D C:\Program Files\CCleaner 2019-07-10 21:39 - 2019-07-13 10:50 - 000007628 _____ C:\Users\Leonardo\AppData\Local\Resmon.ResmonCfg 2019-07-10 19:34 - 2019-07-10 19:34 - 000173512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2019-07-10 19:29 - 2019-07-10 19:29 - 000002020 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-07-10 19:29 - 2019-07-10 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-07-10 19:29 - 2019-07-10 19:29 - 000000000 ____D C:\Program Files\Malwarebytes 2019-07-10 19:29 - 2019-01-08 16:32 - 000128552 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys 2019-07-09 23:39 - 2019-07-09 23:39 - 004389701 _____ C:\Users\Leonardo\Downloads\ResilientWebDesign.epub 2019-07-09 19:46 - 2019-07-09 19:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote 2019-07-09 19:26 - 2019-07-09 19:26 - 007025360 _____ (Malwarebytes) C:\Users\Leonardo\Desktop\adwcleaner_7.3.exe 2019-07-08 13:50 - 2019-04-01 11:49 - 000288768 _____ (Microsoft Corporation) C:\Windows\system32\sipnotify.exe 2019-07-04 22:41 - 2019-07-04 22:49 - 006732110 _____ C:\Users\Leonardo\Downloads\PRODUTOS ORGÂNICOS (Hidequileni Santos) (Hidequileni Santos) (Hidequileni Santos).pptx 2019-07-01 14:09 - 2019-07-01 14:13 - 002570046 _____ C:\Users\Leonardo\Downloads\Um Piano Para Cavalos Altos - Sandro William Junqueira.epub 2019-06-28 14:16 - 2019-06-28 14:16 - 000046266 _____ C:\Users\Leonardo\Downloads\BO.pdf 2019-06-27 11:59 - 2019-06-27 11:59 - 000092532 _____ C:\Users\Leonardo\Downloads\E__INTERFACE_DEDIC_INT_PROD_TempPDF_DV18713210189_20190627115848.pdf_11-58.pdf 2019-06-27 11:59 - 2019-06-27 11:59 - 000000088 _____ C:\Users\Leonardo\Downloads\Finalização do Comunicado.txt 2019-06-26 18:21 - 2019-06-26 18:49 - 000000000 ____D C:\Users\Leonardo\Downloads\backup 2019-06-25 22:54 - 2019-06-25 22:54 - 000801191 _____ C:\Users\Leonardo\Downloads\Encontro com Rama - Arthur C. Clarke.epub 2019-06-25 22:52 - 2019-06-25 22:52 - 001012608 _____ C:\Users\Leonardo\Downloads\Duna - Frank Herbert.epub ==================== Um mês (modificados) ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2019-07-21 11:40 - 2009-07-14 01:34 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-07-21 11:40 - 2009-07-14 01:34 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-07-21 11:32 - 2018-05-25 17:23 - 000000000 ____D C:\Users\Todos os Usuários\Kaspersky Lab 2019-07-21 11:32 - 2018-05-25 17:23 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2019-07-21 11:31 - 2009-07-14 01:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-07-21 09:56 - 2018-09-15 22:53 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\Mp3tag 2019-07-18 22:52 - 2018-10-28 21:21 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\MusicBee 2019-07-18 16:05 - 2018-05-28 00:47 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\vlc 2019-07-18 14:08 - 2018-05-23 22:30 - 000000000 ____D C:\Users\Leonardo\Desktop\Filmes 2019-07-17 21:06 - 2019-03-08 08:48 - 001179648 ___SH C:\Users\Leonardo\Desktop\Thumbs.db 2019-07-17 14:10 - 2011-04-12 01:47 - 000706004 _____ C:\Windows\system32\prfh0416.dat 2019-07-17 14:10 - 2011-04-12 01:47 - 000147848 _____ C:\Windows\system32\prfc0416.dat 2019-07-17 14:10 - 2010-11-20 18:01 - 001635822 _____ C:\Windows\system32\PerfStringBackup.INI 2019-07-17 14:10 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\inf 2019-07-16 23:03 - 2018-11-23 19:04 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\Code 2019-07-15 21:30 - 2018-05-25 16:32 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-07-15 21:30 - 2018-05-25 16:32 - 000002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-07-15 15:45 - 2018-05-25 23:56 - 000000000 ___RD C:\Users\Leonardo\Google Drive 2019-07-13 19:59 - 2019-03-28 22:33 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\calibre 2019-07-13 19:59 - 2018-09-23 10:23 - 000000000 ____D C:\Users\Leonardo\Documents\Allavsoft 2019-07-13 19:59 - 2018-09-23 10:23 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\Allavsoft 