Ir ao conteúdo
  • Cadastre-se

Newton Sandey

Membros Plenos
  • Total de itens

    37
  • Registro em

  • Última visita

  • Qualificações

    0%

Reputação

0

Sobre Newton Sandey

  • Data de Nascimento 24-10-1996 (21 anos)

Informações gerais

  • Cidade e Estado
    Minas Gerais
  1. @EricLS Tentei também e a versão antiga do Widnows não está lá: http://puu.sh/AqnHN/331ed2f718.png adicionado 1 minuto depois @tekinha consegui, obrigado!
  2. Atualizei o Windows hoje e restou esta pasta com a versão antiga, como removo ela? ela ocupa ~10GB o que é muito pra um SSD de 120GB, já tentei remover pela Inicialização Segura mas mesmo assim o sistema não deixou.
  3. @Elias Pereira até então o arquivo sumiu, muito obrigado pela ajuda e pelo conhecimento adquirido
  4. @Elias Pereira FRST: Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 13.03.2018 Executado por Newton (administrador) em NEWTON-PC (13-03-2018 00:45:20) Executando a partir de C:\Users\newto\Desktop Perfis Carregados: Newton (Perfis Disponíveis: Newton) Platform: Windows 10 Pro Versão 1607 14393.2068 (X64) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (AMD) C:\Windows\System32\atiesrxx.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe () C:\Windows\System32\PnkBstrA.exe (Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe (GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe (Electronic Arts) D:\Program Files (x86)\Origin\OriginWebHelperService.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_7\mcapexe.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (AMD) C:\Windows\System32\atieclxx.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe (GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe () D:\Program Files (x86)\puush.exe (Unified Intents AB) D:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Electronic Arts) D:\Program Files (x86)\Origin\Origin.exe (Spotify Ltd) C:\Users\newto\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () D:\Program Files (x86)\Origin\QtWebEngineProcess.exe () D:\Program Files (x86)\Origin\QtWebEngineProcess.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkypeHost.exe (TeamSpeak Systems GmbH) D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe () D:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe () D:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe () D:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe () D:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe (Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (NVIDIA Corporation) C:\Users\newto\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8903176 2016-12-12] (Realtek Semiconductor) HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [393208 2016-06-02] () HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated) HKLM\...\Run: [SERVICE] => [X] HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATENÇÃO Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\...\Run: [puush] => D:\Program Files (x86)\puush.exe [568904 2015-09-24] () HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\...\Run: [Unified Remote V3] => D:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [4340992 2016-07-06] (Unified Intents AB) HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\...\Run: [DAEMON Tools Lite Automount] => D:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-06] (Disc Soft Ltd) HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation) HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\...\Run: [EADM] => D:\Program Files (x86)\Origin\Origin.exe [3100456 2018-02-14] (Electronic Arts) HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\...\Run: [Spotify Web Helper] => C:\Users\newto\AppData\Roaming\Spotify\SpotifyWebHelper.exe [782736 2018-03-02] (Spotify Ltd) HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\...\Policies\Explorer: [] HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\...\MountPoints2: {0647b637-66f2-11e6-9e85-4487fcbaafec} - "G:\NoAutoRun.exe" HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\...\MountPoints2: {23c1951c-4ffa-11e5-9bc3-4487fcbaafec} - "H:\setup.exe" HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\...\MountPoints2: {e689718d-9966-11e6-9f15-4487fcbaafec} - "I:\NoAutoRun.exe" HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\...\MountPoints2: {e6897192-9966-11e6-9f15-4487fcbaafec} - "J:\NoAutoRun.exe" HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\logon.scr IFEO\OSppSvc.exe: [Debugger] KMS-R@1nhook.exe IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nhook.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CheVolume.lnk [2017-10-25] ShortcutTarget: CheVolume.lnk -> D:\Program Files (x86)\WellWeWeb\CheVolume\CheVolume.exe (Nenhum Arquivo) CHR HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\Parameters: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{26b11a49-585f-4b43-a90c-9af3c3d7b25b}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{4b323269-fd03-4e87-8812-2642b841f1c3}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{4b323269-fd03-4e87-8812-2642b841f1c3}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{ef8c49fb-b648-4851-8274-b1331c7549e9}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-01-19] (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-01-19] (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-08-08] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-08-08] (McAfee, Inc.) StartMenuInternet: IEXPLORE.EXE - iexplore.exe Edge: ====== Edge HomeButtonPage: HKU\S-1-5-21-2947653566-3263547115-4119004596-1001 -> hxxp://hao.360.cn/?src=lm&ls=n4134a09b9b FireFox: ======== FF DefaultProfile: 83xfjhb2.default-1513797741531 FF ProfilePath: C:\Users\newto\AppData\Roaming\Mozilla\Firefox\Profiles\83xfjhb2.default-1513797741531 [2018-03-12] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2017-12-15] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-09-27] [Legacy] [não assinado] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-07] () FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-08-08] () FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Nenhum Arquivo] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-07] () FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> D:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Nenhum Arquivo] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> D:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Nenhum Arquivo] FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-18] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-18] (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-08-08] () FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-02-23] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-02-23] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-08] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-08] (Google Inc.) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconf_warsaw.js [2018-03-12] FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\secure_cert.js [2018-03-10] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\autoconf_warsaw.js [2018-03-12] Chrome: ======= CHR DefaultProfile: Profile 4 CHR StartupUrls: Profile 4 -> "chrome://newtab/?source=home","hxxps://www.google.com/","hxxps://www.google.com/" CHR Profile: C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-03-12] CHR Extension: (Google Apresentações) - C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-04] CHR Extension: (Flash Video Downloader) - C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2016-10-04] CHR Extension: (Google Docs) - C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-04] CHR Extension: (Google Drive) - C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-04] CHR Extension: (Turn Off the Lights) - C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2016-10-04] CHR Extension: (YouTube) - C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-04] CHR Extension: (Planilhas do Google) - C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-04] CHR Extension: (Stylish) - C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2016-10-04] CHR Extension: (Documentos Google off-line) - C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-04] CHR Extension: (AdBlock) - C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-10-04] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-04] CHR Extension: (Marc Ecko) - C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\opjonmehjfmkejjifhhknofdnacklmjk [2016-10-04] CHR Extension: (Hover Zoom+) - C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pccckmaobkjjboncdfnnofkonhgpceea [2016-10-04] CHR Extension: (Gmail) - C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-04] CHR Extension: (Chrome Media Router) - C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-04] CHR Profile: C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 2 [2018-03-12] CHR Profile: C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 3 [2018-03-12] CHR Profile: C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 4 [2018-03-13] CHR Extension: (Flash Video Downloader) - C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2018-02-24] CHR Extension: (Documentos) - C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-10] CHR Extension: (Google Drive) - C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-04] CHR Extension: (Turn Off the Lights) - C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2018-03-10] CHR Extension: (Galaxy-View) - C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\dcbeddldohkakodfncjnkkjfojggbahp [2018-03-11] CHR Extension: (Stylish - Custom themes for any website) - C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2018-02-27] CHR Extension: (Documentos Google off-line) - C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-04] CHR Extension: (AdBlock) - C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-07] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22] CHR Extension: (Hover Zoom+) - C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pccckmaobkjjboncdfnnofkonhgpceea [2018-01-06] CHR Extension: (Chrome Media Router) - C:\Users\newto\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-23] ==================== Serviços (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated) R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2015-05-08] (ASUSTeK Computer Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5708808 2018-03-08] () S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1511728 2017-08-10] (McAfee, Inc.) S3 cplspcon; C:\WINDOWS\system32\IntelCpHDCPSvc.exe [439800 2016-06-02] (Intel Corporation) S3 Disc Soft Lite Bus Service; D:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-06] (Disc Soft Ltd) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Arquivo não assinado] R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365048 2016-06-02] (Intel Corporation) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] () R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604312 2018-01-19] (McAfee, Inc.) R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_7\McApExe.exe [993256 2017-08-07] (McAfee, Inc.) R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [242640 2017-06-21] (McAfee, Inc.) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [394704 2017-06-21] (McAfee, Inc.) R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [350160 2017-06-21] (McAfee, Inc.) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1546904 2017-08-17] (McAfee, Inc.) R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility LLC) S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [521608 2018-02-21] (NVIDIA Corporation) R3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [521608 2018-02-21] (NVIDIA Corporation) S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2156864 2018-02-14] (Electronic Arts) R2 Origin Web Helper Service; D:\Program Files (x86)\Origin\OriginWebHelperService.exe [3026760 2018-02-14] (Electronic Arts) R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1043864 2017-07-31] (Intel Security, Inc.) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2017-03-17] () R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2017-03-17] () R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Arquivo não assinado] S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2017-08-08] (Microsoft Corporation) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado] R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [1068376 2017-10-26] (GAS Tecnologia LTDA) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-27] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103704 2017-10-08] (Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (Whitelisted) ====================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-08] () S3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110096 2016-04-18] (Advanced Micro Devices) R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77800 2017-06-26] (McAfee, Inc.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 DroidCam; C:\WINDOWS\system32\DRIVERS\droidcam.sys [33592 2015-05-24] (Dev47Apps) R3 DroidCamVideo; C:\WINDOWS\system32\DRIVERS\droidcamvideo.sys [230712 2015-05-24] (Windows (R) Win 7 DDK provider) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-02-14] (Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-02-14] (Disc Soft Ltd) S3 easytether; C:\WINDOWS\System32\drivers\easytthrx.sys [22728 2015-11-22] (Mobile Stream) S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [209608 2017-08-07] (McAfee, Inc.) R1 HWiNFO32; C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS [27552 2016-12-12] (REALiX(tm)) R2 McPvDrv; C:\WINDOWS\system32\drivers\McPvDrv.sys [88448 2017-05-26] (McAfee, Inc.) R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [487408 2017-06-26] (McAfee, Inc.) R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [355312 2017-06-26] (McAfee, Inc.) U3 mfeavfk01; não ImagePath S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [84544 2017-06-26] (McAfee, Inc.) R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [506352 2017-06-26] (McAfee, Inc.) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [933360 2017-06-26] (McAfee, Inc.) R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [504792 2017-06-27] (McAfee LLC.) S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [108504 2017-06-27] (McAfee LLC.) R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116208 2017-06-26] (McAfee, Inc.) R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.) R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [253424 2017-06-26] (McAfee, Inc.) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () S3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2016-07-16] (MediaTek Inc.) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvpcdi.inf_amd64_91b9e154ee4c4b99\nvlddmkm.sys [17524720 2018-02-26] (NVIDIA Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31624 2018-02-21] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-14] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59280 2018-02-21] (NVIDIA Corporation) S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [19032 2012-08-20] () S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12384 2012-08-20] () R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [947712 2017-01-17] (Realtek ) R3 RTCore64; D:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] () R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51288 2016-11-23] (Synaptics Incorporated) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) R3 uvhid; C:\WINDOWS\System32\drivers\uvhid.sys [27064 2016-07-06] (Windows (R) Win 7 DDK provider) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S3 WinRing0_1_2_0; D:\Program Files (x86)\TRIGONE\Remote System Monitor Server\RemoteSystemMonitorSensor.sys [14544 2017-11-09] (OpenLibSys.org) R3 wovad_micarray; C:\WINDOWS\system32\drivers\womic.sys [33112 2016-07-08] (Windows (R) Win 7 DDK provider) S1 wsddfac; C:\WINDOWS\System32\drivers\wsddfac.sys [28376 2018-03-10] (GAS Tecnologia) R1 wsddntf; C:\WINDOWS\system32\DRIVERS\wsddntf.sys [47176 2016-06-21] (GAS Tecnologia) S1 wsddpp; C:\WINDOWS\system32\drivers\wsddpp.sys [44624 2017-12-14] (GAS Tecnologia) R3 wsddprm; C:\WINDOWS\system32\drivers\wsddprm.sys [43608 2017-12-14] (GAS Tecnologia) U3 aswbdisk; não ImagePath S3 DrvAgent64; \??\C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS [X] S3 GPCIDrv; \??\D:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2018-03-13 00:45 - 2018-03-13 00:45 - 000031528 _____ C:\Users\newto\Desktop\FRST.txt 2018-03-12 23:35 - 2018-03-12 23:35 - 002402816 _____ (Farbar) C:\Users\newto\Desktop\FRST64.exe 2018-03-12 16:14 - 2018-03-12 16:14 - 000000980 _____ C:\Users\newto\Desktop\SystemLook.txt 2018-03-12 01:40 - 2018-03-12 15:49 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys 2018-03-12 01:38 - 2018-03-12 01:38 - 000000000 ____D C:\Users\Todos os Usuários\RogueKiller 2018-03-12 01:38 - 2018-03-12 01:38 - 000000000 ____D C:\ProgramData\RogueKiller 2018-03-12 01:28 - 2018-03-13 00:45 - 000000000 ____D C:\FRST 2018-03-11 19:32 - 2018-03-11 19:39 - 000000000 ____D C:\Users\newto\AppData\Roaming\ZHP 2018-03-11 19:32 - 2018-03-11 19:32 - 000000000 ____D C:\Users\newto\AppData\Local\ZHP 2018-03-11 19:25 - 2018-03-11 19:27 - 000000000 ____D C:\AdwCleaner 2018-03-11 19:20 - 2018-03-11 19:20 - 000000000 ____D C:\Windows10Upgrade 2018-03-11 19:16 - 2018-03-11 19:16 - 000004088 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-03-11 17:29 - 2018-03-11 17:29 - 000000000 ____D C:\Program Files\UNP 2018-03-11 17:15 - 2018-03-11 17:19 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2018-03-11 05:55 - 2018-03-11 17:13 - 000000000 ____D C:\Program Files\GridinSoft Anti-Malware 2018-03-11 05:55 - 2018-03-11 05:55 - 000000000 ____D C:\Users\Todos os Usuários\GridinSoft 2018-03-11 05:55 - 2018-03-11 05:55 - 000000000 ____D C:\ProgramData\GridinSoft 2018-03-11 05:42 - 2018-03-11 05:42 - 000001568 _____ C:\EsgInstallerResumeAction_5618b9ca69eec88e719112da87672fda 2018-03-11 04:21 - 2018-03-12 01:33 - 000000000 ____D C:\Program Files\Malwarebytes 2018-03-10 20:35 - 2018-03-10 20:35 - 000003214 _____ C:\WINDOWS\System32\Tasks\qFbxfDUevnccZZ 2018-03-10 20:35 - 2018-03-10 20:35 - 000003034 _____ C:\WINDOWS\System32\Tasks\WlbBJSMcknvngxNxC2 2018-03-10 20:35 - 2018-03-10 20:35 - 000003026 _____ C:\WINDOWS\System32\Tasks\dIxshjfnsDsrepSSqPt2 2018-03-10 20:35 - 2018-03-10 20:35 - 000003008 _____ C:\WINDOWS\System32\Tasks\dTRRfHQjsHOvbdt2 2018-03-10 20:35 - 2018-03-10 20:35 - 000000000 ____D C:\Users\newto\AppData\LocalLow\HHbsGmflFYCDR 2018-03-10 20:32 - 2018-03-10 20:32 - 000000000 ____D C:\WINDOWS\Panther 2018-03-10 20:32 - 2018-03-10 20:32 - 000000000 ____D C:\Users\Todos os Usuários\System Native 2018-03-10 20:32 - 2018-03-10 20:32 - 000000000 ____D C:\ProgramData\System Native 2018-03-10 20:27 - 2018-03-10 20:27 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys 2018-03-10 20:27 - 2018-03-10 20:27 - 000000000 ____D C:\Program Files\Common Files\AVAST Software 2018-03-10 20:24 - 2018-03-11 04:37 - 000000000 ____D C:\Users\newto\AppData\Roaming\1337 2018-03-10 20:24 - 2018-03-10 20:28 - 019778560 _____ C:\Users\Todos os Usuários\mun.zip 2018-03-10 20:24 - 2018-03-10 20:28 - 019778560 _____ C:\ProgramData\mun.zip 2018-03-10 20:22 - 2018-03-10 21:02 - 000003646 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask 2018-03-10 20:22 - 2018-03-10 20:41 - 000000000 ____D C:\Users\Todos os Usuários\AVAST Software 2018-03-10 20:22 - 2018-03-10 20:41 - 000000000 ____D C:\ProgramData\AVAST Software 2018-03-10 20:22 - 2018-03-10 20:22 - 000000000 ____D C:\Program Files\My Program 2018-03-10 20:20 - 2018-03-10 20:20 - 000003300 _____ C:\WINDOWS\System32\Tasks\cmdsvr 2018-03-10 20:19 - 2018-03-11 04:28 - 000000000 ____D C:\WinSys 2018-03-10 20:18 - 2018-03-10 20:18 - 000003882 _____ C:\WINDOWS\System32\Tasks\updater 2018-03-10 07:23 - 2018-03-10 07:23 - 000037093 _____ C:\WINDOWS\uninstaller.dat 2018-02-26 19:45 - 2018-02-26 19:45 - 000000000 ____D C:\Users\newto\AppData\Roaming\NVIDIA 2018-02-26 19:38 - 2018-03-11 19:17 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-02-26 19:38 - 2018-03-11 19:17 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-02-26 19:38 - 2018-03-11 19:16 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-02-26 19:38 - 2018-02-21 04:51 - 002464656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2018-02-26 19:38 - 2018-02-21 04:51 - 002121608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2018-02-26 19:38 - 2018-02-21 04:51 - 001310608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll 2018-02-26 19:38 - 2018-02-21 04:51 - 000059280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys 2018-02-26 19:38 - 2017-12-21 13:20 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2018-02-26 19:35 - 2018-01-23 20:32 - 000190960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2018-02-26 19:35 - 2018-01-23 20:32 - 000153584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2018-02-26 19:35 - 2017-12-14 23:03 - 000059240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys 2018-02-26 16:45 - 2018-02-26 16:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation 2018-02-26 16:45 - 2018-02-23 16:28 - 000136536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2018-02-26 16:45 - 2018-02-23 16:22 - 005953096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2018-02-26 16:45 - 2018-02-23 16:22 - 002587992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2018-02-26 16:45 - 2018-02-23 16:22 - 001768008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2018-02-26 16:45 - 2018-02-23 16:22 - 000633984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2018-02-26 16:45 - 2018-02-23 16:22 - 000451144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2018-02-26 16:45 - 2018-02-23 16:22 - 000122896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2018-02-26 16:45 - 2018-02-23 16:22 - 000081752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2018-02-26 16:45 - 2018-02-16 11:48 - 008083703 _____ C:\WINDOWS\system32\nvcoproc.bin 2018-02-26 16:45 - 2017-12-08 19:25 - 000798520 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2018-02-26 16:45 - 2017-12-08 19:25 - 000490808 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2018-02-26 16:45 - 2017-12-08 19:24 - 000928568 _____ C:\WINDOWS\system32\vulkan-1.dll 2018-02-26 16:45 - 2017-12-08 19:24 - 000591672 _____ C:\WINDOWS\system32\vulkaninfo.exe 2018-02-26 16:43 - 2018-02-26 00:46 - 000997736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2018-02-26 16:43 - 2018-02-26 00:46 - 000949280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2018-02-26 16:43 - 2018-02-26 00:46 - 000625696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2018-02-26 16:43 - 2018-02-26 00:46 - 000516128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2018-02-26 16:43 - 2018-02-26 00:44 - 019854816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2018-02-26 16:43 - 2018-02-26 00:44 - 016496072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2018-02-26 16:43 - 2018-02-26 00:44 - 013571008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2018-02-26 16:43 - 2018-02-26 00:44 - 011131688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2018-02-26 16:43 - 2018-02-26 00:44 - 004317160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2018-02-26 16:43 - 2018-02-26 00:44 - 003717432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2018-02-26 16:43 - 2018-02-26 00:44 - 001985384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439101.dll 2018-02-26 16:43 - 2018-02-26 00:44 - 001684000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439101.dll 2018-02-26 16:43 - 2018-02-26 00:44 - 001136944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2018-02-26 16:43 - 2018-02-26 00:44 - 001065880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2018-02-26 16:43 - 2018-02-26 00:44 - 000749416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll 2018-02-26 16:43 - 2018-02-26 00:44 - 000608344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2018-02-26 16:43 - 2018-02-26 00:43 - 040277488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2018-02-26 16:43 - 2018-02-26 00:43 - 035188640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2018-02-26 16:43 - 2018-02-26 00:43 - 001355408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll 2018-02-26 16:43 - 2018-02-26 00:43 - 001345944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2018-02-26 16:43 - 2018-02-26 00:43 - 001153752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2018-02-26 16:43 - 2018-02-26 00:43 - 001067368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll 2018-02-26 16:43 - 2018-02-26 00:43 - 000902280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2018-02-26 16:43 - 2018-02-26 00:43 - 000811992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2018-02-26 16:43 - 2018-02-26 00:43 - 000650424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2018-02-26 16:43 - 2018-02-26 00:43 - 000633040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll 2018-02-26 16:43 - 2018-02-26 00:42 - 012966216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2018-02-26 16:43 - 2018-02-26 00:42 - 011000480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2018-02-26 16:43 - 2018-02-26 00:42 - 004630848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2018-02-26 16:43 - 2018-02-26 00:42 - 003938208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2018-02-26 16:43 - 2018-02-26 00:42 - 001061352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2018-02-26 16:43 - 2018-02-25 19:11 - 001682288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll 2018-02-26 16:43 - 2018-02-25 19:11 - 000226760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2018-02-26 16:43 - 2018-02-25 19:11 - 000045600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll 2018-02-26 16:43 - 2018-02-24 01:36 - 000048407 _____ C:\WINDOWS\system32\nvinfo.pb 2018-02-17 05:35 - 2018-02-17 05:35 - 000000000 ____D C:\Users\newto\AppData\Local\Blizzard 2018-02-13 16:12 - 2018-02-10 02:00 - 002003288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2018-02-13 16:12 - 2018-02-10 02:00 - 001577816 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2018-02-13 16:12 - 2018-02-10 02:00 - 000758112 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2018-02-13 16:12 - 2018-02-10 02:00 - 000662872 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2018-02-13 16:12 - 2018-02-10 02:00 - 000613208 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2018-02-13 16:12 - 2018-02-10 02:00 - 000387416 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2018-02-13 16:12 - 2018-02-10 02:00 - 000270680 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2018-02-13 16:12 - 2018-02-10 02:00 - 000138072 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2018-02-13 16:12 - 2018-02-10 01:58 - 000460632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2018-02-13 16:12 - 2018-02-10 01:58 - 000035160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2018-02-13 16:12 - 2018-02-10 01:56 - 000603480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2018-02-13 16:12 - 2018-02-10 01:55 - 000199000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll 2018-02-13 16:12 - 2018-02-10 01:54 - 007813464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2018-02-13 16:12 - 2018-02-10 01:54 - 001355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2018-02-13 16:12 - 2018-02-10 01:54 - 001174552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2018-02-13 16:12 - 2018-02-10 01:53 - 002681712 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2018-02-13 16:12 - 2018-02-10 01:53 - 000434520 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2018-02-13 16:12 - 2018-02-10 01:52 - 000376664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2018-02-13 16:12 - 2018-02-10 01:51 - 000764904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2018-02-13 16:12 - 2018-02-10 01:51 - 000484192 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2018-02-13 16:12 - 2018-02-10 01:51 - 000409944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2018-02-13 16:12 - 2018-02-10 01:49 - 000328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2018-02-13 16:12 - 2018-02-10 01:48 - 007216560 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2018-02-13 16:12 - 2018-02-10 01:48 - 002760216 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2018-02-13 16:12 - 2018-02-10 01:48 - 001859728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2018-02-13 16:12 - 2018-02-10 01:48 - 001739064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2018-02-13 16:12 - 2018-02-10 01:48 - 001293144 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2018-02-13 16:12 - 2018-02-10 01:48 - 001157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2018-02-13 16:12 - 2018-02-10 01:47 - 002916720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2018-02-13 16:12 - 2018-02-10 01:47 - 002447208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2018-02-13 16:12 - 2018-02-10 01:47 - 001267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2018-02-13 16:12 - 2018-02-10 01:47 - 001095008 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2018-02-13 16:12 - 2018-02-10 01:47 - 000987488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2018-02-13 16:12 - 2018-02-10 01:47 - 000688480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2018-02-13 16:12 - 2018-02-10 01:47 - 000318776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2018-02-13 16:12 - 2018-02-10 01:46 - 022222936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2018-02-13 16:12 - 2018-02-10 01:46 - 008175744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2018-02-13 16:12 - 2018-02-10 01:46 - 004260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2018-02-13 16:12 - 2018-02-10 01:46 - 001848576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2018-02-13 16:12 - 2018-02-10 01:46 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2018-02-13 16:12 - 2018-02-10 01:46 - 001454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2018-02-13 16:12 - 2018-02-10 01:46 - 001277816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2018-02-13 16:12 - 2018-02-10 01:46 - 001072240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2018-02-13 16:12 - 2018-02-10 01:46 - 000092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2018-02-13 16:12 - 2018-02-10 01:45 - 004675376 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2018-02-13 16:12 - 2018-02-10 01:45 - 001600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2018-02-13 16:12 - 2018-02-10 01:45 - 000241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2018-02-13 16:12 - 2018-02-10 01:44 - 002529120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2018-02-13 16:12 - 2018-02-10 01:36 - 002049512 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2018-02-13 16:12 - 2018-02-10 01:32 - 000263464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2018-02-13 16:12 - 2018-02-10 01:31 - 001504568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2018-02-13 16:12 - 2018-02-10 01:31 - 001431696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2018-02-13 16:12 - 2018-02-10 01:30 - 005726408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2018-02-13 16:12 - 2018-02-10 01:30 - 002262768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2018-02-13 16:12 - 2018-02-10 01:30 - 001981280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2018-02-13 16:12 - 2018-02-10 01:30 - 000975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2018-02-13 16:12 - 2018-02-10 01:30 - 000861016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2018-02-13 16:12 - 2018-02-10 01:30 - 000581048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2018-02-13 16:12 - 2018-02-10 01:29 - 002169848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2018-02-13 16:12 - 2018-02-10 01:29 - 000846552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2018-02-13 16:12 - 2018-02-10 01:28 - 020969368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2018-02-13 16:12 - 2018-02-10 01:28 - 006677832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2018-02-13 16:12 - 2018-02-10 01:28 - 004023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2018-02-13 16:12 - 2018-02-10 01:28 - 001360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2018-02-13 16:12 - 2018-02-10 01:28 - 001344440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2018-02-13 16:12 - 2018-02-10 01:28 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2018-02-13 16:12 - 2018-02-10 01:28 - 000982400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2018-02-13 16:12 - 2018-02-10 01:28 - 000962760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2018-02-13 16:12 - 2018-02-10 01:27 - 004312752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2018-02-13 16:12 - 2018-02-10 01:23 - 022572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2018-02-13 16:12 - 2018-02-10 01:18 - 009130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2018-02-13 16:12 - 2018-02-10 01:18 - 000313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2018-02-13 16:12 - 2018-02-10 01:17 - 006288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2018-02-13 16:12 - 2018-02-10 01:16 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2018-02-13 16:12 - 2018-02-10 01:15 - 004615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2018-02-13 16:12 - 2018-02-10 01:15 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2018-02-13 16:12 - 2018-02-10 01:14 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll 2018-02-13 16:12 - 2018-02-10 01:14 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2018-02-13 16:12 - 2018-02-10 01:13 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2018-02-13 16:12 - 2018-02-10 01:13 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp 2018-02-13 16:12 - 2018-02-10 01:13 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll 2018-02-13 16:12 - 2018-02-10 01:13 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll 2018-02-13 16:12 - 2018-02-10 01:13 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll 2018-02-13 16:12 - 2018-02-10 01:13 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2018-02-13 16:12 - 2018-02-10 01:13 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2018-02-13 16:12 - 2018-02-10 01:12 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2018-02-13 16:12 - 2018-02-10 01:12 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp 2018-02-13 16:12 - 2018-02-10 01:12 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll 2018-02-13 16:12 - 2018-02-10 01:12 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2018-02-13 16:12 - 2018-02-10 01:12 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll 2018-02-13 16:12 - 2018-02-10 01:12 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll 2018-02-13 16:12 - 2018-02-10 01:12 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll 2018-02-13 16:12 - 2018-02-10 01:12 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll 2018-02-13 16:12 - 2018-02-10 01:11 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2018-02-13 16:12 - 2018-02-10 01:11 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2018-02-13 16:12 - 2018-02-10 01:11 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll 2018-02-13 16:12 - 2018-02-10 01:11 - 000406016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll 2018-02-13 16:12 - 2018-02-10 01:11 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll 2018-02-13 16:12 - 2018-02-10 01:11 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll 2018-02-13 16:12 - 2018-02-10 01:11 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2018-02-13 16:12 - 2018-02-10 01:11 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll 2018-02-13 16:12 - 2018-02-10 01:11 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll 2018-02-13 16:12 - 2018-02-10 01:11 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll 2018-02-13 16:12 - 2018-02-10 01:11 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2018-02-13 16:12 - 2018-02-10 01:11 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2018-02-13 16:12 - 2018-02-10 01:11 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys 2018-02-13 16:12 - 2018-02-10 01:11 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll 2018-02-13 16:12 - 2018-02-10 01:11 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2018-02-13 16:12 - 2018-02-10 01:11 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll 2018-02-13 16:12 - 2018-02-10 01:11 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll 2018-02-13 16:12 - 2018-02-10 01:10 - 007627264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2018-02-13 16:12 - 2018-02-10 01:10 - 003778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2018-02-13 16:12 - 2018-02-10 01:10 - 000670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll 2018-02-13 16:12 - 2018-02-10 01:10 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll 2018-02-13 16:12 - 2018-02-10 01:10 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll 2018-02-13 16:12 - 2018-02-10 01:10 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll 2018-02-13 16:12 - 2018-02-10 01:10 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll 2018-02-13 16:12 - 2018-02-10 01:10 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll 2018-02-13 16:12 - 2018-02-10 01:10 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll 2018-02-13 16:12 - 2018-02-10 01:10 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2018-02-13 16:12 - 2018-02-10 01:10 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll 2018-02-13 16:12 - 2018-02-10 01:10 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll 2018-02-13 16:12 - 2018-02-10 01:10 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2018-02-13 16:12 - 2018-02-10 01:10 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2018-02-13 16:12 - 2018-02-10 01:10 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2018-02-13 16:12 - 2018-02-10 01:10 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2018-02-13 16:12 - 2018-02-10 01:10 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll 2018-02-13 16:12 - 2018-02-10 01:10 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2018-02-13 16:12 - 2018-02-10 01:10 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll 2018-02-13 16:12 - 2018-02-10 01:10 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll 2018-02-13 16:12 - 2018-02-10 01:10 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2018-02-13 16:12 - 2018-02-10 01:10 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll 2018-02-13 16:12 - 2018-02-10 01:10 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll 2018-02-13 16:12 - 2018-02-10 01:10 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2018-02-13 16:12 - 2018-02-10 01:10 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll 2018-02-13 16:12 - 2018-02-10 01:10 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll 2018-02-13 16:12 - 2018-02-10 