Ir ao conteúdo
  • Comunicados

    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.

jones awoki limas

Membros Plenos
  • Total de itens

    20
  • Registro em

  • Última visita

  • Qualificações

    0%

Reputação

0

Informações gerais

  • Cidade e Estado
    baependi/mg
  • Sexo
    Masculino
  1. Bom dia Elias, Fiz conforme você orientou. Reiniciei o Pc. Passei o Scan e não acusou mais nenhum trojan ou virus. Obrigado por toda ajuda neste processo. valeu.
  2. Olá Elias segue log: 16:00:53.0675 5776 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 16:00:53.0675 5776 UEFI system 16:00:55.0358 5776 ============================================================ 16:00:55.0358 5776 Current date / time: 2018/03/05 16:00:55.0358 16:00:55.0358 5776 SystemInfo: 16:00:55.0358 5776 16:00:55.0358 5776 OS Version: 6.2.9200 ServicePack: 0.0 16:00:55.0358 5776 Product type: Workstation 16:00:55.0358 5776 ComputerName: JONES 16:00:55.0359 5776 UserName: Vanessa Musso 16:00:55.0359 5776 Windows directory: C:\WINDOWS 16:00:55.0359 5776 System windows directory: C:\WINDOWS 16:00:55.0359 5776 Running under WOW64 16:00:55.0359 5776 Processor architecture: Intel x64 16:00:55.0359 5776 Number of processors: 2 16:00:55.0359 5776 Page size: 0x1000 16:00:55.0359 5776 Boot type: Normal boot 16:00:55.0359 5776 ============================================================ 16:00:55.0947 5776 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 16:00:55.0961 5776 ============================================================ 16:00:55.0961 5776 \Device\Harddisk0\DR0: 16:00:55.0962 5776 GPT partitions: 16:00:55.0962 5776 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {937E15BF-B1C0-4E2E-A3C4-DC65E8207F5D}, Name: Basic_data_partition, StartLBA 0x800, BlocksNum 0x96000 16:00:55.0962 5776 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {C3A4E2A6-4AB7-440F-B623-E7BF5C5D76CE}, Name: EFI_system_partition, StartLBA 0x96800, BlocksNum 0x82000 16:00:55.0962 5776 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {F5FF92BD-E51F-4FC5-B47B-88D4F3A06C6F}, Name: Microsoft_reserved_partition, StartLBA 0x118800, BlocksNum 0x40000 16:00:55.0963 5776 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D0F7967F-4E04-4FFD-9CB7-9E117E4C509B}, Name: Basic_data_partition, StartLBA 0x158800, BlocksNum 0x3822502F 16:00:55.0963 5776 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {08248C0D-935C-46AC-9AC1-ACC261423C39}, Name: , StartLBA 0x3837E000, BlocksNum 0xE1000 16:00:55.0963 5776 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {99C84813-371E-4594-BF5C-B7F43BDB27B0}, Name: Basic_data_partition, StartLBA 0x3845F000, BlocksNum 0x1F26830 16:00:55.0963 5776 MBR partitions: 16:00:55.0963 5776 ============================================================ 16:00:55.0980 5776 C: <-> \Device\Harddisk0\DR0\Partition4 16:00:55.0981 5776 ============================================================ 16:00:55.0981 5776 Initialize success 16:00:55.0981 5776 ============================================================ 16:01:02.0267 5584 ============================================================ 16:01:02.0267 5584 Scan started 16:01:02.0267 5584 Mode: Manual; SigCheck; TDLFS; 16:01:02.0267 5584 ============================================================ 16:01:02.0714 5584 ================ Scan system memory ======================== 16:01:02.0715 5584 System memory - ok 16:01:02.0716 5584 ================ Scan services ============================= 16:01:02.0962 5584 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys 16:01:03.0254 5584 1394ohci - ok 16:01:03.0293 5584 [ AD508A1A46EC21B740AB31C28EFDFDB1 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys 16:01:03.0414 5584 3ware - ok 16:01:03.0479 5584 [ E796AE43DDD1844281DB4D57294D17C0 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys 16:01:03.0656 5584 ACPI - ok 16:01:03.0708 5584 [ AC8279D229398BCF05C3154ADCA86813 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys 16:01:03.0828 5584 acpiex - ok 16:01:03.0855 5584 [ A8970D9BF23CD309E0403978A1B58F3F ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys 16:01:04.0007 5584 acpipagr - ok 16:01:04.0058 5584 [ 111A89C99C5B4F1A7BCE5F643DD86F65 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys 16:01:04.0215 5584 AcpiPmi - ok 16:01:04.0244 5584 [ 5758387D68A20AE7D3245011B07E36E7 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys 16:01:04.0392 5584 acpitime - ok 16:01:04.0545 5584 [ CA805DA983594B01F3554464B2E5158F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 16:01:04.0582 5584 AdobeARMservice - ok 16:01:04.0689 5584 [ 8532B30A054D83614A90D24AD61A29DF ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe 16:01:04.0747 5584 AdobeUpdateService - ok 16:01:04.0817 5584 [ 7C1FDF1B48298CBA7CE4BDD4978951AD ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS 16:01:04.0974 5584 ADP80XX - ok 16:01:05.0027 5584 [ BCD58DACAA1EAAADC115EDD940478F6D ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll 16:01:05.0098 5584 AeLookupSvc - ok 16:01:05.0151 5584 [ 2CD583BC31DBAAF0F180D8B32F6D261F ] AFD C:\WINDOWS\system32\drivers\afd.sys 16:01:05.0344 5584 AFD - ok 16:01:05.0390 5584 [ 7DFAEBA9AD62D20102B576D5CAC45EC8 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys 16:01:05.0501 5584 agp440 - ok 16:01:05.0639 5584 [ 58A5D48F16E89575C21C0B14A15D4383 ] AGSService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe 16:01:05.0787 5584 AGSService - ok 16:01:05.0845 5584 [ FE14D249D39368CA62D8DA6BC94AC694 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys 16:01:06.0028 5584 ahcache - ok 16:01:06.0080 5584 [ 14A45BE6F5678339F0EC5752D9849410 ] ALG C:\WINDOWS\System32\alg.exe 16:01:06.0139 5584 ALG - ok 16:01:06.0157 5584 [ 7589DE749DB6F71A68489DCE04158729 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys 16:01:06.0322 5584 AmdK8 - ok 16:01:06.0370 5584 [ B46D2D89AFF8A9490FA8C98C7A5616E3 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys 16:01:06.0511 5584 AmdPPM - ok 16:01:06.0539 5584 [ D2BF2F94A47D332814910FD47C6BBCD2 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys 16:01:06.0645 5584 amdsata - ok 16:01:06.0693 5584 [ A8E04943C7BBA7219AA50400272C3C6E ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys 16:01:06.0831 5584 amdsbs - ok 16:01:06.0856 5584 [ CEA5F4F27CFC08E3A44D576811B35F50 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys 16:01:06.0958 5584 amdxata - ok 16:01:07.0007 5584 [ 5A65CED67889CBDBC807791E530C0F1E ] AppID C:\WINDOWS\system32\drivers\appid.sys 16:01:07.0181 5584 AppID - ok 16:01:07.0224 5584 [ 942C8297400FCFB13CEE3F3CD89C5CE5 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll 16:01:07.0289 5584 AppIDSvc - ok 16:01:07.0339 5584 [ 54ACF58A59A5FD3AD29EABBECA5B5BA4 ] Appinfo C:\WINDOWS\System32\appinfo.dll 16:01:07.0427 5584 Appinfo - ok 16:01:07.0504 5584 [ 35E28923A23ADABAA5A1B43256D0AB58 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll 16:01:07.0601 5584 AppReadiness - ok 16:01:07.0681 5584 [ E0F846ADE7DED88981D0908DE56FF160 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll 16:01:07.0816 5584 AppXSvc - ok 16:01:07.0870 5584 [ 65045784366F7EC5FB4E71BCF923187B ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys 16:01:07.0994 5584 arcsas - ok 16:01:08.0039 5584 [ 99A8C4ADE17B9CF2B5373E5BDE354DC4 ] aswArPot C:\WINDOWS\system32\drivers\aswArPot.sys 16:01:08.0331 5584 aswArPot - ok 16:01:08.0781 5584 [ A13586710C5CFFD09CDB78C05A9CC0B3 ] aswbIDSAgent C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe 16:01:09.0243 5584 aswbIDSAgent - ok 16:01:09.0295 5584 [ 9E3CAA4E0E81BDC0E529BF3B32F9A08F ] aswbidsdriver C:\WINDOWS\system32\drivers\aswbidsdrivera.sys 16:01:09.0381 5584 aswbidsdriver - ok 16:01:09.0426 5584 [ FD31AC49D034541FF25BD6B158153035 ] aswbidsh C:\WINDOWS\system32\drivers\aswbidsha.sys 16:01:09.0562 5584 aswbidsh - ok 16:01:09.0599 5584 [ 47DF29AA4FBE5A290B309D7F9109233E ] aswblog C:\WINDOWS\system32\drivers\aswbloga.sys 16:01:09.0691 5584 aswblog - ok 16:01:09.0729 5584 [ 0C9979B3B4B8472EB4286DFBBE37DEDA ] aswbuniv C:\WINDOWS\system32\drivers\aswbuniva.sys 16:01:09.0802 5584 aswbuniv - ok 16:01:09.0855 5584 [ A3B07E62979505688581D55182F5E617 ] aswHdsKe C:\WINDOWS\system32\drivers\aswHdsKe.sys 16:01:09.0899 5584 aswHdsKe - ok 16:01:09.0927 5584 [ E4BCCBD78DB4DEC414DE4F1578328B24 ] aswHwid C:\WINDOWS\system32\drivers\aswHwid.sys 16:01:10.0093 5584 aswHwid - ok 16:01:10.0129 5584 [ 5E6FD2CB74138C6AF591779D2619BD6C ] aswKbd C:\WINDOWS\system32\drivers\aswKbd.sys 16:01:10.0235 5584 aswKbd - ok 16:01:10.0277 5584 [ 96A7DBC6B971CBFF8322AEE66EA671F9 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys 16:01:10.0389 5584 aswMonFlt - ok 16:01:10.0429 5584 [ A47527A8E9A5BD0C30703BD90DC5D4FF ] aswRdr C:\WINDOWS\system32\drivers\aswRdr2.sys 16:01:10.0534 5584 aswRdr - ok 16:01:10.0576 5584 [ A9D1665A18B3C7B763C1A4CF7AB1DD09 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys 16:01:10.0685 5584 aswRvrt - ok 16:01:10.0753 5584 [ B05F534A31CE10355A0F25DAED14CA3E ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys 16:01:10.0921 5584 aswSnx - ok 16:01:10.0997 5584 [ 3687CDF17F8BBB6134BC1C289674564D ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys 16:01:11.0131 5584 aswSP - ok 16:01:11.0185 5584 [ CFC4326AC78CCAB412D4729DB38946DF ] aswStm C:\WINDOWS\system32\drivers\aswStm.sys 16:01:11.0229 5584 aswStm - ok 16:01:11.0278 5584 [ 0B2CB619C6A36A9490C251E2A15E92C4 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys 16:01:11.0456 5584 aswVmm - ok 16:01:11.0476 5584 [ 3DB7721F06BC2FEDB25029EA23AB27DA ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 16:01:11.0673 5584 AsyncMac - ok 16:01:11.0697 5584 [ 74B14192CF79A72F7536B27CB8814FBD ] atapi C:\WINDOWS\system32\drivers\atapi.sys 16:01:11.0794 5584 atapi - ok 16:01:11.0833 5584 [ 431FE56F5A2F5937994CB2DA330B47DB ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll 16:01:11.0924 5584 AudioEndpointBuilder - ok 16:01:11.0978 5584 [ 0F03CC00645D7F841879A048787D6AC7 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll 16:01:12.0071 5584 Audiosrv - ok 16:01:12.0118 5584 [ 2C4CED727FAC83B0FFA005421DC55FC7 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe 16:01:12.0232 5584 avast! Antivirus - ok 16:01:12.0272 5584 [ 3C6ED74AF41DD1A5585CE5EF3D00915F ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll 16:01:12.0343 5584 AxInstSV - ok 16:01:12.0419 5584 [ A4A73F631FE2AA2826FBE4A399B04DEF ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys 16:01:12.0606 5584 b06bdrv - ok 16:01:12.0676 5584 [ 8CC7F7E4AFCBA605921B137ED7992C68 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys 16:01:12.0872 5584 BasicDisplay - ok 16:01:12.0925 5584 [ BF002CF6CA41491665F7D3DCA51B7EFB ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys 16:01:13.0122 5584 BasicRender - ok 16:01:13.0195 5584 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys 16:01:13.0286 5584 bcmfn2 - ok 16:01:13.0328 5584 [ 174394F4EF93C117BF7BE3878046A1B1 ] BDESVC C:\WINDOWS\System32\bdesvc.dll 16:01:13.0444 5584 BDESVC - ok 16:01:13.0492 5584 [ EC19013E4CF87609534165DF897274D6 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 16:01:13.0798 5584 Beep - ok 16:01:13.0859 5584 [ 4BA5C192E77375B62D603B38B9D99128 ] BFE C:\WINDOWS\System32\bfe.dll 16:01:13.0968 5584 BFE - ok 16:01:14.0041 5584 [ 48554994279BFE17A3D2B00076D0CB1A ] BITS C:\WINDOWS\System32\qmgr.dll 16:01:14.0158 5584 BITS - ok 16:01:14.0214 5584 [ 4938A9236300A356F97E378491EE4844 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys 16:01:14.0350 5584 bowser - ok 16:01:14.0406 5584 [ FA601515FF2B59F25FDD8EDB1D2A1104 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll 16:01:14.0493 5584 BrokerInfrastructure - ok 16:01:14.0557 5584 [ BC111AADACD0BF59D56547461D13AB6E ] Browser C:\WINDOWS\System32\browser.dll 16:01:14.0703 5584 Browser - ok 16:01:14.0751 5584 [ A8F23D453A424FF4DE04989C4727ECC7 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys 16:01:14.0923 5584 BthAvrcpTg - ok 16:01:14.0966 5584 [ 272A62B660A48AEF366F8A1836CED19F ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys 16:01:15.0117 5584 BthHFEnum - ok 16:01:15.0148 5584 [ 71FE2A48E4C93DDB9798C024880B6C07 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys 16:01:15.0273 5584 bthhfhid - ok 16:01:15.0320 5584 [ 9307A4B743D277C499CDA8E19E5687AC ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll 16:01:15.0547 5584 BthHFSrv - ok 16:01:15.0570 5584 [ EF4B9E7C9AD88C00C18A12B0D22D1894 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys 16:01:15.0777 5584 BTHMODEM - ok 16:01:15.0828 5584 [ 043A0F37631BF453F16D478B71320F46 ] bthserv C:\WINDOWS\system32\bthserv.dll 16:01:15.0911 5584 bthserv - ok 16:01:15.0973 5584 [ 2FA6510E33F7DEFEC03658B74101A9B9 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys 16:01:16.0133 5584 cdfs - ok 16:01:16.0179 5584 [ D61EDE3D49B04E703AEC3B111C763F42 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys 16:01:16.0456 5584 cdrom - ok 16:01:16.0503 5584 [ ACFDC4EE40EC6E4A0AB91D923B8288C8 ] CertPropSvc C:\WINDOWS\System32\certprop.dll 16:01:16.0591 5584 CertPropSvc - ok 16:01:16.0638 5584 [ BE9936EDD3267FAAFF94A7835867F00B ] circlass C:\WINDOWS\System32\drivers\circlass.sys 16:01:16.0760 5584 circlass - ok 16:01:16.0824 5584 [ CCAB2A390FF4929F86AFA1F02520A981 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys 16:01:16.0973 5584 CLFS - ok 16:01:17.0043 5584 [ EF6EF85DADC3184A10D8F2F7159973CB ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys 16:01:17.0191 5584 CmBatt - ok 16:01:17.0274 5584 [ 136D2C32FA5E49AF93D4B37D8055F230 ] CNG C:\WINDOWS\system32\Drivers\cng.sys 16:01:17.0372 5584 CNG - ok 16:01:17.0412 5584 [ 03AAED827C36F35D70900558B8274905 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys 16:01:17.0565 5584 CompositeBus - ok 16:01:17.0575 5584 COMSysApp - ok 16:01:17.0609 5584 [ A1FF7DFBFBE164CF92603C651D304DD2 ] condrv C:\WINDOWS\system32\drivers\condrv.sys 16:01:17.0740 5584 condrv - ok 16:01:17.0874 5584 [ D8724B606616B2B75AF54096119580F5 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe 16:01:17.0931 5584 cphs - ok 16:01:17.0997 5584 [ 6324F0D18FB52833BA64BC828E29054C ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll 16:01:18.0066 5584 CryptSvc - ok 16:01:18.0111 5584 [ 315BA4BC19316D72B2E037534E048B93 ] dam C:\WINDOWS\system32\drivers\dam.sys 16:01:18.0214 5584 dam - ok 16:01:18.0360 5584 [ A1F58FFF448E4099297D6EE0641D4D0E ] dbupdate C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe 16:01:18.0394 5584 dbupdate - ok 16:01:18.0404 5584 [ A1F58FFF448E4099297D6EE0641D4D0E ] dbupdatem C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe 16:01:18.0441 5584 dbupdatem - ok 16:01:18.0450 5584 dbx - ok 16:01:18.0484 5584 [ 82398C93E51124E494FFF43C9E39D03D ] DbxSvc C:\WINDOWS\system32\DbxSvc.exe 16:01:18.0517 5584 DbxSvc - ok 16:01:18.0592 5584 [ 2928249E4DD39C2ADD3E74F02427AB8B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 16:01:18.0693 5584 DcomLaunch - ok 16:01:18.0751 5584 [ 95E1ABFB27F8A62ED764805775F0D2F3 ] defragsvc C:\WINDOWS\System32\defragsvc.dll 16:01:18.0870 5584 defragsvc - ok 16:01:18.0928 5584 [ FF086DEF5995558CCB1B5AAC2110195D ] DeviceAssociationService C:\WINDOWS\system32\das.dll 16:01:19.0033 5584 DeviceAssociationService - ok 16:01:19.0082 5584 [ 2C02AFF8383D893F8DBEB07A84F6E77C ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll 16:01:19.0189 5584 DeviceInstall - ok 16:01:19.0244 5584 [ D1049D4D1311D43F6FCF180CAA5BF78B ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys 16:01:19.0387 5584 Dfsc - ok 16:01:19.0439 5584 [ 85137571AEC8AC757D497B9DD30D544D ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys 16:01:19.0551 5584 dg_ssudbus - ok 16:01:19.0605 5584 [ 3EEAADA3125431980E5804ED7143458A ] Dhcp C:\WINDOWS\system32\dhcpcore.dll 16:01:19.0684 5584 Dhcp - ok 16:01:19.0788 5584 [ 0AC9F83A5508935DE89C447473085EEA ] DiagTrack C:\WINDOWS\system32\diagtrack.dll 16:01:19.0959 5584 DiagTrack - ok 16:01:20.0012 5584 [ BF6D8575DDF30384939B2D5251F27C1F ] disk C:\WINDOWS\system32\drivers\disk.sys 16:01:20.0108 5584 disk - ok 16:01:20.0134 5584 [ EB70A894708D1BC176AFD690FF06085F ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys 16:01:20.0249 5584 dmvsc - ok 16:01:20.0290 5584 [ D9F407D006C916B7EC167858F88F13EB ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 16:01:20.0373 5584 Dnscache - ok 16:01:20.0416 5584 [ 811EACBCC7C51A03AE11F13CC27B2AB6 ] dot3svc C:\WINDOWS\System32\dot3svc.dll 16:01:20.0488 5584 dot3svc - ok 16:01:20.0532 5584 [ B99CB575986789A93A683DCF292A43A1 ] DPS C:\WINDOWS\system32\dps.dll 16:01:20.0615 5584 DPS - ok 16:01:20.0652 5584 [ 00C594D5A1DBD22AD8B2902B9F6EFF94 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 16:01:20.0750 5584 drmkaud - ok 16:01:20.0792 5584 [ 263625A4F616538EB867B6306A6590DB ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll 16:01:20.0883 5584 DsmSvc - ok 16:01:20.0997 5584 [ 670E7F15CEEA22C34CED8F4D0EC161BF ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys 16:01:21.0239 5584 DXGKrnl - ok 16:01:21.0280 5584 [ E253530BD5EDE28F1FF6AF93C4D8034D ] Eaphost C:\WINDOWS\System32\eapsvc.dll 16:01:21.0384 5584 Eaphost - ok 16:01:21.0404 5584 EasyAntiCheat - ok 16:01:21.0546 5584 [ 114BCFDF367FF37C3F1B0A96AF542E4D ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys 16:01:21.0834 5584 ebdrv - ok 16:01:21.0873 5584 [ 382100E75B6F4668AEAEF228C6CEFFAD ] EFS C:\WINDOWS\System32\lsass.exe 16:01:21.0916 5584 EFS - ok 16:01:21.0966 5584 [ 43531A5993380CC5113242C29D265FD9 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys 16:01:22.0041 5584 EhStorClass - ok 16:01:22.0061 5584 [ 6F8E738A9505A388B1157FDDE7B3101B ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys 16:01:22.0162 5584 EhStorTcgDrv - ok 16:01:22.0194 5584 [ DFFFAE1442BA4076E18EED5E406FA0D3 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys 16:01:22.0325 5584 ErrDev - ok 16:01:22.0384 5584 [ F383EEDE1E06599105E4B2EFEE5AB7B6 ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys 16:01:22.0503 5584 ETD - ok 16:01:22.0589 5584 [ F00C593994D57C75273F820653440536 ] EventSystem C:\WINDOWS\system32\es.dll 16:01:22.0679 5584 EventSystem - ok 16:01:22.0731 5584 [ 7729D294A555C7AEB281ED8E4D0E01E4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys 16:01:22.0890 5584 exfat - ok 16:01:22.0915 5584 [ 7C4E0D5900B2A1D11EDD626D6DDB937B ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys 16:01:23.0030 5584 fastfat - ok 16:01:23.0091 5584 [ 304B6AEC4639A7CCCCF544C6BA6177B2 ] Fax C:\WINDOWS\system32\fxssvc.exe 16:01:23.0206 5584 Fax - ok 16:01:23.0236 5584 [ 5D8402613E778B3BD45E687A8372710B ] fdc C:\WINDOWS\System32\drivers\fdc.sys 16:01:23.0357 5584 fdc - ok 16:01:23.0412 5584 [ 020D2F29009F893ADEFF4405B4B44565 ] fdPHost C:\WINDOWS\system32\fdPHost.dll 16:01:23.0508 5584 fdPHost - ok 16:01:23.0555 5584 [ E80D2EDD2F88B6E20076A0A4F5A5A245 ] FDResPub C:\WINDOWS\system32\fdrespub.dll 16:01:23.0620 5584 FDResPub - ok 16:01:23.0670 5584 [ 47AB7D16EDE434B934AA4D661456C2D5 ] fhsvc C:\WINDOWS\system32\fhsvc.dll 16:01:23.0765 5584 fhsvc - ok 16:01:23.0813 5584 [ BCFD8B149B3ADF92D0DB1E909CAF0265 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys 16:01:23.0898 5584 FileInfo - ok 16:01:23.0930 5584 [ A1A66C4FDAFD6B0289523232AFB7D8AF ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys 16:01:24.0086 5584 Filetrace - ok 16:01:24.0170 5584 FirebirdGuardianDefaultInstance - ok 16:01:24.0176 5584 FirebirdServerDefaultInstance - ok 16:01:24.0225 5584 [ BE743083CF7063C486A4398E3AEFE59A ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys 16:01:24.0355 5584 flpydisk - ok 16:01:24.0401 5584 [ E8F02B7A595B9E7F0A38BDB1C40C60A5 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 16:01:24.0491 5584 FltMgr - ok 16:01:24.0561 5584 [ 223CD19D2F84B7B42081F4FB530B658F ] FontCache C:\WINDOWS\system32\FntCache.dll 16:01:24.0721 5584 FontCache - ok 16:01:24.0908 5584 [ 1C52387BF5A127F5F3BFB31288F30D93 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 16:01:24.0966 5584 FontCache3.0.0.0 - ok 16:01:25.0016 5584 [ A7C31B168F371E8E6796219F23E354DB ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys 16:01:25.0083 5584 FsDepends - ok 16:01:25.0113 5584 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 16:01:25.0206 5584 Fs_Rec - ok 16:01:25.0265 5584 [ B25A3FD917CB8F77CA5A70861D84671A ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys 16:01:25.0431 5584 fvevol - ok 16:01:25.0474 5584 [ 9591D0B9351ED489EAFD9D1CE52A8015 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys 16:01:25.0677 5584 FxPPM - ok 16:01:25.0725 5584 [ FC3EF65EE20D39F8749C2218DBA681CA ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys 16:01:25.0829 5584 gagp30kx - ok 16:01:25.0867 5584 [ 0BF5CAD281E25F1418E5B8875DC5ADD1 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys 16:01:25.0987 5584 gencounter - ok 16:01:26.0019 5584 [ 8DF1254093B5C354CE725EB6B9B0DE19 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys 16:01:26.0142 5584 GPIOClx0101 - ok 16:01:26.0193 5584 [ 2DAFF4F76A90E3C523C2FE50338537E9 ] gpsvc C:\WINDOWS\System32\gpsvc.dll 16:01:26.0299 5584 gpsvc - ok 16:01:26.0371 5584 [ 605CCC9CE1839BC5583017DF7CAE27A6 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 16:01:26.0405 5584 gupdate - ok 16:01:26.0415 5584 [ 605CCC9CE1839BC5583017DF7CAE27A6 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 16:01:26.0447 5584 gupdatem - ok 16:01:26.0472 5584 [ D4B7ED39C7900384D9E5C1283F1E7926 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys 16:01:26.0615 5584 HDAudBus - ok 16:01:26.0653 5584 [ 10A70BC1871CD955D85CD88372724906 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys 16:01:26.0777 5584 HidBatt - ok 16:01:26.0827 5584 [ 42F88B57CAE42FC10059C887B3FCFCEA ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys 16:01:26.0976 5584 HidBth - ok 16:01:27.0026 5584 [ C241A8BAFBBFC90176EA0F5240EACC17 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys 16:01:27.0135 5584 hidi2c - ok 16:01:27.0190 5584 [ 9BDDEE26255421017E161CCB9D5EDA95 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys 16:01:27.0302 5584 HidIr - ok 16:01:27.0338 5584 [ EA85B5093DF7B5C3E80362B053740AE2 ] hidserv C:\WINDOWS\system32\hidserv.dll 16:01:27.0397 5584 hidserv - ok 16:01:27.0458 5584 [ 49676FEC898AB2A11B157F848269A56E ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys 16:01:27.0629 5584 HidUsb - ok 16:01:27.0680 5584 [ 93C4315F47F8D635C6DB0DF49FCE10EE ] hkmsvc C:\WINDOWS\system32\kmsvc.dll 16:01:27.0771 5584 hkmsvc - ok 16:01:27.0827 5584 [ AC49522ED106BD4B545D6614D71C2445 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll 16:01:27.0945 5584 HomeGroupListener - ok 16:01:28.0026 5584 [ 99932E30CE0283B73BB6E5019E150394 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll 16:01:28.0109 5584 HomeGroupProvider - ok 16:01:28.0156 5584 [ A6AACEA4C785789BDA5912AD1FEDA80D ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys 16:01:28.0259 5584 HpSAMD - ok 16:01:28.0325 5584 [ E45EB7AE6C890F2C8DE8F160AC641C8A ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys 16:01:28.0509 5584 HTTP - ok 16:01:28.0557 5584 [ 90656C0B3864804B090434EFC582404F ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys 16:01:28.0623 5584 hwpolicy - ok 16:01:28.0665 5584 [ 6D6F9E3BF0484967E52F7E846BFF1CA1 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys 16:01:28.0793 5584 hyperkbd - ok 16:01:28.0820 5584 [ 907C870F8C31F8DDD6F090857B46AB25 ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys 16:01:28.0975 5584 HyperVideo - ok 16:01:29.0027 5584 [ 49EE0AE9E5B64FFBBD06D55C4984B598 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys 16:01:29.0253 5584 i8042prt - ok 16:01:29.0323 5584 [ 5D90E32E36CE5D4C535D17CE08AEAF05 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 16:01:29.0437 5584 iaLPSSi_GPIO - ok 16:01:29.0459 5584 [ DD05E7E80F52ADE9AEB292819920F32C ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys 16:01:29.0578 5584 iaLPSSi_I2C - ok 16:01:29.0638 5584 [ 6C91E425ACE29594BD574DE38AC9B76D ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys 16:01:29.0867 5584 iaStorA - ok 16:01:29.0924 5584 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys 16:01:30.0055 5584 iaStorAV - ok 16:01:30.0100 5584 [ A2200C3033FA4EF249FC096A7A7D02A2 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys 16:01:30.0240 5584 iaStorV - ok 16:01:30.0406 5584 [ ABEFA4BD23329FD9BD47496BF2E58774 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe 16:01:30.0531 5584 IconMan_R ( UnsignedFile.Multi.Generic ) - warning 16:01:30.0531 5584 IconMan_R - detected UnsignedFile.Multi.Generic (1) 16:01:30.0531 5584 IEEtwCollectorService - ok 16:01:30.0691 5584 [ 076023219E918D34585B231029A44571 