2019-07-13 19:03 - 2018-05-25 15:26 - 000000000 ____D C:\Users\Leonardo 2019-07-13 19:00 - 2009-07-14 01:33 - 000296408 _____ C:\Windows\system32\FNTCACHE.DAT 2019-07-13 18:58 - 2018-06-05 23:08 - 000000000 ___SD C:\Windows\system32\CompatTel 2019-07-13 18:58 - 2018-06-05 23:08 - 000000000 ____D C:\Windows\system32\appraiser 2019-07-13 18:58 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\system32\Dism 2019-07-13 18:40 - 2018-06-04 23:51 - 000000000 ____D C:\Program Files\Microsoft Office 2019-07-13 18:34 - 2018-09-29 16:10 - 000000000 ____C C:\Windows\system32\MRT.exe 2019-07-13 18:05 - 2018-05-26 16:44 - 000000000 ____D C:\Users\Leonardo\AppData\Local\Spotify 2019-07-13 18:05 - 2018-05-26 16:42 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\Spotify 2019-07-13 18:02 - 2019-02-04 16:35 - 000000000 ____D C:\Users\Leonardo\Downloads\Playlists 2019-07-13 14:31 - 2018-09-23 10:23 - 000001264 _____ C:\Users\Public\Desktop\Allavsoft.lnk 2019-07-13 14:22 - 2018-11-04 12:26 - 000000989 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk 2019-07-13 14:22 - 2018-06-10 07:19 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\Notepad++ 2019-07-13 14:22 - 2018-06-10 07:19 - 000000000 ____D C:\Program Files\Notepad++ 2019-07-13 12:06 - 2018-09-10 00:23 - 000000000 ____D C:\Windows\system32\RTCOM 2019-07-13 12:06 - 2018-09-10 00:23 - 000000000 ____D C:\Windows\system32\DAX3 2019-07-13 12:06 - 2018-09-10 00:23 - 000000000 ____D C:\Windows\system32\DAX2 2019-07-11 22:38 - 2018-05-25 17:33 - 000068536 _____ C:\Users\Leonardo\AppData\Local\GDIPFONTCACHEV1.DAT 2019-07-11 21:26 - 2019-03-28 22:33 - 000000000 ____D C:\Users\Leonardo\Biblioteca do calibre 2019-07-11 21:09 - 2018-09-18 21:49 - 000000000 ___RD C:\Users\Leonardo\Documents\Scanned Documents 2019-07-11 21:09 - 2018-09-09 23:55 - 000000000 ____D C:\Users\Leonardo\AppData\LocalLow\IObit 2019-07-11 21:09 - 2017-04-15 22:24 - 000000000 ____D C:\Users\Leonardo\Desktop\Séries 2019-07-11 21:08 - 2019-01-23 00:54 - 000000000 ____D C:\Users\Leonardo\AppData\Local\Movavi 2019-07-11 21:08 - 2018-05-25 15:34 - 000000000 ____D C:\Users\Leonardo\AppData\Local\Google 2019-07-10 22:50 - 2018-05-26 00:52 - 000001187 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2019-07-10 22:50 - 2018-05-26 00:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2019-07-10 22:35 - 2018-05-25 14:45 - 000000000 ____D C:\Windows\Panther 2019-07-10 22:35 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\ModemLogs 2019-07-09 17:04 - 2018-07-30 19:22 - 000606264 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2019-07-09 16:16 - 2018-11-23 19:04 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code 2019-07-08 22:27 - 2018-09-07 22:47 - 000000000 ____D C:\Users\Leonardo\Documents\Folhas 2019-07-08 12:42 - 2018-05-25 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google 2019-07-07 14:35 - 2009-07-14 01:53 - 000032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2019-07-05 23:50 - 2019-06-10 21:09 - 000000132 _____ C:\Users\Leonardo\AppData\Roaming\Preferências do Formato PNG do Adobe CS6 2019-07-03 16:48 - 2018-09-30 20:05 - 000000000 ____D C:\Users\Leonardo\Documents\Mestrado 2019-07-02 21:06 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\system32\NDF 2019-07-01 12:07 - 2019-03-28 22:34 - 000000000 ____D C:\Users\Leonardo\AppData\Local\calibre-cache 2019-06-28 14:31 - 2018-05-28 00:46 - 000001024 _____ C:\Users\Public\Desktop\VLC media player.lnk ==================== Arquivos na raiz de alguns diretórios ================ 2019-07-11 22:45 - 2017-05-04 21:53 - 000000184 _____ () C:\ProgramData\dbdems.dll 2019-07-11 22:45 - 2017-05-04 21:53 - 000000184 _____ () C:\Users\Todos os Usuários\dbdems.dll 2019-06-10 21:09 - 2019-07-05 23:50 - 000000132 _____ () C:\Users\Leonardo\AppData\Roaming\Preferências do Formato PNG do Adobe CS6 2019-07-10 21:39 - 2019-07-13 10:50 - 000007628 _____ () C:\Users\Leonardo\AppData\Local\Resmon.ResmonCfg ==================== FCheck ================================ (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) FCheck: C:\Windows\system32\MRT.exe [2019-07-13]<==== ATENÇÃO (zero byte Arquivo/Pasta) ==================== SigCheck =============================== (Não há correção automática para arquivos que não passaram na verificação.) LastRegBack: 2019-07-02 16:11 ==================== Fim de FRST.txt ============================ Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão: 15-07-2019 01 Executado por Leonardo (21-07-2019 11:45:51) Executando a partir de C:\Users\Leonardo\Desktop Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2018-05-25 18:26:41) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-2986364124-4249652038-960724708-500 - Administrator - Disabled) Convidado (S-1-5-21-2986364124-4249652038-960724708-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2986364124-4249652038-960724708-1002 - Limited - Enabled) Leonardo (S-1-5-21-2986364124-4249652038-960724708-1001 - Administrator - Enabled) => C:\Users\Leonardo ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: Kaspersky Free (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8} AS: Kaspersky Free (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) 4K Video Downloader 4.4 (HKLM\...\{AA5C80E7-8876-4026-A0D0-582D8EFBA2E1}) (Version: 4.4.7.2307 - Open Media LLC) Allavsoft 3.17.6.7130 (HKLM\...\{6EBED4D8-13D9-4270-8D44-B57DDB7A787C}_is1) (Version: - Allavsoft Corporation) ASIO4ALL (HKLM\...\ASIO4ALL) (Version: 2.12 - Michael Tippach) Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft) Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft) Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft) Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft) Backup and Sync from Google (HKLM\...\{2220EB12-4C3F-4203-996A-2D55BD1FF3A6}) (Version: 3.45.5545.5747 - Google, Inc.) calibre (HKLM\...\{ED468F84-6B55-4FFD-A0C2-3C2064696A88}) (Version: 3.40.1 - Kovid Goyal) CCleaner (HKLM\...\CCleaner) (Version: 5.59 - Piriform) Epic Games Launcher Prerequisites (x86) (HKLM\...\{B633DAAD-9294-4C7D-A625-D5B741A8C2B6}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Estúdio Conversor de Vídeo Apowersoft V4.4.8 (HKLM\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.4.8 - APOWERSOFT LIMITED) Evernote v. 6.19.2 (HKLM\...\{B02117F0-97C1-11E9-9D3F-005056951CAD}) (Version: 6.19.2.8555 - Evernote Corp.) FL Studio 12 (HKLM\...\FL Studio 12) (Version: - Image-Line) FL Studio ASIO (HKLM\...\FL Studio ASIO) (Version: - Image-Line) Google Chrome (HKLM\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC) Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden HP Deskjet 2050 J510 series Ajuda (HKLM\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard) HP Deskjet 2050 J510 series Software básico do dispositivo (HKLM\...\{6A653EE1-F8B9-4885-BB4A-E9D9481F626C}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) IL Download Manager (HKLM\...\IL Download Manager) (Version: - Image-Line) Kaspersky Free (HKLM\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden Kaspersky Free (HKLM\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Launcher Prerequisites (x86) (HKLM\...\{ec50c375-be9a-4642-9b8c-86dcc42e39c3}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Malwarebytes versão 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes) Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation) Microsoft .NET Framework 4.7.2 (Português (Brasil)) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.7.03062 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2986364124-4249652038-960724708-1001\...\{D628A17A-9713-46BF-8D57-E671B46A741E}_is1) (Version: 1.36.1 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) MKVToolNix 31.0.0 (32-bit) (HKLM\...\MKVToolNix) (Version: 31.0.0 - Moritz Bunkus) Mp3tag v2.90 (HKLM\...\Mp3tag) (Version: 2.90 - Florian Heidenreich) MusicBee 3.2 (HKLM\...\MusicBee) (Version: 3.2 - Steven Mayall) Notepad++ (32-bit x86) (HKLM\...