01:10 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll 2018-02-13 16:12 - 2018-02-10 01:09 - 018366976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2018-02-13 16:12 - 2018-02-10 01:09 - 003307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2018-02-13 16:12 - 2018-02-10 01:09 - 001639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll 2018-02-13 16:12 - 2018-02-10 01:09 - 001589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll 2018-02-13 16:12 - 2018-02-10 01:09 - 000712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2018-02-13 16:12 - 2018-02-10 01:09 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2018-02-13 16:12 - 2018-02-10 01:09 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll 2018-02-13 16:12 - 2018-02-10 01:09 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll 2018-02-13 16:12 - 2018-02-10 01:09 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll 2018-02-13 16:12 - 2018-02-10 01:09 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll 2018-02-13 16:12 - 2018-02-10 01:09 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2018-02-13 16:12 - 2018-02-10 01:09 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2018-02-13 16:12 - 2018-02-10 01:09 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2018-02-13 16:12 - 2018-02-10 01:09 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2018-02-13 16:12 - 2018-02-10 01:09 - 000325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll 2018-02-13 16:12 - 2018-02-10 01:09 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2018-02-13 16:12 - 2018-02-10 01:09 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll 2018-02-13 16:12 - 2018-02-10 01:09 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll 2018-02-13 16:12 - 2018-02-10 01:09 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll 2018-02-13 16:12 - 2018-02-10 01:08 - 023676416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2018-02-13 16:12 - 2018-02-10 01:08 - 019414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2018-02-13 16:12 - 2018-02-10 01:08 - 012201984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2018-02-13 16:12 - 2018-02-10 01:08 - 001790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2018-02-13 16:12 - 2018-02-10 01:08 - 001321984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll 2018-02-13 16:12 - 2018-02-10 01:08 - 001105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll 2018-02-13 16:12 - 2018-02-10 01:08 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2018-02-13 16:12 - 2018-02-10 01:08 - 000442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll 2018-02-13 16:12 - 2018-02-10 01:08 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll 2018-02-13 16:12 - 2018-02-10 01:08 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll 2018-02-13 16:12 - 2018-02-10 01:08 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll 2018-02-13 16:12 - 2018-02-10 01:07 - 001908736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2018-02-13 16:12 - 2018-02-10 01:07 - 001078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2018-02-13 16:12 - 2018-02-10 01:07 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2018-02-13 16:12 - 2018-02-10 01:07 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll 2018-02-13 16:12 - 2018-02-10 01:07 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2018-02-13 16:12 - 2018-02-10 01:07 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll 2018-02-13 16:12 - 2018-02-10 01:07 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2018-02-13 16:12 - 2018-02-10 01:07 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll 2018-02-13 16:12 - 2018-02-10 01:06 - 008077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2018-02-13 16:12 - 2018-02-10 01:06 - 007470592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2018-02-13 16:12 - 2018-02-10 01:06 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2018-02-13 16:12 - 2018-02-10 01:06 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2018-02-13 16:12 - 2018-02-10 01:06 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll 2018-02-13 16:12 - 2018-02-10 01:06 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll 2018-02-13 16:12 - 2018-02-10 01:06 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe 2018-02-13 16:12 - 2018-02-10 01:05 - 013101056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2018-02-13 16:12 - 2018-02-10 01:05 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll 2018-02-13 16:12 - 2018-02-10 01:05 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2018-02-13 16:12 - 2018-02-10 01:05 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2018-02-13 16:12 - 2018-02-10 01:05 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll 2018-02-13 16:12 - 2018-02-10 01:05 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2018-02-13 16:12 - 2018-02-10 01:05 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll 2018-02-13 16:12 - 2018-02-10 01:05 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2018-02-13 16:12 - 2018-02-10 01:05 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll 2018-02-13 16:12 - 2018-02-10 01:05 - 000464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2018-02-13 16:12 - 2018-02-10 01:05 - 000390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2018-02-13 16:12 - 2018-02-10 01:05 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll 2018-02-13 16:12 - 2018-02-10 01:05 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2018-02-13 16:12 - 2018-02-10 01:05 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll 2018-02-13 16:12 - 2018-02-10 01:05 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2018-02-13 16:12 - 2018-02-10 01:05 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll 2018-02-13 16:12 - 2018-02-10 01:05 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2018-02-13 16:12 - 2018-02-10 01:04 - 004749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2018-02-13 16:12 - 2018-02-10 01:04 - 003521536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2018-02-13 16:12 - 2018-02-10 01:04 - 001779200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2018-02-13 16:12 - 2018-02-10 01:04 - 001586688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2018-02-13 16:12 - 2018-02-10 01:04 - 001221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2018-02-13 16:12 - 2018-02-10 01:04 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2018-02-13 16:12 - 2018-02-10 01:04 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll 2018-02-13 16:12 - 2018-02-10 01:04 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2018-02-13 16:12 - 2018-02-10 01:04 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll 2018-02-13 16:12 - 2018-02-10 01:04 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2018-02-13 16:12 - 2018-02-10 01:04 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll 2018-02-13 16:12 - 2018-02-10 01:04 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2018-02-13 16:12 - 2018-02-10 01:04 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2018-02-13 16:12 - 2018-02-10 01:04 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2018-02-13 16:12 - 2018-02-10 01:04 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2018-02-13 16:12 - 2018-02-10 01:04 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll 2018-02-13 16:12 - 2018-02-10 01:04 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll 2018-02-13 16:12 - 2018-02-10 01:04 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll 2018-02-13 16:12 - 2018-02-10 01:04 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll 2018-02-13 16:12 - 2018-02-10 01:04 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2018-02-13 16:12 - 2018-02-10 01:04 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll 2018-02-13 16:12 - 2018-02-10 01:04 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll 2018-02-13 16:12 - 2018-02-10 01:04 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2018-02-13 16:12 - 2018-02-10 01:04 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll 2018-02-13 16:12 - 2018-02-10 01:04 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll 2018-02-13 16:12 - 2018-02-10 01:04 - 000168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll 2018-02-13 16:12 - 2018-02-10 01:04 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll 2018-02-13 16:12 - 2018-02-10 01:04 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2018-02-13 16:12 - 2018-02-10 01:03 - 008128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2018-02-13 16:12 - 2018-02-10 01:03 - 004596736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2018-02-13 16:12 - 2018-02-10 01:03 - 001247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2018-02-13 16:12 - 2018-02-10 01:03 - 001184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2018-02-13 16:12 - 2018-02-10 01:03 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll 2018-02-13 16:12 - 2018-02-10 01:03 - 001146880 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2018-02-13 16:12 - 2018-02-10 01:03 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll 2018-02-13 16:12 - 2018-02-10 01:03 - 000858624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2018-02-13 16:12 - 2018-02-10 01:03 - 000819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll 2018-02-13 16:12 - 2018-02-10 01:03 - 000761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll 2018-02-13 16:12 - 2018-02-10 01:03 - 000672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll 2018-02-13 16:12 - 2018-02-10 01:03 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2018-02-13 16:12 - 2018-02-10 01:03 - 000634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2018-02-13 16:12 - 2018-02-10 01:03 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll 2018-02-13 16:12 - 2018-02-10 01:03 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll 2018-02-13 16:12 - 2018-02-10 01:03 - 000437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll 2018-02-13 16:12 - 2018-02-10 01:03 - 000400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2018-02-13 16:12 - 2018-02-10 01:03 - 000357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll 2018-02-13 16:12 - 2018-02-10 01:03 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll 2018-02-13 16:12 - 2018-02-10 01:03 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2018-02-13 16:12 - 2018-02-10 01:03 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2018-02-13 16:12 - 2018-02-10 01:03 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll 2018-02-13 16:12 - 2018-02-10 01:03 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2018-02-13 16:12 - 2018-02-10 01:03 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll 2018-02-13 16:12 - 2018-02-10 01:03 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2018-02-13 16:12 - 2018-02-10 01:02 - 006065664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2018-02-13 16:12 - 2018-02-10 01:02 - 001917440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2018-02-13 16:12 - 2018-02-10 01:02 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2018-02-13 16:12 - 2018-02-10 01:02 - 000968704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2018-02-13 16:12 - 2018-02-10 01:02 - 000967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll 2018-02-13 16:12 - 2018-02-10 01:02 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll 2018-02-13 16:12 - 2018-02-10 01:02 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll 2018-02-13 16:12 - 2018-02-10 01:02 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2018-02-13 16:12 - 2018-02-10 01:02 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll 2018-02-13 16:12 - 2018-02-10 01:02 - 000788480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll 2018-02-13 16:12 - 2018-02-10 01:02 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2018-02-13 16:12 - 2018-02-10 01:02 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2018-02-13 16:12 - 2018-02-10 01:02 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll 2018-02-13 16:12 - 2018-02-10 01:02 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2018-02-13 16:12 - 2018-02-10 01:02 - 000413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2018-02-13 16:12 - 2018-02-10 01:02 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll 2018-02-13 16:12 - 2018-02-10 01:02 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll 2018-02-13 16:12 - 2018-02-10 01:02 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll 2018-02-13 16:12 - 2018-02-10 01:02 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll 2018-02-13 16:12 - 2018-02-10 01:01 - 005611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2018-02-13 16:12 - 2018-02-10 01:01 - 005061632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2018-02-13 16:12 - 2018-02-10 01:01 - 004136960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2018-02-13 16:12 - 2018-02-10 01:01 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2018-02-13 16:12 - 2018-02-10 01:01 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll 2018-02-13 16:12 - 2018-02-10 01:01 - 001709568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2018-02-13 16:12 - 2018-02-10 01:01 - 001600512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2018-02-13 16:12 - 2018-02-10 01:01 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2018-02-13 16:12 - 2018-02-10 01:01 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 004754432 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 004476416 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 004149760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 003369984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 002998784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2018-02-13 16:12 - 2018-02-10 01:00 - 002919936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 002896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 002852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 002695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 002682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 002649600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 002512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 002483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 002097664 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2018-02-13 16:12 - 2018-02-10 01:00 - 002030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2018-02-13 16:12 - 2018-02-10 01:00 - 001985024 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 001518080 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2018-02-13 16:12 - 2018-02-10 01:00 - 001359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 001328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 001013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 001004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 000901632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 000779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2018-02-13 16:12 - 2018-02-10 00:59 - 003736064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2018-02-13 16:12 - 2018-02-10 00:59 - 003617280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2018-02-13 16:12 - 2018-02-10 00:59 - 003542528 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2018-02-13 16:12 - 2018-02-10 00:59 - 001577984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2018-02-13 16:12 - 2018-02-10 00:59 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2018-02-13 16:12 - 2018-02-10 00:59 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2018-02-13 16:12 - 2018-02-10 00:59 - 000858624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll 2018-02-13 16:12 - 2018-02-10 00:59 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2018-02-13 16:12 - 2018-02-10 00:59 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2018-02-13 16:12 - 2018-02-10 00:59 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll 2018-02-13 16:12 - 2018-02-10 00:59 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2018-02-13 16:12 - 2018-02-10 00:59 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2018-02-13 16:12 - 2018-02-10 00:59 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2018-02-13 16:12 - 2018-02-10 00:59 - 000709632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2018-02-13 16:12 - 2018-02-10 00:59 - 000693760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2018-02-13 16:12 - 2018-02-10 00:59 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll 2018-02-13 16:12 - 2018-02-10 00:59 - 000611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll 2018-02-13 16:12 - 2018-02-10 00:59 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2018-02-13 16:12 - 2018-02-10 00:59 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2018-02-13 16:12 - 2018-02-10 00:59 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll 2018-02-13 16:12 - 2018-02-10 00:59 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll 2018-02-13 16:12 - 2018-02-10 00:58 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2018-02-13 16:12 - 2018-02-10 00:58 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll 2018-02-13 16:12 - 2018-02-10 00:58 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll 2018-02-13 16:12 - 2018-02-10 00:41 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2018-02-13 16:12 - 2018-01-17 05:27 - 005691000 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll 2018-02-13 16:12 - 2018-01-12 00:49 - 004756600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll 2018-02-13 16:12 - 2016-08-06 00:47 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2018-02-13 16:12 - 2016-08-06 00:45 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2018-02-13 16:12 - 2016-08-06 00:45 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2018-02-13 16:12 - 2016-08-06 00:44 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2018-02-13 16:11 - 2018-02-10 02:00 - 000245088 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2018-02-13 16:11 - 2018-02-10 02:00 - 000069976 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll 2018-02-13 16:11 - 2018-02-10 01:58 - 000590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2018-02-13 16:11 - 2018-02-10 01:54 - 001051616 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2018-02-13 16:11 - 2018-02-10 01:54 - 000894640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2018-02-13 16:11 - 2018-02-10 01:54 - 000191832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys 2018-02-13 16:11 - 2018-02-10 01:54 - 000100696 _____ (Microsoft Corporation) C:\WINDOWS\system32\apisetschema.dll 2018-02-13 16:11 - 2018-02-10 01:54 - 000037720 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_0C_8086.dll 2018-02-13 16:11 - 2018-02-10 01:53 - 000485640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2018-02-13 16:11 - 2018-02-10 01:52 - 000468312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2018-02-13 16:11 - 2018-02-10 01:50 - 001000792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2018-02-13 16:11 - 2018-02-10 01:48 - 000360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2018-02-13 16:11 - 2018-02-10 01:48 - 000036696 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkPS.dll 2018-02-13 16:11 - 2018-02-10 01:47 - 000948568 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi 2018-02-13 16:11 - 2018-02-10 01:47 - 000812888 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2018-02-13 16:11 - 2018-02-10 01:47 - 000342448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2018-02-13 16:11 - 2018-02-10 01:47 - 