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys 16:01:30.0965 5584 igfx - ok 16:01:31.0011 5584 [ C814D4A0B7B91E936B2DC0828C69ACAB ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe 16:01:31.0058 5584 igfxCUIService1.0.0.0 - ok 16:01:31.0138 5584 [ 3B6E74B3BE0CA74525A37B5C8E510084 ] IKEEXT C:\WINDOWS\System32\ikeext.dll 16:01:31.0228 5584 IKEEXT - ok 16:01:31.0322 5584 InstallerService - ok 16:01:31.0463 5584 [ 6BDCC85422817FA53CD705ADE312CE6A ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys 16:01:31.0728 5584 IntcAzAudAddService - ok 16:01:31.0845 5584 [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys 16:01:31.0921 5584 IntcDAud - ok 16:01:32.0027 5584 [ B353F1834FCD36D77BE3F74992C147D4 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe 16:01:32.0066 5584 Intel(R) Capability Licensing Service Interface - ok 16:01:32.0175 5584 [ 5175C772BCD11C9B0471D30535F15F60 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe 16:01:32.0203 5584 Intel(R) ME Service - ok 16:01:32.0321 5584 [ D578C6D8C13E8107394A7CE89A433B6D ] IntelBCAsvc C:\Program Files\Intel\BCA\pabeSvc64.exe 16:01:32.0500 5584 IntelBCAsvc - ok 16:01:32.0537 5584 [ 4E448FCFFD00E8D657CD9E48D3E47157 ] intelide C:\WINDOWS\system32\drivers\intelide.sys 16:01:32.0615 5584 intelide - ok 16:01:32.0672 5584 [ A770340FC02B999EF0DE6C2A6BC8437C ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys 16:01:32.0760 5584 intelpep - ok 16:01:32.0791 5584 [ 47E74A8E53C7C24DCE38311E1451C1D9 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys 16:01:32.0900 5584 intelppm - ok 16:01:32.0947 5584 [ 9DB76D7F9E4E53EFE5DD8C53DE837514 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 16:01:33.0133 5584 IpFilterDriver - ok 16:01:33.0188 5584 [ B452623C1DE60544054E784D94A7AA47 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll 16:01:33.0303 5584 iphlpsvc - ok 16:01:33.0350 5584 [ C800DCD904016B2BF6AB541083770A3A ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys 16:01:33.0506 5584 IPMIDRV - ok 16:01:33.0538 5584 [ B7342B3C58E91107F6E946A93D9D4EFD ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys 16:01:33.0701 5584 IPNAT - ok 16:01:33.0721 5584 [ AE44C526AB5F8A487D941CEB57B10C97 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys 16:01:33.0846 5584 IRENUM - ok 16:01:33.0893 5584 [ 8AFEEA3955AA43616A60F133B1D25F21 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys 16:01:33.0986 5584 isapnp - ok 16:01:34.0049 5584 [ 25A878547BB010C640BB47680D40AF6B ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys 16:01:34.0154 5584 iScsiPrt - ok 16:01:34.0236 5584 [ 622BF9C46A47CF17608C501320E8EFBD ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe 16:01:34.0294 5584 iumsvc - ok 16:01:34.0334 5584 [ A90C843F4FDD7A07129BA73C6BE13976 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys 16:01:34.0463 5584 iwdbus - ok 16:01:34.0494 5584 [ B2AAF45E83CAFA49A34EB2F2D6D7609C ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 16:01:34.0535 5584 jhi_service - ok 16:01:34.0567 5584 [ 5917AFE4A3F695A54B99C1849C8207FE ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys 16:01:34.0647 5584 kbdclass - ok 16:01:34.0679 5584 [ 8CD840A062F6BDF41DDE3ACB96164B72 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys 16:01:34.0804 5584 kbdhid - ok 16:01:34.0835 5584 [ 813871C7D402A05F2E3A7075F9584A05 ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys 16:01:35.0038 5584 kdnic - ok 16:01:35.0069 5584 [ 382100E75B6F4668AEAEF228C6CEFFAD ] KeyIso C:\WINDOWS\system32\lsass.exe 16:01:35.0116 5584 KeyIso - ok 16:01:35.0169 5584 [ 304DA394D958BC3B62AF6DF514005B01 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys 16:01:35.0232 5584 KSecDD - ok 16:01:35.0309 5584 [ 3D4AE520CD6F6FFE549DD195C1F515BE ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys 16:01:35.0402 5584 KSecPkg - ok 16:01:35.0449 5584 [ 11AFB527AA370B1DAFD5C36F35F6D45F ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys 16:01:35.0559 5584 ksthunk - ok 16:01:35.0590 5584 [ C1591A66028C71147A3E2EAB0B1CCB7E ] KtmRm C:\WINDOWS\system32\msdtckrm.dll 16:01:35.0675 5584 KtmRm - ok 16:01:35.0726 5584 [ B75ADC97905F43C7C946F1465A8697BD ] LanmanServer C:\WINDOWS\system32\srvsvc.dll 16:01:35.0909 5584 LanmanServer - ok 16:01:35.0988 5584 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll 16:01:36.0050 5584 LanmanWorkstation - ok 16:01:36.0098 5584 [ 8B9F3796EC1762CF255BDB324E5529C8 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll 16:01:36.0207 5584 lfsvc - ok 16:01:36.0257 5584 [ C09010B3680860131631F53E8FE7BAD8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys 16:01:36.0394 5584 lltdio - ok 16:01:36.0435 5584 [ DAE98CC96C5EE308BF4EA7B18F226CB8 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll 16:01:36.0510 5584 lltdsvc - ok 16:01:36.0558 5584 [ 1E2662D847B7D9995C65D90D254A7E0F ] lmhosts C:\WINDOWS\System32\lmhsvc.dll 16:01:36.0611 5584 lmhosts - ok 16:01:36.0653 5584 [ 9CA9CB0E115418F90FFC67973462280A ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 16:01:36.0693 5584 LMS - ok 16:01:36.0753 5584 [ C755AE4635457AA2A11F79C0DF857ABC ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys 16:01:36.0853 5584 LSI_SAS - ok 16:01:36.0885 5584 [ ADAC09CBE7A2040B7F68B5E5C9A75141 ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys 16:01:36.0998 5584 LSI_SAS2 - ok 16:01:37.0044 5584 [ 04D1274BB9BBCCF12BD12374002AA191 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys 16:01:37.0162 5584 LSI_SAS3 - ok 16:01:37.0196 5584 [ 327469EEF3833D0C584B7E88A76AEC0C ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys 16:01:37.0262 5584 LSI_SSS - ok 16:01:37.0309 5584 [ 9A7A7E45DAED2E8C2816716D8D28236A ] LSM C:\WINDOWS\System32\lsm.dll 16:01:37.0402 5584 LSM - ok 16:01:37.0465 5584 [ B0AF753AF28303BB69C67BD85F06FFC9 ] luafv C:\WINDOWS\system32\drivers\luafv.sys 16:01:37.0636 5584 luafv - ok 16:01:37.0853 5584 [ 734B435E1693386213EEFD4D17A70DEB ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe 16:01:38.0174 5584 MBAMService - ok 16:01:38.0207 5584 [ EB5C03A070F30D64A6DF80E53B22F53F ] megasas C:\WINDOWS\system32\drivers\megasas.sys 16:01:38.0301 5584 megasas - ok 16:01:38.0348 5584 [ F6F13533196DE7A582D422B0241E4363 ] megasr C:\WINDOWS\system32\drivers\megasr.sys 16:01:38.0504 5584 megasr - ok 16:01:38.0551 5584 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys 16:01:38.0645 5584 MEIx64 - ok 16:01:38.0694 5584 [ 99F7BDC6F6476EE79537FD66C76ADF47 ] mfehidk C:\WINDOWS\system32\drivers\mfehidk.sys 16:01:38.0834 5584 mfehidk - ok 16:01:38.0866 5584 [ 11DFAA4C047762AD254CCBF40322A38C ] mferkdet C:\WINDOWS\system32\drivers\mferkdet.sys 16:01:38.0959 5584 mferkdet - ok 16:01:39.0022 5584 [ 2425DF176F07C50363715B9592D305B8 ] mfevtp C:\WINDOWS\system32\mfevtps.exe 16:01:39.0069 5584 mfevtp - ok 16:01:39.0115 5584 [ 4C5179DB61B9E14BEC15CDC4B152B2E9 ] MMCSS C:\WINDOWS\system32\mmcss.dll 16:01:39.0219 5584 MMCSS - ok 16:01:39.0248 5584 [ 8B38C44F69259987C95135C9627E2378 ] Modem C:\WINDOWS\system32\drivers\modem.sys 16:01:39.0377 5584 Modem - ok 16:01:39.0414 5584 [ 601589000CC90F0DF8DA2CC254A3CCC9 ] monitor C:\WINDOWS\System32\drivers\monitor.sys 16:01:39.0540 5584 monitor - ok 16:01:39.0613 5584 [ 2FA536882DDAB801A9440EB208725770 ] Motorola Device Manager C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe 16:01:39.0645 5584 Motorola Device Manager - ok 16:01:39.0676 5584 [ 08374E4E5B8914DE6067CBA99F61E930 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys 16:01:39.0770 5584 mouclass - ok 16:01:39.0785 5584 [ 5FCBAB60598AE119E02B4C27DE6B99EA ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys 16:01:39.0930 5584 mouhid - ok 16:01:39.0984 5584 [ E5E8665272EBCD87A0A632314F0D221D ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys 16:01:40.0095 5584 mountmgr - ok 16:01:40.0132 5584 [ 5928C12E9AEE59F48F17CBD05A544008 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 16:01:40.0182 5584 MozillaMaintenance - ok 16:01:40.0228 5584 [ 6FC047578785B0435F4E2660946D1ADC ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys 16:01:40.0381 5584 mpsdrv - ok 16:01:40.0479 5584 [ 4D33C8B6159B61C7F13984ED10EA2A82 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll 16:01:40.0558 5584 MpsSvc - ok 16:01:40.0616 5584 [ 3F818C1518DA702C8F10259095C9BDE0 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys 16:01:40.0787 5584 MRxDAV - ok 16:01:40.0834 5584 [ 466CC6D831D880426820449EE363686E ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 16:01:40.0975 5584 mrxsmb - ok 16:01:41.0022 5584 [ AFE6DC2E57E876175BA074AD2CB5594F ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys 16:01:41.0210 5584 mrxsmb10 - ok 16:01:41.0272 5584 [ B37B58F9F80A51098C42663D5FA5F2BA ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys 16:01:41.0413 5584 mrxsmb20 - ok 16:01:41.0444 5584 [ F3C060444777A59FC63D920719E43CCD ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys 16:01:41.0572 5584 MsBridge - ok 16:01:41.0619 5584 [ 915747E010A9414B069173284A9B93F4 ] MSDTC C:\WINDOWS\System32\msdtc.exe 16:01:41.0666 5584 MSDTC - ok 16:01:41.0728 5584 [ D13329FBF8345B28AB30F44CC247DC08 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 16:01:41.0837 5584 Msfs - ok 16:01:41.0878 5584 [ C6B474E46F9E543B875981ED3FFE6ADD ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys 16:01:41.0972 5584 msgpiowin32 - ok 16:01:41.0987 5584 [ 65C92EB9D08DB5C69F28C7FFD4E84E31 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys 16:01:42.0134 5584 mshidkmdf - ok 16:01:42.0177 5584 [ 52299F086AC2DAFD100DD5DC4A8614BA ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys 16:01:42.0296 5584 mshidumdf - ok 16:01:42.0327 5584 [ 36D92AF3343C3A3E57FEF11C449AEA4C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys 16:01:42.0406 5584 msisadrv - ok 16:01:42.0452 5584 [ A06142B3850B06972F1C89748FAA2C02 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll 16:01:42.0598 5584 MSiSCSI - ok 16:01:42.0613 5584 msiserver - ok 16:01:42.0663 5584 [ A9BBBD2BAE6142253B9195E949AC2E8D ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 16:01:42.0815 5584 MSKSSRV - ok 16:01:42.0841 5584 [ 51B3AC0560848CD6D65AC2033E293113 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys 16:01:42.0970 5584 MsLldp - ok 16:01:42.0986 5584 [ 7B2128EB875DCBC006E6A913211006D6 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 16:01:43.0103 5584 MSPCLOCK - ok 16:01:43.0139 5584 [ 1E88171579B218115C7A772F8DE04BD8 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 16:01:43.0264 5584 MSPQM - ok 16:01:43.0310 5584 [ BBE2A455053E63BECBF42C2F9B21FAE0 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys 16:01:43.0389 5584 MsRPC - ok 16:01:43.0404 5584 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys 16:01:43.0479 5584 mssmbios - ok 16:01:43.0495 5584 [ 115019AE01E0EB9C048530D2928AB4A2 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 16:01:43.0588 5584 MSTEE - ok 16:01:43.0620 5584 [ 96D604A35070360F0DD4A7A8AF410B5E ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys 16:01:43.0734 5584 MTConfig - ok 16:01:43.0781 5584 [ 438EA7A2D8D4F9B8AFB64748ACA70BA8 ] Mup C:\WINDOWS\system32\Drivers\mup.sys 16:01:43.0890 5584 Mup - ok 16:01:43.0922 5584 [ B8C35C94DCB2DFEAF03BB42131F2F77F ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys 16:01:44.0031 5584 mvumis - ok 16:01:44.0093 5584 MySQL57 - ok 16:01:44.0164 5584 [ 8DF30698BDD9492A9D45A4B94FB4A82A ] napagent C:\WINDOWS\system32\qagentRT.dll 16:01:44.0227 5584 napagent - ok 16:01:44.0311 5584 [ F3A70F2C79D91B7C95F78E959DEDAD0E ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys 16:01:44.0455 5584 NativeWifiP - ok 16:01:44.0509 5584 [ BFCE1225D10619029E68946929CEB64C ] NcaSvc C:\WINDOWS\System32\ncasvc.dll 16:01:44.0611 5584 NcaSvc - ok 16:01:44.0655 5584 [ 267C97373110B7AFD3B46DF60B6CBB85 ] NcbService C:\WINDOWS\System32\ncbservice.dll 16:01:44.0755 5584 NcbService - ok 16:01:44.0808 5584 [ 0813B71EAF097208DC76CE0605B48AF0 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll 16:01:44.0910 5584 NcdAutoSetup - ok 16:01:44.0989 5584 [ FFAA6C6E798FBA448FA7628A1B277F5C ] NDIS C:\WINDOWS\system32\drivers\ndis.sys 16:01:45.0173 5584 NDIS - ok 16:01:45.0215 5584 [ 8CECC8DA55F3274181FD1EA28AD76664 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys 16:01:45.0341 5584 NdisCap - ok 16:01:45.0388 5584 [ 269882812E9A68FFF1AFE1283D428322 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys 16:01:45.0569 5584 NdisImPlatform - ok 16:01:45.0612 5584 [ DC1D9F692C2AD84C214584C28501C1F7 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 16:01:45.0764 5584 NdisTapi - ok 16:01:45.0812 5584 [ B832B35055BA2B7B4181861FF94D8E59 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16:01:45.0948 5584 Ndisuio - ok 16:01:45.0963 5584 [ 1F58E48EF75F34C35D8E93A0DC535CFE ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys 16:01:46.0094 5584 NdisVirtualBus - ok 16:01:46.0139 5584 [ C3755FCF9A0B5C6FE8ED9E873B85D3CE ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 16:01:46.0310 5584 NdisWan - ok 16:01:46.0325 5584 [ C3755FCF9A0B5C6FE8ED9E873B85D3CE ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys 16:01:46.0388 5584 NdisWanLegacy - ok 16:01:46.0450 5584 [ 4F5178EEF4CC259F0A8CF56C2F16ADDB ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 16:01:46.0575 5584 NDProxy - ok 16:01:46.0638 5584 [ 3083926D1CC5B56EA0786527B557DD1B ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys 16:01:46.0808 5584 Ndu - ok 16:01:46.0838 5584 [ D4F51E88C71BF8F06EA1BE320B0BB75B ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll 16:01:46.0894 5584 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 16:01:46.0894 5584 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 16:01:46.0917 5584 [ AD6A78E25BBC916354753A500C4E73C8 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 16:01:46.0995 5584 NetBIOS - ok 16:01:47.0058 5584 [ 0FE750800DEEE91D22399D081371BA79 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 16:01:47.0242 5584 NetBT - ok 16:01:47.0273 5584 [ 382100E75B6F4668AEAEF228C6CEFFAD ] Netlogon C:\WINDOWS\system32\lsass.exe 16:01:47.0315 5584 Netlogon - ok 16:01:47.0367 5584 [ 8F074B62E66B6117D9598C62A12069C5 ] Netman C:\WINDOWS\System32\netman.dll 16:01:47.0449 5584 Netman - ok 16:01:47.0533 5584 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll 16:01:47.0593 5584 netprofm - ok 16:01:47.0691 5584 [ 51CD641EFF20C9FFBA2C0F72C269795E ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:01:47.0754 5584 NetTcpPortSharing - ok 16:01:47.0801 5584 [ D4DCE03870314D3354F3501F9DDD4123 ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys 16:01:47.0941 5584 netvsc - ok 16:01:47.0988 5584 [ A0D7A655BC61C2421CB33F3A1CD97B8A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll 16:01:48.0067 5584 NlaSvc - ok 16:01:48.0130 5584 [ 24FB67774E25F626396FADC13FD70CEC ] NovaPdfServer C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe 16:01:48.0156 5584 NovaPdfServer - ok 16:01:48.0203 5584 [ 8F44A2F57C9F1A19AC9C6288C10FB351 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 16:01:48.0330 5584 Npfs - ok 16:01:48.0377 5584 [ CBDB4F0871C88DF930FC0E8588CA67FC ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys 16:01:48.0570 5584 npsvctrig - ok 16:01:48.0601 5584 [ 0F12A72A753CFD7FB0631EE8D08FE983 ] nsi C:\WINDOWS\system32\nsisvc.dll 16:01:48.0679 5584 nsi - ok 16:01:48.0742 5584 [ 018510D88536798852DAE12F9BA6E138 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys 16:01:48.0851 5584 nsiproxy - ok 16:01:48.0960 5584 [ EE9B628D84DE372953A6D30AAB02DBD6 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 16:01:49.0203 5584 Ntfs - ok 16:01:49.0246 5584 [ EF1B290FC9F0E47CC0B537292BEE5904 ] Null C:\WINDOWS\system32\drivers\Null.sys 16:01:49.0401 5584 Null - ok 16:01:49.0453 5584 [ BC6B5942AFF25EBAF62DE43C3807EDF8 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys 16:01:49.0541 5584 nvraid - ok 16:01:49.0562 5584 [ 1F43ABFFAC3D6CA356851D517392966E ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys 16:01:49.0666 5584 nvstor - ok 16:01:49.0712 5584 [ 6934A936A7369DFE37B7DBA93F5E5E49 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys 16:01:49.0814 5584 nv_agp - ok 16:01:49.0935 5584 [ 29873E4EA380254020DD790E02F1E9E5 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 16:01:49.0980 5584 ose64 - ok 16:01:50.0041 5584 [ B0D4F47A4D74F6E6A3FF6B2D109D6734 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll 16:01:50.0152 5584 p2pimsvc - ok 16:01:50.0188 5584 [ 0B100C336809C1D7DBD108A75DAFFEF5 ] p2psvc C:\WINDOWS\system32\p2psvc.dll 16:01:50.0292 5584 p2psvc - ok 16:01:50.0340 5584 [ 57DCE4FB0467986AE78E1C6FC5240D32 ] Parport C:\WINDOWS\System32\drivers\parport.sys 16:01:50.0582 5584 Parport - ok 16:01:50.0628 5584 [ BAFF6122CFC9F95CA175AD8C348179A4 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys 16:01:50.0738 5584 partmgr - ok 16:01:50.0792 5584 [ 10D35971E29936AE422A9C728014E761 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll 16:01:50.0914 5584 PcaSvc - ok 16:01:50.0969 5584 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4 ] pci C:\WINDOWS\system32\drivers\pci.sys 16:01:51.0098 5584 pci - ok 16:01:51.0120 5584 [ 346E38FCC6859A727DD28AFAD1F0AFF4 ] pciide C:\WINDOWS\system32\drivers\pciide.sys 16:01:51.0192 5584 pciide - ok 16:01:51.0249 5584 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys 16:01:51.0348 5584 pcmcia - ok 16:01:51.0382 5584 [ BF28771D1436C88BE1D297D3098B0F7D ] pcw C:\WINDOWS\system32\drivers\pcw.sys 16:01:51.0460 5584 pcw - ok 16:01:51.0510 5584 [ E6B3ACBA06BAF48594557FCCBFA66FD2 ] pdc C:\WINDOWS\system32\drivers\pdc.sys 16:01:51.0606 5584 pdc - ok 16:01:51.0673 5584 [ 0ECEE590F2E2EF969FB74A6FC583A1E6 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys 16:01:51.0788 5584 PEAUTH - ok 16:01:51.0910 5584 [ 8E3C640FFF5A963F570233AE99C0FFF3 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe 16:01:52.0014 5584 PerfHost - ok 16:01:52.0111 5584 [ 70B39E7241F750A248798CE82C44596D ] pla C:\WINDOWS\system32\pla.dll 16:01:52.0228 5584 pla - ok 16:01:52.0273 5584 [ 2C02AFF8383D893F8DBEB07A84F6E77C ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll 16:01:52.0326 5584 PlugPlay - ok 16:01:52.0380 5584 [ 9A80707D8B6C1806531BFD7399B3CC76 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll 16:01:52.0418 5584 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 16:01:52.0418 5584 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 16:01:52.0460 5584 [ 4570F8A37D221660F3A09D6F4DD4BA94 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll 16:01:52.0547 5584 PNRPAutoReg - ok 16:01:52.0586 5584 [ B0D4F47A4D74F6E6A3FF6B2D109D6734 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll 16:01:52.0644 5584 PNRPsvc - ok 16:01:52.0700 5584 [ 0FF8507A8B901B904E98EB36B9E347EE ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll 16:01:52.0838 5584 PolicyAgent - ok 16:01:52.0893 5584 [ C8DD82C3035E60D671B8CC5DF128D3A9 ] Power C:\WINDOWS\system32\umpo.dll 16:01:52.0967 5584 Power - ok 16:01:53.0021 5584 [ E075CC071022BD4E9BE7C024717C0E0A ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 16:01:53.0157 5584 PptpMiniport - ok 16:01:53.0295 5584 [ E3514CE7CB4AF80ECCA383F065BC77C0 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll 16:01:53.0539 5584 PrintNotify - ok 16:01:53.0601 5584 [ ECD373F9571C745894367CC2635EA44F ] Processor C:\WINDOWS\System32\drivers\processr.sys 16:01:53.0717 5584 Processor - ok 16:01:53.0762 5584 [ 6E409D818C6B342544EAE741B1422B85 ] ProfSvc C:\WINDOWS\system32\profsvc.dll 16:01:53.0845 5584 ProfSvc - ok 16:01:53.0901 5584 [ DEF4D00D1E55B1E29138A1541D0B82D3 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys 16:01:54.0033 5584 Psched - ok 16:01:54.0150 5584 [ 16783D49B6931414BAD1B2368ADD9656 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe 16:01:54.0185 5584 PSI_SVC_2 - ok 16:01:54.0274 5584 [ EA735BF6DF13A857A83C99BF27A422AD ] PST Service C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe 16:01:54.0304 5584 PST Service ( UnsignedFile.Multi.Generic ) - warning 16:01:54.0304 5584 PST Service - detected UnsignedFile.Multi.Generic (1) 16:01:54.0353 5584 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5 ] QWAVE C:\WINDOWS\system32\qwave.dll 16:01:54.0446 5584 QWAVE - ok 16:01:54.0496 5584 [ 83868EB2924E6BC21A54337C65D614D1 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys 16:01:54.0616 5584 QWAVEdrv - ok 16:01:54.0675 5584 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\WINDOWS\WindowsMobile\rapimgr.dll 16:01:54.0713 5584 RapiMgr - ok 16:01:54.0764 5584 [ B337B1F1E82A83E20A1743E008E25C0F ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 16:01:54.0905 5584 RasAcd - ok 16:01:54.0999 5584 [ D5ECE7E7F349EB3C4B152AFF3577280D ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys 16:01:55.0210 5584 RasAgileVpn - ok 16:01:55.0249 5584 [ 044638489B4A5FE5334F46C5314A0826 ] RasAuto C:\WINDOWS\System32\rasauto.dll 16:01:55.0321 5584 RasAuto - ok 16:01:55.0365 5584 [ 235624C147E3CB4C288D5D3D8E8D64A2 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 16:01:55.0526 5584 Rasl2tp - ok 16:01:55.0613 5584 [ 0A655DD285E4E1E2975CEAB8FDE75295 ] RasMan C:\WINDOWS\System32\rasmans.dll 16:01:55.0782 5584 RasMan - ok 16:01:55.0810 5584 [ 5247F308C4103CDC4FE12AE1D235800A ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 16:01:55.0959 5584 RasPppoe - ok 16:01:56.0018 5584 [ 41F631007A158FEBB67F0E2AD1601BBA ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys 16:01:56.0171 5584 RasSstp - ok 16:01:56.0219 5584 [ 3560C2D5A5DAC09BF81F5C5CD0029192 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 16:01:56.0393 5584 rdbss - ok 16:01:56.0466 5584 [ 6B21EBF892CD8CACB71669B35AB5DE32 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys 16:01:56.0672 5584 rdpbus - ok 16:01:56.0700 5584 [ 680C1DAE268B6FB67FA21B389A8B79EF ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys 16:01:56.0878 5584 RDPDR - ok 16:01:57.0024 5584 [ BC8A79C625568DDB7DCA49D0C2741A64 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys 16:01:57.0128 5584 RdpVideoMiniport - ok 16:01:57.0178 5584 [ 468F9F3886DD3320357ECDBFF838DBBF ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys 16:01:57.0326 5584 rdyboost - ok 16:01:57.0446 5584 [ B5EF26F146792A6F8543FD3EC2449A81 ] RealPlayerUpdateSvc C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe 16:01:57.0472 5584 RealPlayerUpdateSvc - ok 16:01:57.0589 5584 [ FA255020D66C09DBDF0B5D69F43C29EF ] RealTimes Desktop Service C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe 16:01:57.0660 5584 RealTimes Desktop Service - ok 16:01:57.0724 5584 [ 2D39BCFA4DD1081B8F282B623456B858 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys 16:01:57.0880 5584 ReFS - ok 16:01:57.0928 5584 [ DF78648AC3C8DC9D70E6714AF785382F ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 16:01:57.0981 5584 RemoteAccess - ok 16:01:58.0046 5584 [ 7594FEFBAD6BA4645CE7AA175C19BAD0 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 16:01:58.0150 5584 RemoteRegistry - ok 16:01:58.0223 5584 [ 65B9FDE300A6DECC03BA44C4616DCAD6 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll 16:01:58.0298 5584 RpcEptMapper - ok 16:01:58.0353 5584 [ A737B433ABAF3F2DCB2BD7B4CC582B26 ] RpcLocator C:\WINDOWS\system32\locator.exe 16:01:58.0421 5584 RpcLocator - ok 16:01:58.0516 5584 [ 2928249E4DD39C2ADD3E74F02427AB8B ] RpcSs C:\WINDOWS\system32\rpcss.dll 16:01:58.0588 5584 RpcSs - ok 16:01:58.0656 5584 [ 2D05A5508F4685412F2B89E8C2189ABC ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys 16:01:58.0798 5584 rspndr - ok 16:01:58.0840 5584 [ 8EB6DCEB7473C232D8BC9A886E3183AC ] RSUSBVSTOR C:\WINDOWS\System32\Drivers\RtsUVStor.sys 16:01:58.0957 5584 RSUSBVSTOR - ok 16:01:59.0027 5584 [ 19764658C1468C2C0CEF133D28414A6B ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys 16:01:59.0189 5584 RTL8168 - ok 16:01:59.0275 5584 [ A307450FE19F99CC8AC750EB13959F94 ] RTWlanE C:\WINDOWS\system32\DRIVERS\rtwlane.sys 16:01:59.0577 5584 RTWlanE - ok 16:01:59.0608 5584 [ 1A063730F221B2746FF00457AE17E4F0 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys 16:01:59.0734 5584 s3cap - ok 16:01:59.0780 5584 [ 382100E75B6F4668AEAEF228C6CEFFAD ] SamSs C:\WINDOWS\system32\lsass.exe 16:01:59.0827 5584 SamSs - ok 16:01:59.0874 5584 [ C624A1B32211C3166EDB3F4AB02A30B7 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys 16:01:59.0984 5584 sbp2port - ok 16:02:00.0030 5584 [ 305B725E3FC1936162FE84A0BB526F22 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll 16:02:00.0093 5584 SCardSvr - ok 16:02:00.0173 5584 [ 92D2FA1870F4EB4A9BA767DB6E0DEF6F ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll 16:02:00.0229 5584 ScDeviceEnum - ok 16:02:00.0278 5584 [ DEA731D96816F1F67C32F49E4EF248DD ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys 16:02:00.0387 5584 scfilter - ok 16:02:00.0465 5584 [ F5523FFAFFCE7937D076E4FE6F5BD9AD ] Schedule C:\WINDOWS\system32\schedsvc.dll 16:02:00.0583 5584 Schedule - ok 16:02:00.0617 5584 [ ACFDC4EE40EC6E4A0AB91D923B8288C8 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll 16:02:00.0671 5584 SCPolicySvc - ok 16:02:00.0715 5584 [ C54B6B2170BF628FD42F799A66956D75 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys 16:02:00.0829 5584 sdbus - ok 16:02:00.0876 5584 [ 0B1E929D11A8E358106955603FAC65E8 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys 16:02:01.0010 5584 sdstor - ok 16:02:01.0060 5584 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys 16:02:01.0221 5584 secdrv - ok 16:02:01.0271 5584 [ 6627154693B6C2B8A59727F5B38728E8 ] seclogon C:\WINDOWS\system32\seclogon.dll 16:02:01.0384 5584 seclogon - ok 16:02:01.0449 5584 [ 81FE9A81EDF8016816C9E91FBFBF7D35 ] SENS C:\WINDOWS\System32\sens.dll 16:02:01.0518 5584 SENS - ok 16:02:01.0565 5584 [ 6E4012AE67F09F867EF620C8D5524C0B ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll 16:02:01.0632 5584 SensrSvc - ok 16:02:01.0699 5584 [ DB2FF24CE0BDD15FE75870AFE312BA89 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys 16:02:01.0833 5584 SerCx - ok 16:02:01.0889 5584 [ 0044B31F93946D5D41982314381FE431 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys 16:02:01.0984 5584 SerCx2 - ok 16:02:02.0023 5584 [ 1F0135949A6AD6025F363F80FE268251 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys 16:02:02.0116 5584 Serenum - ok 16:02:02.0154 5584 [ 81633C87B42B63BA484A6177179AC750 ] Serial C:\WINDOWS\System32\drivers\serial.sys 16:02:02.0251 5584 Serial - ok 16:02:02.0298 5584 [ 148195AE95D9BC7375A08846439FDAC1 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys 16:02:02.0407 5584 sermouse - ok 16:02:02.0475 5584 [ 624BB76941938B9F5776DEA56004D33E ] SessionEnv C:\WINDOWS\system32\sessenv.dll 16:02:02.0584 5584 SessionEnv - ok 16:02:02.0622 5584 [ 472B7A5AC181C050888DB454663DD764 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys 16:02:02.0736 5584 sfloppy - ok 16:02:02.0785 5584 [ 8081FF3DAE8159FE8956B09BC29CE983 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 16:02:02.0863 5584 SharedAccess - ok 16:02:02.0957 5584 [ 7FD9A61A3523A61FC135D61D6E160314 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 16:02:03.0067 5584 ShellHWDetection - ok 16:02:03.0090 5584 [ 2F518D13DD6F3053837FE606F1A2EA1F ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys 16:02:03.0192 5584 SiSRaid2 - ok 16:02:03.0239 5584 [ 1AC9A200A9C49C4508F04AAFFCA34A3F ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys 16:02:03.0333 5584 SiSRaid4 - ok 16:02:03.0427 5584 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3 ] smphost C:\WINDOWS\System32\smphost.dll 16:02:03.0553 5584 smphost - ok 16:02:03.0616 5584 [ 961507DB02D7AC0B7A7828D457143B8E ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe 16:02:03.0677 5584 SNMPTRAP - ok 16:02:03.0740 5584 [ F6AF6499C3788105EA7AF1DA27769A77 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys 16:02:03.0860 5584 spaceport - ok 16:02:03.0899 5584 [ F337BE11071818FC3F5DC2940B6BDE34 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys 16:02:03.0975 5584 SpbCx - ok 16:02:04.0037 5584 [ 851F06253BED584E39F5126EB5C2D6DD ] Spooler C:\WINDOWS\System32\spoolsv.exe 16:02:04.0153 5584 Spooler - ok 16:02:04.0362 5584 [ F264662C057A54AA2DE41B3C7551712F ] sppsvc C:\WINDOWS\system32\sppsvc.exe 16:02:04.0833 5584 sppsvc - ok 16:02:04.0895 5584 [ CA62440584866C8435AF39E70C8CDDDD ] srv C:\WINDOWS\system32\DRIVERS\srv.sys 16:02:05.0036 5584 srv - ok 16:02:05.0115 5584 [ 9770D34D1DACA4A9C57D22D64A9E8E09 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys 16:02:05.0314 5584 srv2 - ok 16:02:05.0353 5584 [ B15C5053F127BE389F3980620D475EB0 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys 16:02:05.0516 5584 srvnet - ok 16:02:05.0579 5584 [ CF6C3037839CF78421A94F9060C2886F ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 16:02:05.0674 5584 SSDPSRV - ok 16:02:05.0721 5584 [ 198A737DBA666F4808D62E9A8277A6B7 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll 16:02:05.0763 5584 SstpSvc - ok 16:02:05.0794 5584 [ 9B74226E10CD57E965F87014841016F9 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys 16:02:05.0843 5584 ssudmdm - ok 16:02:05.0890 5584 [ 76F7D7217FBDAB77798A2A244ACD641F ] ssudserd C:\WINDOWS\system32\DRIVERS\ssudserd.sys 16:02:05.0921 5584 ssudserd - ok 16:02:05.0968 5584 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys 16:02:06.0015 5584 stexstor - ok 16:02:06.0093 5584 [ 63E9CE568CF1192771A5F0460DE7D2B9 ] stisvc C:\WINDOWS\System32\wiaservc.dll 16:02:06.0208 5584 stisvc - ok 16:02:06.0223 5584 [ 0ED2E318ABB68C1A35A8B8038BDB4C90 ] storahci C:\WINDOWS\system32\drivers\storahci.sys 16:02:06.0333 5584 storahci - ok 16:02:06.0364 5584 [ 8B9486B64E5FC17FB9CC04CA10B77A34 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys 16:02:06.0489 5584 storflt - ok 16:02:06.0520 5584 [ 1D5A045F59D216448FCDE3A8D69970E2 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys 16:02:06.0612 5584 stornvme - ok 16:02:06.0650 5584 [ A45F5AC9D8069D0EC66E3CA73103073B ] StorSvc C:\WINDOWS\system32\storsvc.dll 16:02:06.0749 5584 StorSvc - ok 16:02:06.0780 5584 [ 548759755BC73DAD663250239D7E0B9F ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys 16:02:06.0874 5584 storvsc - ok 16:02:06.0921 5584 [ E395BE02F80A79A6CF973BA38DBB8135 ] svsvc C:\WINDOWS\system32\svsvc.dll 16:02:07.0015 5584 svsvc - ok 16:02:07.0061 5584 [ 65454187E0F8B6C0DCECB0287D06EC43 ] swenum C:\WINDOWS\System32\drivers\swenum.sys 16:02:07.0140 5584 swenum - ok 16:02:07.0213 5584 [ 1C71D72D4997A284128FBEE770726330 ] swprv C:\WINDOWS\System32\swprv.dll 16:02:07.0307 5584 swprv - ok 16:02:07.0388 5584 [ 0404A539EC3D731EE42632AAFFF0666A ] SysMain C:\WINDOWS\system32\sysmain.dll 16:02:07.0479 5584 SysMain - ok 16:02:07.0508 5584 [ D73DBBB96CEE90C2856164AAD8543425 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll 16:02:07.0610 5584 SystemEventsBroker - ok 16:02:07.0657 5584 [ 54A1F83B166F1062000A0D816CB3B43A ] TabletInputService C:\WINDOWS\System32\TabSvc.dll 16:02:07.0753 5584 TabletInputService - ok 16:02:07.0816 5584 [ 5A5BAB1CA9621E73E25EE4744B67CDA6 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 16:02:07.0916 5584 TapiSrv - ok 16:02:08.0036 5584 [ 12D04D8C02F16D8D7346A494E524507D ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys 16:02:08.0331 5584 Tcpip - ok 16:02:08.0408 5584 [ 12D04D8C02F16D8D7346A494E524507D ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys 16:02:08.0643 5584 TCPIP6 - ok 16:02:08.0705 5584 [ 41CF802064F72E55F50CA0A221FD36D4 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys 16:02:08.0861 5584 tcpipreg - ok 16:02:08.0893 5584 [ 576FA545FAB846B06E79B324160DE25C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys 16:02:09.0033 5584 tdx - ok 16:02:09.0307 5584 [ 708C203DF8EA1E4A09E05029803D9771 ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe 16:02:09.0703 5584 TeamViewer - ok 16:02:09.0740 5584 [ 232D185D2337F141311D0CF1983E1431 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys 16:02:09.0849 5584 terminpt - ok 16:02:09.0936 5584 [ 76938862B2674EFED79E814CD36E6A08 ] TermService C:\WINDOWS\System32\termsrv.dll 16:02:10.0045 5584 TermService - ok 16:02:10.0092 5584 [ 2180DBCE75B914E5E5BBFFFAAE97AA21 ] Themes C:\WINDOWS\system32\themeservice.dll 16:02:10.0160 5584 Themes - ok 16:02:10.0214 5584 [ 4C5179DB61B9E14BEC15CDC4B152B2E9 ] THREADORDER C:\WINDOWS\system32\mmcss.dll 16:02:10.0277 5584 THREADORDER - ok 16:02:10.0329 5584 [ B5ED9CC61798C7D44BD535D40B89EFB5 ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll 16:02:10.0427 5584 TimeBroker - ok 16:02:10.0477 5584 [ 80A2FC1A089A71F2DBE5D8394FFB009F ] TPM C:\WINDOWS\system32\drivers\tpm.sys 16:02:10.0601 5584 TPM - ok 16:02:10.0628 5584 [ 884113C2BB703FE806C8608B75F34831 ] TrkWks C:\WINDOWS\System32\trkwks.dll 16:02:10.0704 5584 TrkWks - ok 16:02:10.0822 5584 [ 807BFBADD4E45F651D577B16AAA7606D ] TrueKey C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe 16:02:10.0873 5584 TrueKey - ok 16:02:10.0927 5584 [ 433D821973B948BF2940B81ACF2A87DB ] TrueKeyScheduler C:\Program Files\TrueKey\McTkSchedulerService.exe 16:02:10.0946 5584 TrueKeyScheduler - ok 16:02:10.0977 5584 [ 9FB477FB7A25E2A1C38D014E5766B0A4 ] TrueKeyServiceHelper C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe 16:02:11.0008 5584 TrueKeyServiceHelper - ok 16:02:11.0105 5584 [ 44A94FB4C76528D2382FFE04B05827C3 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe 16:02:11.0167 5584 TrustedInstaller - ok 16:02:11.0208 5584 [ BF8F54CA37E9C9D6582C31C5761F8C93 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys 16:02:11.0385 5584 TsUsbFlt - ok 16:02:11.0432 5584 [ 20185BEB7512EDE4EFECDFA148AC9F99 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys 16:02:11.0553 5584 TsUsbGD - ok 16:02:11.0596 5584 [ E85916632CD3B9E9B546968DB950BF42 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys 16:02:11.0821 5584 tunnel - ok 16:02:11.0868 5584 [ F6EEAD052943B5A3104C1405BB856C54 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys 16:02:11.0938 5584 uagp35 - ok 16:02:11.0984 5584 [ FE6067B1FD4E63650C667B33D080565B ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys 16:02:12.0076 5584 UASPStor - ok 16:02:12.0122 5584 [ 807F8CF3E973305FC435C61CBBEE2A49 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys 16:02:12.0230 5584 UCX01000 - ok 16:02:12.0283 5584 [ C61EAF8E1E4B2F62BA4FDF457440B2C6 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys 16:02:12.0533 5584 udfs - ok 16:02:12.0579 5584 [ 9578691F297E1B1F519970FE6D47CB21 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys 16:02:12.0720 5584 UEFI - ok 16:02:12.0792 5584 [ A867F0F978EE64C87FADC3B100869EE4 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe 16:02:13.0007 5584 UI0Detect - ok 16:02:13.0036 5584 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys 16:02:13.0142 5584 uliagpkx - ok 16:02:13.0174 5584 [ DA34C39A18E60E7C3FA0630566408034 ] umbus C:\WINDOWS\System32\drivers\umbus.sys 16:02:13.0254 5584 umbus - ok 16:02:13.0285 5584 [ AE8294875E5446E359B1E8035D40C05E ] UmPass C:\WINDOWS\System32\drivers\umpass.sys 16:02:13.0399 5584 UmPass - ok 16:02:13.0439 5584 [ 87743CF5FF2FB3F2B424F0D8DFF8FD8C ] UmRdpService C:\WINDOWS\System32\umrdp.dll 16:02:13.0525 5584 UmRdpService - ok 16:02:13.0619 5584 [ 6EE394F8BFDC59D51E1C347246867004 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 16:02:13.0670 5584 UNS - ok 16:02:13.0729 5584 [ C98493DD8E6A50154FAC75C15E1C36BB ] upnphost C:\WINDOWS\System32\upnphost.dll 16:02:13.0823 5584 upnphost - ok 16:02:13.0875 5584 [ DF355EB0199198728027962DCFCDE5FB ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys 16:02:14.0005 5584 usbaudio - ok 16:02:14.0052 5584 [ 621317D14B93CBFBD5694767EFB6B40A ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys 16:02:14.0167 5584 usbccgp - ok 16:02:14.0215 5584 [ 0139248F6B95CF0D837B5B46A2722D40 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys 16:02:14.0372 5584 usbcir - ok 16:02:14.0416 5584 [ C996CBEF922B5653A01E3F50DDCE2F86 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys 16:02:14.0509 5584 usbehci - ok 16:02:14.0583 5584 [ E30B159760053C5A1297D2CD08046CD7 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys 16:02:14.0727 5584 usbhub - ok 16:02:14.0788 5584 [ 5C90D5379B53590FBB24BBAD4FA682EE ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys 16:02:14.0933 5584 USBHUB3 - ok 16:02:14.0974 5584 [ A0F0484C97D6441ED6A75D7426ECCC9E ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys 16:02:15.0172 5584 usbohci - ok 16:02:15.0213 5584 [ 4D655E3B684BE9B0F7FFD8A2935C348C ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys 16:02:15.0369 5584 usbprint - ok 16:02:15.0401 5584 [ 0F030491BA4A27BD46F8B8ACEEE83F1A ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 16:02:15.0543 5584 usbscan - ok 16:02:15.0590 5584 [ 9D168BFA334D47BE404367EB58D4E130 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS 16:02:15.0692 5584 USBSTOR - ok 16:02:15.0724 5584 [ FC974B03C8B87455F44F734C8F31A3C8 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys 16:02:15.0833 5584 usbuhci - ok 16:02:15.0887 5584 [ 5C8F604F6DC74177CDD8372D7B1ADFF0 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys 16:02:16.0023 5584 usbvideo - ok 16:02:16.0070 5584 [ 44603DA5A87FB491EF59C889EBBB4DDB ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS 16:02:16.0176 5584 USBXHCI - ok 16:02:16.0209 5584 [ 382100E75B6F4668AEAEF228C6CEFFAD ] VaultSvc C:\WINDOWS\system32\lsass.exe 16:02:16.0251 5584 VaultSvc - ok 16:02:16.0294 5584 [ FEB26E3B8345A7E8D62F945C4AE86562 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys 16:02:16.0393 5584 vdrvroot - ok 16:02:16.0460 5584 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A ] vds C:\WINDOWS\System32\vds.exe 16:02:16.0574 5584 vds - ok 16:02:16.0609 5584 [ A026EDEAA5EECAE0B08E2748B616D4BD ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys 16:02:16.0717 5584 VerifierExt - ok 16:02:16.0779 5584 [ 8ABB4BABF59F092DF0B43778D8FD1884 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys 16:02:16.0936 5584 vhdmp - ok 16:02:16.0983 5584 [ 06D38968028E9AB19DE9B618C7B6D199 ] viaide C:\WINDOWS\system32\drivers\viaide.sys 16:02:17.0079 5584 viaide - ok 16:02:17.0122 5584 [ 511AD3FF957A0127E6BD336FF6F89C38 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys 16:02:17.0177 5584 vmbus - ok 16:02:17.0230 5584 [ DA40BEA0A863CE768C940CA9723BF81F ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys 16:02:17.0340 5584 VMBusHID - ok 16:02:17.0386 5584 [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll 16:02:17.0457 5584 vmicguestinterface - ok 16:02:17.0475 5584 [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll 16:02:17.0522 5584 vmicheartbeat - ok 16:02:17.0553 5584 [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll 16:02:17.0600 5584 vmickvpexchange - ok 16:02:17.0631 5584 [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll 16:02:17.0694 5584 vmicrdv - ok 16:02:17.0725 5584 [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll 16:02:17.0787 5584 vmicshutdown - ok 16:02:17.0819 5584 [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll 16:02:17.0878 5584 vmictimesync - ok 16:02:17.0893 5584 [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmicvss C:\WINDOWS\System32\ICSvc.dll 16:02:17.0956 5584 vmicvss - ok 16:02:18.0003 5584 [ 436E1A724E7E683F6B612D3D58F04241 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys 16:02:18.0104 5584 volmgr - ok 16:02:18.0153 5584 [ 7DD4EAE2E680948D9AFF3E1B5234C1D3 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys 16:02:18.0387 5584 volmgrx - ok 16:02:18.0444 5584 [ 17F7B0F2298D97F4B6C7A69511033D3D ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys 16:02:18.0558 5584 volsnap - ok 16:02:18.0615 5584 [ DAC438FB5FF85A9E72806E2341D5D732 ] vpci C:\WINDOWS\System32\drivers\vpci.sys 16:02:18.0731 5584 vpci - ok 16:02:18.0774 5584 [ 4539F45F9F4C9757A86A56C949421E07 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys 16:02:18.0853 5584 vsmraid - ok 16:02:18.0937 5584 [ D0CBA7B3531CCF2ADB985856D5F92434 ] VSS C:\WINDOWS\system32\vssvc.exe 16:02:19.0083 5584 VSS - ok 16:02:19.0114 5584 [ 0849B7260F26FE05EA56DED0672E2F4B ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys 16:02:19.0213 5584 VSTXRAID - ok 16:02:19.0260 5584 [ 71066FF95C487327E44C8AF1B72EBE8B ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys 16:02:19.0448 5584 vwifibus - ok 16:02:19.0495 5584 [ 29AB43937FFDA0B0FB56984226E698C6 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys 16:02:19.0604 5584 vwififlt - ok 16:02:19.0639 5584 [ 8B8624A93E3F88CB923AEB05B6313227 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys 16:02:19.0772 5584 vwifimp - ok 16:02:19.0820 5584 [ DC821E811EFBB65CDD77FBB8B6ECA385 ] W32Time C:\WINDOWS\system32\w32time.dll 16:02:19.0933 5584 W32Time - ok 16:02:19.0965 5584 [ 0910AB9ED404C1434E2D0376C2AD5D8B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys 16:02:20.0107 5584 WacomPen - ok 16:02:20.0148 5584 [ FCAFB80B6BB215E908EA1E9F598FEBCB ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 16:02:20.0272 5584 Wanarp - ok 16:02:20.0283 5584 [ FCAFB80B6BB215E908EA1E9F598FEBCB ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys 16:02:20.0344 5584 Wanarpv6 - ok 16:02:20.0422 5584 [ DC34F51CED7CC444F27E2B8D837CD0FF ] Warsaw Technology C:\Program Files\Diebold\Warsaw\core.exe 16:02:20.0500 5584 Warsaw Technology - ok 16:02:20.0578 5584 [ 841345442390953CBC8801B95D3D0540 ] wbengine C:\WINDOWS\system32\wbengine.exe 16:02:20.0759 5584 wbengine - ok 16:02:20.0812 5584 [ 0F1DFA2FED73FA78B8C3CDE332A870F6 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll 16:02:20.0926 5584 WbioSrvc - ok 16:02:21.0020 5584 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\WINDOWS\WindowsMobile\wcescomm.dll 16:02:21.0067 5584 WcesComm - ok 16:02:21.0142 5584 [ 0EAEC313B24837613621B4A2536ED382 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll 16:02:21.0229 5584 Wcmsvc - ok 16:02:21.0276 5584 [ A7F2B008F038EFFED5A847029852BC27 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll 16:02:21.0354 5584 wcncsvc - ok 16:02:21.0401 5584 [ B7BF1D783F5B2484E8CE1C0C78257F16 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll 16:02:21.0489 5584 WcsPlugInService - ok 16:02:21.0536 5584 [ F2E08D1C067FEFC3A42D21FD4810F1D3 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys 16:02:21.0677 5584 WdBoot - ok 16:02:21.0724 5584 [ CB6C63FF8342B467E2EF76E98D5B934D ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys 16:02:21.0865 5584 Wdf01000 - ok 16:02:21.0912 5584 [ E234820E6B84ABA5E84E00227F505AE8 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys 16:02:22.0052 5584 WdFilter - ok 16:02:22.0101 5584 [ F581F9C9D6953FABFA24E67105F0B614 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll 16:02:22.0166 5584 WdiServiceHost - ok 16:02:22.0191 5584 [ F581F9C9D6953FABFA24E67105F0B614 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll 16:02:22.0245 5584 WdiSystemHost - ok 16:02:22.0278 5584 [ 9955F303C20C4F58DB6645C6248DE1C8 ] wdm_usb C:\WINDOWS\system32\DRIVERS\usb2ser.sys 16:02:22.0393 5584 wdm_usb - ok 16:02:22.0440 5584 [ A74AD6D80AC26E1B5DD276FC927F2BAC ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys 16:02:22.0551 5584 WdNisDrv - ok 16:02:22.0591 5584 WdNisSvc - ok 16:02:22.0638 5584 [ A70CAF5EA36CBA5FCA24244306D4D5C6 ] WebClient C:\WINDOWS\System32\webclnt.dll 16:02:22.0747 5584 WebClient - ok 16:02:22.0794 5584 [ 384E1D04FE20845B2559D292F17A9FA1 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll 16:02:22.0856 5584 Wecsvc - ok 16:02:22.0903 5584 [ 455014F4E48B67EBE0F032E2B0E06BF2 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll 16:02:22.0950 5584 WEPHOSTSVC - ok 16:02:23.0013 5584 [ F13DBA57CEA9B7074B95EDCA6AD2635E ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll 16:02:23.0105 5584 wercplsupport - ok 16:02:23.0159 5584 [ FD7E58B6AA3EABF2D12B9762A20E11E4 ] WerSvc C:\WINDOWS\System32\WerSvc.dll 16:02:23.0215 5584 WerSvc - ok 16:02:23.0262 5584 [ B3E08E32BD082100928C6BA18AE5E526 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys 16:02:23.0363 5584 WFPLWFS - ok 16:02:23.0421 5584 [ 8C840E1FD7584E74BD0CC1EA581EC187 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll 16:02:23.0486 5584 WiaRpc - ok 16:02:23.0528 5584 [ 5F66B7BB330AA80067FC66149A692620 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys 16:02:23.0606 5584 WIMMount - ok 16:02:23.0622 5584 WinDefend - ok 16:02:23.0710 5584 [ A083D80E73C2186C63A973971BD6E76D ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll 16:02:23.0772 5584 WinHttpAutoProxySvc - ok 16:02:23.0913 5584 [ FC8BD690321216C32BB58B035B6D5674 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 16:02:24.0022 5584 Winmgmt - ok 16:02:24.0184 5584 [ F2F8EA11CF2464476E2CBE9BDF2C9776 ] WinRM C:\WINDOWS\system32\WsmSvc.dll 16:02:24.0386 5584 WinRM - ok 16:02:24.0448 5584 [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13 ] WinUsb C:\WINDOWS\System32\drivers\WinUsb.sys 16:02:24.0599 5584 WinUsb - ok 16:02:24.0668 5584 [ 2A4A54CB5198AEF84DF56560C679EDD9 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll 16:02:24.0753 5584 WlanSvc - ok 16:02:24.0847 5584 [ 06BF5897949A8F24893F792E876B71F5 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll 16:02:24.0972 5584 wlidsvc - ok 16:02:25.0019 5584 [ 2834D9D3B4F554A39C72F00EA3F0E128 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys 16:02:25.0211 5584 WmiAcpi - ok 16:02:25.0249 5584 [ B96F7A1236C3F21212DE2C40A3DDB005 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe 16:02:25.0296 5584 wmiApSrv - ok 16:02:25.0327 5584 WMPNetworkSvc - ok 16:02:25.0387 5584 [ 7FC5667DF73D4B04AA457CC3A4180E09 ] Wof C:\WINDOWS\system32\drivers\Wof.sys 16:02:25.0456 5584 Wof - ok 16:02:25.0554 5584 [ EDFA5CEDBE174FAAA4A09A6B297AEA42 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll 16:02:25.0689 5584 workfolderssvc - ok 16:02:25.0747 5584 [ A2468CC3509394A33C4C32F99563D845 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys 16:02:25.0836 5584 wpcfltr - ok 16:02:25.0878 5584 [ 19F4DF69876DA7E9C4965351560FE6B7 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll 16:02:25.0940 5584 WPCSvc - ok 16:02:25.0987 5584 [ 25BE82B325AC22FE563A58A1AC29F4C1 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll 16:02:26.0112 5584 WPDBusEnum - ok 16:02:26.0164 5584 [ 9F2904B55F6CECCD1A8D986B5CE2609A ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys 16:02:26.0258 5584 WpdUpFltr - ok 16:02:26.0285 5584 [ AE072B0339D0A18E455DC21666CAD572 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys 16:02:26.0413 5584 ws2ifsl - ok 16:02:26.0460 5584 [ 501D5EFAB9711039479AE48401386D2B ] wscsvc C:\WINDOWS\System32\wscsvc.dll 16:02:26.0542 5584 wscsvc - ok 16:02:26.0582 5584 [ 02553BF9B625B0C2FC2715B42BBD1C74 ] wsddfac C:\WINDOWS\system32\drivers\wsddfac.sys 16:02:26.0644 5584 wsddfac - ok 16:02:26.0660 5584 [ B33905C5B3921DFA654BCEC4D7E00465 ] wsddntf C:\WINDOWS\system32\DRIVERS\wsddntf.sys 16:02:26.0735 5584 wsddntf - ok 16:02:26.0763 5584 [ 7382D22F0B3B1DE91B30B0798547A637 ] wsddpp C:\WINDOWS\system32\drivers\wsddpp.sys 16:02:26.0825 5584 wsddpp - ok 16:02:26.0872 5584 [ FE176D71EB5E7D650EA6CD74E1893553 ] wsddprm C:\WINDOWS\system32\drivers\wsddprm.sys 16:02:26.0966 5584 wsddprm - ok 16:02:26.0981 5584 [ F586F3F1BF962FE9AE4316E0D896B22F ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys 16:02:27.0103 5584 WSDPrintDevice - ok 16:02:27.0151 5584 [ 58035FD3369879E02D65989C44D27450 ] WSDScan C:\WINDOWS\system32\DRIVERS\WSDScan.sys 16:02:27.0245 5584 WSDScan - ok 16:02:27.0260 5584 WSearch - ok 16:02:27.0401 5584 [ 6B2D71124C1EA86B74412F414C42431D ] WSService C:\WINDOWS\System32\WSService.dll 16:02:27.0680 5584 WSService - ok 16:02:27.0816 5584 [ 4B93BC39257006A7330D71907C74E319 ] wuauserv C:\WINDOWS\system32\wuaueng.dll 16:02:28.0092 5584 wuauserv - ok 16:02:28.0139 5584 [ 481286719402E4BAEFEA0604AB1B5113 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys 16:02:28.0301 5584 WudfPf - ok 16:02:28.0333 5584 [ D7B4859227B02BCC1055B279A63C937F ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys 16:02:28.0491 5584 WUDFRd - ok 16:02:28.0504 5584 [ D7B4859227B02BCC1055B279A63C937F ] WUDFSensorLP C:\WINDOWS\System32\drivers\WUDFRd.sys 16:02:28.0571 5584 WUDFSensorLP - ok 16:02:28.0621 5584 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll 16:02:28.0669 5584 wudfsvc - ok 16:02:28.0700 5584 [ D7B4859227B02BCC1055B279A63C937F ] WUDFWpdFs C:\WINDOWS\System32\drivers\WUDFRd.sys 16:02:28.0759 5584 WUDFWpdFs - ok 16:02:28.0775 5584 [ D7B4859227B02BCC1055B279A63C937F ] WUDFWpdMtp C:\WINDOWS\System32\drivers\WUDFRd.sys 16:02:28.0837 5584 WUDFWpdMtp - ok 16:02:28.0900 5584 [ A0900F8F628B5AF6841414EB3CF11E50 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll 16:02:28.0990 5584 WwanSvc - ok 16:02:29.0037 5584 ================ Scan global =============================== 16:02:29.0104 5584 [ 3500AF0BA2EF095BF313EEB75D2366C6 ] C:\WINDOWS\system32\basesrv.dll 16:02:29.0148 5584 [ EAB311B0A7A8EA0346F14F08D4BC8F46 ] C:\WINDOWS\system32\winsrv.dll 16:02:29.0214 5584 [ 3600ED7EA8AED849E20700551C0BD63B ] C:\WINDOWS\system32\sxssrv.dll 16:02:29.0300 5584 [ E0C7813A97CA7947FF5C18A8F3B61A45 ] C:\WINDOWS\system32\services.exe 16:02:29.0313 5584 [Global] - ok 16:02:29.0313 5584 ================ Scan MBR ================================== 16:02:29.0329 5584 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0 16:02:29.0410 5584 \Device\Harddisk0\DR0 - ok 16:02:29.0412 5584 ================ Scan VBR ================================== 16:02:29.0417 5584 [ 1648377F6B1FD9FBD1C266C702158C94 ] \Device\Harddisk0\DR0\Partition1 16:02:29.0420 5584 \Device\Harddisk0\DR0\Partition1 - ok 16:02:29.0443 5584 [ 550F5D9E23F7088036F32631AA3D804E ] \Device\Harddisk0\DR0\Partition2 16:02:29.0443 5584 \Device\Harddisk0\DR0\Partition2 - ok 16:02:29.0474 5584 [ 370A38D0475E6D6A7CB3B334F771AD76 ] \Device\Harddisk0\DR0\Partition3 16:02:29.0474 5584 \Device\Harddisk0\DR0\Partition3 - ok 16:02:29.0489 5584 [ F07F2EAA8E2BDABF9A1882E65850744E ] \Device\Harddisk0\DR0\Partition4 16:02:29.0489 5584 \Device\Harddisk0\DR0\Partition4 - ok 16:02:29.0525 5584 [ F5F6ADA30AD9C0FB57FB9593EDB98B00 ] \Device\Harddisk0\DR0\Partition5 16:02:29.0525 5584 \Device\Harddisk0\DR0\Partition5 - ok 16:02:29.0541 5584 [ CD84CBA67691A9B6B26997968147AE20 ] \Device\Harddisk0\DR0\Partition6 16:02:29.0541 5584 \Device\Harddisk0\DR0\Partition6 - ok 16:02:29.0556 5584 ============================================================ 16:02:29.0556 5584 Scan finished 16:02:29.0556 5584 ============================================================ 16:02:29.0572 3344 Detected object count: 4 16:02:29.0572 3344 Actual detected object count: 4 16:02:46.0276 3344 IconMan_R ( UnsignedFile.Multi.Generic ) - skipped by user 16:02:46.0276 3344 IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Skip 16:02:46.0277 3344 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 16:02:46.0277 3344 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 16:02:46.0281 3344 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 16:02:46.0281 3344 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 16:02:46.0285 3344 PST Service ( UnsignedFile.Multi.Generic ) - skipped by user 16:02:46.0285 3344 PST Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 16:03:29.0480 7992 Deinitialize success