\Notepad++) (Version: 7.7.1 - Notepad++ Team) Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.) RogueKiller version 13.3.1.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.3.1.0 - Adlice Software) SoundWire Server version 2.5 (HKLM\...\{E15658BC-7742-4397-999F-98B1BD11B784}_is1) (Version: 2.5 - GeorgieLabs) Spotify (HKU\S-1-5-21-2986364124-4249652038-960724708-1001\...\Spotify) (Version: 1.1.9.383.g9f48828e - Spotify AB) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN) WinRAR 5.50 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-2986364124-4249652038-960724708-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2986364124-4249652038-960724708-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2986364124-4249652038-960724708-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2986364124-4249652038-960724708-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2986364124-4249652038-960724708-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2986364124-4249652038-960724708-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2019-06-27] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2019-06-27] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2019-06-27] (Google LLC -> Google) ContextMenuHandlers1: [ANotepad++] -> {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-06-16] (Notepad++ -> ) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2019-06-27] (Google LLC -> Google) ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\shellex.dll [2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell32.dll [2018-07-12] (Florian Heidenreich) [Arquivo não assinado] ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\shellex.dll [2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell32.dll [2018-07-12] (Florian Heidenreich) [Arquivo não assinado] ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2019-06-27] (Google LLC -> Google) ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\shellex.dll [2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell32.dll [2018-07-12] (Florian Heidenreich) [Arquivo não assinado] ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-02-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\shellex.dll [2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ==================== Atalhos & WMI ======================== (As entradas podem ser listadas para serem restauradas ou removidas.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] ShortcutWithArgument: C:\Users\Leonardo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b8da4a38624bbb1e\Feedback.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gfdkimpbcpahaombhbimeihdjnejgicl ==================== Módulos Carregados (Whitelisted) ============== 2018-07-12 13:17 - 2018-07-12 13:17 - 000307712 _____ (Florian Heidenreich) [Arquivo não assinado] C:\Program Files\Mp3tag\Mp3tagShell32.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) HKU\S-1-5-21-2986364124-4249652038-960724708-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATENÇÃO ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) ==================== Hosts Conteúdo: ========================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-13 23:04 - 2014-09-01 09:39 - 000000970 _____ C:\Windows\system32\drivers\etc\hosts 127.0.0.1 activation.cloud.techsmith.com 127.0.0.1 oscount.techsmith.com 127.0.0.1 65.52.240.48 127.0.0.1 69.167.144.18 ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-2986364124-4249652038-960724708-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Leonardo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == Se uma entrada for incluída na fixlist, será removida. MSCONFIG\startupfolder: C:^Users^Leonardo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\Windows\pss\EvernoteClipper.lnk.Startup ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{8D8B880C-A62A-4028-8128-ED1105024BE6}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{E13F6084-980C-4734-A2EE-31913416C8E4}C:\users\leonardo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leonardo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{0A74798A-196D-4159-B6AF-08A355EF861D}C:\users\leonardo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leonardo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{3F97924A-263F-4D79-9FA8-020F7E9C3ABF}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{AA0749E3-D1B2-45CF-9DDB-BE8CD8156F6A}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [{988DB853-98C3-422A-9F84-9B9F5AC9AA50}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [TCP Query User{0F5CA984-0915-4A07-BF4D-B0D07AECBEB8}C:\users\leonardo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\leonardo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{700F6FF0-939B-44C3-9D72-CDD5EB80F445}C:\users\leonardo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\leonardo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{7BCFE7DE-B442-4FB9-ABAE-77CF627C5BC7}] => (Allow) C:\Program Files\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft) FirewallRules: [{60289707-739D-4C17-B89F-6E94470A3032}] => (Allow) C:\Program Files\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft) FirewallRules: [TCP Query User{E3649298-6344-42E1-9899-9AFC40144ED6}C:\program files\musicbee\musicbee.exe] => (Allow) C:\program files\musicbee\musicbee.exe (Steven Mayall) [Arquivo não assinado] FirewallRules: [UDP Query User{67302FCF-7FAC-45F4-8786-C353CDFC1A35}C:\program files\musicbee\musicbee.exe] => (Allow) C:\program files\musicbee\musicbee.exe (Steven Mayall) [Arquivo não assinado] FirewallRules: [TCP Query User{96AFEB35-F737-4111-9F87-E6EFF55D3CAF}C:\program files\soundwire server\soundwireserver.exe] => (Allow) C:\program files\soundwire server\soundwireserver.exe (GeorgieLabs) [Arquivo não assinado] FirewallRules: [UDP Query User{818687F5-2C10-41FC-9C61-10D6AA815C5F}C:\program files\soundwire server\soundwireserver.exe] => (Allow) C:\program files\soundwire server\soundwireserver.exe (GeorgieLabs) [Arquivo não assinado] FirewallRules: [TCP Query User{4808DC2E-B12D-49E0-913D-0B9D32E8B5E4}C:\program files\soundwire server\soundwireserver.exe] => (Allow) C:\program files\soundwire server\soundwireserver.exe (GeorgieLabs) [Arquivo não assinado] FirewallRules: [UDP Query User{68DABDB7-0540-425D-A72B-506F01639C2B}C:\program files\soundwire server\soundwireserver.exe] => (Allow) C:\program files\soundwire server\soundwireserver.exe (GeorgieLabs) [Arquivo não assinado] FirewallRules: [TCP Query User{23F93359-2492-41F0-8B65-4D123A5C0A6E}C:\users\leonardo\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\leonardo\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{EDD87850-4B4C-493C-A4FB-7231169C6C9F}C:\users\leonardo\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\leonardo\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{1D5A43C9-4D40-4ECC-AA29-A8E10C710678}C:\users\leonardo\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\leonardo\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{5A426BEE-7475-4674-8EC2-C0AE5E10B793}C:\users\leonardo\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\leonardo\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8BAA25CB-DF2E-4D8F-B644-871AC887F8F3}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Pontos de Restauração ========================= 09-07-2019 19:36:03 Installed Evernote v. 6.19.2 13-07-2019 15:13:02 Windows Update 13-07-2019 18:23:19 Windows Update ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (07/21/2019 11:33:19 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/21/2019 09:56:58 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: 4kvideodownloader.exe, versão: 4.7.3.2742, carimbo de hora: 0x5cfa8ad1 Nome do módulo de falhas: unknown, versão: 0.0.0.0, carimbo de hora: 0x00000000 Código de exceção: 0xc0000005 Deslocamento com falha: 0xd898f400 Identificação do processo com falha: 0x1628 Hora de início do aplicativo com falha: 0x01d53fc34256c572 Caminho do aplicativo com falha: C:\Program