000144736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2018-02-13 16:11 - 2018-02-10 01:47 - 000130904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys 2018-02-13 16:11 - 2018-02-10 01:47 - 000070288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2018-02-13 16:11 - 2018-02-10 01:47 - 000022336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll 2018-02-13 16:11 - 2018-02-10 01:46 - 000534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2018-02-13 16:11 - 2018-02-10 01:46 - 000418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2018-02-13 16:11 - 2018-02-10 01:46 - 000369360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2018-02-13 16:11 - 2018-02-10 01:46 - 000244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2018-02-13 16:11 - 2018-02-10 01:45 - 000743216 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2018-02-13 16:11 - 2018-02-10 01:45 - 000523704 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll 2018-02-13 16:11 - 2018-02-10 01:45 - 000160088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll 2018-02-13 16:11 - 2018-02-10 01:45 - 000089408 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2018-02-13 16:11 - 2018-02-10 01:31 - 000025432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFrameworkPS.dll 2018-02-13 16:11 - 2018-02-10 01:30 - 000272712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2018-02-13 16:11 - 2018-02-10 01:29 - 000139096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2018-02-13 16:11 - 2018-02-10 01:29 - 000059936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll 2018-02-13 16:11 - 2018-02-10 01:28 - 000487104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2018-02-13 16:11 - 2018-02-10 01:28 - 000382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2018-02-13 16:11 - 2018-02-10 01:28 - 000121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2018-02-13 16:11 - 2018-02-10 01:28 - 000076464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2018-02-13 16:11 - 2018-02-10 01:16 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll 2018-02-13 16:11 - 2018-02-10 01:16 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2018-02-13 16:11 - 2018-02-10 01:15 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll 2018-02-13 16:11 - 2018-02-10 01:15 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfp.dll 2018-02-13 16:11 - 2018-02-10 01:15 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe 2018-02-13 16:11 - 2018-02-10 01:15 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2018-02-13 16:11 - 2018-02-10 01:15 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2018-02-13 16:11 - 2018-02-10 01:14 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accountaccessor.dll 2018-02-13 16:11 - 2018-02-10 01:14 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll 2018-02-13 16:11 - 2018-02-10 01:14 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll 2018-02-13 16:11 - 2018-02-10 01:14 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2018-02-13 16:11 - 2018-02-10 01:13 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2018-02-13 16:11 - 2018-02-10 01:13 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll 2018-02-13 16:11 - 2018-02-10 01:13 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll 2018-02-13 16:11 - 2018-02-10 01:13 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll 2018-02-13 16:11 - 2018-02-10 01:13 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll 2018-02-13 16:11 - 2018-02-10 01:13 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll 2018-02-13 16:11 - 2018-02-10 01:13 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInputUap.dll 2018-02-13 16:11 - 2018-02-10 01:13 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys 2018-02-13 16:11 - 2018-02-10 01:13 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll 2018-02-13 16:11 - 2018-02-10 01:13 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll 2018-02-13 16:11 - 2018-02-10 01:12 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll 2018-02-13 16:11 - 2018-02-10 01:12 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\syncutil.dll 2018-02-13 16:11 - 2018-02-10 01:12 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll 2018-02-13 16:11 - 2018-02-10 01:12 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll 2018-02-13 16:11 - 2018-02-10 01:12 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbeio.dll 2018-02-13 16:11 - 2018-02-10 01:12 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll 2018-02-13 16:11 - 2018-02-10 01:12 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbeio.dll 2018-02-13 16:11 - 2018-02-10 01:12 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll 2018-02-13 16:11 - 2018-02-10 01:12 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll 2018-02-13 16:11 - 2018-02-10 01:12 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2018-02-13 16:11 - 2018-02-10 01:12 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll 2018-02-13 16:11 - 2018-02-10 01:12 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll 2018-02-13 16:11 - 2018-02-10 01:12 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2018-02-13 16:11 - 2018-02-10 01:12 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe 2018-02-13 16:11 - 2018-02-10 01:11 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll 2018-02-13 16:11 - 2018-02-10 01:11 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll 2018-02-13 16:11 - 2018-02-10 01:11 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll 2018-02-13 16:11 - 2018-02-10 01:11 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll 2018-02-13 16:11 - 2018-02-10 01:11 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2018-02-13 16:11 - 2018-02-10 01:11 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2018-02-13 16:11 - 2018-02-10 01:11 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2018-02-13 16:11 - 2018-02-10 01:11 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll 2018-02-13 16:11 - 2018-02-10 01:11 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll 2018-02-13 16:11 - 2018-02-10 01:10 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll 2018-02-13 16:11 - 2018-02-10 01:10 - 000418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2018-02-13 16:11 - 2018-02-10 01:10 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2018-02-13 16:11 - 2018-02-10 01:10 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll 2018-02-13 16:11 - 2018-02-10 01:10 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll 2018-02-13 16:11 - 2018-02-10 01:10 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll 2018-02-13 16:11 - 2018-02-10 01:09 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll 2018-02-13 16:11 - 2018-02-10 01:09 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll 2018-02-13 16:11 - 2018-02-10 01:09 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll 2018-02-13 16:11 - 2018-02-10 01:09 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll 2018-02-13 16:11 - 2018-02-10 01:09 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll 2018-02-13 16:11 - 2018-02-10 01:09 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll 2018-02-13 16:11 - 2018-02-10 01:08 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll 2018-02-13 16:11 - 2018-02-10 01:07 - 000493056 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll 2018-02-13 16:11 - 2018-02-10 01:07 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll 2018-02-13 16:11 - 2018-02-10 01:07 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll 2018-02-13 16:11 - 2018-02-10 01:06 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll 2018-02-13 16:11 - 2018-02-10 01:05 - 000741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll 2018-02-13 16:11 - 2018-02-10 01:05 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll 2018-02-13 16:11 - 2018-02-10 01:05 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll 2018-02-13 16:11 - 2018-02-10 01:05 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll 2018-02-13 16:11 - 2018-02-10 01:05 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll 2018-02-13 16:11 - 2018-02-10 01:05 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2018-02-13 16:11 - 2018-02-10 01:05 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll 2018-02-13 16:11 - 2018-02-10 01:05 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll 2018-02-13 16:11 - 2018-02-10 01:05 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll 2018-02-13 16:11 - 2018-02-10 01:05 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll 2018-02-13 16:11 - 2018-02-10 01:04 - 000307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll 2018-02-13 16:11 - 2018-02-10 01:04 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll 2018-02-13 16:11 - 2018-02-10 01:04 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll 2018-02-13 16:11 - 2018-02-10 01:04 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSSessionUX.dll 2018-02-13 16:11 - 2018-02-10 01:03 - 001293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll 2018-02-13 16:11 - 2018-02-10 01:03 - 001231360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll 2018-02-13 16:11 - 2018-02-10 01:03 - 000620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2018-02-13 16:11 - 2018-02-10 01:03 - 000441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll 2018-02-13 16:11 - 2018-02-10 01:03 - 000320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2018-02-13 16:11 - 2018-02-10 01:03 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFrameworkInternalPS.dll 2018-02-13 16:11 - 2018-02-10 01:02 - 000592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe 2018-02-13 16:11 - 2018-02-10 01:02 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2018-02-13 16:11 - 2018-02-10 01:02 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2018-02-13 16:11 - 2018-02-10 01:02 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2018-02-13 16:11 - 2018-02-10 01:00 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll 2018-02-13 16:11 - 2018-02-10 01:00 - 001266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2018-02-13 16:11 - 2018-02-10 01:00 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2018-02-13 16:11 - 2018-02-10 00:58 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe 2018-02-13 16:11 - 2018-02-10 00:58 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll 2018-02-13 16:11 - 2018-02-10 00:58 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll 2018-02-13 16:11 - 2018-02-10 00:57 - 000119808 ____R (Microsoft Corporation) C:\WINDOWS\system32\SecureAssessmentHandlers.dll 2018-02-13 16:11 - 2018-02-10 00:57 - 000096768 ____R (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.SecureAssessment.CfgProvider.dll 2018-02-13 16:11 - 2018-01-17 05:27 - 001341560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll 2018-02-13 16:11 - 2018-01-17 05:27 - 001049208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll 2018-02-13 16:11 - 2018-01-17 05:27 - 000934520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll 2018-02-13 16:11 - 2018-01-17 05:27 - 000078448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll 2018-02-13 16:11 - 2018-01-12 00:49 - 001007216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll 2018-02-13 16:11 - 2018-01-12 00:49 - 000854136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll 2018-02-13 16:11 - 2018-01-12 00:49 - 000694384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll 2018-02-13 16:11 - 2018-01-12 00:49 - 000066680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2018-03-13 00:45 - 2015-08-31 13:31 - 000000000 ____D C:\Users\newto\AppData\Roaming\NetSpeedMonitor 2018-03-13 00:43 - 2015-08-31 13:40 - 000000000 ____D C:\Users\newto\AppData\Roaming\TS3Client 2018-03-12 23:28 - 2017-03-22 05:06 - 000000000 ____D C:\Users\newto\AppData\Roaming\obs-studio 2018-03-12 19:58 - 2017-04-27 21:19 - 000000000 ____D C:\Users\newto\AppData\Local\Deployment 2018-03-12 19:42 - 2016-08-30 13:37 - 000000000 ____D C:\Users\Todos os Usuários\NVIDIA 2018-03-12 19:42 - 2016-08-30 13:37 - 000000000 ____D C:\ProgramData\NVIDIA 2018-03-12 19:35 - 2016-08-04 14:42 - 000003316 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E2C5E6EE-86A8-44BB-A49D-889B5BF25DFE} 2018-03-12 19:25 - 2016-08-19 15:01 - 000000000 ____D C:\Users\Todos os Usuários\Unified Remote 2018-03-12 19:25 - 2016-08-19 15:01 - 000000000 ____D C:\ProgramData\Unified Remote 2018-03-12 19:18 - 2016-08-04 14:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-03-12 16:22 - 2016-07-16 08:45 - 000000000 ____D C:\WINDOWS\INF 2018-03-12 16:19 - 2018-02-01 17:33 - 000000000 ____D C:\Users\newto\AppData\Roaming\Origin 2018-03-12 16:19 - 2015-08-31 13:26 - 000000000 ____D C:\Users\Todos os Usuários\Origin 2018-03-12 16:19 - 2015-08-31 13:26 - 000000000 ____D C:\ProgramData\Origin 2018-03-12 16:18 - 2017-12-09 18:01 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-03-12 16:18 - 2017-01-30 16:22 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2018-03-12 16:18 - 2017-01-19 15:36 - 000000000 ____D C:\Temp 2018-03-12 15:46 - 2016-07-16 20:10 - 004731968 _____ C:\WINDOWS\system32\prfh0416.dat 2018-03-12 15:46 - 2016-07-16 20:10 - 004207942 _____ C:\WINDOWS\system32\prfc0416.dat 2018-03-12 15:46 - 2015-08-31 13:12 - 018973216 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-03-12 15:40 - 2016-08-04 14:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-03-12 06:00 - 2016-07-16 03:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2018-03-12 02:33 - 2016-07-31 15:56 - 000000000 ____D C:\Users\newto\AppData\Local\Spotify 2018-03-12 02:33 - 2016-07-31 15:54 - 000000000 ____D C:\Users\newto\AppData\Roaming\Spotify 2018-03-12 02:00 - 2015-09-11 17:27 - 000000000 ____D C:\Users\newto\AppData\Local\Adobe 2018-03-12 01:33 - 2015-10-10 04:29 - 009089024 ___SH C:\Users\newto\Desktop\Thumbs.db 2018-03-12 01:31 - 2015-10-20 16:04 - 000000000 ____D C:\Users\newto\AppData\LocalLow\Temp 2018-03-11 19:42 - 2016-08-10 15:44 - 000000000 ____D C:\Users\Todos os Usuários\Malwarebytes 2018-03-11 19:42 - 2016-08-10 15:44 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-03-11 19:20 - 2018-01-26 16:01 - 000000822 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk 2018-03-11 19:19 - 2016-08-04 14:34 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2018-03-11 19:17 - 2016-08-04 14:34 - 000000000 ____D C:\Users\Todos os Usuários\NVIDIA Corporation 2018-03-11 19:17 - 2016-08-04 14:34 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2018-03-11 19:15 - 2017-12-20 15:32 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-03-11 19:15 - 2017-12-20 15:32 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-03-11 19:15 - 2017-12-20 15:32 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-03-11 19:15 - 2017-12-20 15:32 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-03-11 19:15 - 2016-08-04 14:34 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2018-03-11 17:37 - 2015-08-31 13:29 - 000000000 ____D C:\Users\newto\AppData\Roaming\uTorrent 2018-03-11 17:20 - 2015-09-01 14:49 - 000000000 ____D C:\WINDOWS\pss 2018-03-11 17:18 - 2015-12-22 19:58 - 000000000 ____D C:\Users\newto\AppData\Local\CrashDumps 2018-03-11 06:29 - 2015-08-31 13:49 - 000000000 ____D C:\Users\newto\AppData\Roaming\DAEMON Tools Lite 2018-03-11 05:57 - 2016-02-22 14:35 - 000002310 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-03-11 05:57 - 2016-02-22 14:35 - 000002269 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-03-11 05:54 - 2016-11-21 08:10 - 000000000 ____D C:\Users\newto\AppData\LocalLow\Mozilla 2018-03-11 05:11 - 2016-08-04 14:37 - 000000000 ____D C:\Users\newto 2018-03-11 04:48 - 2016-07-16 08:47 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-03-11 04:22 - 2015-09-12 17:14 - 000007595 _____ C:\Users\newto\AppData\Local\Resmon.ResmonCfg 2018-03-10 20:58 - 2017-05-22 18:27 - 000028376 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys 2018-03-10 20:45 - 2016-07-16 08:36 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-03-10 20:24 - 2016-07-16 08:47 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2018-03-10 20:20 - 2015-08-31 13:07 - 000000000 ____D C:\Users\newto\AppData\Roaming\Adobe 2018-03-10 20:19 - 2017-12-20 16:22 - 000000976 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2018-03-10 20:19 - 2017-12-20 16:22 - 000000964 _____ C:\Users\Public\Desktop\Firefox.lnk 2018-03-10 20:19 - 2015-07-10 08:04 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2018-03-10 19:17 - 2017-04-29 18:34 - 000000000 ____D C:\Users\newto\AppData\Roaming\MPC-HC 2018-03-10 18:35 - 2015-08-31 14:09 - 000226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe 2018-03-10 18:35 - 2015-08-31 14:09 - 000214392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0 2018-03-09 21:47 - 2016-07-16 08:47 - 000000000 ___HD C:\Program Files\WindowsApps 2018-03-08 22:46 - 2015-11-03 18:30 - 000000000 ____D C:\Users\newto\AppData\Roaming\Free Download Manager 2018-02-26 19:40 - 2015-08-31 13:14 - 000000000 ____D C:\Users\newto\AppData\Local\NVIDIA Corporation 2018-02-26 19:38 - 2016-11-04 20:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2018-02-26 19:38 - 2016-07-06 18:06 - 000000000 ____D C:\Users\newto\AppData\Local\NVIDIA 2018-02-26 16:45 - 2017-12-20 15:20 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2018-02-26 16:45 - 2016-07-16 08:47 - 000000000 ____D C:\WINDOWS\Help 2018-02-21 23:19 - 2015-10-28 14:59 - 000000000 ____D C:\Users\newto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2018-02-21 21:39 - 2018-01-09 01:03 - 000000000 ____D C:\Users\newto\AppData\Local\FiveM 2018-02-21 04:11 - 2017-05-14 05:15 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat 2018-02-17 21:42 - 2016-02-26 18:42 - 000000000 ____D C:\Users\newto\AppData\Local\SKIDROW 2018-02-17 05:34 - 2015-09-25 22:36 - 000000000 ____D C:\Users\newto\AppData\Local\Ubisoft Game Launcher 2018-02-15 15:04 - 2016-07-16 08:47 - 000000000 ____D C:\WINDOWS\rescache 2018-02-14 10:56 - 2018-02-01 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2018-02-14 10:51 - 2018-02-01 17:33 - 000000000 ____D C:\Program Files (x86)\Origin 2018-02-13 17:18 - 2015-08-31 13:07 - 000000000 __RHD C:\Users\Public\AccountPictures 2018-02-13 17:17 - 2016-08-04 14:32 - 004966960 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2018-02-13 17:14 - 2016-07-16 08:47 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2018-02-13 17:14 - 2016-07-16 08:47 - 000000000 ___SD C:\WINDOWS\system32\F12 2018-02-13 17:14 - 2016-07-16 08:47 - 000000000 ___RD C:\WINDOWS\PrintDialog 2018-02-13 17:14 - 2016-07-16 08:47 - 000000000 ___RD C:\WINDOWS\MiracastView 2018-02-13 17:14 - 2016-07-16 08:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2018-02-13 17:14 - 2016-07-16 08:47 - 000000000 ____D C:\WINDOWS\system32\oobe 2018-02-13 17:14 - 2016-07-16 08:47 - 000000000 ____D C:\WINDOWS\system32\appraiser 2018-02-13 17:14 - 2016-07-16 08:47 - 000000000 ____D C:\WINDOWS\ShellExperiences 2018-02-13 17:14 - 2016-07-16 08:47 - 000000000 ____D C:\WINDOWS\bcastdvr 2018-02-13 17:14 - 2016-07-16 08:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2018-02-13 17:14 - 2016-07-16 08:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2018-02-13 16:15 - 2015-09-01 14:10 - 000000000 ____D C:\WINDOWS\system32\MRT 2018-02-13 16:13 - 2017-10-12 13:57 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2018-02-13 16:13 - 2015-09-01 14:10 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Arquivos na raiz de alguns diretórios ======= 2015-09-29 17:46 - 2015-09-29 17:46 - 000000120 _____ () C:\Users\newto\AppData\Roaming\0da6f085.dat 2016-12-23 16:07 - 2016-12-23 17:07 - 000000132 _____ () C:\Users\newto\AppData\Roaming\Adobe PNG Format CS5 Prefs 2017-03-01 00:52 - 2018-01-31 19:42 - 000000132 _____ () C:\Users\newto\AppData\Roaming\Adobe PNG Format CS6 Prefs 2016-08-06 15:51 - 2016-08-06 15:51 - 000000040 _____ () C:\Users\newto\AppData\Roaming\cdr.ini 2017-01-19 18:19 - 2017-01-19 18:35 - 001307648 _____ () C:\Users\newto\AppData\Local\file__0.localstorage 2015-09-12 17:14 - 2018-03-11 04:22 - 000007595 _____ () C:\Users\newto\AppData\Local\Resmon.ResmonCfg 2017-02-03 17:17 - 2017-02-03 17:17 - 000000000 _____ () C:\Users\newto\AppData\Local\{46A30D05-DE21-4FD3-9F84-21D5CE7155E7} 2016-12-24 18:42 - 2016-12-24 18:42 - 000000000 _____ () C:\Users\newto\AppData\Local\{61C18640-9EA6-4F45-9E0C-64C09A78115A} Alguns arquivos em TEMP: ==================== 2018-03-12 19:38 - 2018-03-12 19:42 - 000000000 _____ () C:\Users\newto\AppData\Local\Temp\00e481b5e22dbe1f649fcddd505d3eb7.dll 2018-03-12 19:38 - 2018-03-12 19:42 - 000000016 _____ () C:\Users\newto\AppData\Local\Temp\6de885680e05a350021e9e6243148e19.dll 2018-03-12 01:38 - 2017-09-07 03:03 - 001887408 _____ (Microsoft Corporation) C:\Users\newto\AppData\Local\Temp\dllnt_dump.dll ==================== Bamital & volsnap ====================== (Não há correção automática para arquivos que não passaram na verificação.) C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2018-03-08 15:56 ==================== Fim de FRST.txt ============================ Addition: Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 13.03.2018 Executado por Newton (13-03-2018 00:45:59) Executando a partir de C:\Users\newto\Desktop Windows 10 Pro Versão 1607 14393.2068 (X64) (2016-08-04 17:45:26) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-2947653566-3263547115-4119004596-500 - Administrator - Disabled) Convidado (S-1-5-21-2947653566-3263547115-4119004596-501 - Limited - Disabled) DefaultAccount (S-1-5-21-2947653566-3263547115-4119004596-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2947653566-3263547115-4119004596-1003 - Limited - Enabled) Newton (S-1-5-21-2947653566-3263547115-4119004596-1001 - Administrator - Enabled) => C:\Users\newto ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501} FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Age of Empires III (HKLM-x32\...