  3. Boa tarde Elias segue abaixo o log: McAfee Stinger Scan Results McAfee® Labs Stinger™ Version 12.1.0.2688 built on Mar 1 2018 at 00:59:20 Copyright© 2013-2018, McAfee, LLC. All Rights Reserved. AV Engine version v5900.7806 for Windows. Virus data file v1000.0 created on Mar 1, 2018 Ready to scan for 10349 viruses, trojans and variants. Custom scan initiated on quinta-feira, março 01, 2018 10:24:33 Rootkit scan result : Clean. C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Cache\f_002801 [MD5:1b33320ca2603691dfda4364d1ee93ea] is infected with WASM/Cryptonight C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Cache\f_002801 has been Deleted C:\Users\Vanessa Musso\Downloads\ZA-Scan.exe [MD5:393409e77c1d95b1c35e5e024366ab6b] is infected with Artemis!393409E77C1D C:\Users\Vanessa Musso\Downloads\ZA-Scan.exe has been Deleted Summary Report on C: File(s) TotalFiles:............ 2454245 Clean:................. 430753 Not Scanned:........... 2023490 Possibly Infected:..... 2 Time: 05:18:33 Scan completed on sexta-feira, março 02, 2018 15:43:06
  4. Boa tarde Elias, No outro scan eu tinha feito isso tb, ok. Segue: ogueKiller V12.12.5.0 (x64) [Feb 19 2018] (Free) por Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Site : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Sistema Operacional : Windows 8.1 (6.3.9600) 64 bits version Iniciou : Modo normal Usuário : Vanessa Musso [Administrador] Started from : C:\Users\Vanessa Musso\Downloads\RogueKiller_portable64.exe Modo : Deletar -- Data : 02/28/2018 13:39:06 (Duration : 02:42:47) ¤¤¤ Processos : 0 ¤¤¤ ¤¤¤ Registro : 7 ¤¤¤ [PUP.ByteFence|PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\ByteFence -> Deletado [PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} -> Deletado [PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-ed0edad2 -> Substituído (http://go.microsoft.com/fwlink/p/?LinkId=255141) [PUM.HomePage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-ed0edad2 -> Substituído (http://go.microsoft.com/fwlink/p/?LinkId=255141) [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-106726862-4054988722-2312773982-1001\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-ed0edad2 -> Substituído (http://go.microsoft.com/fwlink/p/?LinkId=255141) [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-106726862-4054988722-2312773982-1001\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-ed0edad2 -> Substituído (http://go.microsoft.com/fwlink/p/?LinkId=255141) [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{A052614E-CB9A-402A-9C82-788A064AE21D} | DhcpNameServer : 10.0.0.253 ([]) -> Substituído () ¤¤¤ Tarefas : 2 ¤¤¤ [Suspicious.Path] %WINDIR%\Tasks\Norton Product InstallerIdle.job -- C:\Users\VANESS~1\AppData\Local\Temp\SymInstallStub.exe (/partnerid=realnw /productlist=nss /staging=false /affid=RPLR /delay=0 /launchedby=4) -> Deletado [Suspicious.Path] \Rerun Warsaw's CoreFixer -- C:\WINDOWS\TEMP\is-7CHUC.tmp\corefixer.exe (/norerun) -> Deletado ¤¤¤ Arquivos : 0 ¤¤¤ ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Arquivos de hosts : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤ ¤¤¤ Navegadores : 0 ¤¤¤ ¤¤¤ Verificação da MBR : ¤¤¤ +++++ PhysicalDrive0: +++++ --- User --- [MBR] 904f9079d5743a8461f086d85f1190bd [BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code Partition table: 0 - [SYSTEM][MAN-MOUNT] Basic_data_partition | Offset (sectors): 2048 | Size: 300 MB 1 - [MAN-MOUNT] EFI_system_partition | Offset (sectors): 616448 | Size: 260 MB 2 - [MAN-MOUNT] Microsoft_reserved_partition | Offset (sectors): 1148928 | Size: 128 MB 3 - Basic_data_partition | Offset (sectors): 1411072 | Size: 459850 MB 4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 943185920 | Size: 450 MB 5 - [SYSTEM][MAN-MOUNT] Basic_data_partition | Offset (sectors): 944107520 | Size: 15949 MB User = LL1 ... OK User = LL2 ... OK
  5. RogueKiller V12.12.5.0 (x64) [Feb 19 2018] (Free) por Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Site : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Sistema Operacional : Windows 8.1 (6.3.9600) 64 bits version Iniciou : Modo normal Usuário : Vanessa Musso [Administrador] Started from : C:\Users\Vanessa Musso\Downloads\RogueKiller_portable64.exe Modo : Escanear -- Data : 02/26/2018 09:40:07 (Duration : 01:48:34) ¤¤¤ Processos : 1 ¤¤¤ [PUP.HackTool|VT.Detected] AutoKMS.exe(1392) -- C:\Windows\AutoKMS\AutoKMS.exe[-] -> Encontrado ¤¤¤ Registro : 7 ¤¤¤ [PUP.ByteFence|PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\ByteFence -> Encontrado [PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} -> Encontrado [PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-ed0edad2 -> Encontrado [PUM.HomePage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-ed0edad2 -> Encontrado [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-106726862-4054988722-2312773982-1001\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-ed0edad2 -> Encontrado [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-106726862-4054988722-2312773982-1001\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-ed0edad2 -> Encontrado [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{A052614E-CB9A-402A-9C82-788A064AE21D} | DhcpNameServer : 10.0.0.253 ([]) -> Encontrado ¤¤¤ Tarefas : 3 ¤¤¤ [Suspicious.Path] %WINDIR%\Tasks\Norton Product InstallerIdle.job -- C:\Users\VANESS~1\AppData\Local\Temp\SymInstallStub.exe (/partnerid=realnw /productlist=nss /staging=false /affid=RPLR /delay=0 /launchedby=4) -> Encontrado [PUP.HackTool|VT.Detected] \AutoKMS -- C:\WINDOWS\AutoKMS\AutoKMS.exe -> Encontrado [Suspicious.Path] \Rerun Warsaw's CoreFixer -- C:\WINDOWS\TEMP\is-7CHUC.tmp\corefixer.exe (/norerun) -> Encontrado ¤¤¤ Arquivos : 1 ¤¤¤ [PUP.HackTool][Pasta] C:\Windows\AutoKMS -> Encontrado ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Arquivos de hosts : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤ ¤¤¤ Navegadores : 0 ¤¤¤ ¤¤¤ Verificação da MBR : ¤¤¤ +++++ PhysicalDrive0: +++++ --- User --- [MBR] 904f9079d5743a8461f086d85f1190bd [BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code Partition table: 0 - [SYSTEM][MAN-MOUNT] Basic_data_partition | Offset (sectors): 2048 | Size: 300 MB 1 - [MAN-MOUNT] EFI_system_partition | Offset (sectors): 616448 | Size: 260 MB 2 - [MAN-MOUNT] Microsoft_reserved_partition | Offset (sectors): 1148928 | Size: 128 MB 3 - Basic_data_partition | Offset (sectors): 1411072 | Size: 459850 MB 4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 943185920 | Size: 450 MB 5 - [SYSTEM][MAN-MOUNT] Basic_data_partition | Offset (sectors): 944107520 | Size: 15949 MB User = LL1 ... OK User = LL2 ... OK
  6. boa tarde elias, segue primeira etapa: malwarebytes www.malwarebytes.com -detalhes de registro- data da análise: 22/02/18 hora da análise: 11:01 arquivo de registro: eb6b22a2-17d8-11e8-8496-00e04d687d4a.json administrador: sim -informação do software- versão: 3.3.1.2183 versão de componentes: 1.0.262 versão do pacote de definições: 1.0.4050 licença: versão de avaliação -informação do sistema- sistema operacional: windows 8.1 cpu: x64 sistema de arquivos: ntfs usuário: jones\vanessa musso -resumo da análise- tipo de análise: análise customizada resultado: concluído objetos verificados: 509843 ameaças detectadas: 70 ameaças em quarentena: 67 tempo decorrido: 16 hr, 40 min, 28 seg -opções da análise- memória: habilitado inicialização: habilitado sistema de arquivos: habilitado arquivos compactados: habilitado rootkits: habilitado heurística: habilitado pup: detectar pum: detectar -detalhes da análise- processo: 0 (nenhum item malicioso detectado) módulo: 0 (nenhum item malicioso detectado) chave de registro: 12 pup.optional.installcore, hku\s-1-5-21-106726862-4054988722-2312773982-1001\software\productsetup, quarentena, [2], [481004],1.0.4050 pup.optional.installcore, hku\s-1-5-21-106726862-4054988722-2312773982-1001\software\csastats, quarentena, [2], [260986],1.0.4050 adware.elex, hklm\software\wow6432node\qksee, quarentena, [1], [398719],1.0.4050 adware.elex, hklm\software\wow6432node\qkseesvc, quarentena, [1], [348122],1.0.4050 adware.elex, hklm\software\wow6432node\winsabersvc, quarentena, [1], [350440],1.0.4050 pup.optional.winbing, hklm\software\microsoft\windows nt\currentversion\schedule\taskcache\tasks\{a0d3ed3d-8f45-49a0-9da0-c53f47eb8078}, quarentena, [1544], [336082],1.0.4050 pup.optional.winbing, hklm\software\microsoft\windows nt\currentversion\schedule\taskcache\plain\{a0d3ed3d-8f45-49a0-9da0-c53f47eb8078}, quarentena, [1544], [336085],1.0.4050 pup.optional.winbing, hklm\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\search provided by bing rotad, quarentena, [1544], [336085],1.0.4050 adware.elex, hklm\system\currentcontrolset\services\eventlog\application\qkseeservice, quarentena, [1], [348119],1.0.4050 adware.elex, hklm\system\currentcontrolset\services\eventlog\application\winzipersvc, quarentena, [1], [385015],1.0.4050 pup.optional.wajam, hklm\system\currentcontrolset\services\nlasvc\parameters\internet\manualproxies, quarentena, [73], [-1],0.0.0 pup.optional.bytefence, hklm\software\wow6432node\microsoft\windows\currentversion\uninstall\bytefence, quarentena, [587], [389016],1.0.4050 valor de registro: 6 pup.optional.installcore, hku\s-1-5-21-106726862-4054988722-2312773982-1001\software\productsetup|tb, quarentena, [2], [481004],1.0.4050 pup.optional.winbing, hklm\software\microsoft\windows nt\currentversion\schedule\taskcache\tasks\{a0d3ed3d-8f45-49a0-9da0-c53f47eb8078}|path, quarentena, [1544], [336082],1.0.4050 pup.optional.wajam, hku\s-1-5-18\software\microsoft\windows\currentversion\internet settings|proxyenable, falha ao remover, [73], [-1],0.0.0 pup.optional.wajam, hku\s-1-5-21-106726862-4054988722-2312773982-1001\software\microsoft\windows\currentversion\internet settings|proxyenable, falha ao remover, [73], [-1],0.0.0 pup.optional.wajam, hku\s-1-5-21-106726862-4054988722-2312773982-1001\software\microsoft\windows\currentversion\internet settings|proxyoverride, quarentena, [73], [-1],0.0.0 pup.optional.wajam, hku\.default\software\microsoft\windows\currentversion\internet settings|proxyenable, falha ao remover, [73], [-1],0.0.0 dados de registro: 0 (nenhum item malicioso detectado) fluxo de dados: 0 (nenhum item malicioso detectado) pasta: 6 pup.optional.txqqbrowser, c:\program files (x86)\txqqbrowser\update\bee455e05ab58b26fb17eba0aa038663\update, quarentena, [1446], [331958],1.0.4050 pup.optional.txqqbrowser, c:\program files (x86)\txqqbrowser\update\bee455e05ab58b26fb17eba0aa038663, quarentena, [1446], [331958],1.0.4050 pup.optional.txqqbrowser, c:\program files (x86)\txqqbrowser\update, quarentena, [1446], [331958],1.0.4050 pup.optional.txqqbrowser, c:\program files (x86)\txqqbrowser, quarentena, [1446], [331958],1.0.4050 pup.optional.elex, c:\users\vanessa musso\appdata\roaming\winziper\log, quarentena, [7], [335045],1.0.4050 pup.optional.elex, c:\users\vanessa musso\appdata\roaming\winziper, quarentena, [7], [335045],1.0.4050 arquivo: 46 pup.optional.yessearches, c:\adwcleaner\filequarantine\c\program files (x86)\arikoiedrumition\arkconfigurationtsk.exe.vir, quarentena, [262], [124490],1.0.4050 generic.malware/suspicious, c:\adwcleaner\filequarantine\c\program files (x86)\003c293c-1466534344-003d-9ce1-3c00d1df6549\knssf538.tmp.vir, quarentena, [0], [392686],1.0.4050 adware.chinad, c:\adwcleaner\filequarantine\c\program files (x86)\calendartool\2.0.0.11380\calendarserv.exe.vir, quarentena, [501], [455933],1.0.4050 generic.malware/suspicious, c:\adwcleaner\filequarantine\c\programdata\videofetcher\videofetcher.exe.vir, quarentena, [0], [392686],1.0.4050 pup.optional.torrentsearch, c:\adwcleaner\filequarantine\c\users\vanessa musso\appdata\roaming\checkers\draughts\draughts.exe.vir, quarentena, [765], [122954],1.0.4050 pup.optional.radmin, c:\cplus\suporteremoto.exe, quarentena, [6586], [86095],1.0.4050 pup.optional.elex, c:\frst\quarantine\c\program files (x86)\semughdabuck\smgblds.xhtm5.xbad, quarentena, [7], [339258],1.0.4050 pup.optional.bundler, c:\frst\quarantine\c\users\vanessa musso\appdata\local\temp\fsd90d9.exe.xbad, quarentena, [134], [8918],1.0.4050 pup.optional.wajam, c:\frst\quarantine\c\users\vanessa musso\appdata\local\temp\ex4.exe.xbad, quarentena, [73], [290961],1.0.4050 pup.optional.bundleinstaller, c:\frst\quarantine\c\users\vanessa musso\appdata\local\temp\f068.tmp.exe.xbad, quarentena, [18], [304617],1.0.4050 pup.optional.startpage, c:\frst\quarantine\c\users\vanessa musso\appdata\local\temp\kolsrchlnas.ru_br.exe.xbad, quarentena, [40], [125564],1.0.4050 generic.malware/suspicious, c:\frst\quarantine\c\users\vanessa musso\appdata\local\temp\ex2.exe.xbad, quarentena, [0], [392686],1.0.4050 pup.optional.bundleinstaller, c:\frst\quarantine\c\users\vanessa musso\appdata\local\temp\icreinstall_f068.tmp.exe.xbad, quarentena, [18], [304617],1.0.4050 pup.optional.bytefence, c:\program files\bytefence\bytefence.exe, quarentena, [587], [389016],1.0.4050 pup.optional.bytefence, c:\program files\bytefence\uninstall.exe, quarentena, [587], [389016],1.0.4050 pup.optional.txqqbrowser, c:\program files (x86)\txqqbrowser\update\bee455e05ab58b26fb17eba0aa038663\update\9.3.6494.400.manifest, quarentena, [1446], [331958],1.0.4050 pup.optional.txqqbrowser, c:\program files (x86)\txqqbrowser\update\bee455e05ab58b26fb17eba0aa038663\update\browserupdate.exe, quarentena, [1446], [331958],1.0.4050 pup.optional.txqqbrowser, c:\program files (x86)\txqqbrowser\update\bee455e05ab58b26fb17eba0aa038663\update\chrome_elf.dll, quarentena, [1446], [331958],1.0.4050 generic.malware/suspicious, c:\users\vanessa musso\appdata\local\nanonet\vhost.exe, quarentena, [0], [392686],1.0.4050 generic.malware/suspicious, c:\users\vanessa musso\desktop\geral\backup jones 1\leo\ativador w 10\raton ativ 10 2015\re-loader raton.exe, excluir ao reiniciar, [0], [392686],1.0.4050 generic.malware/suspicious, c:\users\vanessa musso\desktop\geral\backup jones 1\leo\ativador w 10\raton ativ 10 2015.rar, excluir ao reiniciar, [0], [392686],1.0.4050 pup.optional.bundleinstaller, c:\users\vanessa musso\desktop\geral\backup jones 1\leo\drp_15.4_full\soft\www\utorrent.exe, excluir ao reiniciar, [18], [493232],1.0.4050 pup.optional.driverpack, c:\users\vanessa musso\desktop\geral\backup jones 1\leo\drp_15.4_full\soft\drvupdater.exe, excluir ao reiniciar, [1962], [476946],1.0.4050 pup.optional.driverpack, c:\users\vanessa musso\desktop\geral\backup jones 1\leo\drp_15.4_full\tools\drvupdater.exe, excluir ao reiniciar, [1962], [476946],1.0.4050 riskware.tinype.gen, c:\users\vanessa musso\desktop\flor sa\backup flor s.a 07 02 16\php-7.0.3\ext\standard\tests\file\windows_acls\tiny.exe, quarentena, [13822], [277589],1.0.4050 pup.optional.installcore, c:\users\vanessa musso\downloads\baixaki_bluestacks_vg9w2a.exe, quarentena, [2], [324268],1.0.4050 pup.optional.installcore, c:\users\vanessa musso\downloads\baixaki_daemon-tools-lite.exe, quarentena, [2], [439390],1.0.4050 pup.optional.installcore, c:\users\vanessa musso\downloads\baixaki_mozilla-thunderbird (1).exe, quarentena, [2], [486836],1.0.4050 pup.optional.installcore, c:\users\vanessa musso\downloads\baixaki_nepflex-screen-recorder_vxwzzu.exe, quarentena, [2], [430158],1.0.4050 pup.optional.installcore, c:\users\vanessa musso\downloads\baixaki_oxelon-media-converter.exe, quarentena, [2], [324268],1.0.4050 pup.optional.installcore, c:\users\vanessa musso\downloads\baixaki_utorrent.exe, quarentena, [2], [469948],1.0.4050 pup.optional.installcore, c:\users\vanessa musso\downloads\baixaki_mozilla-thunderbird.exe, quarentena, [2], [486836],1.0.4050 pup.optional.installcore, c:\users\vanessa musso\downloads\baixaki_winrar_2548970528.exe, quarentena, [2], [406528],1.0.4050 pup.optional.installcore, c:\users\vanessa musso\downloads\baixaki_realplayer.exe, quarentena, [2], [442658],1.0.4050 cracktool.coreldesigner, c:\users\vanessa musso\downloads\[foguinho downs] - k corel x8.exe\[foguinho downs] - keygen corel x8.exe, quarentena, [7508], [113285],1.0.4050 pup.optional.installcore, c:\users\vanessa musso\downloads\baixaki_mozilla-thunderbird (2).exe, quarentena, [2], [486836],1.0.4050 pup.optional.installcore, c:\users\vanessa musso\downloads\baixaki_zd-soft-screen-recorder_vuvcbo.exe, quarentena, [2], [430158],1.0.4050 adware.elex, c:\windows\syswow64\config\systemprofile\appdata\local\microsoft\windows\inetcache\ie\update_wpm_0707[1].exe, quarentena, [1], [363931],1.0.4050 adware.elex, c:\windows\syswow64\_tspm\qqbrowserframe.dll, quarentena, [1], [355140],1.0.4050 pup.optional.elex, c:\windows\syswow64\_tspm\qks.exe, quarentena, [7], [125558],1.0.4050 adware.elex, c:\windows\syswow64\_tspm\everything.exe, quarentena, [1], [345563],1.0.4050 pup.optional.elex, c:\windows\syswow64\_tspm\winzipper.exe, quarentena, [7], [336348],1.0.4050 adware.elex, c:\windows\syswow64\_tspm\saber.exe, quarentena, [1], [451226],1.0.4050 adware.elex, c:\windows\syswow64\_tspm\wpm.exe, quarentena, [1], [355155],1.0.4050 pup.optional.winbing, c:\windows\tasks\search provided by bing rotad.job, quarentena, [1548], [336088],1.0.4050 generic.malware/suspicious, c:\windows\2cdae02d91692a634545c5b4daa18a38.exe, quarentena, [0], [392686],1.0.4050 setor físico: 0 (nenhum item malicioso detectado) (end) *segunda etapa: # adwcleaner 7.0.8.0 - logfile created on sat feb 24 15:46:04 2018 # updated on 2018/08/02 by malwarebytes # running on windows 8.1 single language (x64) # mode: clean # support: https://www.malwarebytes.com/support ***** [ services ] ***** no malicious services deleted. ***** [ folders ] ***** deleted: c:\users\vanessa musso\appdata\roaming\ecyber deleted: c:\program files (x86)\mpck deleted: c:\windows\system32\_tspm deleted: c:\windows\syswow64\_tspm deleted: c:\program files\bytefence ***** [ files ] ***** no malicious files deleted. ***** [ dll ] ***** no malicious dlls cleaned. ***** [ wmi ] ***** no malicious wmi cleaned. ***** [ shortcuts ] ***** no malicious shortcuts cleaned. ***** [ tasks ] ***** no malicious tasks deleted. ***** [ registry ] ***** deleted: [key] - hku\s-1-5-21-106726862-4054988722-2312773982-1001\software\apn pip deleted: [key] - hkcu\software\apn pip deleted: [key] - hklm\software\hdcode deleted: [key] - hklm\software\{8c4ce252-7db2-4f8e-8e76-bad0e5826a83} deleted: [key] - hku\.default\software\{8c4ce252-7db2-4f8e-8e76-bad0e5826a83} deleted: [key] - hku\s-1-5-18\software\{8c4ce252-7db2-4f8e-8e76-bad0e5826a83} deleted: [key] - hklm\software\winziper deleted: [key] - hklm\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###megashellextpending deleted: [key] - hklm\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###megashellextsynced deleted: [key] - hklm\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###megashellextsyncing deleted: [key] - hkcu\software\microsoft\internet explorer\domstorage\castplatform.com deleted: [key] - hkcu\software\microsoft\internet explorer\domstorage\cdn.castplatform.com deleted: [key] - hklm\software\bytefence deleted: [key] - hklm\software\classes\winzippers.001 deleted: [key] - hklm\software\classes\winzippers.7z deleted: [key] - hklm\software\classes\winzippers.arj deleted: [key] - hklm\software\classes\winzippers.bz2 deleted: [key] - hklm\software\classes\winzippers.bzip2 deleted: [key] - hklm\software\classes\winzippers.cab deleted: [key] - hklm\software\classes\winzippers.cpio deleted: [key] - hklm\software\classes\winzippers.deb deleted: [key] - hklm\software\classes\winzippers.dmg deleted: [key] - hklm\software\classes\winzippers.fat deleted: [key] - hklm\software\classes\winzippers.gz deleted: [key] - hklm\software\classes\winzippers.gzip deleted: [key] - hklm\software\classes\winzippers.hfs deleted: [key] - hklm\software\classes\winzippers.iso deleted: [key] - hklm\software\classes\winzippers.lha deleted: [key] - hklm\software\classes\winzippers.lzh deleted: [key] - hklm\software\classes\winzippers.lzma deleted: [key] - hklm\software\classes\winzippers.ntfs deleted: [key] - hklm\software\classes\winzippers.rar deleted: [key] - hklm\software\classes\winzippers.rpm deleted: [key] - hklm\software\classes\winzippers.squashfs deleted: [key] - hklm\software\classes\winzippers.swm deleted: [key] - hklm\software\classes\winzippers.tar deleted: [key] - hklm\software\classes\winzippers.taz deleted: [key] - hklm\software\classes\winzippers.tbz deleted: [key] - hklm\software\classes\winzippers.tbz2 deleted: [key] - hklm\software\classes\winzippers.tgz deleted: [key] - hklm\software\classes\winzippers.tpz deleted: [key] - hklm\software\classes\winzippers.txz deleted: [key] - hklm\software\classes\winzippers.vhd deleted: [key] - hklm\software\classes\winzippers.wim deleted: [key] - hklm\software\classes\winzippers.xar deleted: [key] - hklm\software\classes\winzippers.xz deleted: [key] - hklm\software\classes\winzippers.z deleted: [key] - hklm\software\classes\winzippers.zip ***** [ firefox (and derivatives) ] ***** no malicious firefox entries deleted. ***** [ chromium (and derivatives) ] ***** no malicious chromium entries deleted. ************************* ::tracing keys deleted ::winsock settings cleared ::additional actions: 0 ************************* c:/adwcleaner/adwcleaner[c1].txt - [13315 b] - [2015/10/17 21:43:17] c:/adwcleaner/adwcleaner[c2].txt - [1690 b] - [2016/6/22 22:1:20] c:/adwcleaner/adwcleaner[s1].txt - [13712 b] - [2015/10/17 21:31:39] c:/adwcleaner/adwcleaner[s2].txt - [5028 b] - [2016/6/22 21:55:1] ########## eof - c:\adwcleaner\adwcleaner[c2].txt ########## obrigado pela ajuda!!!
  7. Olá Boa tarde, Fui infectado por esse trojan e não sei como remover, agradeço se me ajudarem, em anexo o log. Obrigado! ZA-Scan.txt 20 02 18.txt