Files\4KDownload\4kvideodownloader\4kvideodownloader.exe FCaminho do módulo de falhas: unknown Identificação do Relatório: 05de7509-abb7-11e9-a18a-00030de347c7 Error: (07/21/2019 09:49:01 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/18/2019 10:25:03 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/18/2019 03:46:22 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/18/2019 02:08:31 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/17/2019 07:59:29 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/17/2019 02:03:30 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Erros de Sistema: ============= Error: (07/21/2019 10:05:04 AM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: O serviço Diagnostics Tracking Service não foi desligado corretamente após receber um controle de pré-desligamento. Error: (07/21/2019 09:59:12 AM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT) Description: O seguinte alerta fatal foi recebido: 70. Error: (07/21/2019 09:59:12 AM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT) Description: O seguinte alerta fatal foi recebido: 70. Error: (07/18/2019 03:50:46 PM) (Source: Disk) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR2. Error: (07/18/2019 03:50:45 PM) (Source: Disk) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR2. Error: (07/18/2019 03:50:45 PM) (Source: Disk) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR2. Error: (07/18/2019 03:50:44 PM) (Source: Disk) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR2. Error: (07/18/2019 03:50:44 PM) (Source: Disk) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR2. Windows Defender: =================================== Date: 2018-10-11 12:52:51.930 Description: Digitalização de Windows Defender interrompida antes da conclusão. ID da Digitalização:{32FAA14D-9763-4CE6-A1C3-0A682A952821} Tipo da Digitalização:Anti-spyware Parâmetros da Digitalização:Verificação Rápida Usuário:Leonardo-PC\Leonardo CodeIntegrity: =================================== Date: 2018-06-05 23:01:02.396 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Free 18.0.0\klelam_X86\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2018-06-05 23:01:02.396 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Free 18.0.0\klelam_X86\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2018-06-05 23:01:02.380 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Free 18.0.0\klelam_X86\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2018-06-05 23:01:02.365 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Free 18.0.0\klelam_X86\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2018-06-05 23:01:02.365 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Free 18.0.0\klelam_X86\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2018-06-05 23:01:02.349 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Free 18.0.0\klelam_X86\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2018-06-04 20:36:19.444 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Free 18.0.0\klelam_X86\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2018-06-04 20:36:19.444 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Free 18.0.0\klelam_X86\klelam.sys because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== BIOS: Intelbras 1.02.INT 06/23/2009 Motherboard: Intelbras S41ILx Processador: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz Percentagem de memória em uso: 80% RAM física total: 2008.88 MB RAM física disponível: 391.43 MB Virtual Total: 4017.76 MB Virtual disponível: 2049.59 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:232.79 GB) (Free:39.95 GB) NTFS \\?\Volume{77a74c84-6043-11e8-93be-806e6f6e6963}\ (Reservado pelo Sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 9CB84DA0) Partition 1: (Active) - (Size=99 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas comunidades sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...

Aprenda a ler resistores e capacitores

EBOOK GRÁTIS!

CLIQUE AQUI E BAIXE AGORA MESMO!