\{FABB02D6-A7FD-4845-A6FA-60C565516712}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden AIDA64 Extreme v5.80 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.80 - FinalWire Ltd.) Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation) Atualizações da NVIDIA 31.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.1.0.0 - NVIDIA Corporation) Hidden Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.) Canon MP230 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP230_series) (Version: 1.00 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.38 - Piriform) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5844 - CDBurnerXP) CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd) Dead Space Tradução BR v1.02 (HKLM-x32\...\Dead Space BR) (Version: 1.02 - Tribo dos Renegados Brasil®) Dead Space™ (HKLM-x32\...\{4D87DC92-C328-46EC-A7B4-9C88129DC696}) (Version: 1.0.222.0 - Electronic Arts) Discord (HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\...\Discord) (Version: 0.0.300 - Discord Inc.) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.01 - NVIDIA Corporation) Hidden Far Cry (Patch 1) (HKLM-x32\...\{D792A069-B96B-40BA-BCB4-E5651A6E5926}) (Version: 1.00.0000 - Ubisoft) Hidden Far Cry 2 (HKLM-x32\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.00.00 - Ubisoft) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Free Download Manager 3.9.7 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG) FreeMouseAutoClicker 3.7 (HKLM-x32\...\{292F00C5-25EF-4FBE-9873-13EF1F69DEED}_is1) (Version: - Advanced Mouse Auto Clicker ltd.) Galeria de Fotos (HKLM-x32\...\{9EE1AE8B-4872-41CA-8C9A-C33D899523E0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.186 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4463 - Intel Corporation) Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation) K-Lite Mega Codec Pack 13.1.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.1.0 - KLCP) Last.fm Scrobbler 2.1.37 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm) Legendas 3.5 (HKLM-x32\...\{461C0377-D2EC-4FB0-B038-847BC6455432}_is1) (Version: 3.5 - Legendas Brasil) LEGO® Harry Potter™: Years 1-4 (HKLM-x32\...\{C5A8DF48-580B-44D3-B2B2-E965A9368F28}) (Version: 1.0.0.0 - WB Games) Mad Max (HKLM-x32\...\Mad Max_is1) (Version: - ) Main Services (HKLM\...\{CCDF2023-BC8F-4A8E-A3EC-E2740C879398}) (Version: 2.0.13 - System Native) Hidden <==== ATENÇÃO McAfee Total Protection (HKLM-x32\...\MSC) (Version: 16.0.3 - McAfee, Inc.) McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.163 - McAfee, Inc.) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility) Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC) Movie Maker (HKLM-x32\...\{C05F4139-CB6B-4272-A0BF-861FEB667F27}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 58.0.1 (x64 pt-BR) (HKLM\...\Mozilla Firefox 58.0.1 (x64 pt-BR)) (Version: 58.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.2 - Mozilla) Mp3tag v2.71 (HKLM-x32\...\Mp3tag) (Version: v2.71 - Florian Heidenreich) MSI Afterburner 4.4.0 (HKLM-x32\...\Afterburner) (Version: 4.4.0 - MSI Co., LTD) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) Need for Speed™ (HKLM-x32\...\{F8643E83-A868-4EE8-A0B9-389386830453}) (Version: 1.3.0.0 - Electronic Arts) NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles) NVIDIA Driver de áudio HD 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation) NVIDIA Driver de controle do 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) NVIDIA Driver de gráficos 391.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.01 - NVIDIA Corporation) NVIDIA Driver do 3D Vision 391.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.01 - NVIDIA Corporation) NVIDIA GeForce Experience 3.13.0.85 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.0.85 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project) OpenIV (HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\...\OpenIV) (Version: 2.9.1.926 - .black/OpenIV Team) Origin (HKLM-x32\...\Origin) (Version: 10.5.12.32066 - Electronic Arts, Inc.) Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation) Painel de controle da NVIDIA 391.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.01 - NVIDIA Corporation) Hidden PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden Planet Coaster version 1.3.6.45104 (HKLM\...\Planet Coaster_is1) (Version: 1.3.6.45104 - STEAMPUNKS) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.13.1223.2016 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7945 - Realtek Semiconductor Corp.) Restream Chat (HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\...\5574fe55cba0ac1f) (Version: 2.2.1.51 - Restream.io) RivaTuner Statistics Server 7.0.0 (HKLM-x32\...\RTSS) (Version: 7.0.0 - Unwinder) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.1 - Rockstar Games) Software de dispositivo do Chipset Intel® (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden Spotify (HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\...\Spotify) (Version: 1.0.75.483.g7ff4a0dc - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH) The Sims 4: City Living (HKLM\...\dGhlc2ltczRjaXR5bGl2aW5n_is1) (Version: 1 - ) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.25.136.1020 - Electronic Arts Inc.) The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.10.0.0 - GOG.com) The Witcher 3: Wild Hunt - Blood and Wine (HKLM-x32\...\Blood and Wine_is1) (Version: 1.21.0.0 - GOG.com) The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.20.0.0 - GOG.com) The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.21.0.0 - GOG.com) Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version: - Ubisoft) TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team) Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.4.1 - Unified Intents AB) Unravel (HKLM\...\Unravel_is1) (Version: 1.0.0.0 - ) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{BF492E7F-BD3F-4F33-932A-1DD0891968B0}) (Version: 2.13.0.0 - Microsoft Corporation) UpdateAssistant (HKLM-x32\...\{7C070E60-8769-4763-BBD8-7537A28A60D4}) (Version: 1.10.0.0 - Microsoft Corporation) Hidden Uplay (HKLM-x32\...\Uplay) (Version: 22.2 - Ubisoft) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Warsaw 2.3.0.83 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.3.0.83 - GAS Tecnologia) Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft) Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - ) WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Nenhum Arquivo ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2017-08-08] (McAfee, Inc.) ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => D:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2015-07-18] (Florian Heidenreich) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-03] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-03] (Alexander Roshal) ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => D:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2015-07-18] (Florian Heidenreich) ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => D:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2015-07-18] (Florian Heidenreich) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> Nenhum Arquivo ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2012-11-26] (Intel Corporation) ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-06-02] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-02-23] (NVIDIA Corporation) ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2017-08-08] (McAfee, Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-03] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-03] (Alexander Roshal) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {04B193A2-2467-43DF-B7C1-2F4197FD02C3} - System32\Tasks\klcp_update => d:\program files (x86)\k-lite codec pack\tools\codectweaktool.exe [2017-04-14] () Task: {0CAEA0D8-371B-443D-B5A0-553899D86D93} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic [Argument = path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate] Task: {10EA1558-D0B4-466C-81FB-C9ABC89215D8} - System32\Tasks\Driver Booster SkipUAC (Newton) => D:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe Task: {13934761-2CB1-4BFE-8256-A094CFE0196C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-02-21] (NVIDIA Corporation) Task: {28972C45-899D-491B-B450-9605A8DBCD16} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent Task: {2CB0F146-3240-46DA-8BA6-752D7A814AFB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-02-21] (NVIDIA Corporation) Task: {345CB7AF-EE49-4161-91AD-5A02DA5B54BE} - System32\Tasks\WlbBJSMcknvngxNxC2 => rundll32 "C:\Program Files (x86)\mAUzXDPkZrvZtXzyunR\GyGqFKE.dll",#1 Task: {3C41AD63-A2A0-45ED-802E-3745CF529227} - System32\Tasks\dTRRfHQjsHOvbdt2 => rundll32 "C:\Program Files (x86)\LfFoujfjU\QPxQge.dll",#1 Task: {4DCD89B5-0C7B-40A0-96D8-B1DD406C24E5} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe Task: {519E8593-A50B-4F13-A3A6-CC950744CD7C} - System32\Tasks\Microsoft\Windows\rempl\shell-unlock-storagesense => C:\Program Files\rempl\remsh.exe Task: {5332E472-60A8-4914-99DF-A148D1AD8C03} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-02-21] (NVIDIA Corporation) Task: {5730A436-1418-49AF-A96F-ECBA8DC123AB} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-02-21] (NVIDIA Corporation) Task: {5FE24D1E-63DB-4D3B-83CD-8525975B318E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK Task: {60E8411E-8F0F-4069-9302-61079690CBA6} - System32\Tasks\Microsoft\Windows\rempl\shell-unlock => C:\Program Files\rempl\remsh.exe Task: {69528118-7BE0-4C7E-A79F-4CA09CFD3CCF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-22] (Google Inc.) Task: {74916EE5-DF40-4F54-AE2E-5EF6E25ECD18} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2018-02-13] (Microsoft Corporation) Task: {76AC8401-853E-4300-8195-1E08BEA5C32B} - System32\Tasks\AdobeGCInvoker-1.0-NEWTON-PC-Newton => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05] (Adobe Systems, Incorporated) Task: {883CCFEE-EB7D-4229-A0A9-45739CB1EFAC} - System32\Tasks\Microsoft\Windows\rempl\shell-maintenance => C:\Program Files\rempl\remsh.exe Task: {8C49A600-2416-4966-AA7A-F79EF09C15AB} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-02-21] (NVIDIA Corporation) Task: {8E0B4CD8-95F7-4B31-812E-940AD8471634} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-22] (Google Inc.) Task: {92B61311-5B9F-4674-BB07-EA1460EDC866} - System32\Tasks\Start CorsairLink4 => D:\CorsairLink4.exe Task: {95ED03B8-E6C6-494F-97D3-382A1FD89645} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\remsh.exe Task: {99BCA662-7C3F-4BB0-B58A-243D79A4B947} - System32\Tasks\Microsoft\Windows\rempl\shell-restore => C:\Program Files\rempl\remsh.exe Task: {9A70174C-AC9B-4D33-9767-493AD710AC2E} - System32\Tasks\{B068A1AE-4A85-4C06-989A-4015562C9463} => C:\Windows\system32\pcalua.exe -a F:\autorun.exe -d F:\ Task: {A3A45C4E-B040-44C5-B04B-A9534A179C8B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-07] (Adobe Systems Incorporated) Task: {A4AF0B26-A876-4B9E-A925-C656F5DEF2A0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-12-01] (Piriform Ltd) Task: {AF66ED68-2650-46CD-BFCF-61790AABC69D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-02-21] (NVIDIA Corporation) Task: {B05A91AA-808E-4028-A6A2-6FCB0F4D9B40} - \Format Factory -> Nenhum Arquivo <==== ATENÇÃO Task: {BB7E90EA-10A5-4ACD-9C46-AEA7F52B2110} - System32\Tasks\updater => C:\Program Files\System Native\Main Services\updater.exe <==== ATENÇÃO Task: {BD127514-24F5-4FAE-BA32-C0F86F6F01C2} - System32\Tasks\Microsoft\Windows\rempl\shell-unlock-sih => C:\Program Files\rempl\remsh.exe Task: {C4A0B2B2-8C2F-43DC-9E93-4BB98CD07078} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2017-05-31] (McAfee, Inc.) Task: {C6BDDE76-0345-4FFD-973A-7F729335F6E0} - System32\Tasks\McAfee\McAfee Idle Detection Task Task: {CEE21AC4-36E2-4AD9-8105-446BF9B493FC} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] () Task: {CF7B1C7D-ED02-4FDD-9885-94B31C1EF480} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-12-01] (Piriform Ltd) Task: {D7DF97BE-7D0B-4F0F-80A4-E5DF9AA98F79} - System32\Tasks\cmdsvr => C:\Disk\cmdsvr.exe Task: {D904FF05-D100-44FD-A25D-CA7157E6CEA0} - System32\Tasks\{1B1A867A-D930-4C12-95B7-D7D51B568947} => C:\Windows\system32\pcalua.exe -a F:\autorun.exe -d F:\ Task: {DBEAFF72-A9E0-4B74-B7C2-ED679958AEB5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-02-21] (NVIDIA Corporation) Task: {E1A72139-3BC4-4A2C-A4E1-84F05C5ECDEA} - System32\Tasks\AdobeAAMUpdater-1.0-NEWTON-PC-Newton => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated) Task: {EB78C90F-8A54-491D-B0A9-56A67C8DDB4D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-02-21] (NVIDIA Corporation) Task: {FA1631C5-A4C4-4B37-A488-C9718393335B} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] () Task: {FB7DCE82-3E46-48B6-BC6C-3BD48B7A4EE8} - System32\Tasks\dIxshjfnsDsrepSSqPt2 => rundll32 "C:\Program Files (x86)\pidIvTaYsJowC\xmyRjeM.dll",#1 Task: {FF8C02F6-61EE-4EF8-8634-734CF52E9D37} - System32\Tasks\qFbxfDUevnccZZ => rundll32 "C:\Program Files (x86)\jzVqtpDsXbLU2\UQbPixMQrgIeL.dll",#1 (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Atalhos & WMI ======================== (As entradas podem ser listadas para serem restauradas ou removidas.) ==================== Módulos Carregados (Whitelisted) ============== 2018-02-26 16:45 - 2018-02-24 01:36 - 000543248 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll 2017-02-24 18:41 - 2012-03-28 09:49 - 000140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 2017-09-27 02:10 - 2017-08-08 13:30 - 001436912 _____ () C:\Program Files\McAfee\MSC\WscInteractionHandler.dll 2018-02-26 19:38 - 2018-02-21 04:51 - 001268616 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2015-08-31 18:14 - 2017-03-17 14:57 - 000076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe 2017-09-27 02:10 - 2017-08-11 14:08 - 000595608 _____ () C:\Program Files\McAfee\MfeAV\RealProtectAMScanIf.dll 2017-09-27 02:10 - 2017-08-11 14:08 - 000586728 _____ () C:\Program Files\McAfee\MfeAV\RepairModule.dll 2016-07-16 08:42 - 2016-07-16 08:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2018-02-13 16:12 - 2018-02-10 01:53 - 002681712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2018-02-26 16:45 - 2018-02-23 16:22 - 000133464 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-10-20 19:55 - 2017-10-31 03:07 - 000444008 _____ () D:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll 2016-08-04 14:48 - 2016-08-04 14:48 - 000959168 _____ () C:\Users\newto\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2017-12-18 15:07 - 2017-04-28 00:23 - 000086528 _____ () C:\Program Files (x86)\Legendas-3.5\ShellExtContextMenuHandler.dll 2016-09-15 22:13 - 2016-09-07 01:56 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-24 00:16 - 2017-03-04 03:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2012-01-10 14:41 - 2015-09-24 23:28 - 000568904 _____ () D:\Program Files (x86)\puush.exe 2018-02-14 10:56 - 2018-02-14 13:55 - 000021824 _____ () D:\Program Files (x86)\Origin\QtWebEngineProcess.exe 2018-02-27 00:43 - 2018-02-27 00:43 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2018-02-27 00:43 - 2018-02-27 00:43 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2018-02-27 00:43 - 2018-02-27 00:43 - 021824000 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2018-02-27 00:43 - 2018-02-27 00:43 - 002529792 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\skypert.dll 2015-08-04 04:54 - 2018-01-25 18:20 - 000174744 _____ () D:\Program Files\TeamSpeak 3 Client\quazip.dll 2018-03-11 19:15 - 2018-02-21 04:51 - 000020368 _____ () c:\program files\nvidia corporation\nvstreamsrv\detoured.dll 2017-01-11 20:47 - 2017-12-17 18:48 - 000020632 _____ () D:\Program Files\TeamSpeak 3 Client\libEGL.DLL 2017-01-11 20:47 - 2017-12-17 18:48 - 001981592 _____ () D:\Program Files\TeamSpeak 3 Client\libGLESv2.dll 2015-08-04 04:53 - 2018-01-25 18:20 - 000125592 _____ () D:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll 2015-08-04 04:54 - 2018-01-25 18:20 - 000150680 _____ () D:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll 2017-03-25 00:13 - 2017-07-21 18:22 - 000345880 _____ () C:\Users\newto\AppData\Roaming\TS3Client\plugins\clientquery_plugin_win64.dll 2017-02-15 01:16 - 2017-07-18 17:32 - 000157696 _____ () C:\Users\newto\AppData\Roaming\TS3Client\plugins\gamepad_joystick_win64.dll 2017-02-02 00:55 - 2017-02-02 00:55 - 000276992 _____ () C:\Users\newto\AppData\Roaming\TS3Client\plugins\ClownfishForTeamspeak_win64.dll 2017-10-31 06:05 - 2017-10-31 06:05 - 000722216 _____ () D:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe 2017-10-31 03:07 - 2017-10-31 03:07 - 000252008 _____ () D:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe 2017-10-31 03:07 - 2017-10-31 03:07 - 000035432 _____ () D:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe 2017-10-31 03:07 - 2017-10-31 03:07 - 000061032 _____ () D:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe 2018-02-13 16:12 - 2018-02-10 01:09 - 009761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 001402368 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-02-13 16:11 - 2018-02-10 00:59 - 