  8. Olá Moicano, Td beleza? Bom segue abaixo o log que você solicitou. Valeu! McAfee Stinger Scan Results McAfee® Labs Stinger™ Version 12.1.0.2060 built on Jul 20 2016 at 12:16:59 Copyright© 2015, McAfee, Inc. All Rights Reserved. AV Engine version v5800.7501 for Windows. Virus data file v1000.0 created on Jul 20, 2016 Ready to scan for 9836 viruses, trojans and variants. Custom scan initiated on quarta-feira, julho 20, 2016 09:31:43 Rootkit scan result : Clean. C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\003C293C-1466534344-003D-9CE1-3C00D1DF6549\vnssAA0.tmp.vir [MD5:9fe30692ceab57ddff98cd62cd89df7b] is infected with Artemis!9FE30692CEAB C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\003C293C-1466534344-003D-9CE1-3C00D1DF6549\vnssAA0.tmp.vir has been Deleted C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\Arikoiedrumition\ArkconfigurationSrv.html5.vir [MD5:b6616bbc4b8d538e3aa012ad9dbad25e] is infected with Artemis!B6616BBC4B8D C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\Arikoiedrumition\ArkconfigurationSrv.html5.vir has been Deleted C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\CalendarTool\2.0.0.11380\InstallHelper.exe.vir [MD5:9bc2de6eaed294f66467c14511680fe8] is infected with Artemis!9BC2DE6EAED2 C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\CalendarTool\2.0.0.11380\InstallHelper.exe.vir has been Deleted C:\AdwCleaner\FileQuarantine\C\Users\Vanessa Musso\AppData\Roaming\ASPackage\ASPackage.exe.vir [MD5:f1e8e5441c7f0087deeb5c71f5b92206] is infected with Artemis!F1E8E5441C7F C:\AdwCleaner\FileQuarantine\C\Users\Vanessa Musso\AppData\Roaming\ASPackage\ASPackage.exe.vir has been Deleted C:\AdwCleaner\FileQuarantine\C\WINDOWS\SysNative\drivers\12958ddeab2a21954cedd892344c539e.sys.vir [MD5:32cee7d24c2c1797f8246aecb8877d74] is infected with Artemis!32CEE7D24C2C C:\AdwCleaner\FileQuarantine\C\WINDOWS\SysNative\drivers\12958ddeab2a21954cedd892344c539e.sys.vir has been Deleted C:\FRST\Quarantine\C\Users\Vanessa Musso\AppData\Local\Temp\nsaA.tmp.exe.xBAD [MD5:f1e8e5441c7f0087deeb5c71f5b92206] is infected with Artemis!F1E8E5441C7F C:\FRST\Quarantine\C\Users\Vanessa Musso\AppData\Local\Temp\nsaA.tmp.exe.xBAD has been Deleted C:\Users\Vanessa Musso\Desktop\Corel\CorelDRAW Graphics Suite X7 - 64 Bits\Keygen.exe [MD5:8b704100bf6ad468fdf883822c35a42b] is infected with Artemis!8B704100BF6A C:\Users\Vanessa Musso\Desktop\Corel\CorelDRAW Graphics Suite X7 - 64 Bits\Keygen.exe has been Deleted Summary Report on C: File(s) TotalFiles:............ 1768355 Clean:................. 344145 Not Scanned:........... 1424203 Possibly Infected:..... 7 Time: 12:33:52 Scan completed on quarta-feira, julho 20, 2016 22:05:35
  9. Olá segue o log, valeu! Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 13-07-2016 01 Executado por Vanessa Musso (2016-07-13 16:33:16) Run:2 Executando a partir de C:\Users\Vanessa Musso\Desktop Perfis Carregados: Vanessa Musso (Perfis Disponíveis: Vanessa Musso) Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** CreateRestorePoint: CloseProcesses: CHR HomePage: ChromeDefaultData2 -> hxxp://www.nuesearch.com/?type=hp&ts=1467902747&z=05de935106072ef800cc7b5g6zcq8mbtaecocm9z4t&from=wpm0616&uid=HGSTXHTS545050A7E380_TM8513PY3LX42M3LX42MX CHR StartupUrls: ChromeDefaultData2 -> "hxxp://www.nuesearch.com/?type=hp&ts=1467902747&z=05de935106072ef800cc7b5g6zcq8mbtaecocm9z4t&from=wpm0616&uid=HGSTXHTS545050A7E380_TM8513PY3LX42M3LX42MX" CHR DefaultSearchURL: ChromeDefaultData2 -> hxxp://www.nuesearch.com/search/?type=ds&ts=1467902747&z=05de935106072ef800cc7b5g6zcq8mbtaecocm9z4t&from=wpm0616&uid=HGSTXHTS545050A7E380_TM8513PY3LX42M3LX42MX&q={searchTerms} CHR DefaultSearchKeyword: ChromeDefaultData2 -> nuesearch S1 gbpddfac; system32\drivers\gbpddfac64.sys [X] S0 gbpddreg; system32\drivers\gbpddreg64.sys [X] Reboot: ***************** Ponto de Restauração criado com sucesso. Processos fechados com sucesso. Chrome HomePage => removido (a) com sucesso. Chrome StartupUrls => removido (a) com sucesso. Chrome DefaultSearchURL => removido (a) com sucesso. Chrome DefaultSearchKeyword => removido (a) com sucesso. gbpddfac => serviço removido (a) com sucesso. gbpddreg => serviço removido (a) com sucesso. O sistema precisou ser reiniciado. ==== Fim de Fixlog 16:34:26 ====
  10. Boa noite Brother, Cara foi mal, limpei a área de trabalho aí fui criando subpastas para organizar. Bom está aí os logs. Firmeza! Valeu Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 10-07-2016 01 Executado por Vanessa Musso (2016-07-12 22:25:43) Executando a partir de C:\Users\Vanessa Musso\Desktop Windows 8.1 Single Language (Update) (X64) (2014-11-09 02:37:03) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-106726862-4054988722-2312773982-500 - Administrator - Disabled) Convidado (S-1-5-21-106726862-4054988722-2312773982-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-106726862-4054988722-2312773982-1009 - Limited - Enabled) Vanessa Musso (S-1-5-21-106726862-4054988722-2312773982-1001 - Administrator - Enabled) => C:\Users\Vanessa Musso ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.) 64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden Akamai NetSession Interface (HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\Akamai) (Version: - Akamai Technologies, Inc) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2223 - AVAST Software) CGS17_Setup_x64 (Version: 17.1 - Corel Corporation) Hidden Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.) Corel Graphics - Windows Shell Extension (HKLM\...\_{4DC318F5-1640-4417-A218-912ED9905FAA}) (Version: 17.1.0.572 - Corel Corporation) Corel Graphics - Windows Shell Extension (Version: 17.1.572 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.1.572 - Corel Corporation) Hidden Corel Shell Extension - 64Bit (Version: 14.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - BR (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1.0.572 - Corel Corporation) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden doPDF (Version: 8.1.920 - Softland) Hidden doPDF 8 (HKLM-x32\...\{7ced5c6b-4b09-4bd7-8707-b3cce8eead22}) (Version: 8.1.920 - Softland) EPSON L355 Series Printer Uninstall (HKLM\...\EPSON L355 Series) (Version: - SEIKO EPSON Corporation) ETDWare PS/2-X64 11.10.5.13_WHQL (HKLM\...\Elantech) (Version: 11.10.5.13 - ELAN Microelectronic Corp.) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Floriculturas Manager (HKLM-x32\...\ST6UNST #1) (Version: - ) Galeria de Fotos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.12.0.2 - ) Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.) Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation) Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel) Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation) K-Lite Codec Pack 9.8.0 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.8.0 - ) MakeMoney 10! (HKLM-x32\...\{9E35D32B-00B8-4EC8-A086-565FF4784182}) (Version: 10.0.99 - Starta - Empreendedorismo e Inovação) Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) MergeModule_x64 (Version: 9.1.00 - Sony Corporation) Hidden MergeModule_x86 (x32 Version: 9.1.00 - Sony Corporation) Hidden Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden MySQL Server 5.7 (HKLM\...\{2B08DE80-EE6F-489E-88CA-100046FB9763}) (Version: 5.7.11 - Oracle Corporation) novaPDF 8 add-in for Microsoft Office (x64) (HKLM\...\{17BD99A4-9C11-47D4-91AF-8814DD3FFCC2}) (Version: 8.1.920 - Softland) novaPDF 8 add-in for Microsoft Office (x86) (HKLM-x32\...\{B6E0BB99-B532-4EC1-9D84-ACC8CED590B3}) (Version: 8.1.920 - Softland) novaPDF 8 Printer Driver (HKLM\...\{3A1637B5-233D-47B1-B89F-EBF718C04CFD}) (Version: 8.1.920 - Softland) OpenOffice 4.1.1 (HKLM-x32\...\{503D2C42-D698-43BC-97FE-3610F4E8CDDC}) (Version: 4.11.9775 - Apache Software Foundation) Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation) Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden Plano de Negócio (HKLM-x32\...\{D233EC4A-EF4B-4CCA-AE37-7994A3E1A483}) (Version: 2.0.4 - SEBRAE) PlayMemories Home (HKLM-x32\...\{93AA5B49-0994-4EF6-80F3-868C9CEA88ED}) (Version: 4.1.00.12152 - Sony Corporation) PMB_ModeEditor (x32 Version: 9.1.00 - Sony Corporation) Hidden PMB_ServiceUploader (x32 Version: 9.1.00 - Sony Corporation) Hidden RealDownloader (x32 Version: 18.1.4.137 - RealNetworks, Inc.) Hidden RealDownloader (x32 Version: 18.1.4.142 - RealNetworks) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (RealTimes) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.4 - RealNetworks) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0212 - REALTEK Semiconductor Corp.) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden TZWebChart Chrome Compat versão 1.0 (HKLM-x32\...\{11B4A1FB-2794-4E0E-B96D-8E8611FED667}_is1) (Version: 1.0 - Tradezone - IT Evolution) Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{2BA6245D-FBB9-42F6-AFD9-C0DC52763AD5}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft) UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden vc2012_redist (x32 Version: 1.0.0.0 - Realnetworks) Hidden Video Downloader (x32 Version: 1.1.0 - RealNetworks) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation) WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) WinZip (HKLM-x32\...\WinZip) (Version: 2.2.50 - Winzipper Pvt Ltd.) <==== ATENÇÃO X Codec Pack (HKLM\...\X Codec Pack) (Version: 2.6.8 - X Codec Pack team) Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Vanessa Musso\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Vanessa Musso\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Vanessa Musso\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll () CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Vanessa Musso\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {07605517-216F-4533-B3BE-0770929D7530} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-106726862-4054988722-2312773982-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2016-05-13] (RealNetworks, Inc.) Task: {0B8E4CF9-AA0D-4EFA-8AAC-05B6EB3CEA4E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001Core => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-05] (Facebook Inc.) Task: {22FB0059-9011-4FD2-A05B-E18116D1C309} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {28027D36-8669-4212-8F17-17B61823F339} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {5D2092CE-F1C0-475F-8F6D-DEA5CB98DDAB} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2016-05-13] () Task: {60366634-ADEB-4059-A94A-DBA7CD3148A4} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-106726862-4054988722-2312773982-1001 => C:\Users\Vanessa Musso\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-05-19] (Microsoft Corporation) Task: {93E6214D-71BA-4939-93AD-AAD31B36D9C8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001UA => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-05] (Facebook Inc.) Task: {9ACE707B-7DC3-4A61-9E96-748D88414B93} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {9FEAB704-BA7A-4BD5-A55A-30E0B61FF4F9} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-106726862-4054988722-2312773982-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.) Task: {BB76340F-31BF-42DC-9519-5ED92BEF31C1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {C09037B4-EBA3-42DA-BF13-430CE02DB155} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2014-01-16] (Sony Corporation) Task: {C4EE6676-AF5B-41B1-A69D-72E9D2056BC2} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-106726862-4054988722-2312773982-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.) Task: {CA0FCC68-DAE3-4F5C-86B6-F8B69C1DF5CE} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software) Task: {CCD2161D-7951-434A-9932-B73EE712F199} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {D6B1F080-3FDE-4F99-A20D-F0A664F81AD9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {F38542EF-3C29-4C8D-B1F4-7B4F47C401F5} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {F68DD45D-F9F6-4978-9605-6EAF1BF1AD38} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [2014-11-21] () Task: {F94D331E-5975-4488-A0DE-9659DE9C28F0} - System32\Tasks\{C854BB84-73CD-45B7-A5A8-775F01CBF0D0} => pcalua.exe -a C:\WINDOWS\st6unst.exe -c -n "C:\FloriculturasManager\ST6UNST.LOG" Task: {FA06CE44-F3CB-4E26-BF71-DF94D2C6DFB7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-24] (AVAST Software) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001Core.job => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001UA.job => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) Shortcut: C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.8\Useful links\Download Codecs & Tools.lnk -> hxxp://www.codecs.com/ (Nenhum Arquivo) Shortcut: C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.8\Useful links\Talk about Codecs.lnk -> hxxp://codecs.com/forum (Nenhum Arquivo) Shortcut: C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.8\Useful links\X Codec Pack homepage.lnk -> hxxp://www.xpcodecpack.com/ (Nenhum Arquivo) ==================== Módulos Carregados (Whitelisted) ============== 2016-02-02 01:53 - 2016-02-02 01:53 - 39622144 _____ () C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe 2016-02-02 01:55 - 2016-02-02 01:55 - 00333312 _____ () C:\Program Files\MySQL\MySQL Server 5.7\lib\plugin\keyring_file.dll 2014-11-21 19:06 - 2014-11-21 19:06 - 00137368 _____ () C:\Program Files\Softland\novaPDF 8\Server\AgileDotNetRT64.dll 2016-05-13 15:13 - 2016-05-13 15:13 - 00032544 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe 2016-05-19 22:02 - 2016-05-19 22:02 - 00959168 _____ () C:\Users\Vanessa Musso\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2016-05-13 14:27 - 2016-05-13 14:27 - 00714992 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe 2015-07-24 22:03 - 2015-07-24 22:03 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-07-24 22:03 - 2015-07-24 22:03 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-07-08 18:56 - 2016-07-08 18:56 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\16070803\algo.dll 2016-07-11 21:49 - 2016-07-11 21:49 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\16071101\algo.dll 2016-05-13 15:13 - 2016-05-13 15:13 - 00037688 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll 2016-05-13 15:13 - 2016-05-13 15:13 - 00039224 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll 2016-05-13 15:13 - 2016-05-13 15:13 - 00037192 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll 2014-07-18 11:01 - 2012-07-18 15:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2016-05-29 14:54 - 2016-05-29 14:54 - 00022800 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Tools\ffmpeg\mediautil.dll 2015-07-24 22:03 - 2015-07-24 22:03 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2016-05-13 14:27 - 2016-05-13 14:27 - 00077552 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll 2016-06-18 00:04 - 2016-06-15 06:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll 2016-06-18 00:04 - 2016-06-15 06:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll 2016-05-13 14:20 - 2016-05-13 14:20 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll 2016-05-29 14:54 - 2016-05-29 14:54 - 00654608 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Lib\r1api.dll 2016-06-18 00:04 - 2016-06-15 06:15 - 17599640 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\caixa.gov.br -> imagem.caixa.gov.br ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2013-08-22 10:25 - 2016-07-06 20:48 - 00000035 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-106726862-4054988722-2312773982-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{CB4F4E25-AEC5-4EE4-AF0B-9571994E14E4}] => (Allow) C:\Users\Vanessa Musso\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{11F2D4D9-66A2-479B-8AA7-000E4590FA68}] => (Allow) C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{A59307A3-2557-4618-9919-A89AE38311C7}] => (Allow) C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{9FC05A92-269A-4AD7-9BA5-28A1F136CE89}] => (Allow) LPort=1900 FirewallRules: [{D0C56131-F94E-4DD1-AF1B-B4510A7AA254}] => (Allow) LPort=2869 FirewallRules: [{DFBFD68D-60D3-469E-BF8B-64ADD45ECE5B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [TCP Query User{2C4E19D5-8DC5-4AAA-B73E-4B07E9164E07}C:\program files (x86)\philips\mediamanager\twonkymanager.exe] => (Allow) C:\program files (x86)\philips\mediamanager\twonkymanager.exe FirewallRules: [UDP Query User{F43064C2-8C9E-43C1-B9B5-0B64D56CC2EA}C:\program files (x86)\philips\mediamanager\twonkymanager.exe] => (Allow) C:\program files (x86)\philips\mediamanager\twonkymanager.exe FirewallRules: [TCP Query User{AF65F942-7007-4F6E-AACC-4A113F47A7CC}C:\program files (x86)\philips\mediamanager\twonkyrenderer.exe] => (Allow) C:\program files (x86)\philips\mediamanager\twonkyrenderer.exe FirewallRules: [UDP Query User{3E40E999-D346-4459-8746-B5EC3BDA63EF}C:\program files (x86)\philips\mediamanager\twonkyrenderer.exe] => (Allow) C:\program files (x86)\philips\mediamanager\twonkyrenderer.exe FirewallRules: [{5CA268D2-D2B6-454A-89CF-2F3A58409C57}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe FirewallRules: [{46B9B203-B88C-4C0F-AC16-F483B79193E9}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe FirewallRules: [{1D7C6D3C-F214-4722-BAF3-38927E786FF4}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe FirewallRules: [{747D8045-E917-405D-9E0A-B93375B2051B}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe FirewallRules: [{96C902B5-E584-4D82-B719-CA206A97C808}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe FirewallRules: [{994FFEEC-8A20-4DF7-AFFF-633ECFC285D3}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe FirewallRules: [{B6A6D811-8A79-424E-A00B-700CE239C4BC}] => (Allow) C:\Program Files (x86)\TVMOBiLi\bin\tvMobiliService.exe FirewallRules: [{C3A08EBA-7D05-4DF4-B1D3-7CA8B8290A00}] => (Allow) LPort=8501 FirewallRules: [{A85E346C-7FB9-4CA0-A4C9-29F2E8DBD8CA}] => (Allow) LPort=8501 FirewallRules: [{EF1B2C42-BB87-42C2-B355-47BF1E43D134}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe FirewallRules: [{A131DE02-FD8D-4592-BD20-5B103C9525A4}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe FirewallRules: [{9269504F-7FDF-40FF-93EE-FC85CAB60F19}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe FirewallRules: [{10264800-7CE2-4624-A9DC-4EDC458F2F03}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe FirewallRules: [{690FCEE5-ABC9-4BDA-90D8-488DBA3A6FD1}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe FirewallRules: [{07013D7F-48AF-44A8-9206-C954F99A53CE}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{CA735CAE-5CF9-4DE8-BDC6-F48B13C04153}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{5345C1EE-BE85-4816-A6D9-66EBB45B2350}] => (Allow) C:\Users\Vanessa Musso\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{28621DB5-E1B4-4142-A66D-544E8313D8A6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{1260428E-F5C7-42E0-BBB4-81C20351033E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{79CEFEEA-BC27-4313-BD60-A08170E68ED2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{4FBBBD86-8A27-4D63-B733-567CED0CE851}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{29A9E71B-F313-4A42-B34F-C33494CBDA85}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{E359857F-8FC6-4726-9DC6-3AC9B3407C72}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{4A9EF3A8-6CA3-4A07-A650-CD52A903ED64}] => (Allow) LPort=3306 FirewallRules: [{5E648112-03E2-4F91-B38E-AB5DEFB61D0F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{C35AB92E-FCE3-4A8B-B10F-17BC2653F3AD}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{36BD014C-21DF-4947-8835-36B95FD7336C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{838145EF-3105-4B37-8CAE-6002B2E75BDA}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [TCP Query User{FA7EC0A9-2418-453C-8DDD-CB9077291ABF}C:\users\vanessa musso\appdata\local\apps\2.0\h6gah8o3.ggl\jtqr8qqt.znz\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\vanessa musso\appdata\local\apps\2.0\h6gah8o3.ggl\jtqr8qqt.znz\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe FirewallRules: [UDP Query User{5C8131F8-EC1C-405A-8D16-43469861E9FB}C:\users\vanessa musso\appdata\local\apps\2.0\h6gah8o3.ggl\jtqr8qqt.znz\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\vanessa musso\appdata\local\apps\2.0\h6gah8o3.ggl\jtqr8qqt.znz\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe FirewallRules: [{ED451CAE-1C5D-4EC4-87B2-235F6AFB68E8}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe FirewallRules: [TCP Query User{862C2861-322B-4DF4-BD46-FB6536199B21}C:\users\vanessa musso\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vanessa musso\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{59AF6811-88AA-4543-8562-145816AD8879}C:\users\vanessa musso\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vanessa musso\appdata\local\akamai\netsession_win.exe FirewallRules: [{1C964E36-A8CA-4850-ACD9-3CDDB6B5BAB1}] => (Allow) LPort=1688 FirewallRules: [{BA44EAEF-63C0-4C2D-ACB4-4FC3063CFC6E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{616E1816-C1C9-4F83-B2EC-24A3FFCB624E}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe FirewallRules: [{1D6B90E3-33D4-40EF-8F7C-8C461EC66EFA}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe ==================== Pontos de Restauração ========================= 21-06-2016 23:53:30 JRT Pre-Junkware Removal 28-06-2016 11:15:42 Windows Update 03-07-2016 11:24:13 Chrome Cleanup Tool 06-07-2016 20:47:17 Restore Point Created by FRST ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: CDC Serial Description: CDC Serial Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (07/12/2016 10:22:36 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa FRST64 (1).exe versão 21.6.2016.1 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID do Processo: 1514 Hora de Início: 01d1dca4f9f6fcf9 Hora de Término: 15 Caminho do Aplicativo: C:\Users\Vanessa Musso\Downloads\FRST64 (1).exe ID do Relatório: 43307365-4898-11e6-bedb-00e04d687d4a Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (07/11/2016 07:54:51 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Falha ao criar ponto de restauração (Processo = C:\WINDOWS\system32\svchost.exe -k netsvcs; Descrição = Windows Update; Erro = 0x81000101). Error: (07/09/2016 08:17:29 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (07/08/2016 10:07:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: SpfService64.exe, versão: 1.3.0.9090, carimbo de data/hora: 0x4e684dec Nome do módulo com falha: ntdll.dll, versão: 6.3.9600.18233, carimbo de data/hora: 0x56bb4ebb Código de exceção: 0xc0000005 Deslocamento da falha: 0x000000000003e8b6 ID do processo com falha: 0xb98 Hora de início do aplicativo com falha: 0xSpfService64.exe0 Caminho do aplicativo com falha: SpfService64.exe1 Caminho do módulo com falha: SpfService64.exe2 ID do Relatório: SpfService64.exe3 Nome completo do pacote com falha: SpfService64.exe4 ID do aplicativo relativo ao pacote com falha: SpfService64.exe5 Error: (07/08/2016 01:00:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: SpfService64.exe, versão: 1.3.0.9090, carimbo de data/hora: 0x4e684dec Nome do módulo com falha: ntdll.dll, versão: 6.3.9600.18233, carimbo de data/hora: 0x56bb4ebb Código de exceção: 0xc0000005 Deslocamento da falha: 0x000000000003e8b6 ID do processo com falha: 0x880 Hora de início do aplicativo com falha: 0xSpfService64.exe0 Caminho do aplicativo com falha: SpfService64.exe1 Caminho do módulo com falha: SpfService64.exe2 ID do Relatório: SpfService64.exe3 Nome completo do pacote com falha: SpfService64.exe4 ID do aplicativo relativo ao pacote com falha: SpfService64.exe5 Error: (07/08/2016 12:54:56 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Falha na geração de contexto de ativação para "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1". Assembly dependente rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado. Error: (07/08/2016 09:49:55 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (07/07/2016 11:48:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: vanessa) Description: Falha na ativação do aplicativo Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (07/07/2016 11:40:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: vanessa) Description: Falha na ativação do aplicativo Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (07/07/2016 09:01:57 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: CorelPP.exe, versão: 17.1.0.572, carimbo de data/hora: 0x538e8a18 Nome do módulo com falha: corelpp.dll, versão: 17.1.0.572, carimbo de data/hora: 0x538e8d97 Código de exceção: 0xc0000005 Deslocamento da falha: 0x0000000000877fbc ID do processo com falha: 0xa04 Hora de início do aplicativo com falha: 0xCorelPP.exe0 Caminho do aplicativo com falha: CorelPP.exe1 Caminho do módulo com falha: CorelPP.exe2 ID do Relatório: CorelPP.exe3 Nome completo do pacote com falha: CorelPP.exe4 ID do aplicativo relativo ao pacote com falha: CorelPP.exe5 Erros de Sistema: ============= Error: (07/12/2016 07:56:27 AM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (07/12/2016 07:55:56 AM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (07/11/2016 12:00:18 PM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (07/11/2016 11:59:48 AM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (07/11/2016 11:34:54 AM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (07/11/2016 11:34:24 AM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (07/11/2016 11:26:23 AM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (07/11/2016 11:25:53 AM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (07/11/2016 10:40:03 AM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (07/11/2016 10:39:33 AM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} CodeIntegrity: =================================== Date: 2015-08-12 12:01:16.210 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Informações da Memória =========================== Processador: Intel(R) Celeron(R) CPU 1037U @ 1.80GHz Percentagem de memória em uso: 59% RAM física total: 3932.14 MB RAM física disponível: 1604.92 MB Virtual Total: 5788.14 MB Virtual disponível: 2790.95 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:449.07 GB) (Free:131.75 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. ==================== Fim de Addition.txt ============================ Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 10-07-2016 01 Executado por Vanessa Musso (administrador) em VANESSA (12-07-2016 22:23:00) Executando a partir de C:\Users\Vanessa Musso\Desktop Perfis Carregados: Vanessa Musso (Perfis Disponíveis: Vanessa Musso) Platform: Windows 8.1 Single Language (Update) (X64) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe () C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe (Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (BitTorrent Inc.) C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\uTorrent.