000757760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2018-02-13 16:12 - 2018-02-10 00:59 - 001033728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2018-02-13 16:12 - 2018-02-10 01:00 - 002424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2018-02-13 16:12 - 2018-02-10 01:03 - 004854272 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2018-02-23 02:54 - 2018-02-22 00:57 - 004433752 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.186\libglesv2.dll 2018-02-23 02:54 - 2018-02-22 00:57 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.186\libegl.dll 2014-04-07 11:31 - 2014-04-07 11:31 - 000172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll 2018-02-26 19:38 - 2018-02-21 04:51 - 001041800 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-10-20 19:55 - 2017-10-31 03:07 - 000410728 _____ () D:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll 2018-02-26 19:38 - 2018-02-21 04:51 - 071673736 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll 2018-02-14 10:56 - 2018-02-14 10:56 - 000015360 _____ () D:\Program Files (x86)\Origin\libEGL.DLL 2018-02-14 10:56 - 2018-02-14 10:56 - 003090944 _____ () D:\Program Files (x86)\Origin\libGLESv2.dll 2017-10-29 17:01 - 2017-10-29 17:01 - 000071680 _____ () D:\Program Files (x86)\MSI Afterburner\RTMUI.dll 2017-10-29 17:00 - 2017-10-29 17:00 - 000056832 _____ () D:\Program Files (x86)\MSI Afterburner\RTFC.dll 2017-10-29 17:01 - 2017-10-29 17:01 - 000232448 _____ () D:\Program Files (x86)\MSI Afterburner\RTCore.dll 2017-10-29 17:01 - 2017-10-29 17:01 - 000357888 _____ () D:\Program Files (x86)\MSI Afterburner\RTUI.dll 2017-10-29 17:01 - 2017-10-29 17:01 - 000565760 _____ () D:\Program Files (x86)\MSI Afterburner\RTHAL.dll 2018-03-11 19:15 - 2018-02-21 04:51 - 000020368 _____ () c:\program files (x86)\nvidia corporation\nvstreamsrv\detoured.dll 2017-10-10 15:51 - 2017-10-10 15:51 - 000055808 _____ () D:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll 2017-10-10 15:52 - 2017-10-10 15:52 - 000353792 _____ () D:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll 2017-10-10 15:52 - 2017-10-10 15:52 - 000071680 _____ () D:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll 2015-10-28 10:27 - 2017-11-29 02:09 - 000781088 _____ () D:\Program Files (x86)\Steam\SDL2.dll 2015-10-28 10:27 - 2016-08-31 22:02 - 004969248 _____ () D:\Program Files (x86)\Steam\v8.dll 2015-10-28 10:27 - 2017-12-15 16:59 - 002558752 _____ () D:\Program Files (x86)\Steam\video.dll 2017-12-14 14:03 - 2017-11-03 22:54 - 005137696 _____ () D:\Program Files (x86)\Steam\libavcodec-57.dll 2017-12-14 14:03 - 2017-11-03 22:54 - 000695584 _____ () D:\Program Files (x86)\Steam\libavformat-57.dll 2017-12-14 14:03 - 2017-11-03 22:54 - 000351520 _____ () D:\Program Files (x86)\Steam\libavresample-3.dll 2017-12-14 14:03 - 2017-11-03 22:54 - 000847136 _____ () D:\Program Files (x86)\Steam\libavutil-55.dll 2017-12-14 14:03 - 2017-11-03 22:54 - 000783648 _____ () D:\Program Files (x86)\Steam\libswscale-4.dll 2015-10-28 10:27 - 2016-08-31 22:02 - 001563936 _____ () D:\Program Files (x86)\Steam\icui18n.dll 2015-10-28 10:27 - 2016-08-31 22:02 - 001195296 _____ () D:\Program Files (x86)\Steam\icuuc.dll 2015-10-28 10:27 - 2017-12-15 16:59 - 000904992 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL 2016-03-12 17:59 - 2016-07-04 19:17 - 000266560 _____ () D:\Program Files (x86)\Steam\openvr_api.dll 2017-06-08 19:27 - 2017-09-06 23:04 - 000678400 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll 2016-12-14 19:04 - 2017-10-31 01:44 - 071471904 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll 2015-10-28 10:27 - 2015-09-24 20:52 - 000119208 _____ () D:\Program Files (x86)\Steam\winh264.dll 2017-07-17 14:30 - 2017-07-17 14:30 - 000863744 _____ () C:\WINDOWS\mod_frst.exe ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service" ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\...\bmb.com.br -> hxxps://bdu.bmb.com.br IE trusted site: HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\...\bmb.com.br -> bdu.bmb.com.br IE trusted site: HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\...\gastecnologia.com.br -> hxxps://cloud.gastecnologia.com.br IE trusted site: HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\...\gastecnologia.com.br -> cloud.gastecnologia.com.br IE trusted site: HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\...\mercantil.com.br -> hxxps://*.mercantil.com.br IE trusted site: HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\...\mercantildobrasil.com.br -> hxxps://*.mercantildobrasil.com.br ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2015-07-10 08:04 - 2017-05-22 18:27 - 000000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\newto\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == HKLM\...\StartupApproved\Run: => "NvBackend" HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "ADSKAppManager" HKLM\...\StartupApproved\Run32: => "CanonQuickMenu" HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager" HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\...\StartupApproved\Run: => "Autodesk Sync" HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\...\StartupApproved\Run: => "Discord" ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{8092544C-92DF-4BA2-B9F0-FAF2C21DFD9B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Limbo\limbo.exe FirewallRules: [{44413595-8CB6-4FE7-B795-288CF83EEBE6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Limbo\limbo.exe FirewallRules: [{32811041-A145-4059-A6D3-E0F2C3BF212A}] => (Allow) LPort=1900 FirewallRules: [{D7B52BA5-10CD-4C16-92B1-AACF625621D6}] => (Allow) LPort=2869 FirewallRules: [{EDE8EEAE-1655-4CF6-95A1-798E4D442B9C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{5DDAC103-AB6D-4835-B880-AD62F1B0E744}] => (Allow) LPort=27015 FirewallRules: [{27110E58-D3EB-435A-BE42-66925C361420}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{9D21A2C4-2D91-4306-8472-52E42AE969F6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{00756160-FE7A-411E-B20A-5A96211E786D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{986D9E9A-9637-471F-AA5B-FC8DFDB5AE2E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{DEE75851-68DA-4E00-9800-45DF5EC316E5}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe FirewallRules: [{094F7080-B8B1-457B-9F29-7F2B622CEA04}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe FirewallRules: [{9F467B46-AC87-4614-B29D-B840242592F9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe FirewallRules: [{7B923052-1E71-4D88-99D3-1017E1ED59BD}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe FirewallRules: [{5DC1C1EF-3832-42F8-9589-5729961424EC}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{2F8CE85C-69F2-4A2A-95FB-8DEDDB9B6E75}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{53282862-486B-488E-A905-FCA1472405CA}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [{90BA0481-0FD9-4F06-AC63-9B028727751B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [TCP Query User{BCE246F1-ACDF-42AE-AB6B-DCEDBB6060C6}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe FirewallRules: [UDP Query User{32D053AF-35C2-4035-A2D6-612A4CC3EE81}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe FirewallRules: [{CE537E33-3ED2-4D75-851D-A59BD9478157}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{DD4845B8-3F83-4515-A904-083BC82FADE0}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{9A42D762-6F11-442E-B6F7-79758DA755C2}] => (Allow) LPort=27015 FirewallRules: [TCP Query User{8CB49BC8-146B-4C3E-B423-DDA6BD87782F}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [UDP Query User{A09B0DC2-D1C2-45A0-87AE-717B24572223}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [{953946E6-C77A-4493-88C6-EBFBBD975F18}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{B28135A4-6914-4F74-AEA0-E23DEF69DB7D}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{450EFC6D-BBE5-4430-9219-2692C418DE8E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{AC16A089-797F-41D6-93E0-7A6D6ECFAF2F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [TCP Query User{A671484C-DACA-444B-8B1A-8F521B8AEDE4}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [UDP Query User{DCBEB44B-D11C-41D4-AFFF-2FA6ACFDEA68}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [{A0EB6BCC-7415-40F5-BDB3-183C88E43BA7}] => (Allow) LPort=80 FirewallRules: [{E69E207E-8A6A-43B1-B5C0-685F5BEA0668}] => (Allow) LPort=443 FirewallRules: [{881DFB34-0760-4091-9A81-BB00BB9B5350}] => (Allow) LPort=20010 FirewallRules: [{E6827DE1-7E29-4118-A814-AF76DE68C511}] => (Allow) LPort=3478 FirewallRules: [{75364995-BEE9-42A7-8D50-7C4CCC599E9C}] => (Allow) LPort=7850 FirewallRules: [{B33E6084-FE8A-401B-AED2-CA297A753A24}] => (Allow) LPort=7852 FirewallRules: [{6728B5FA-EE4F-490A-8A71-4021194D8257}] => (Allow) LPort=7853 FirewallRules: [{C6F62338-60A7-4157-B870-9AEEA3FF5454}] => (Allow) LPort=27022 FirewallRules: [{462EF69D-5D5E-40AD-971A-1CB4B2EE070E}] => (Allow) LPort=6881 FirewallRules: [{FA0D13ED-6CA9-43A2-894E-BBAAD97130B2}] => (Allow) LPort=33333 FirewallRules: [{5D8D36BA-D675-4C91-9BD1-54570E8BCFCF}] => (Allow) LPort=20443 FirewallRules: [{E7D7D2C0-CB53-4A68-A885-EB72F5B53210}] => (Allow) LPort=8090 FirewallRules: [{32A34A7F-D160-421A-90F7-8749C89F7DD7}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [{834B9ED6-4356-436E-B941-A1BFD5F27F3A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [{6E2FD900-2B98-4516-A9B4-630C05CD7818}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{D88AA820-53E4-43BB-8AA2-9A4CFA0312AE}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{C22B4847-DB81-490E-BB8B-8C6FEDFDA2E2}] => (Allow) D:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe FirewallRules: [{F845E618-CD02-4DB3-B1FD-95FF1D6F468C}] => (Allow) D:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe FirewallRules: [{8F8D991A-B928-42EA-A3B4-60F9EE180FCD}] => (Allow) D:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FarCry2.exe FirewallRules: [{697F76B2-915D-4756-8C9F-AC388C8BD5C3}] => (Allow) D:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FarCry2.exe FirewallRules: [{5376E986-7147-4FF1-A90B-CA5893F9CA2B}] => (Allow) D:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FC2Launcher.exe FirewallRules: [{26D924E9-87B0-460E-8C54-1C1C1B50D35C}] => (Allow) D:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FC2Launcher.exe FirewallRules: [{95DDE86E-DBAF-48F8-ABFF-F99A77AB6768}] => (Allow) D:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FC2Editor.exe FirewallRules: [{862AFEBE-CFC6-40AA-8AEB-8F5C3E7B8B13}] => (Allow) D:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FC2Editor.exe FirewallRules: [{5F8613EB-A81C-4767-8931-57051969AED4}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{295D7D97-3E49-4B54-8772-9C08ABF8565B}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{4181D021-8B32-4B3E-ACDE-8F1FC87EC486}] => (Allow) D:\Program Files\The Sims 4 City Living\Game\Bin\TS4.exe FirewallRules: [{93D61893-8001-43F0-9407-0F831C73316D}] => (Allow) D:\Program Files\The Sims 4 City Living\Game\Bin\TS4.exe FirewallRules: [{D60C8DBE-CB4B-4EEF-8FEC-AB18A36BBAFE}] => (Allow) D:\Program Files\The Sims 4 City Living\Game\Bin\TS4_x64.exe FirewallRules: [{E0321DDF-3606-4493-B756-58573C4BB6C4}] => (Allow) D:\Program Files\The Sims 4 City Living\Game\Bin\TS4_x64.exe FirewallRules: [{BD6FBAA9-FAFC-479E-86B7-F65F2F47BB05}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\RESIDENT EVIL 7 biohazard\re7.exe FirewallRules: [{4BC0AF57-2E54-4481-9A0B-FDAEAA8867DD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\RESIDENT EVIL 7 biohazard\re7.exe FirewallRules: [{FF7133F9-9511-43F1-AFDC-E90979C1126B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{9B9DF50E-37BF-4C4A-AACB-E9FD604BCB79}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{F07E3317-C68E-4E6C-A8EF-414F2E96AB4A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{7910476A-3874-4B16-B081-84036A7868A6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{8271064B-52C0-4FA5-9BAC-724C17F82A2A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{C20FE46F-718C-4E53-B363-AB8F25874D40}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{4CB9C5C8-EE87-44AF-BA53-C431DE356C92}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{F04788A1-B126-4698-BFC1-06F3842FD18A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{7BDFDCD8-B8B3-481B-8800-DC897388F6AC}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe FirewallRules: [{6A44690F-259E-42A6-BBE1-A894506725EE}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe FirewallRules: [{FADCC088-6C97-432D-AC9E-76FE46EA05EB}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe FirewallRules: [{56059326-BEC1-43CD-8AB0-2436E1809896}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe FirewallRules: [{79A2A3CD-74E8-43B6-99BB-CA528F0E0CCC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe FirewallRules: [{75792572-D0AC-48E2-9BCA-369D8848E640}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe FirewallRules: [{0933A3CA-3390-483F-A5C4-243AF21D8351}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe FirewallRules: [{951D61BD-66C9-4FF3-86D8-E1B0023D9022}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Need for Speed\NFS16.exe FirewallRules: [{AF125AF0-D4B3-4F22-B788-9E5B3CD98EF4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Need for Speed\NFS16.exe FirewallRules: [{122A8C85-24E3-499E-BAF9-8610700065D4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Need for Speed\NFS16_trial.exe FirewallRules: [{611F97A0-924A-4D2E-BD56-30DB636AF528}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Need for Speed\NFS16_trial.exe FirewallRules: [TCP Query User{7E4033FE-FE64-4FE3-B0AD-09EE56708BD3}C:\users\newto\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\newto\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{37CC2DEA-F829-4316-AD34-38D527B2DF33}C:\users\newto\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\newto\appdata\roaming\spotify\spotify.exe FirewallRules: [{D750B1AC-7C49-4CD1-89B6-40D64F0F4240}] => (Allow) D:\Program Files (x86)\DroidCam\DroidCamApp.exe FirewallRules: [{6943C9F4-B8E2-4549-A9F3-5C15543EF2B9}] => (Allow) D:\Program Files (x86)\DroidCam\DroidCamApp.exe FirewallRules: [{F03FE9EB-01BD-4352-9FE5-6A7DB746B4C0}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe FirewallRules: [{2CE11826-98C9-4945-98CB-21712EA7EBE3}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe FirewallRules: [{80CD2AFB-9D36-4A4B-8ACB-A4AF99BCE1C9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe FirewallRules: [{86CDC928-9F73-4D18-B94A-9FDDE511C1FB}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe FirewallRules: [{F247318A-E61D-4D80-8344-846223507522}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe FirewallRules: [{F411C079-6EF6-4C76-8434-928BCDC2CC92}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{45366FDF-4D07-448D-9F29-EBBA86B3379D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{B3DF3A7A-3C6D-4F66-B17A-54EA2788E767}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe FirewallRules: [{4E92BE4B-C68E-47EA-A3C5-776AD0B4C6C9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe FirewallRules: [{2871EAC1-76EE-43C1-881C-37FFB2626E98}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe FirewallRules: [{FDF7DF49-756E-4F5B-8D3E-11DB2D2D54E7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe FirewallRules: [{5A21882B-4A15-42E5-B493-B41005236C8B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{5317A23C-C279-4396-8336-9B925AC12B40}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{B41B5424-1F2B-40FF-9F52-628A599A96C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{B9D326E8-B242-420B-8CC4-2060163A4678}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{1CFB53BB-DE53-4D2E-882F-0FC1E39854D3}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{22A70F6B-AF87-4B7C-A7C5-892ADFD25944}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{7B42AD76-5C13-4D64-B949-8B68D9434B85}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{40F3E215-0862-43D7-BE6E-3BF602C265D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{F6F23077-1FB7-4DD6-A989-FDA3F2A55503}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{2369DD1C-08D0-407D-90C3-0F9B9B051382}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{9FF374DB-7FB1-43F5-98FF-EF32DE85076F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe ==================== Pontos de Restauração ========================= ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (03/12/2018 04:34:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NEWTON-PC) Description: Falha na ativação do aplicativo Microsoft.BingNews_8wekyb3d8bbwe!AppexNews com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (03/12/2018 04:32:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NEWTON-PC) Description: Falha na ativação do aplicativo Microsoft.BingNews_8wekyb3d8bbwe!AppexNews com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (03/12/2018 04:18:49 PM) (Source: Software Protection Platform Service) (EventID: 8229) (User: ) Description: O mecanismo de regras não pôde executar uma ou mais ações agendadas. Código de Erro:0x80070002 Caminho:<none> Argumentos:<none> Error: (03/12/2018 04:18:38 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: atieclxx.exe, versão: 6.14.11.1199, carimbo de data/hora: 0x563a76a9 Nome do módulo com falha: atieclxx.exe, versão: 6.14.11.1199, carimbo de data/hora: 0x563a76a9 Código de exceção: 0xc0000005 Deslocamento da falha: 0x00000000000425c6 ID do processo com falha: 0x5dc Hora de início do aplicativo com falha: 0x01d3ba318d50501b Caminho do aplicativo com falha: C:\WINDOWS\system32\atieclxx.exe Caminho do módulo com falha: C:\WINDOWS\system32\atieclxx.exe ID do Relatório: 93ecb679-fec6-4744-9ae2-ac05f8dff8a7 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (03/12/2018 04:09:02 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: ) Description: Event-ID 5000 Error: (03/12/2018 04:09:02 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: ) Description: Event-ID 5000 Error: (03/12/2018 04:08:53 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: ) Description: Event-ID 5000 Error: (03/12/2018 04:08:53 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: ) Description: Event-ID 5000 Erros de Sistema: ============= Error: (03/13/2018 12:46:00 AM) (Source: DCOM) (EventID: 10000) (User: AUTORIDADE NT) Description: Não é possível iniciar o servidor DCOM: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. O erro: "2" Aconteceu ao iniciar este comando: C:\WINDOWS\system32\SppExtComObj.exe -Embedding Error: (03/13/2018 12:45:00 AM) (Source: DCOM) (EventID: 10000) (User: AUTORIDADE NT) Description: Não é possível iniciar o servidor DCOM: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. O erro: "2" Aconteceu ao iniciar este comando: C:\WINDOWS\system32\SppExtComObj.exe -Embedding Error: (03/13/2018 12:44:00 AM) (Source: DCOM) (EventID: 10000) (User: AUTORIDADE NT) Description: Não é possível iniciar o servidor DCOM: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. O erro: "2" Aconteceu ao iniciar este comando: C:\WINDOWS\system32\SppExtComObj.exe -Embedding Error: (03/13/2018 12:43:00 AM) (Source: DCOM) (EventID: 10000) (User: AUTORIDADE NT) Description: Não é possível iniciar o servidor DCOM: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. O erro: "2" Aconteceu ao iniciar este comando: C:\WINDOWS\system32\SppExtComObj.exe -Embedding Error: (03/13/2018 12:42:00 AM) (Source: DCOM) (EventID: 10000) (User: AUTORIDADE NT) Description: Não é possível iniciar o servidor