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (BitTorrent Inc.) C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe (Akamai Technologies, Inc.) C:\Users\Vanessa Musso\AppData\Local\Akamai\netsession_win.exe (BitTorrent Inc.) C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe (Akamai Technologies, Inc.) C:\Users\Vanessa Musso\AppData\Local\Akamai\netsession_win.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Autodesk, Inc.) C:\Autodesk\Autodesk_PRDSU_2016_TRIAL_PTB_Win_64bit_wi_pt-br\x64\PrdsTrialTray.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2013-04-08] (ELAN Microelectronics Corp.) HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-15] (AVAST Software) HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2728472 2014-12-15] (Sony Corporation) HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [293768 2016-05-29] (RealNetworks, Inc.) HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [714992 2016-05-13] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation) Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal) HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\Run: [uTorrent] => C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\uTorrent.exe [2133504 2016-05-13] (BitTorrent Inc.) HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\Run: [Facebook Update] => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-11-05] (Facebook Inc.) HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Vanessa Musso\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\RunOnce: [Uninstall C:\Users\Vanessa Musso\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vanessa Musso\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918" ShellExecuteHooks: - {98C066AB-D735-4339-9E52-A34875141B56} - Nenhum Arquivo [ ] ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1888480 2015-09-22] (Caixa Economica Federal) ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX64.dll Nenhum Arquivo ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX64.dll Nenhum Arquivo ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX64.dll Nenhum Arquivo ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-24] (AVAST Software) ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2016-07-08] ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.) Startup: C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Autodesk Product Design Suite 2016 Trial Tray.lnk [2016-07-08] ShortcutTarget: Autodesk Product Design Suite 2016 Trial Tray.lnk -> C:\Autodesk\Autodesk_PRDSU_2016_TRIAL_PTB_Win_64bit_wi_pt-br\x64\PrdsTrialTray.exe (Autodesk, Inc.) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{79691668-B4C3-442D-9421-47D5F024C0C1}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{A052614E-CB9A-402A-9C82-788A064AE21D}: [DhcpNameServer] 192.168.1.1 ManualProxies: Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-106726862-4054988722-2312773982-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1 BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-05-13] (RealDownloader) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-05-27] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-24] (AVAST Software) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation) BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-05-13] (RealDownloader) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-05-27] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-05] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-24] (AVAST Software) BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2015-09-22] (Caixa Economica Federal) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-05] (Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation) FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-05] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-05] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation) FF Plugin-x32: @real.com/nppl3260;version=18.1.4.135 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2016-05-29] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=18.1.4.135 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2016-05-29] (RealPlayer) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin HKU\S-1-5-21-106726862-4054988722-2312773982-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Vanessa Musso\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-106726862-4054988722-2312773982-1001: gastecnologia.com.br/sf/cef -> C:\Users\Vanessa Musso\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-12-09] (GAS Tecnologia) FF Plugin HKU\S-1-5-21-106726862-4054988722-2312773982-1001: gastecnologia.com.br/sf/cef64 -> C:\Users\Vanessa Musso\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll [2014-12-09] (GAS Tecnologia) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation) FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-11] Chrome: ======= CHR HomePage: ChromeDefaultData2 -> hxxp://www.nuesearch.com/?type=hp&ts=1467902747&z=05de935106072ef800cc7b5g6zcq8mbtaecocm9z4t&from=wpm0616&uid=HGSTXHTS545050A7E380_TM8513PY3LX42M3LX42MX CHR StartupUrls: ChromeDefaultData2 -> "hxxp://www.nuesearch.com/?type=hp&ts=1467902747&z=05de935106072ef800cc7b5g6zcq8mbtaecocm9z4t&from=wpm0616&uid=HGSTXHTS545050A7E380_TM8513PY3LX42M3LX42MX" CHR DefaultSearchURL: ChromeDefaultData2 -> hxxp://www.nuesearch.com/search/?type=ds&ts=1467902747&z=05de935106072ef800cc7b5g6zcq8mbtaecocm9z4t&from=wpm0616&uid=HGSTXHTS545050A7E380_TM8513PY3LX42M3LX42MX&q={searchTerms} CHR DefaultSearchKeyword: ChromeDefaultData2 -> nuesearch CHR Profile: C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 CHR Extension: (Google Apresentações) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04] CHR Extension: (Google Docs) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04] CHR Extension: (Google Drive) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Google Search) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31] CHR Extension: (Avast SafePrice) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-01-28] CHR Extension: (Planilhas do Google) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04] CHR Extension: (Documentos Google off-line) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16] CHR Extension: (Avast Online Security) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-05] CHR Extension: (MailTrack para Gmail) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2016-07-07] CHR Extension: (TZWebChartWindow) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\nmdhbmdklokcmpmcegmbfehjencmbeab [2016-03-05] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR Extension: (Gmail) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-08] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-24] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-24] ==================== Serviços (Whitelisted) ======================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-24] (AVAST Software) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-07-24] (Avast Software) R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [593120 2015-09-22] (GAS Tecnologia) R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2013-04-08] (Realsil Microelectronics Inc.) [Arquivo não assinado] R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-09-17] (Intel Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-09-17] (Intel Corporation) R2 MySQL57; C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe [39622144 2016-02-02] () [Arquivo não assinado] S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [Arquivo não assinado] R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [35616 2014-11-21] (Microsoft) R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [487960 2014-12-15] (Sony Corporation) S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [Arquivo não assinado] R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc) R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [32544 2016-05-13] () R2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1095440 2016-05-29] (RealNetworks, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-24] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-24] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-24] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-24] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-15] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-15] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-24] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-24] (AVAST Software) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-09-03] (GAS Tecnologia) R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-07-24] (AVAST Software) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation ) S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr)) R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-24] (Avast Software) R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-09-03] (GAS Tecnologia LTDA) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S1 gbpddfac; system32\drivers\gbpddfac64.sys [X] S0 gbpddreg; system32\drivers\gbpddreg64.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-07-12 22:23 - 2016-07-12 22:24 - 00023648 _____ C:\Users\Vanessa Musso\Desktop\FRST.txt 2016-07-12 01:49 - 2016-07-12 01:49 - 00085856 _____ C:\WINDOWS\SysWOW64\rsslogs.20160712014808 2016-07-11 22:08 - 2016-07-11 22:08 - 00012279 _____ C:\Users\Vanessa Musso\Downloads\Agroflores 12 07 16.xlsx 2016-07-11 21:53 - 2016-07-11 22:06 - 00012306 _____ C:\Users\Vanessa Musso\Desktop\Agroflores 12 07 16.xlsx 2016-07-11 07:55 - 2016-07-12 01:49 - 00477813 _____ C:\WINDOWS\SysWOW64\rsslogs.20160711075451 2016-07-10 00:12 - 2016-07-11 07:55 - 00053111 _____ C:\WINDOWS\SysWOW64\rsslogs.20160710001113 2016-07-09 21:08 - 2016-07-09 21:11 - 00021655 _____ C:\Users\Vanessa Musso\Desktop\silvas (Salvo automaticamente).xlsx 2016-07-09 20:19 - 2016-07-10 00:12 - 00059894 _____ C:\WINDOWS\SysWOW64\rsslogs.20160709201840 2016-07-09 17:02 - 2016-07-09 20:18 - 00019220 _____ C:\WINDOWS\SysWOW64\rsslogs.20160709013126 2016-07-08 22:05 - 2016-07-09 17:02 - 00030500 _____ C:\WINDOWS\SysWOW64\rsslogs.20160708220436 2016-07-08 21:30 - 2016-07-08 21:32 - 02309816 _____ C:\Users\Vanessa Musso\Downloads\INSTALAR_DJMIXER5.zip 2016-07-08 09:45 - 2016-07-08 19:18 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-07-08 09:42 - 2016-07-08 12:54 - 00001115 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-07-08 09:42 - 2016-07-08 09:42 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes 2016-07-08 09:42 - 2016-07-08 09:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-07-08 09:42 - 2016-07-08 09:42 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-07-08 09:42 - 2016-07-08 09:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-07-08 09:42 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-07-08 09:42 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-07-08 09:42 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-07-08 09:35 - 2016-07-08 09:38 - 22851472 _____ (Malwarebytes ) C:\Users\Vanessa Musso\Downloads\mbam-setup-2.2.1.1043.exe 2016-07-07 19:50 - 2016-07-07 20:15 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Fotos Merlo Artesanato 2016-07-07 11:47 - 2016-07-07 11:47 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52593140.html 2016-07-07 11:47 - 2016-07-07 11:47 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52540140.html 2016-07-07 11:47 - 2016-07-07 11:47 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52539890.html 2016-07-07 11:47 - 2016-07-07 11:47 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\WinZiper 2016-07-07 11:47 - 2016-07-07 11:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 2016-07-07 11:46 - 2016-07-07 23:57 - 00000001 _____ C:\WINDOWS\SysWOW64\br.html 2016-07-07 11:46 - 2016-07-07 11:46 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52487093.html 2016-07-07 11:46 - 2016-07-07 11:46 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52486718.html 2016-07-07 11:46 - 2016-07-07 11:46 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52482750.html 2016-07-07 11:46 - 2016-07-07 11:46 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52482453.html 2016-07-07 11:46 - 2016-07-07 11:46 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52475765.html 2016-07-07 11:46 - 2016-07-07 11:46 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52475515.html 2016-07-07 11:45 - 2016-07-07 11:45 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52467750.html 2016-07-07 11:45 - 2016-07-07 11:45 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52467265.html 2016-07-07 11:45 - 2016-07-07 11:45 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52464250.html 2016-07-07 11:45 - 2016-07-07 11:45 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52463921.html 2016-07-07 11:45 - 2016-07-07 11:45 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52449343.html 2016-07-07 11:45 - 2016-07-07 11:45 - 00000058 _____ C:\WINDOWS\SysWOW64\br_52448000.html 2016-07-07 11:45 - 2016-07-07 11:45 - 00000000 ____D C:\WINDOWS\SysWOW64\_TSpm 2016-07-07 08:40 - 2016-07-12 22:22 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Limpeza 2016-07-06 20:44 - 2016-07-06 20:44 - 00003778 _____ C:\Users\Vanessa Musso\Downloads\fixlist (1).txt 2016-07-06 20:41 - 2016-07-06 20:41 - 00003778 _____ C:\Users\Vanessa Musso\Downloads\fixlist.txt 2016-07-04 10:37 - 2016-07-11 21:27 - 02390528 _____ (Farbar) C:\Users\Vanessa Musso\Desktop\FRST64.exe 2016-07-04 09:31 - 2016-07-08 10:31 - 00020541 _____ C:\Users\Vanessa Musso\Downloads\silvas.xlsx 2016-06-30 13:45 - 2016-06-30 15:50 - 158908247 _____ C:\Users\Vanessa Musso\Desktop\Cópia_de_segurança_de_fotos limpas para catálogo.cdr 2016-06-30 11:58 - 2016-07-08 09:38 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Fotos Artesanato Nova Vida 2016-06-29 19:26 - 2016-06-29 19:26 - 00494664 _____ C:\Users\Vanessa Musso\Downloads\Tabela de Preços Albano 05-16 (1).pdf 2016-06-29 18:33 - 2016-06-29 18:33 - 00000000 ____D C:\Program Files (x86)\k4um3yr7 2016-06-29 17:48 - 2016-06-29 17:48 - 00000270 _____ C:\Users\Vanessa Musso\Desktop\CorelDRAW Graphics Suite X7.txt 2016-06-29 17:30 - 2016-07-08 12:54 - 00003055 _____ C:\Users\Public\Desktop\Corel PHOTO-PAINT X7 (64-Bit).lnk 2016-06-29 17:30 - 2016-07-08 12:54 - 00003007 _____ C:\Users\Public\Desktop\CorelDRAW X7 (64-Bit).lnk 2016-06-29 17:30 - 2016-06-29 17:30 - 00000000 ____D C:\Program Files (x86)\gs 2016-06-29 17:26 - 2016-06-29 17:26 - 00000000 ____D C:\Users\Public\Documents\Corel 2016-06-29 17:25 - 2016-06-29 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit) 2016-06-29 17:23 - 2016-06-29 17:24 - 00000000 ____D C:\Program Files\Corel 2016-06-29 12:47 - 2016-06-29 12:47 - 00203080 _____ C:\Users\Vanessa Musso\Downloads\IMG-20160629-WA0001.jpg.jpeg 2016-06-29 12:47 - 2016-06-29 12:47 - 00124681 _____ C:\Users\Vanessa Musso\Downloads\IMG-20160629-WA0000.jpg.jpeg 2016-06-29 12:33 - 2016-06-29 12:33 - 00000000 ____D C:\Program Files (x86)\opv0a6y9 2016-06-29 10:55 - 2016-06-29 10:56 - 00999424 _____ C:\Users\Vanessa Musso\Downloads\GMA.plnx 2016-06-29 10:55 - 2016-06-29 10:56 - 00999424 _____ C:\Users\Vanessa Musso\Downloads\GMA.Bak 2016-06-29 10:53 - 2016-06-29 10:53 - 00880640 _____ C:\Users\Vanessa Musso\Downloads\CDProtection.plnx 2016-06-29 10:53 - 2016-06-29 10:53 - 00880640 _____ C:\Users\Vanessa Musso\Downloads\CDProtection.Bak 2016-06-29 10:39 - 2016-06-29 10:39 - 00528384 _____ C:\Users\Vanessa Musso\Downloads\CiaDoCao.plnx 2016-06-29 10:39 - 2016-06-29 10:39 - 00528384 _____ C:\Users\Vanessa Musso\Downloads\CiaDoCao.Bak 2016-06-29 10:33 - 2016-06-29 10:33 - 00000000 ____D C:\Program Files (x86)\oqk8ovam 2016-06-29 10:08 - 2016-06-29 10:09 - 00000000 ____D C:\Program Files (x86)\iicbxnka 2016-06-29 09:38 - 2016-06-29 09:41 - 06230532 _____ (Softland) C:\Users\Vanessa Musso\Downloads\dopdf-full.exe 2016-06-29 09:09 - 2016-07-08 12:56 - 00000000 ____D C:\Program Files (x86)\WinZipper 2016-06-29 09:09 - 2016-06-29 09:09 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\eCyber 2016-06-29 09:08 - 2016-06-29 09:08 - 00000000 ____D C:\Program Files (x86)\TXQQBrowser 2016-06-29 09:08 - 2016-06-29 09:08 - 00000000 ____D C:\Program Files (x86)\t10rur95 2016-06-28 17:20 - 2016-06-28 17:20 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Nova pasta (7) 2016-06-28 17:19 - 2016-06-28 17:20 - 00002359 _____ C:\Users\Vanessa Musso\Downloads\Outlook.com (1).zip 2016-06-22 19:14 - 2016-06-22 19:14 - 00099596 _____ C:\Users\Vanessa Musso\Downloads\RE BUBA=REPRESENTANTE (Anexos).zip 2016-06-22 19:08 - 2016-06-22 19:08 - 00000000 ____D C:\Users\Vanessa Musso\.cache 2016-06-22 10:49 - 2016-06-22 10:50 - 02387456 _____ (Farbar) C:\Users\Vanessa Musso\Downloads\FRST64 (1).exe 2016-06-22 10:48 - 2016-06-22 10:49 - 01738240 _____ (Farbar) C:\Users\Vanessa Musso\Downloads\FRST.exe 2016-06-22 00:53 - 2016-06-22 01:43 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\ZHP 2016-06-22 00:50 - 2016-06-22 00:52 - 02272256 _____ C:\Users\Vanessa Musso\Downloads\ZHPCleaner.exe 2016-06-21 23:47 - 2016-06-21 23:48 - 01610816 _____ (Malwarebytes) C:\Users\Vanessa Musso\Downloads\JRT (2).exe 2016-06-21 23:29 - 2016-06-21 23:30 - 01610816 _____ (Malwarebytes) C:\Users\Vanessa Musso\Downloads\JRT (1).exe 2016-06-21 22:52 - 2016-07-09 20:18 - 00000000 ____D C:\Users\Vanessa Musso\AppData\LocalLow\uTorrent 2016-06-21 22:52 - 2016-07-08 12:53 - 00002310 _____ C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-06-21 22:52 - 2016-07-08 12:52 - 00002280 _____ C:\Users\Vanessa Musso\Desktop\Google Chrome.lnk 2016-06-21 20:55 - 2016-06-21 20:55 - 03703360 _____ C:\Users\Vanessa Musso\Downloads\adwcleaner_5.200.exe 2016-06-21 20:32 - 2016-07-08 12:52 - 00002967 _____ C:\Users\Vanessa Musso\Desktop\MakeMoney 10!.lnk 2016-06-21 20:32 - 2016-06-21 20:32 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MakeMoney 10! 2016-06-21 20:32 - 2016-06-21 20:32 - 00000000 ____D C:\Program Files (x86)\MakeMoney 10! 2016-06-21 20:17 - 2016-06-21 20:27 - 29121536 _____ C:\Users\Vanessa Musso\Downloads\Instala.exe 2016-06-21 16:13 - 2016-07-08 12:52 - 00001247 _____ C:\Users\Vanessa Musso\Desktop\Continue Last version Installation.lnk 2016-06-21 15:46 - 2016-06-21 15:46 - 00000000 ____D C:\Users\Public\Documents\Tools 2016-06-21 15:45 - 2016-06-21 22:51 - 00000000 ____D C:\Program Files (x86)\mpck 2016-06-21 15:30 - 2016-06-21 15:30 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Local\NanoNet 2016-06-21 11:50 - 2016-06-21 11:50 - 00494664 _____ C:\Users\Vanessa Musso\Downloads\Tabela de Preços Albano 05-16.pdf 2016-06-21 08:35 - 2016-06-14 14:13 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-06-21 08:35 - 2016-06-14 14:13 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-06-20 20:46 - 2016-07-07 21:07 - 01467447 _____ C:\Users\Vanessa Musso\Desktop\DISTRIBUIDORES E ATACADISTAS VEILING.xlsx 2016-06-20 14:05 - 2016-06-20 14:05 - 00003474 _____ C:\Users\Vanessa Musso\Downloads\comprovante (28).html 2016-06-20 11:43 - 2016-06-20 11:43 - 00142495 _____ C:\WINDOWS\2cdae02d91692a634545c5b4daa18a38.exe 2016-06-17 18:12 - 2016-06-20 20:37 - 00182042 _____ C:\Users\Vanessa Musso\Downloads\Prospecção Geral.xlsx 2016-06-15 23:32 - 2016-06-15 23:33 - 01216134 _____ C:\Users\Vanessa Musso\Downloads\Guia Prático de Criação de Galinhas - Valdir Rocha.pdf 2016-06-15 23:01 - 2016-06-03 14:11 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2016-06-15 23:01 - 2016-06-03 10:38 - 01413120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-06-15 23:01 - 2016-06-02 14:51 - 00050352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-06-15 23:01 - 2016-05-29 12:04 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-06-15 23:01 - 2016-05-29 12:04 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-06-15 23:01 - 2016-05-29 12:04 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-06-15 23:01 - 2016-05-29 12:04 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-06-15 23:01 - 2016-05-29 12:04 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll 2016-06-15 23:01 - 2016-05-29 12:04 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-06-15 23:01 - 2016-04-14 12:25 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2016-06-15 23:01 - 2016-04-14 12:11 - 02464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2016-06-15 23:01 - 2016-04-12 12:46 - 14467584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-06-15 23:01 - 2016-04-12 12:30 - 12879872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-06-15 23:01 - 2016-01-31 16:17 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe 2016-06-15 23:01 - 2016-01-31 15:07 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2016-06-15 23:01 - 2016-01-31 14:42 - 03320832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2016-06-15 23:01 - 2016-01-31 14:14 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2016-06-15 22:52 - 2016-05-21 14:28 - 25802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-06-15 22:52 - 2016-05-21 13:57 - 20341248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-06-15 22:52 - 2016-05-20 19:02 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-06-15 22:52 - 2016-05-20 18:29 - 13815808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-06-15 22:52 - 2016-05-20 18:14 - 04610048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-06-15 22:52 - 2016-05-20 18:11 - 15420928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-06-15 22:52 - 2016-05-20 17:46 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-06-15 22:52 - 2016-05-20 17:34 - 01544192 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-06-15 22:51 - 2016-05-20 19:09 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-06-15 22:51 - 2016-05-20 19:08 - 02895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-06-15 22:51 - 2016-05-20 18:57 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-06-15 22:51 - 2016-05-20 18:55 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2016-06-15 22:51 - 2016-05-20 18:54 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2016-06-15 22:51 - 2016-05-20 18:50 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-06-15 22:51 - 2016-05-20 18:44 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2016-06-15 22:51 - 2016-05-20 18:27 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2016-06-15 22:51 - 2016-05-20 18:25 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2016-06-15 22:51 - 2016-05-20 18:25 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2016-06-15 22:51 - 2016-05-20 18:21 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2016-06-15 22:51 - 2016-05-20 18:21 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2016-06-15 22:51 - 2016-05-20 18:19 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-06-15 22:51 - 2016-05-20 18:16 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2016-06-15 22:51 - 2016-05-20 18:12 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2016-06-15 22:51 - 2016-05-20 18:11 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2016-06-15 22:51 - 2016-05-20 18:09 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-06-15 22:51 - 2016-05-20 18:09 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-06-15 22:51 - 2016-05-20 18:08 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-06-15 22:51 - 2016-05-20 18:08 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-06-15 22:51 - 2016-05-20 18:06 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-06-15 22:51 - 2016-05-20 17:42 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-06-15 22:51 - 2016-05-20 17:38 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-06-15 22:51 - 2016-05-20 17:38 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-06-15 22:51 - 2016-05-20 17:23 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-06-15 22:31 - 2016-05-12 15:38 - 00135336 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll 2016-06-15 22:31 - 2016-05-12 14:43 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll 2016-06-15 22:31 - 2016-05-12 13:17 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll 2016-06-15 22:31 - 2016-05-12 13:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll 2016-06-15 22:31 - 2016-05-12 13:07 - 01360896 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll 2016-06-15 22:31 - 2016-05-12 12:59 - 00398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL 2016-06-15 22:31 - 2016-05-12 12:43 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll 2016-06-15 22:31 - 2016-05-12 12:37 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll 2016-06-15 22:30 - 2016-05-16 18:13 - 00563016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-06-15 22:30 - 2016-05-16 18:13 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2016-06-15 22:30 - 2016-05-16 18:13 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2016-06-15 22:30 - 2016-05-16 18:13 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-06-15 22:30 - 2016-05-14 17:01 - 00363104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll 2016-06-15 22:30 - 2016-05-14 17:01 - 00320720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll 2016-06-15 22:30 - 2016-05-13 20:09 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-06-15 22:30 - 2016-05-13 20:07 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2016-06-15 22:30 - 2016-05-13 20:07 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2016-06-15 22:30 - 2016-05-13 20:07 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2016-06-15 22:30 - 2016-05-13 20:06 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2016-06-15 22:30 - 2016-05-13 19:34 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2016-06-15 22:30 - 2016-05-13 18:58 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll 2016-06-15 22:30 - 2016-05-13 18:58 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2016-06-15 22:30 - 2016-05-13 18:45 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2016-06-15 22:30 - 2016-05-13 18:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll 2016-06-15 22:30 - 2016-05-13 18:26 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2016-06-15 22:30 - 2016-05-09 18:35 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll 2016-06-15 22:30 - 2016-05-09 17:56 - 05270016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll 2016-06-15 22:30 - 2016-05-09 17:45 - 07793152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-06-15 22:30 - 2016-05-09 17:23 - 05265920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-06-15 22:30 - 2016-05-06 12:45 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2016-06-15 22:30 - 2016-05-06 12:23 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2016-06-15 22:25 - 2016-05-18 02:31 - 00372568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2016-06-15 22:25 - 2016-05-18 02:31 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2016-06-15 22:25 - 2016-05-13 20:04 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2016-06-15 22:25 - 2016-05-13 19:19 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2016-06-15 22:00 - 2016-05-18 20:15 - 01379040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-06-15 21:59 - 2016-05-18 17:35 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-07-12 22:24 - 2015-04-29 23:59 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Flor SA 2016-07-12 22:24 - 2014-11-03 13:34 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\uTorrent 2016-07-12 22:23 - 2015-10-17 19:13 - 00000000 ____D C:\FRST 2016-07-12 22:01 - 2014-11-03 12:23 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-07-12 21:47 - 2014-11-08 23:44 - 00003970 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7D7F53BF-49ED-4B82-98E5-1E113D227D91} 2016-07-12 21:46 - 2014-11-05 20:41 - 00000976 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001UA.job 2016-07-12 21:46 - 2014-11-05 20:41 - 00000954 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001Core.job 2016-07-11 22:08 - 2014-11-03 12:01 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Local\Packages 2016-07-11 11:51 - 2014-09-24 11:04 - 01797166 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-07-11 11:51 - 2014-09-24 10:19 - 00774900 _____ C:\WINDOWS\system32\prfh0416.dat 2016-07-11 11:51 - 2014-09-24 10:19 - 00158494 _____ C:\WINDOWS\system32\prfc0416.dat 2016-07-11 11:51 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Inf 2016-07-11 08:21 - 2015-01-02 10:00 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin 2016-07-11 08:21 - 2015-01-02 10:00 - 00000000 ____D C:\ProgramData\GbPlugin 2016-07-11 08:08 - 2014-11-03 12:18 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-106726862-4054988722-2312773982-1001 2016-07-11 07:59 - 2016-02-07 18:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2016-07-11 07:58 - 2015-06-30 17:46 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help 2016-07-09 20:17 - 2014-11-08 23:23 - 00000000 ____D C:\Users\Vanessa Musso 2016-07-09 20:17 - 2014-11-03 12:23 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-07-08 22:04 - 2015-01-02 10:00 - 00000000 ____D C:\Program Files (x86)\GbPlugin 2016-07-08 22:04 - 2013-08-22 11:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-07-08 18:55 - 2014-11-03 13:33 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update 2016-07-08 18:52 - 2013-08-22 11:44 - 00583488 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-07-08 12:56 - 2013-08-22 10:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-07-08 12:54 - 2015-05-01 13:22 - 00002637 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plano de Negócio.lnk 2016-07-08 12:54 - 2015-04-09 23:50 - 00001062 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk 2016-07-08 12:54 - 2015-01-02 09:36 - 00002025 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2016-07-08 12:54 - 2014-12-17 20:22 - 00002180 _____ C:\Users\Public\Desktop\PlayMemories Home.lnk 2016-07-08 12:54 - 2014-11-08 23:27 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-07-08 12:54 - 2014-07-17 16:34 - 00001381 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk 2016-07-08 12:54 - 2014-07-17 16:34 - 00001312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk 2016-07-08 12:53 - 2016-04-23 15:42 - 00002373 _____ C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk 2016-07-08 12:53 - 2014-11-08 23:23 - 00000469 _____ C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2016-07-08 12:53 - 2014-11-08 23:23 - 00000467 _____ C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2016-07-08 12:53 - 2014-11-03 13:35 - 00000846 _____ C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2016-07-08 12:52 - 2016-05-25 18:13 - 00001535 _____ C:\Users\Vanessa Musso\Desktop\Outlook.com - Atalho.lnk 2016-07-08 12:52 - 2015-11-29 20:55 - 00001700 _____ C:\Users\Vanessa Musso\Desktop\Backup-codes-joaoawoki - Atalho.lnk 2016-07-08 12:52 - 2014-12-11 12:07 - 00001194 _____ C:\Users\Vanessa Musso\Desktop\Continue Download &amp; Install Installation.lnk 2016-07-08 12:52 - 2014-11-03 13:35 - 00000866 _____ C:\Users\Vanessa Musso\Desktop\µTorrent.lnk 2016-07-07 23:58 - 2014-11-26 09:54 - 01517056 ___SH C:\Users\Vanessa Musso\Desktop\Thumbs.db 2016-07-07 09:22 - 2016-01-20 20:56 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Cursos; Cartilhas; Estudos; Manuais; certificados e diplomas 2016-07-07 09:21 - 2016-03-12 10:23 - 00000000 ___RD C:\Users\Vanessa Musso\Desktop\Backup Flor S.A 07 02 16 2016-07-07 08:54 - 2015-04-30 00:32 - 00042113 _____ C:\Users\Vanessa Musso\Desktop\Sem título 1.ods 2016-07-07 08:41 - 2016-05-15 20:53 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\RECEITAS DO AOKI 2016-07-07 08:41 - 2016-03-29 00:23 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Invest 2016-06-30 17:51 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-06-30 12:09 - 2015-04-30 17:44 - 00000000 ____D C:\Users\Todos os Usuários\Corel 2016-06-30 12:09 - 2015-04-30 17:44 - 00000000 ____D C:\ProgramData\Corel 2016-06-29 17:38 - 2016-03-05 19:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-06-29 17:38 - 2016-03-05 19:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-06-29 17:20 - 2016-01-22 13:39 - 00000000 ____D C:\Users\Todos os Usuários\CorelDRAW Graphics Suite X7 x64 2016-06-29 17:20 - 2016-01-22 13:39 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X7 x64 2016-06-29 12:48 - 2014-11-30 10:52 - 00265216 ___SH C:\Users\Vanessa Musso\Downloads\Thumbs.db 2016-06-29 09:34 - 2015-09-10 21:28 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Local\ElevatedDiagnostics 2016-06-28 12:29 - 2016-03-05 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-06-27 16:40 - 2015-01-20 13:14 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\pgto internet 2016-06-22 19:04 - 2016-05-08 15:21 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Nova pasta (6) 2016-06-22 19:04 - 2014-12-17 20:04 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Fotos Maquina 17 12 14 2016-06-22 19:01 - 2015-10-17 18:31 - 00000000 ____D C:\AdwCleaner 2016-06-22 10:55 - 2015-10-17 19:13 - 00073628 _____ C:\Users\Vanessa Musso\Downloads\FRST.txt 2016-06-21 15:44 - 2016-06-05 15:31 - 00001894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk 2016-06-21 15:44 - 2016-06-05 15:29 - 00001876 _____ C:\Users\Public\Desktop\Gооglе Сhrоmе.lnk 2016-06-21 12:36 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\rescache 2016-06-21 10:16 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-06-21 08:27 - 2014-12-10 16:53 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-06-21 08:27 - 2013-08-22 12:36 - 00000000 ___RD C:\WINDOWS\ToastData 2016-06-20 14:29 - 2013-08-22 12:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-06-20 14:21 - 2012-07-26 04:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-06-20 13:52 - 2014-11-04 13:00 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-06-20 13:40 - 2014-11-04 13:00 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-06-16 23:58 - 2013-08-22 10:25 - 00000167 _____ C:\WINDOWS\win.ini ==================== Arquivos na raiz de alguns diretórios ======= 2015-04-28 09:58 - 2015-04-28 09:58 - 0016726 _____ () C:\Users\Vanessa Musso\AppData\Roaming\unins000.dat 2015-01-31 12:40 - 2015-12-04 21:40 - 0022528 _____ () C:\Users\Vanessa Musso\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-04-03 10:42 - 2016-04-03 10:42 - 0000000 _____ () C:\Users\Vanessa Musso\AppData\Local\{3AC4BAFF-A0AF-4304-A5EB-40899DCEAD3F} 2014-11-08 15:29 - 2014-11-08 15:29 - 0000011 _____ () C:\ProgramData\.tv7 ==================== Bamital & volsnap ================= (Não há correção automática para arquivos que não passaram na verificação.) C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2016-07-12 07:55 ==================== Fim de FRST.txt ============================
  11. Boa noite Brother, Valeu Segue o Log FRST: Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 10-07-2016 01 Executado por Vanessa Musso (administrador) em VANESSA (11-07-2016 21:27:34) Executando a partir de C:\Users\Vanessa Musso\Desktop\Limpeza Perfis Carregados: Vanessa Musso (Perfis Disponíveis: Vanessa Musso) Platform: Windows 8.1 Single Language (Update) (X64) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe () C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe (Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (BitTorrent Inc.) C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\uTorrent.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (BitTorrent Inc.) C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe (Akamai Technologies, Inc.) C:\Users\Vanessa Musso\AppData\Local\Akamai\netsession_win.exe (BitTorrent Inc.) C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe (Akamai Technologies, Inc.) C:\Users\Vanessa Musso\AppData\Local\Akamai\netsession_win.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Autodesk, Inc.) C:\Autodesk\Autodesk_PRDSU_2016_TRIAL_PTB_Win_64bit_wi_pt-br\x64\PrdsTrialTray.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\EXCEL.EXE () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2013-04-08] (ELAN Microelectronics Corp.) HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-15] (AVAST Software) HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2728472 2014-12-15] (Sony Corporation) HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [293768 2016-05-29] (RealNetworks, Inc.) HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [714992 2016-05-13] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation) Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal) HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\Run: [uTorrent] => C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\uTorrent.exe [2133504 2016-05-13] (BitTorrent Inc.) HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\Run: [Facebook Update] => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-11-05] (Facebook Inc.) HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Vanessa Musso\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\RunOnce: [Uninstall C:\Users\Vanessa Musso\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vanessa Musso\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918" ShellExecuteHooks: - {98C066AB-D735-4339-9E52-A34875141B56} - Nenhum Arquivo [ ] ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1888480 2015-09-22] (Caixa Economica Federal) ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX64.dll Nenhum Arquivo ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX64.dll Nenhum Arquivo ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX64.dll Nenhum Arquivo ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-24] (AVAST Software) ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2016-07-08] ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.) Startup: C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Autodesk Product Design Suite 2016 Trial Tray.lnk [2016-07-08] ShortcutTarget: Autodesk Product Design Suite 2016 Trial Tray.lnk -> C:\Autodesk\Autodesk_PRDSU_2016_TRIAL_PTB_Win_64bit_wi_pt-br\x64\PrdsTrialTray.exe (Autodesk, Inc.) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{79691668-B4C3-442D-9421-47D5F024C0C1}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{A052614E-CB9A-402A-9C82-788A064AE21D}: [DhcpNameServer] 192.168.1.1 ManualProxies: Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-106726862-4054988722-2312773982-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1 BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-05-13] (RealDownloader) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-05-27] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-24] (AVAST Software) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation) BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-05-13] (RealDownloader) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-05-27] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-05] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-24] (AVAST Software) BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2015-09-22] (Caixa Economica Federal) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-05] (Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation) FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-05] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-05] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation) FF Plugin-x32: @real.com/nppl3260;version=18.1.4.135 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2016-05-29] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=18.1.4.135 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2016-05-29] (RealPlayer) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin HKU\S-1-5-21-106726862-4054988722-2312773982-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Vanessa Musso\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-106726862-4054988722-2312773982-1001: gastecnologia.com.br/sf/cef -> C:\Users\Vanessa Musso\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-12-09] (GAS Tecnologia) FF Plugin HKU\S-1-5-21-106726862-4054988722-2312773982-1001: gastecnologia.com.br/sf/cef64 -> C:\Users\Vanessa Musso\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll [2014-12-09] (GAS Tecnologia) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation) FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-11] Chrome: ======= CHR HomePage: ChromeDefaultData2 -> hxxp://www.nuesearch.com/?type=hp&ts=1467902747&z=05de935106072ef800cc7b5g6zcq8mbtaecocm9z4t&from=wpm0616&uid=HGSTXHTS545050A7E380_TM8513PY3LX42M3LX42MX CHR StartupUrls: ChromeDefaultData2 -> "hxxp://www.nuesearch.com/?type=hp&ts=1467902747&z=05de935106072ef800cc7b5g6zcq8mbtaecocm9z4t&from=wpm0616&uid=HGSTXHTS545050A7E380_TM8513PY3LX42M3LX42MX" CHR DefaultSearchURL: ChromeDefaultData2 -> hxxp://www.nuesearch.com/search/?type=ds&ts=1467902747&z=05de935106072ef800cc7b5g6zcq8mbtaecocm9z4t&from=wpm0616&uid=HGSTXHTS545050A7E380_TM8513PY3LX42M3LX42MX&q={searchTerms} CHR DefaultSearchKeyword: ChromeDefaultData2 -> nuesearch CHR Profile: C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 CHR Extension: (Google Apresentações) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04] CHR Extension: (Google Docs) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04] CHR Extension: (Google Drive) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Google Search) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31] CHR Extension: (Avast SafePrice) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-01-28] CHR Extension: (Planilhas do Google) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04] CHR Extension: (Documentos Google off-line) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16] CHR Extension: (Avast Online Security) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-05] CHR Extension: (MailTrack para Gmail) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2016-07-07] CHR Extension: (TZWebChartWindow) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\nmdhbmdklokcmpmcegmbfehjencmbeab [2016-03-05] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR Extension: (Gmail) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-08] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-24] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-24] ==================== Serviços (Whitelisted) ======================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-24] (AVAST Software) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-07-24] (Avast Software) R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [593120 2015-09-22] (GAS Tecnologia) R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2013-04-08] (Realsil Microelectronics Inc.) [Arquivo não assinado] R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-09-17] (Intel Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-09-17] (Intel Corporation) R2 MySQL57; C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe [39622144 2016-02-02] () [Arquivo não assinado] S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [Arquivo não assinado] R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [35616 2014-11-21] (Microsoft) R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [487960 2014-12-15] (Sony Corporation) S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [Arquivo não assinado] R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc) R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [32544 2016-05-13] () R2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1095440 2016-05-29] (RealNetworks, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-24] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-24] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-24] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-24] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-15] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-15] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-24] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-24] (AVAST Software) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-09-03] (GAS Tecnologia) R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-07-24] (AVAST Software) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation ) S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr)) R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-24] (Avast Software) R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-09-03] (GAS Tecnologia LTDA) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S1 gbpddfac; system32\drivers\gbpddfac64.sys [X] S0 gbpddreg; system32\drivers\gbpddreg64.