DCOM: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. O erro: "2" Aconteceu ao iniciar este comando: C:\WINDOWS\system32\SppExtComObj.exe -Embedding Error: (03/13/2018 12:41:00 AM) (Source: DCOM) (EventID: 10000) (User: AUTORIDADE NT) Description: Não é possível iniciar o servidor DCOM: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. O erro: "2" Aconteceu ao iniciar este comando: C:\WINDOWS\system32\SppExtComObj.exe -Embedding Error: (03/13/2018 12:40:00 AM) (Source: DCOM) (EventID: 10000) (User: AUTORIDADE NT) Description: Não é possível iniciar o servidor DCOM: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. O erro: "2" Aconteceu ao iniciar este comando: C:\WINDOWS\system32\SppExtComObj.exe -Embedding Error: (03/13/2018 12:39:00 AM) (Source: DCOM) (EventID: 10000) (User: AUTORIDADE NT) Description: Não é possível iniciar o servidor DCOM: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. O erro: "2" Aconteceu ao iniciar este comando: C:\WINDOWS\system32\SppExtComObj.exe -Embedding Windows Defender: =================================== Date: 2017-09-20 18:49:14.714 Description: O exame do Windows Defender foi interrompido antes da conclusão. ID do Exame: {107F1D2F-00F1-4873-8F4B-9923EAE92529} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Completa Usuário: NEWTON-PC\Newton Date: 2017-09-26 13:48:13.962 Description: O Windows Defender encontrou um erro ao atualizar assinaturas. Versão da Nova Assinatura: Versão da Assinatura Anterior: 1.251.1202.0 Origem da Atualização: Servidor do Microsoft Update Tipo de Assinatura: Antivírus Tipo de Atualização: Completa Usuário: AUTORIDADE NT\SISTEMA Versão do Mecanismo Atual: Versão do Mecanismo Anterior: 1.1.14104.0 Código de erro: 0x8024401c Descrição do erro: Erro inesperado ao verificar atualizações. Para obter informações sobre como instalar ou solucionar problemas de atualizações, consulte Ajuda e Suporte. Date: 2017-09-20 19:24:22.793 Description: O recurso de Proteção em Tempo Real do Windows Defender encontrou um erro e falhou. Recurso: Monitoramento do Comportamento Código do Erro: 0x80508023 Descrição do erro: O programa não encontrou malware e outros programas potencialmente indesejados neste computador. Motivo: A proteção em tempo real parou de funcionar por um motivo desconhecido. Reinicie o serviço para recuperar. Date: 2017-09-20 19:24:21.924 Description: O recurso de Proteção em Tempo Real do Windows Defender encontrou um erro e falhou. Recurso: Monitoramento do Comportamento Código do Erro: 0x80508023 Descrição do erro: O programa não encontrou malware e outros programas potencialmente indesejados neste computador. Motivo: A proteção antimalware parou de funcionar por um motivo desconhecido. Em alguns casos, reiniciar o serviço pode resolver o problema. Date: 2017-09-20 19:14:39.206 Description: O recurso de Proteção em Tempo Real do Windows Defender encontrou um erro e falhou. Recurso: Em Tempo de Acesso Código do Erro: 0x8007043c Descrição do erro: Não é possível compartilhar este serviço no modo de segurança Motivo: A proteção antimalware parou de funcionar por um motivo desconhecido. Em alguns casos, reiniciar o serviço pode resolver o problema. Date: 2017-09-20 18:43:20.923 Description: O Windows Defender encontrou um erro ao atualizar assinaturas. Versão da Nova Assinatura: Versão da Assinatura Anterior: 0.0.0.0 Origem da Atualização: Centro de Proteção contra Malware da Microsoft Tipo de Assinatura: Sistema de Inspeção de Rede Tipo de Atualização: Completa Usuário: AUTORIDADE NT\SERVIÇO DE REDE Versão do Mecanismo Atual: Versão do Mecanismo Anterior: 0.0.0.0 Código de erro: 0x80072742 Descrição do erro: Uma operação de soquete encontrou uma rede inoperante. CodeIntegrity: =================================== Date: 2018-03-12 19:41:00.468 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\Diebold\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements. Date: 2018-03-12 18:41:47.808 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\Diebold\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements. Date: 2018-03-12 18:11:00.412 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\Diebold\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements. Date: 2018-03-12 17:41:00.336 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\Diebold\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements. Date: 2018-03-12 17:11:00.386 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\Diebold\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements. Date: 2018-03-12 16:41:00.418 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\Diebold\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements. Date: 2018-03-12 01:34:05.733 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\Diebold\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements. Date: 2018-03-11 19:30:16.098 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\Diebold\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz Percentagem de memória em uso: 33% RAM física total: 16306.92 MB RAM física disponível: 10860.09 MB Virtual Total: 25522.92 MB Virtual disponível: 18200.68 MB ==================== Drives ================================ Drive c: (SSD (Win10)) (Fixed) (Total:111.35 GB) (Free:3.38 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)] Drive d: (HD 1TB (Docs e Programas)) (Fixed) (Total:931.51 GB) (Free:44.82 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)] Drive e: (HD 1TB (Downloads)) (Fixed) (Total:931.51 GB) (Free:9.14 GB) NTFS \\?\Volume{5f1758d5-0000-0000-0000-60d61b000000}\ () (Fixed) (Total:0.44 GB) (Free:0.11 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: A494F232) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 58A4D5A5) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================
  5. @Elias Pereira Resultado do RogueKiller: RogueKiller V12.12.8.0 (x64) [Mar 12 2018] (Free) por Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Site : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Sistema Operacional : Windows 10 (10.0.14393) 64 bits version Iniciou : Modo normal Usuário : Newton [Administrador] Started from : C:\Users\newto\Desktop\RogueKiller_portable64.exe Modo : Deletar -- Data : 03/12/2018 15:49:54 (Duration : 00:19:11) ¤¤¤ Processos : 2 ¤¤¤ [BitMiner.Gen0] explorer.exe(5308) -- C:\Windows\explorer.exe[7] -> Interrompido [TermProc] [BitMiner.Gen0] mcicda64.dll(5308) -- C:\WINDOWS\system32\mcicda64.dll[-] -> Encontrado ¤¤¤ Registro : 13 ¤¤¤ [BitMiner.Gen0] (X64) HKEY_CLASSES_ROOT\CLSID\{BFD98515-CD74-48A4-98E2-13D209E3EE4F} (C:\WINDOWS\system32\mcicda64.dll) -> Deletado [PUP.Gen1] (X64) HKEY_USERS\RK_Newton_ON_D_BF4F\Software\eSupport.com -> Deletado [PUP.Gen1] (X64) HKEY_USERS\RK_Newton_ON_D_BF4F\Software\ProgSense -> Deletado [PUP.Gen1] (X64) HKEY_USERS\RK_Newton_ON_D_BF4F\Software\SlimWare Utilities Inc -> Deletado [PUP.Gen1] (X64) HKEY_USERS\RK_Newton_ON_D_BF4F\Software\Softonic -> Deletado [PUP.Gen1] (X86) HKEY_USERS\RK_Newton_ON_D_BF4F\Software\eSupport.com -> Deletado [PUP.Gen1] (X86) HKEY_USERS\RK_Newton_ON_D_BF4F\Software\ProgSense -> Deletado [PUP.Gen1] (X86) HKEY_USERS\RK_Newton_ON_D_BF4F\Software\SlimWare Utilities Inc -> Deletado [PUP.Gen1] (X86) HKEY_USERS\RK_Newton_ON_D_BF4F\Software\Softonic -> Deletado [BitMiner.Gen0] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\{BFD98515-CD74-48A4-98E2-13D209E3EE4F} | (default) : {BFD98515-CD74-48A4-98E2-13D209E3EE4F} (C:\WINDOWS\system32\mcicda64.dll) [-] -> Deletado [BitMiner.Gen0] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks | {BFD98515-CD74-48A4-98E2-13D209E3EE4F} : (C:\WINDOWS\system32\mcicda64.dll) [-] -> Deletado [PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Substituído (2) [PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Substituído (2) ¤¤¤ Tarefas : 1 ¤¤¤ [Suspicious.Path] \Minecraft Checksum Validator -- D:\Users\newto\AppData\Roaming\.minecraft\MinecraftChecksumValidator.exe -> Deletado ¤¤¤ Arquivos : 1 ¤¤¤ [BitMiner.Gen0][Arquivo] C:\Windows\System32\mcicda64.dll -> Deletado ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Arquivos de hosts : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤ ¤¤¤ Navegadores : 1 ¤¤¤ [PUM.HomePage][Chrome:Config] Profile 4 [SecurePrefs] : session.startup_urls [chrome://newtab/?source=home|https://www.google.com/|https://www.google.com/] -> Deletado ¤¤¤ Verificação da MBR : ¤¤¤ +++++ PhysicalDrive0: KINGSTON SV300S37A120G +++++ --- User --- [MBR] 5db2ead6a9f062487eacf1db1cfe20f4 [BSP] dcae39acf93c83b7cc2756c8f0889e5e : Windows Vista/7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 114021 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 233517056 | Size: 450 MB User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: ST31000528AS +++++ --- User --- [MBR] 08a07b024ed6cfbd8b4d1bbb828c0c21 [BSP] d7525572800a9a8c6287b026ad488f54 : Windows Vista/7/8 MBR Code Partition table: 0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive2: WDC WD10EZEX-00WN4A0 +++++ --- User --- [MBR] d3ebc6e5ea0bf92fd5474bf825727294 [BSP] d2aa549a0f5a36875940d0bac0db0511 : Windows Vista/7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953866 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK adicionado 5 minutos depois Resultado do SystemLook: SystemLook 30.07.11 by jpshortstuff Log created at 16:14 on 12/03/2018 by Newton Administrator - Elevation successful ========== filefind ========== Searching for "xmrig.exe" C:\Users\newto\AppData\Local\Temp\xmrig.exe --a---- 749056 bytes [04:33 12/03/2018] [19:09 12/03/2018] 2D7696E09A2F41E6879A96A15720FCC3 ========== folderfind ========== Searching for "xmrig" No folders found. ========== regfind ========== Searching for "xmrig.exe" No data found. -= EOF =-
  6. @Elias Pereira Resultado do Farbar Recovery Scan: Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 11.03.2018 01 Executado por Newton (12-03-2018 01:30:36) Run:1 Executando a partir de C:\Users\newto\Desktop Perfis Carregados: Newton (Perfis Disponíveis: Newton) Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** CreateRestorePoint: CloseProcesses: PowerShell: Get-ChildItem -Path C:\ -Filter xmrig.exe -Recurse -ErrorAction SilentlyContinue -Force CMD: ipconfig /flushdns RemoveProxy: EmptyTemp: CreateRestorePoint: ***************** Ponto de Restauração criado com sucesso. Processos fechados com sucesso. ========= Get-ChildItem -Path C:\ -Filter xmrig.exe -Recurse -ErrorAction SilentlyContinue -Force ========= ========= Fim de Powershell: ========= ========= ipconfig /flushdns ========= Configura‡Æo de IP do Windows Libera‡Æo do Cache do DNS Resolver bem-sucedida. ========= Fim de CMD: ========= ========= RemoveProxy: ========= "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso. "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso. "HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso. "HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso. "HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso. "HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso. "HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso. "HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso. ========= Fim de RemoveProxy: ========= Ponto de Restauração criado com sucesso. =========== EmptyTemp: ========== BITS transfer queue => 1664636 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 71252621 B Java, Flash, Steam htmlcache => 293563090 B Windows/system/drivers => 6425793 B Edge => 399 B Chrome => 423959533 B Firefox => 19922362 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 128 B systemprofile32 => 7728 B LocalService => 36164 B NetworkService => 4030 B newto => 271932295 B RecycleBin => 70754530 B EmptyTemp: => 1.1 GB de dados temporários Removidos. ================================ O sistema precisou ser reiniciado. ==== Fim de Fixlog 01:31:40 ==== Resultado do RogueKiller: RogueKiller V12.12.7.0 (x64) [Mar 5 2018] (Free) por Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Site : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Sistema Operacional : Windows 10 (10.0.14393) 64 bits version Iniciou : Modo normal Usuário : Newton [Administrador] Started from : C:\Users\newto\Desktop\RogueKiller_portable64.exe Modo : Escanear -- Data : 03/12/2018 01:40:35 (Duration : 00:24:03) ¤¤¤ Processos : 1 ¤¤¤ [VT.Detected] xmrig.exe(10336) -- C:\Users\newto\AppData\Local\Temp\xmrig.exe[-] -> Encontrado ¤¤¤ Registro : 11 ¤¤¤ [PUP.Gen1] (X64) HKEY_USERS\RK_Newton_ON_D_1938\Software\eSupport.com -> Encontrado [PUP.Gen1] (X64) HKEY_USERS\RK_Newton_ON_D_1938\Software\ProgSense -> Encontrado [PUP.Gen1] (X64) HKEY_USERS\RK_Newton_ON_D_1938\Software\SlimWare Utilities Inc -> Encontrado [PUP.Gen1] (X64) HKEY_USERS\RK_Newton_ON_D_1938\Software\Softonic -> Encontrado [PUP.Gen1] (X86) HKEY_USERS\RK_Newton_ON_D_1938\Software\eSupport.com -> Encontrado [PUP.Gen1] (X86) HKEY_USERS\RK_Newton_ON_D_1938\Software\ProgSense -> Encontrado [PUP.Gen1] (X86) HKEY_USERS\RK_Newton_ON_D_1938\Software\SlimWare Utilities Inc -> Encontrado [PUP.Gen1] (X86) HKEY_USERS\RK_Newton_ON_D_1938\Software\Softonic -> Encontrado [PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Encontrado [PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Encontrado [Adw.Eszjuxuan] (X64) HKEY_USERS\S-1-5-21-2947653566-3263547115-4119004596-1001\Control Panel\Desktop | SCRNSAVE.EXE : C:\ProgramData\DreamScreen\DreamCompress.scr [x] -> Encontrado ¤¤¤ Tarefas : 1 ¤¤¤ [Suspicious.Path] \Minecraft Checksum Validator -- D:\Users\newto\AppData\Roaming\.minecraft\MinecraftChecksumValidator.exe -> Encontrado ¤¤¤ Arquivos : 23 ¤¤¤ [PUP.Gen0][Pasta] C:\Users\newto\AppData\Roaming\System -> Encontrado [PUP.uTorrentAds][Arquivo] C:\Users\newto\AppData\Roaming\uTorrent\updates\3.4.5_41073\utorrentie.exe -> Encontrado [PUP.uTorrentAds][Arquivo] C:\Users\newto\AppData\Roaming\uTorrent\updates\3.4.5_41162\utorrentie.exe -> Encontrado [PUP.uTorrentAds][Arquivo] C:\Users\newto\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe -> Encontrado [PUP.uTorrentAds][Arquivo] C:\Users\newto\AppData\Roaming\uTorrent\updates\3.4.5_41712\utorrentie.exe -> Encontrado [PUP.uTorrentAds][Arquivo] C:\Users\newto\AppData\Roaming\uTorrent\updates\3.4.5_41865\utorrentie.exe -> Encontrado [PUP.uTorrentAds][Arquivo] C:\Users\newto\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe -> Encontrado [PUP.uTorrentAds][Arquivo] C:\Users\newto\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe -> Encontrado [PUP.uTorrentAds][Arquivo] C:\Users\newto\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe -> Encontrado [PUP.uTorrentAds][Arquivo] C:\Users\newto\AppData\Roaming\uTorrent\updates\3.4.8_42576\utorrentie.exe -> Encontrado [PUP.uTorrentAds][Arquivo] C:\Users\newto\AppData\Roaming\uTorrent\updates\3.4.9_42606\utorrentie.exe -> Encontrado [PUP.uTorrentAds][Arquivo] C:\Users\newto\AppData\Roaming\uTorrent\updates\3.4.9_42923\utorrentie.exe -> Encontrado [PUP.uTorrentAds][Arquivo] C:\Users\newto\AppData\Roaming\uTorrent\updates\3.4.9_42973\utorrentie.exe -> Encontrado [PUP.uTorrentAds][Arquivo] C:\Users\newto\AppData\Roaming\uTorrent\updates\3.4.9_43085\utorrentie.exe -> Encontrado [PUP.uTorrentAds][Arquivo] C:\Users\newto\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe -> Encontrado [PUP.uTorrentAds][Arquivo] C:\Users\newto\AppData\Roaming\uTorrent\updates\3.4.9_43388\utorrentie.exe -> Encontrado [PUP.uTorrentAds][Arquivo] C:\Users\newto\AppData\Roaming\uTorrent\updates\3.5.0_43580\utorrentie.exe -> Encontrado [PUP.uTorrentAds][Arquivo] C:\Users\newto\AppData\Roaming\uTorrent\updates\3.5.0_43804\utorrentie.exe -> Encontrado [PUP.uTorrentAds][Arquivo] C:\Users\newto\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe -> Encontrado [PUP.uTorrentAds][Arquivo] C:\Users\newto\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe -> Encontrado [PUP.uTorrentAds][Arquivo] C:\Users\newto\AppData\Roaming\uTorrent\updates\3.5.0_44294\utorrentie.exe -> Encontrado [PUP.uTorrentAds][Arquivo] C:\Users\newto\AppData\Roaming\uTorrent\updates\3.5.1_44332\utorrentie.exe -> Encontrado [PUP.uTorrentAds][Arquivo] C:\Users\newto\AppData\Roaming\uTorrent\updates\3.5.3_44358\utorrentie.exe -> Encontrado ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Arquivos de hosts : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤ ¤¤¤ Navegadores : 1 ¤¤¤ [PUM.HomePage][Chrome:Config] Profile 4 [SecurePrefs] : session.startup_urls [chrome://newtab/?source=home|https://www.google.com/|https://www.google.com/] -> Encontrado ¤¤¤ Verificação da MBR : ¤¤¤ +++++ PhysicalDrive0: KINGSTON SV300S37A120G +++++ --- User --- [MBR] 5db2ead6a9f062487eacf1db1cfe20f4 [BSP] dcae39acf93c83b7cc2756c8f0889e5e : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 114021 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 233517056 | Size: 450 MB User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: ST31000528AS +++++ --- User --- [MBR] 08a07b024ed6cfbd8b4d1bbb828c0c21 [BSP] d7525572800a9a8c6287b026ad488f54 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive2: WDC WD10EZEX-00WN4A0 +++++ --- User --- [MBR] d3ebc6e5ea0bf92fd5474bf825727294 [BSP] d2aa549a0f5a36875940d0bac0db0511 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953866 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK
  7. @Elias Pereira Resultado do Malwarebytes: Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 11/03/18 Hora da análise: 17:38 Arquivo de registro: 2040575e-256c-11e8-be96-708bcde5520c.json Administrador: Sim -Informação do software- Versão: 3.4.4.2398 Versão de componentes: 1.0.322 Versão do pacote de definições: 1.0.4302 Licença: Versão de Avaliação -Informação do sistema- Sistema operacional: Windows 10 (Build 14393.2068) CPU: x64 Sistema de arquivos: NTFS Usuário: NEWTON-PC\Newton -Resumo da análise- Tipo de análise: Análise Customizada Resultado: Concluído Objetos verificados: 459646 Ameaças detectadas: 1 Ameaças em quarentena: 1 Tempo decorrido: 1 hr, 37 min, 17 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Detectar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 0 (Nenhum item malicioso detectado) Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 1 PUP.Optional.SlimCleanerPlus, C:\USERS\PUBLIC\DOCUMENTS\DOWNLOADED INSTALLERS\{746AB259-6474-4111-8966-1C62F9A6E063}\SETUP.MSI, Quarentena, [1018], [472306],1.0.4302 Setor físico: 0 (Nenhum item malicioso detectado) (end) O alerta que fica pipocando no PC: https://puu.sh/zFwy0/6377d63b99.png Outra coisa que notei é que agora todo executável que eu baixo (inclusive os indicados por você) o Chrome diz que pode ser malicioso, pode ter algo a ver com o problema? Chrome infectado? adicionado 5 minutos depois Resultado do AdwCleaner: # AdwCleaner 7.0.8.0 - Logfile created on Sun Mar 11 22:27:47 2018 # Updated on 2018/08/02 by Malwarebytes # Running on Windows 10 Pro (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services deleted. ***** [ Folders ] ***** Deleted: C:\Windows\System32\\SSL Deleted: C:\Windows\SysWOW64\\SSL Deleted: C:\Users\newto\AppData\Roaming\Hola Deleted: C:\Users\newto\AppData\Local\DriverToolkit Deleted: C:\Users\Public\Documents\Downloaded Installers Deleted: C:\Users\newto\AppData\Local\AdvinstAnalytics Deleted: C:\Users\newto\AppData\Local\slimware utilities inc Deleted: C:\Users\newto\AppData\Local\SlimWare Utilities Inc Deleted: C:\Users\newto\AppData\Roaming\FastDataX Deleted: C:\Program Files\Enigma Software Group Deleted: C:\Users\newto\AppData\Roaming\Enigma Software Group Deleted: C:\sh4ldr Deleted: C:\sh4ldr Deleted: C:\ProgramData\DreamScreen Deleted: C:\Users\All Users\DreamScreen Deleted: C:\Users\newto\AppData\Roaming\DreamScreen Deleted: C:\Users\Todos os Usuários\DreamScreen Deleted: C:\ProgramData\DreamCompress Deleted: C:\Users\All Users\DreamCompress Deleted: C:\Users\Todos os Usuários\DreamCompress ***** [ Files ] ***** No malicious files deleted. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{1CC4815C-5561-4DCD-A4A2-1DC5ADA3B1DC}C:\users\newto\appdata\local\popcorn time community\nw.exe Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{3A80A77C-6E77-4DFF-9E5F-B05B71B81877}C:\users\newto\appdata\local\popcorn time community\nw.exe Deleted: [Key] - HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\Software\PopWnd Deleted: [Key] - HKCU\Software\PopWnd Deleted: [Key] - HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\Software\DriverToolkit Deleted: [Key] - HKCU\Software\DriverToolkit Deleted: [Key] - HKLM\SOFTWARE\Hola Deleted: [Key] - HKU\.DEFAULT\Software\Hola Deleted: [Key] - HKU\S-1-5-18\Software\Hola Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A} Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application Deleted: [Key] - HKLM\SOFTWARE\SlimWare Utilities Inc Deleted: [Key] - HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\Software\SlimWare Utilities Inc Deleted: [Key] - HKCU\Software\SlimWare Utilities Inc Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Quoteex.exe Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater Deleted: [Key] - HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014} Deleted: [Key] - HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014} Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[S0].txt - [4809 B] - [2018/3/11 22:27:29] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ########## adicionado 16 minutos depois Resultado do AdwCleaner: # AdwCleaner 7.0.8.0 - Logfile created on Sun Mar 11 22:27:47 2018 # Updated on 2018/08/02 by Malwarebytes # Running on Windows 10 Pro (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services deleted. ***** [ Folders ] ***** Deleted: C:\Windows\System32\\SSL Deleted: C:\Windows\SysWOW64\\SSL Deleted: C:\Users\newto\AppData\Roaming\Hola Deleted: C:\Users\newto\AppData\Local\DriverToolkit Deleted: C:\Users\Public\Documents\Downloaded Installers Deleted: C:\Users\newto\AppData\Local\AdvinstAnalytics Deleted: C:\Users\newto\AppData\Local\slimware utilities inc Deleted: C:\Users\newto\AppData\Local\SlimWare Utilities Inc Deleted: C:\Users\newto\AppData\Roaming\FastDataX Deleted: C:\Program Files\Enigma Software Group Deleted: C:\Users\newto\AppData\Roaming\Enigma Software Group Deleted: C:\sh4ldr Deleted: C:\sh4ldr Deleted: C:\ProgramData\DreamScreen Deleted: C:\Users\All Users\DreamScreen Deleted: C:\Users\newto\AppData\Roaming\DreamScreen Deleted: C:\Users\Todos os Usuários\DreamScreen Deleted: C:\ProgramData\DreamCompress Deleted: C:\Users\All Users\DreamCompress Deleted: C:\Users\Todos os Usuários\DreamCompress ***** [ Files ] ***** No malicious files deleted. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{1CC4815C-5561-4DCD-A4A2-1DC5ADA3B1DC}C:\users\newto\appdata\local\popcorn time community\nw.exe Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{3A80A77C-6E77-4DFF-9E5F-B05B71B81877}C:\users\newto\appdata\local\popcorn time community\nw.exe Deleted: [Key] - HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\Software\PopWnd Deleted: [Key] - HKCU\Software\PopWnd Deleted: [Key] - HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\Software\DriverToolkit Deleted: [Key] - HKCU\Software\DriverToolkit Deleted: [Key] - HKLM\SOFTWARE\Hola Deleted: [Key] - HKU\.DEFAULT\Software\Hola Deleted: [Key] - HKU\S-1-5-18\Software\Hola Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A} Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application Deleted: [Key] - HKLM\SOFTWARE\SlimWare Utilities Inc Deleted: [Key] - HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\Software\SlimWare Utilities Inc Deleted: [Key] - HKCU\Software\SlimWare Utilities Inc Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Quoteex.exe Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater Deleted: [Key] - HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014} Deleted: [Key] - HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014} Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[S0].txt - [4809 B] - [2018/3/11 22:27:29] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ########## Resultado do ZHPCleaner: ~ ZHPCleaner v2018.3.10.49 by Nicolas Coolman (2018/03/10) ~ Run by Newton (Administrator) (11/03/2018 19:38:24) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\newto\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\newto\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Pro, 64-bit (Build 14393) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (21) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (23) MOVED file: C:\Users\newto\Desktop\Popcorn Time Community.lnk [Bad : C:\Users\newto\AppData\Local\Popcorn Time Community\nw.exe](..) =>.SUP.PopcornTime MOVED file: C:\Windows\Prefetch\DREAMCOMPRESS.SCR-D588B788.pf =>Adware.DreamCompress MOVED file: C:\Windows\Prefetch\DRIVERAGENTPLUSHELPER.EXE-6B6182E1.pf =>.SUP.DriverAgentPlus MOVED file: C:\Windows\Prefetch\FASTDATAX.EXE-6DCFFCE4.pf =>Adware.FastDataX MOVED file: C:\Windows\Prefetch\FASTDATAX.EXE-81C68C71.pf =>Adware.FastDataX MOVED file: C:\Windows\Prefetch\ONESYSTEMCARE.EXE-01325AB5.pf =>PUP.Optional.OneSystemCare MOVED file: C:\Windows\Prefetch\ONESYSTEMCARE.EXE-14BB5A1F.pf =>PUP.Optional.OneSystemCare MOVED file: C:\Windows\Prefetch\ONESYSTEMCARE.EXE-420009DF.pf =>PUP.Optional.OneSystemCare MOVED file: C:\Windows\Prefetch\ONESYSTEMCARE.TMP-121832C1.pf =>PUP.Optional.OneSystemCare MOVED file: C:\Windows\Prefetch\PCSULAUNCHER.EXE-02DD3733.pf =>.SUP.PCSpeedUp MOVED file: C:\Windows\Prefetch\PCSUNOTIFIER.EXE-25D38259.pf =>.SUP.PCSpeedUp MOVED file: C:\Windows\Prefetch\PCSUSD.EXE-27F3A46C.pf =>.SUP.PCSpeedUp MOVED file: C:\Windows\Prefetch\PCSUSERVICE.EXE-805CC30E.pf =>.SUP.PCSpeedUp MOVED file: C:\Windows\Prefetch\PCSUSPEEDTEST.EXE-EA24772E.pf =>.SUP.PCSpeedUp MOVED file: C:\Windows\Prefetch\PCSUUCC.EXE-2B43BF08.pf =>.SUP.PCSpeedUp MOVED file: C:\Windows\Prefetch\QUOTEEX.EXE-6844FE42.pf =>PUP.Optional.Graftor MOVED file: C:\Windows\Prefetch\SPEEDCHECKERSERVICE.EXE-7AC73C65.pf =>PUP.Optional.InternetSpeedChecker MOVED file: C:\Windows\Prefetch\YEADESKTOP.EXE-6C70B166.pf =>Trojan.Zusy MOVED folder*: C:\Program Files\KMSpico =>HackTool.KMSpico MOVED folder*: C:\Users\newto\AppData\Local\Popcorn Time =>.SUP.PopcornTime MOVED folder*: C:\Users\newto\AppData\Local\Popcorn Time Community =>.SUP.PopcornTime MOVED folder*: C:\Users\newto\AppData\Local\Popcorn-Time-Community =>.SUP.PopcornTime MOVED folder*: C:\Users\newto\AppData\Local\Microsoft Toolkit =>HackTool.AutoKMS ---\\ Registry ( Key, Value, Data) (9) DELETED key*: HKEY_USERS\S-1-5-21-2947653566-3263547115-4119004596-1001\SOFTWARE\eSupport.com [] =>PUP.Optional.eSupport DELETED key: HKCU\Software\eSupport.com [] =>PUP.Optional.eSupport DELETED key*: HKCU\Software\webservice [] =>PUP.Optional.BitCoinMiner DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\RZSURROUNDVADService [] =>Trojan.AdService DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\QuoteexU [] =>PUP.Optional.Graftor DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23E4C6D00564386418B357E6097ECF3E [02:\Software\Microleaves\ (Not File)] =>.SUP.Microleaves DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2AE9B3C0743B7184F8583F011120670B [02:\Software\Microleaves\Online.io Application\Version (Not File)] =>.SUP.Microleaves DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Popcorn Time Community 0.3.8-6 [Popcorn Time Community] =>.SUP.PopcornTime DELETED key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\QuoteexU [] =>PUP.Optional.Graftor ---\\ Summary of the elements found (15) https://nicolascoolman.eu/2017/02/26/superfluous-popcorntime/ =>.SUP.PopcornTime https://nicolascoolman.eu/2017/09/18/adware-dreamcompress/ =>Adware.DreamCompress https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.DriverAgentPlus https://nicolascoolman.eu/2017/06/21/adware-fastdatax/ =>Adware.FastDataX https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.OneSystemCare https://nicolascoolman.eu/2017/03/05/superfluous-pcspeeduppro/ =>.SUP.PCSpeedUp https://nicolascoolman.eu/2017/03/30/adware-graftor/ =>PUP.Optional.Graftor https://www.anti-malware.top/2016/05/02/pup-optional-internetspeedchecker/ =>PUP.Optional.InternetSpeedChecker https://nicolascoolman.eu/2017/10/24/trojan-zusy/ =>Trojan.Zusy https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.eSupport https://nicolascoolman.eu/2017/09/14/pup-optional-bitcoinminer/ =>PUP.Optional.BitCoinMiner https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Trojan.AdService https://nicolascoolman.eu/2017/12/24/sup-microleaves/ =>.SUP.Microleaves ---\\ Other deletions. (40) ~ Registry Keys Tracing deleted (40) ~ Remove the old reports ZHPCleaner. (0) ---\\ Result of repair ~ Repair carried out successfully ~ Browser not found (Mozilla Firefox) ~ Browser not found (Opera Software) ---\\ Statistics ~ Items scanned : 692 ~ Items found : 0 ~ Items cancelled : 0 ~ Items options : 0/7 ~ Space saving (bytes) : 0 ~ End of clean in 00h01mn01s ---\\ Reports (2) ZHPCleaner--11032018-19_36_48.txt ZHPCleaner-[R]-11032018-19_39_25.txt adicionado 19 minutos depois Resultado do AdwCleaner: # AdwCleaner 7.0.8.0 - Logfile created on Sun Mar 11 22:27:47 2018 # Updated on 2018/08/02 by Malwarebytes # Running on Windows 10 Pro (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services deleted. ***** [ Folders ] ***** Deleted: C:\Windows\System32\\SSL Deleted: C:\Windows\SysWOW64\\SSL Deleted: C:\Users\newto\AppData\Roaming\Hola Deleted: C:\Users\newto\AppData\Local\DriverToolkit Deleted: C:\Users\Public\Documents\Downloaded Installers Deleted: C:\Users\newto\AppData\Local\AdvinstAnalytics Deleted: C:\Users\newto\AppData\Local\slimware utilities inc Deleted: C:\Users\newto\AppData\Local\SlimWare Utilities Inc Deleted: C:\Users\newto\AppData\Roaming\FastDataX Deleted: C:\Program Files\Enigma Software Group Deleted: C:\Users\newto\AppData\Roaming\Enigma Software Group Deleted: C:\sh4ldr Deleted: C:\sh4ldr Deleted: C:\ProgramData\DreamScreen Deleted: C:\Users\All Users\DreamScreen Deleted: C:\Users\newto\AppData\Roaming\DreamScreen Deleted: C:\Users\Todos os Usuários\DreamScreen Deleted: C:\ProgramData\DreamCompress Deleted: C:\Users\All Users\DreamCompress Deleted: C:\Users\Todos os Usuários\DreamCompress ***** [ Files ] ***** No malicious files deleted. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{1CC4815C-5561-4DCD-A4A2-1DC5ADA3B1DC}C:\users\newto\appdata\local\popcorn time community\nw.exe Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{3A80A77C-6E77-4DFF-9E5F-B05B71B81877}C:\users\newto\appdata\local\popcorn time community\nw.exe Deleted: [Key] - HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\Software\PopWnd Deleted: [Key] - HKCU\Software\PopWnd Deleted: [Key] - HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\Software\DriverToolkit Deleted: [Key] - HKCU\Software\DriverToolkit Deleted: [Key] - HKLM\SOFTWARE\Hola Deleted: [Key] - HKU\.DEFAULT\Software\Hola Deleted: [Key] - HKU\S-1-5-18\Software\Hola Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A} Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application Deleted: [Key] - HKLM\SOFTWARE\SlimWare Utilities Inc Deleted: [Key] - HKU\S-1-5-21-2947653566-3263547115-4119004596-1001\Software\SlimWare Utilities Inc Deleted: [Key] - HKCU\Software\SlimWare Utilities Inc Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Quoteex.exe Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater Deleted: [Key] - HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014} Deleted: [Key] - HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014} Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[S0].txt - [4809 B] - [2018/3/11 22:27:29] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ########## Resultado do ZHPCleaner: ~ ZHPCleaner v2018.3.10.49 by Nicolas Coolman (2018/03/10) ~ Run by Newton (Administrator) (11/03/2018 19:38:24) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\newto\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\newto\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Pro, 64-bit (Build 14393) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (21) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (23) MOVED file: C:\Users\newto\Desktop\Popcorn Time Community.lnk [Bad : C:\Users\newto\AppData\Local\Popcorn Time Community\nw.exe](..) =>.SUP.PopcornTime MOVED file: C:\Windows\Prefetch\DREAMCOMPRESS.SCR-D588B788.pf =>Adware.DreamCompress MOVED file: C:\Windows\Prefetch\DRIVERAGENTPLUSHELPER.EXE-6B6182E1.pf =>.SUP.DriverAgentPlus MOVED file: C:\Windows\Prefetch\FASTDATAX.EXE-6DCFFCE4.pf =>Adware.FastDataX MOVED file: C:\Windows\Prefetch\FASTDATAX.EXE-81C68C71.pf =>Adware.FastDataX MOVED file: C:\Windows\Prefetch\ONESYSTEMCARE.EXE-01325AB5.pf =>PUP.Optional.OneSystemCare MOVED file: C:\Windows\Prefetch\ONESYSTEMCARE.EXE-14BB5A1F.pf =>PUP.Optional.OneSystemCare MOVED file: C:\Windows\Prefetch\ONESYSTEMCARE.EXE-420009DF.pf =>PUP.Optional.OneSystemCare MOVED file: C:\Windows\Prefetch\ONESYSTEMCARE.TMP-121832C1.pf =>PUP.Optional.OneSystemCare MOVED file: C:\Windows\Prefetch\PCSULAUNCHER.EXE-02DD3733.pf =>.SUP.PCSpeedUp MOVED file: C:\Windows\Prefetch\PCSUNOTIFIER.EXE-25D38259.pf =>.SUP.PCSpeedUp MOVED file: C:\Windows\Prefetch\PCSUSD.EXE-27F3A46C.pf =>.SUP.PCSpeedUp MOVED file: C:\Windows\Prefetch\PCSUSERVICE.EXE-805CC30E.pf =>.SUP.PCSpeedUp MOVED file: C:\Windows\Prefetch\PCSUSPEEDTEST.EXE-EA24772E.pf =>.SUP.PCSpeedUp MOVED file: C:\Windows\Prefetch\PCSUUCC.EXE-2B43BF08.pf =>.SUP.PCSpeedUp MOVED file: C:\Windows\Prefetch\QUOTEEX.EXE-6844FE42.pf =>PUP.Optional.Graftor MOVED file: C:\Windows\Prefetch\SPEEDCHECKERSERVICE.EXE-7AC73C65.pf =>PUP.Optional.InternetSpeedChecker MOVED file: C:\Windows\Prefetch\YEADESKTOP.EXE-6C70B166.pf =>Trojan.Zusy MOVED folder*: C:\Program Files\KMSpico =>HackTool.KMSpico MOVED folder*: C:\Users\newto\AppData\Local\Popcorn Time =>.SUP.PopcornTime MOVED folder*: C:\Users\newto\AppData\Local\Popcorn Time Community =>.SUP.PopcornTime MOVED folder*: C:\Users\newto\AppData\Local\Popcorn-Time-Community =>.SUP.PopcornTime MOVED folder*: C:\Users\newto\AppData\Local\Microsoft Toolkit =>HackTool.AutoKMS ---\\ Registry ( Key, Value, Data) (9) DELETED key*: HKEY_USERS\S-1-5-21-2947653566-3263547115-4119004596-1001\SOFTWARE\eSupport.com [] =>PUP.Optional.eSupport DELETED key: HKCU\Software\eSupport.com [] =>PUP.Optional.eSupport DELETED key*: HKCU\Software\webservice [] =>PUP.Optional.BitCoinMiner DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\RZSURROUNDVADService [] =>Trojan.AdService DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\QuoteexU [] =>PUP.Optional.Graftor DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23E4C6D00564386418B357E6097ECF3E [02:\Software\Microleaves\ (Not File)] =>.SUP.Microleaves DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2AE9B3C0743B7184F8583F011120670B [02:\Software\Microleaves\Online.io Application\Version (Not File)] =>.SUP.Microleaves DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Popcorn Time Community 0.3.8-6 [Popcorn Time Community] =>.SUP.PopcornTime DELETED key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\QuoteexU [] =>PUP.Optional.Graftor ---\\ Summary of the elements found (15) https://nicolascoolman.eu/2017/02/26/superfluous-popcorntime/ =>.SUP.PopcornTime https://nicolascoolman.eu/2017/09/18/adware-dreamcompress/ =>Adware.DreamCompress https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.DriverAgentPlus https://nicolascoolman.eu/2017/06/21/adware-fastdatax/ =>Adware.FastDataX https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.OneSystemCare https://nicolascoolman.eu/2017/03/05/superfluous-pcspeeduppro/ =>.SUP.PCSpeedUp https://nicolascoolman.eu/2017/03/30/adware-graftor/ =>PUP.Optional.Graftor https://www.anti-malware.top/2016/05/02/pup-optional-internetspeedchecker/ =>PUP.Optional.InternetSpeedChecker https://nicolascoolman.eu/2017/10/24/trojan-zusy/ =>Trojan.Zusy https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.eSupport https://nicolascoolman.eu/2017/09/14/pup-optional-bitcoinminer/ =>PUP.Optional.BitCoinMiner https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Trojan.AdService https://nicolascoolman.eu/2017/12/24/sup-microleaves/ =>.SUP.Microleaves ---\\ Other deletions. (40) ~ Registry Keys Tracing deleted (40) ~ Remove the old reports ZHPCleaner. (0) ---\\ Result of repair ~ Repair carried out successfully ~ Browser not found (Mozilla Firefox) ~ Browser not found (Opera Software) ---\\ Statistics ~ Items scanned : 692 ~ Items found : 0 ~ Items cancelled : 0 ~ Items options : 0/7 ~ Space saving (bytes) : 0 ~ End of clean in 00h01mn01s ---\\ Reports (2) ZHPCleaner--11032018-19_36_48.txt ZHPCleaner-[R]-11032018-19_39_25.txt O xmrig.exe continua lá :/ (não sei porque está sublinhado)
  8. Esse arquivo está na pasta C:\Users\Eu\AppData\Local\Temp Meu antivirus e/ou o Malwarebytes encontram ele, removem, mas ele volta logo em seguida, sempre! E assim fica num loop infinito :/ Alguma solução?
  9. @xmauro mas elas não são uteis?
  10. Montei meu PC ontem e hoje notei o seguinte: https://puu.sh/sMzgy/9de6862ef0.png O Disco C (SSD onde está instalado o Windows) fica o tempo todo em 100% de uso, mas não há nenhuma perda de desempenho, já joguei inclusive e nada. Abri o Monitor de Recursos e o Processo que está gerando todo esse uso é o System: https://puu.sh/sMzhN/e7d4308831.png lguém sabe qual o problema e/ou como resolver? Porque por mais que não cause perda de desempenho, este bug está usando Velocidade de Gravação do SSD
  11. @Viajante Spock como faço isso pelo setup? não tenho a menor noção de como fazer manualmente, tem a ver com a bateria da placa-mãe e jumper né?
  12. Boa Noite, Agora a pouco, houve uma queda de energia enquanto eu estava no PC (ele é ligado em estabilizador e filtro de linha), e quando voltou o Windows não queria mais iniciar. Entrei então na BIOS e vi que meu SSD (onde está o Windows) não estava sendo reconhecido, no lugar do nome dele (Kingston) aparece o nome IBA GE Slot 00c8 v1 (http://imgur.com/54jjfiz,6I51wCg) Pensei então: f*deu, queimou o SSD! Mas quando reiniciei o PC, o Windows entrou em modo de reparo (retornando a mensagem inaccessible_boot_device) E consegui entrar no PC pelo modo de segurança, ou seja, o SSD não queimou. Como eu resolvo isso? Só consigo iniciar o Windows pelo Modo de Segurança, não consigo iniciar pelo modo normal pois o SSD não é reconhecido pela BIOS. Obrigado.
  13. Boa Noite, Agora a pouco, houve uma queda de energia enquanto eu estava no PC (ele é ligado em estabilizador e filtro de linha), e quando voltou o Windows não queria mais iniciar. Entrei então na BIOS e vi que meu SSD (onde está o Windows) não estava sendo reconhecido, no lugar do nome dele (Kingston) aparece o nome IBA GE Slot 00c8 v1 (http://imgur.com/54jjfiz,6I51wCg) Pensei então: f*deu, queimou o SSD! Mas quando reiniciei o PC, o Windows entrou em modo de reparo (retornando a mensagem inaccessible_boot_device) E consegui entrar no PC pelo modo de segurança, ou seja, o SSD não queimou. Como eu resolvo isso? Só consigo iniciar o Windows pelo Modo de Segurança, não consigo iniciar pelo modo normal pois o SSD não é reconhecido pela BIOS. Obrigado.

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×