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-07-11 07:55 - 2016-07-11 07:55 - 00388587 _____ C:\WINDOWS\SysWOW64\rsslogs.20160711075451 2016-07-10 00:12 - 2016-07-11 07:55 - 00053111 _____ C:\WINDOWS\SysWOW64\rsslogs.20160710001113 2016-07-09 21:08 - 2016-07-09 21:11 - 00021655 _____ C:\Users\Vanessa Musso\Desktop\silvas (Salvo automaticamente).xlsx 2016-07-09 20:19 - 2016-07-10 00:12 - 00059894 _____ C:\WINDOWS\SysWOW64\rsslogs.20160709201840 2016-07-09 17:02 - 2016-07-09 20:18 - 00019220 _____ C:\WINDOWS\SysWOW64\rsslogs.20160709013126 2016-07-08 22:05 - 2016-07-09 17:02 - 00030500 _____ C:\WINDOWS\SysWOW64\rsslogs.20160708220436 2016-07-08 21:30 - 2016-07-08 21:32 - 02309816 _____ C:\Users\Vanessa Musso\Downloads\INSTALAR_DJMIXER5.zip 2016-07-08 09:45 - 2016-07-08 19:18 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-07-08 09:42 - 2016-07-08 12:54 - 00001115 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-07-08 09:42 - 2016-07-08 09:42 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes 2016-07-08 09:42 - 2016-07-08 09:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-07-08 09:42 - 2016-07-08 09:42 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-07-08 09:42 - 2016-07-08 09:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-07-08 09:42 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-07-08 09:42 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-07-08 09:42 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-07-08 09:35 - 2016-07-08 09:38 - 22851472 _____ (Malwarebytes ) C:\Users\Vanessa Musso\Downloads\mbam-setup-2.2.1.1043.exe 2016-07-07 19:50 - 2016-07-07 20:15 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Fotos Merlo Artesanato 2016-07-07 11:47 - 2016-07-07 11:47 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52593140.html 2016-07-07 11:47 - 2016-07-07 11:47 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52540140.html 2016-07-07 11:47 - 2016-07-07 11:47 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52539890.html 2016-07-07 11:47 - 2016-07-07 11:47 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\WinZiper 2016-07-07 11:47 - 2016-07-07 11:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 2016-07-07 11:46 - 2016-07-07 23:57 - 00000001 _____ C:\WINDOWS\SysWOW64\br.html 2016-07-07 11:46 - 2016-07-07 11:46 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52487093.html 2016-07-07 11:46 - 2016-07-07 11:46 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52486718.html 2016-07-07 11:46 - 2016-07-07 11:46 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52482750.html 2016-07-07 11:46 - 2016-07-07 11:46 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52482453.html 2016-07-07 11:46 - 2016-07-07 11:46 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52475765.html 2016-07-07 11:46 - 2016-07-07 11:46 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52475515.html 2016-07-07 11:45 - 2016-07-07 11:45 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52467750.html 2016-07-07 11:45 - 2016-07-07 11:45 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52467265.html 2016-07-07 11:45 - 2016-07-07 11:45 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52464250.html 2016-07-07 11:45 - 2016-07-07 11:45 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52463921.html 2016-07-07 11:45 - 2016-07-07 11:45 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52449343.html 2016-07-07 11:45 - 2016-07-07 11:45 - 00000058 _____ C:\WINDOWS\SysWOW64\br_52448000.html 2016-07-07 11:45 - 2016-07-07 11:45 - 00000000 ____D C:\WINDOWS\SysWOW64\_TSpm 2016-07-07 08:40 - 2016-07-11 21:27 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Limpeza 2016-07-06 20:44 - 2016-07-06 20:44 - 00003778 _____ C:\Users\Vanessa Musso\Downloads\fixlist (1).txt 2016-07-06 20:41 - 2016-07-06 20:41 - 00003778 _____ C:\Users\Vanessa Musso\Downloads\fixlist.txt 2016-07-04 09:31 - 2016-07-08 10:31 - 00020541 _____ C:\Users\Vanessa Musso\Downloads\silvas.xlsx 2016-06-30 13:45 - 2016-06-30 15:50 - 158908247 _____ C:\Users\Vanessa Musso\Desktop\Cópia_de_segurança_de_fotos limpas para catálogo.cdr 2016-06-30 11:58 - 2016-07-08 09:38 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Fotos Artesanato Nova Vida 2016-06-29 19:26 - 2016-06-29 19:26 - 00494664 _____ C:\Users\Vanessa Musso\Downloads\Tabela de Preços Albano 05-16 (1).pdf 2016-06-29 18:33 - 2016-06-29 18:33 - 00000000 ____D C:\Program Files (x86)\k4um3yr7 2016-06-29 17:48 - 2016-06-29 17:48 - 00000270 _____ C:\Users\Vanessa Musso\Desktop\CorelDRAW Graphics Suite X7.txt 2016-06-29 17:30 - 2016-07-08 12:54 - 00003055 _____ C:\Users\Public\Desktop\Corel PHOTO-PAINT X7 (64-Bit).lnk 2016-06-29 17:30 - 2016-07-08 12:54 - 00003007 _____ C:\Users\Public\Desktop\CorelDRAW X7 (64-Bit).lnk 2016-06-29 17:30 - 2016-06-29 17:30 - 00000000 ____D C:\Program Files (x86)\gs 2016-06-29 17:26 - 2016-06-29 17:26 - 00000000 ____D C:\Users\Public\Documents\Corel 2016-06-29 17:25 - 2016-06-29 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit) 2016-06-29 17:23 - 2016-06-29 17:24 - 00000000 ____D C:\Program Files\Corel 2016-06-29 12:47 - 2016-06-29 12:47 - 00203080 _____ C:\Users\Vanessa Musso\Downloads\IMG-20160629-WA0001.jpg.jpeg 2016-06-29 12:47 - 2016-06-29 12:47 - 00124681 _____ C:\Users\Vanessa Musso\Downloads\IMG-20160629-WA0000.jpg.jpeg 2016-06-29 12:33 - 2016-06-29 12:33 - 00000000 ____D C:\Program Files (x86)\opv0a6y9 2016-06-29 10:55 - 2016-06-29 10:56 - 00999424 _____ C:\Users\Vanessa Musso\Downloads\GMA.plnx 2016-06-29 10:55 - 2016-06-29 10:56 - 00999424 _____ C:\Users\Vanessa Musso\Downloads\GMA.Bak 2016-06-29 10:53 - 2016-06-29 10:53 - 00880640 _____ C:\Users\Vanessa Musso\Downloads\CDProtection.plnx 2016-06-29 10:53 - 2016-06-29 10:53 - 00880640 _____ C:\Users\Vanessa Musso\Downloads\CDProtection.Bak 2016-06-29 10:39 - 2016-06-29 10:39 - 00528384 _____ C:\Users\Vanessa Musso\Downloads\CiaDoCao.plnx 2016-06-29 10:39 - 2016-06-29 10:39 - 00528384 _____ C:\Users\Vanessa Musso\Downloads\CiaDoCao.Bak 2016-06-29 10:33 - 2016-06-29 10:33 - 00000000 ____D C:\Program Files (x86)\oqk8ovam 2016-06-29 10:08 - 2016-06-29 10:09 - 00000000 ____D C:\Program Files (x86)\iicbxnka 2016-06-29 09:38 - 2016-06-29 09:41 - 06230532 _____ (Softland) C:\Users\Vanessa Musso\Downloads\dopdf-full.exe 2016-06-29 09:09 - 2016-07-08 12:56 - 00000000 ____D C:\Program Files (x86)\WinZipper 2016-06-29 09:09 - 2016-06-29 09:09 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\eCyber 2016-06-29 09:08 - 2016-06-29 09:08 - 00000000 ____D C:\Program Files (x86)\TXQQBrowser 2016-06-29 09:08 - 2016-06-29 09:08 - 00000000 ____D C:\Program Files (x86)\t10rur95 2016-06-28 17:20 - 2016-06-28 17:20 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Nova pasta (7) 2016-06-28 17:19 - 2016-06-28 17:20 - 00002359 _____ C:\Users\Vanessa Musso\Downloads\Outlook.com (1).zip 2016-06-22 19:14 - 2016-06-22 19:14 - 00099596 _____ C:\Users\Vanessa Musso\Downloads\RE BUBA=REPRESENTANTE (Anexos).zip 2016-06-22 19:08 - 2016-06-22 19:08 - 00000000 ____D C:\Users\Vanessa Musso\.cache 2016-06-22 10:49 - 2016-06-22 10:50 - 02387456 _____ (Farbar) C:\Users\Vanessa Musso\Downloads\FRST64 (1).exe 2016-06-22 10:48 - 2016-06-22 10:49 - 01738240 _____ (Farbar) C:\Users\Vanessa Musso\Downloads\FRST.exe 2016-06-22 00:53 - 2016-06-22 01:43 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\ZHP 2016-06-22 00:50 - 2016-06-22 00:52 - 02272256 _____ C:\Users\Vanessa Musso\Downloads\ZHPCleaner.exe 2016-06-21 23:47 - 2016-06-21 23:48 - 01610816 _____ (Malwarebytes) C:\Users\Vanessa Musso\Downloads\JRT (2).exe 2016-06-21 23:29 - 2016-06-21 23:30 - 01610816 _____ (Malwarebytes) C:\Users\Vanessa Musso\Downloads\JRT (1).exe 2016-06-21 22:52 - 2016-07-09 20:18 - 00000000 ____D C:\Users\Vanessa Musso\AppData\LocalLow\uTorrent 2016-06-21 22:52 - 2016-07-08 12:53 - 00002310 _____ C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-06-21 22:52 - 2016-07-08 12:52 - 00002280 _____ C:\Users\Vanessa Musso\Desktop\Google Chrome.lnk 2016-06-21 20:55 - 2016-06-21 20:55 - 03703360 _____ C:\Users\Vanessa Musso\Downloads\adwcleaner_5.200.exe 2016-06-21 20:32 - 2016-07-08 12:52 - 00002967 _____ C:\Users\Vanessa Musso\Desktop\MakeMoney 10!.lnk 2016-06-21 20:32 - 2016-06-21 20:32 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MakeMoney 10! 2016-06-21 20:32 - 2016-06-21 20:32 - 00000000 ____D C:\Program Files (x86)\MakeMoney 10! 2016-06-21 20:17 - 2016-06-21 20:27 - 29121536 _____ C:\Users\Vanessa Musso\Downloads\Instala.exe 2016-06-21 16:13 - 2016-07-08 12:52 - 00001247 _____ C:\Users\Vanessa Musso\Desktop\Continue Last version Installation.lnk 2016-06-21 15:46 - 2016-06-21 15:46 - 00000000 ____D C:\Users\Public\Documents\Tools 2016-06-21 15:45 - 2016-06-21 22:51 - 00000000 ____D C:\Program Files (x86)\mpck 2016-06-21 15:30 - 2016-06-21 15:30 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Local\NanoNet 2016-06-21 11:50 - 2016-06-21 11:50 - 00494664 _____ C:\Users\Vanessa Musso\Downloads\Tabela de Preços Albano 05-16.pdf 2016-06-21 08:35 - 2016-06-14 14:13 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-06-21 08:35 - 2016-06-14 14:13 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-06-20 20:46 - 2016-07-07 21:07 - 01467447 _____ C:\Users\Vanessa Musso\Desktop\DISTRIBUIDORES E ATACADISTAS VEILING.xlsx 2016-06-20 14:05 - 2016-06-20 14:05 - 00003474 _____ C:\Users\Vanessa Musso\Downloads\comprovante (28).html 2016-06-20 11:43 - 2016-06-20 11:43 - 00142495 _____ C:\WINDOWS\2cdae02d91692a634545c5b4daa18a38.exe 2016-06-17 18:12 - 2016-06-20 20:37 - 00182042 _____ C:\Users\Vanessa Musso\Downloads\Prospecção Geral.xlsx 2016-06-15 23:32 - 2016-06-15 23:33 - 01216134 _____ C:\Users\Vanessa Musso\Downloads\Guia Prático de Criação de Galinhas - Valdir Rocha.pdf 2016-06-15 23:01 - 2016-06-03 14:11 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2016-06-15 23:01 - 2016-06-03 10:38 - 01413120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-06-15 23:01 - 2016-06-02 14:51 - 00050352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-06-15 23:01 - 2016-05-29 12:04 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-06-15 23:01 - 2016-05-29 12:04 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-06-15 23:01 - 2016-05-29 12:04 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-06-15 23:01 - 2016-05-29 12:04 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-06-15 23:01 - 2016-05-29 12:04 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll 2016-06-15 23:01 - 2016-05-29 12:04 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-06-15 23:01 - 2016-04-14 12:25 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2016-06-15 23:01 - 2016-04-14 12:11 - 02464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2016-06-15 23:01 - 2016-04-12 12:46 - 14467584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-06-15 23:01 - 2016-04-12 12:30 - 12879872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-06-15 23:01 - 2016-01-31 16:17 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe 2016-06-15 23:01 - 2016-01-31 15:07 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2016-06-15 23:01 - 2016-01-31 14:42 - 03320832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2016-06-15 23:01 - 2016-01-31 14:14 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2016-06-15 22:52 - 2016-05-21 14:28 - 25802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-06-15 22:52 - 2016-05-21 13:57 - 20341248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-06-15 22:52 - 2016-05-20 19:02 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-06-15 22:52 - 2016-05-20 18:29 - 13815808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-06-15 22:52 - 2016-05-20 18:14 - 04610048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-06-15 22:52 - 2016-05-20 18:11 - 15420928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-06-15 22:52 - 2016-05-20 17:46 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-06-15 22:52 - 2016-05-20 17:34 - 01544192 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-06-15 22:51 - 2016-05-20 19:09 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-06-15 22:51 - 2016-05-20 19:08 - 02895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-06-15 22:51 - 2016-05-20 18:57 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-06-15 22:51 - 2016-05-20 18:55 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2016-06-15 22:51 - 2016-05-20 18:54 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2016-06-15 22:51 - 2016-05-20 18:50 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-06-15 22:51 - 2016-05-20 18:44 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2016-06-15 22:51 - 2016-05-20 18:27 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2016-06-15 22:51 - 2016-05-20 18:25 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2016-06-15 22:51 - 2016-05-20 18:25 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2016-06-15 22:51 - 2016-05-20 18:21 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2016-06-15 22:51 - 2016-05-20 18:21 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2016-06-15 22:51 - 2016-05-20 18:19 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-06-15 22:51 - 2016-05-20 18:16 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2016-06-15 22:51 - 2016-05-20 18:12 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2016-06-15 22:51 - 2016-05-20 18:11 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2016-06-15 22:51 - 2016-05-20 18:09 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-06-15 22:51 - 2016-05-20 18:09 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-06-15 22:51 - 2016-05-20 18:08 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-06-15 22:51 - 2016-05-20 18:08 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-06-15 22:51 - 2016-05-20 18:06 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-06-15 22:51 - 2016-05-20 17:42 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-06-15 22:51 - 2016-05-20 17:38 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-06-15 22:51 - 2016-05-20 17:38 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-06-15 22:51 - 2016-05-20 17:23 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-06-15 22:31 - 2016-05-12 15:38 - 00135336 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll 2016-06-15 22:31 - 2016-05-12 14:43 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll 2016-06-15 22:31 - 2016-05-12 13:17 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll 2016-06-15 22:31 - 2016-05-12 13:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll 2016-06-15 22:31 - 2016-05-12 13:07 - 01360896 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll 2016-06-15 22:31 - 2016-05-12 12:59 - 00398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL 2016-06-15 22:31 - 2016-05-12 12:43 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll 2016-06-15 22:31 - 2016-05-12 12:37 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll 2016-06-15 22:30 - 2016-05-16 18:13 - 00563016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-06-15 22:30 - 2016-05-16 18:13 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2016-06-15 22:30 - 2016-05-16 18:13 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2016-06-15 22:30 - 2016-05-16 18:13 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-06-15 22:30 - 2016-05-14 17:01 - 00363104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll 2016-06-15 22:30 - 2016-05-14 17:01 - 00320720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll 2016-06-15 22:30 - 2016-05-13 20:09 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-06-15 22:30 - 2016-05-13 20:07 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2016-06-15 22:30 - 2016-05-13 20:07 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2016-06-15 22:30 - 2016-05-13 20:07 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2016-06-15 22:30 - 2016-05-13 20:06 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2016-06-15 22:30 - 2016-05-13 19:34 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2016-06-15 22:30 - 2016-05-13 18:58 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll 2016-06-15 22:30 - 2016-05-13 18:58 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2016-06-15 22:30 - 2016-05-13 18:45 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2016-06-15 22:30 - 2016-05-13 18:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll 2016-06-15 22:30 - 2016-05-13 18:26 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2016-06-15 22:30 - 2016-05-09 18:35 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll 2016-06-15 22:30 - 2016-05-09 17:56 - 05270016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll 2016-06-15 22:30 - 2016-05-09 17:45 - 07793152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-06-15 22:30 - 2016-05-09 17:23 - 05265920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-06-15 22:30 - 2016-05-06 12:45 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2016-06-15 22:30 - 2016-05-06 12:23 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2016-06-15 22:25 - 2016-05-18 02:31 - 00372568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2016-06-15 22:25 - 2016-05-18 02:31 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2016-06-15 22:25 - 2016-05-13 20:04 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2016-06-15 22:25 - 2016-05-13 19:19 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2016-06-15 22:00 - 2016-05-18 20:15 - 01379040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-06-15 21:59 - 2016-05-18 17:35 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-07-11 21:28 - 2014-11-03 13:34 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\uTorrent 2016-07-11 21:27 - 2015-10-17 19:13 - 00000000 ____D C:\FRST 2016-07-11 20:12 - 2014-11-08 23:44 - 00003970 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7D7F53BF-49ED-4B82-98E5-1E113D227D91} 2016-07-11 13:01 - 2014-11-03 12:23 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-07-11 11:51 - 2014-09-24 11:04 - 01797166 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-07-11 11:51 - 2014-09-24 10:19 - 00774900 _____ C:\WINDOWS\system32\prfh0416.dat 2016-07-11 11:51 - 2014-09-24 10:19 - 00158494 _____ C:\WINDOWS\system32\prfc0416.dat 2016-07-11 11:51 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Inf 2016-07-11 08:21 - 2015-01-02 10:00 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin 2016-07-11 08:21 - 2015-01-02 10:00 - 00000000 ____D C:\ProgramData\GbPlugin 2016-07-11 08:08 - 2014-11-03 12:18 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-106726862-4054988722-2312773982-1001 2016-07-11 07:59 - 2016-02-07 18:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2016-07-11 07:58 - 2015-06-30 17:46 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help 2016-07-10 12:13 - 2015-04-29 23:59 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Flor SA 2016-07-09 20:17 - 2014-11-08 23:23 - 00000000 ____D C:\Users\Vanessa Musso 2016-07-09 20:17 - 2014-11-03 12:23 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-07-08 22:04 - 2015-01-02 10:00 - 00000000 ____D C:\Program Files (x86)\GbPlugin 2016-07-08 22:04 - 2013-08-22 11:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-07-08 21:46 - 2014-11-05 20:41 - 00000976 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001UA.job 2016-07-08 21:46 - 2014-11-05 20:41 - 00000954 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001Core.job 2016-07-08 18:55 - 2014-11-03 13:33 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update 2016-07-08 18:52 - 2013-08-22 11:44 - 00583488 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-07-08 12:56 - 2013-08-22 10:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-07-08 12:54 - 2015-05-01 13:22 - 00002637 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plano de Negócio.lnk 2016-07-08 12:54 - 2015-04-09 23:50 - 00001062 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk 2016-07-08 12:54 - 2015-01-02 09:36 - 00002025 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2016-07-08 12:54 - 2014-12-17 20:22 - 00002180 _____ C:\Users\Public\Desktop\PlayMemories Home.lnk 2016-07-08 12:54 - 2014-11-08 23:27 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-07-08 12:54 - 2014-07-17 16:34 - 00001381 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk 2016-07-08 12:54 - 2014-07-17 16:34 - 00001312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk 2016-07-08 12:53 - 2016-04-23 15:42 - 00002373 _____ C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk 2016-07-08 12:53 - 2014-11-08 23:23 - 00000469 _____ C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2016-07-08 12:53 - 2014-11-08 23:23 - 00000467 _____ C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2016-07-08 12:53 - 2014-11-03 13:35 - 00000846 _____ C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2016-07-08 12:52 - 2016-05-25 18:13 - 00001535 _____ C:\Users\Vanessa Musso\Desktop\Outlook.com - Atalho.lnk 2016-07-08 12:52 - 2015-11-29 20:55 - 00001700 _____ C:\Users\Vanessa Musso\Desktop\Backup-codes-joaoawoki - Atalho.lnk 2016-07-08 12:52 - 2014-12-11 12:07 - 00001194 _____ C:\Users\Vanessa Musso\Desktop\Continue Download &amp; Install Installation.lnk 2016-07-08 12:52 - 2014-11-03 13:35 - 00000866 _____ C:\Users\Vanessa Musso\Desktop\µTorrent.lnk 2016-07-07 23:58 - 2014-11-26 09:54 - 01517056 ___SH C:\Users\Vanessa Musso\Desktop\Thumbs.db 2016-07-07 09:22 - 2016-01-20 20:56 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Cursos; Cartilhas; Estudos; Manuais; certificados e diplomas 2016-07-07 09:21 - 2016-03-12 10:23 - 00000000 ___RD C:\Users\Vanessa Musso\Desktop\Backup Flor S.A 07 02 16 2016-07-07 08:54 - 2015-04-30 00:32 - 00042113 _____ C:\Users\Vanessa Musso\Desktop\Sem título 1.ods 2016-07-07 08:41 - 2016-05-15 20:53 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\RECEITAS DO AOKI 2016-07-07 08:41 - 2016-03-29 00:23 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Invest 2016-07-04 09:46 - 2014-11-03 12:01 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Local\Packages 2016-06-30 17:51 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-06-30 12:09 - 2015-04-30 17:44 - 00000000 ____D C:\Users\Todos os Usuários\Corel 2016-06-30 12:09 - 2015-04-30 17:44 - 00000000 ____D C:\ProgramData\Corel 2016-06-29 17:38 - 2016-03-05 19:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-06-29 17:38 - 2016-03-05 19:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-06-29 17:20 - 2016-01-22 13:39 - 00000000 ____D C:\Users\Todos os Usuários\CorelDRAW Graphics Suite X7 x64 2016-06-29 17:20 - 2016-01-22 13:39 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X7 x64 2016-06-29 12:48 - 2014-11-30 10:52 - 00265216 ___SH C:\Users\Vanessa Musso\Downloads\Thumbs.db 2016-06-29 09:34 - 2015-09-10 21:28 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Local\ElevatedDiagnostics 2016-06-28 12:29 - 2016-03-05 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-06-27 16:40 - 2015-01-20 13:14 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\pgto internet 2016-06-22 19:04 - 2016-05-08 15:21 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Nova pasta (6) 2016-06-22 19:04 - 2014-12-17 20:04 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Fotos Maquina 17 12 14 2016-06-22 19:01 - 2015-10-17 18:31 - 00000000 ____D C:\AdwCleaner 2016-06-22 10:55 - 2015-10-17 19:13 - 00073628 _____ C:\Users\Vanessa Musso\Downloads\FRST.txt 2016-06-21 15:44 - 2016-06-05 15:31 - 00001894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk 2016-06-21 15:44 - 2016-06-05 15:29 - 00001876 _____ C:\Users\Public\Desktop\Gооglе Сhrоmе.lnk 2016-06-21 12:36 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\rescache 2016-06-21 10:16 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-06-21 08:27 - 2014-12-10 16:53 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-06-21 08:27 - 2013-08-22 12:36 - 00000000 ___RD C:\WINDOWS\ToastData 2016-06-20 14:29 - 2013-08-22 12:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-06-20 14:21 - 2012-07-26 04:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-06-20 13:52 - 2014-11-04 13:00 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-06-20 13:40 - 2014-11-04 13:00 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-06-16 23:58 - 2013-08-22 10:25 - 00000167 _____ C:\WINDOWS\win.ini ==================== Arquivos na raiz de alguns diretórios ======= 2015-04-28 09:58 - 2015-04-28 09:58 - 0016726 _____ () C:\Users\Vanessa Musso\AppData\Roaming\unins000.dat 2015-01-31 12:40 - 2015-12-04 21:40 - 0022528 _____ () C:\Users\Vanessa Musso\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-04-03 10:42 - 2016-04-03 10:42 - 0000000 _____ () C:\Users\Vanessa Musso\AppData\Local\{3AC4BAFF-A0AF-4304-A5EB-40899DCEAD3F} 2014-11-08 15:29 - 2014-11-08 15:29 - 0000011 _____ () C:\ProgramData\.tv7 ==================== Bamital & volsnap ================= (Não há correção automática para arquivos que não passaram na verificação.) C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2016-07-03 11:55 ==================== Fim de FRST.txt ============================ Opa esse aí é o addition Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 10-07-2016 01 Executado por Vanessa Musso (2016-07-11 21:31:01) Executando a partir de C:\Users\Vanessa Musso\Desktop\Limpeza Windows 8.1 Single Language (Update) (X64) (2014-11-09 02:37:03) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-106726862-4054988722-2312773982-500 - Administrator - Disabled) Convidado (S-1-5-21-106726862-4054988722-2312773982-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-106726862-4054988722-2312773982-1009 - Limited - Enabled) Vanessa Musso (S-1-5-21-106726862-4054988722-2312773982-1001 - Administrator - Enabled) => C:\Users\Vanessa Musso ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.) 64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden Akamai NetSession Interface (HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\Akamai) (Version: - Akamai Technologies, Inc) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2223 - AVAST Software) CGS17_Setup_x64 (Version: 17.1 - Corel Corporation) Hidden Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.) Corel Graphics - Windows Shell Extension (HKLM\...\_{4DC318F5-1640-4417-A218-912ED9905FAA}) (Version: 17.1.0.572 - Corel Corporation) Corel Graphics - Windows Shell Extension (Version: 17.1.572 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.1.572 - Corel Corporation) Hidden Corel Shell Extension - 64Bit (Version: 14.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - BR (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1.0.572 - Corel Corporation) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden doPDF (Version: 8.1.920 - Softland) Hidden doPDF 8 (HKLM-x32\...\{7ced5c6b-4b09-4bd7-8707-b3cce8eead22}) (Version: 8.1.920 - Softland) EPSON L355 Series Printer Uninstall (HKLM\...\EPSON L355 Series) (Version: - SEIKO EPSON Corporation) ETDWare PS/2-X64 11.10.5.13_WHQL (HKLM\...\Elantech) (Version: 11.10.5.13 - ELAN Microelectronic Corp.) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Floriculturas Manager (HKLM-x32\...\ST6UNST #1) (Version: - ) Galeria de Fotos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.12.0.2 - ) Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.) Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation) Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel) Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation) K-Lite Codec Pack 9.8.0 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.8.0 - ) MakeMoney 10! (HKLM-x32\...\{9E35D32B-00B8-4EC8-A086-565FF4784182}) (Version: 10.0.99 - Starta - Empreendedorismo e Inovação) Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) MergeModule_x64 (Version: 9.1.00 - Sony Corporation) Hidden MergeModule_x86 (x32 Version: 9.1.00 - Sony Corporation) Hidden Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden MySQL Server 5.7 (HKLM\...\{2B08DE80-EE6F-489E-88CA-100046FB9763}) (Version: 5.7.11 - Oracle Corporation) novaPDF 8 add-in for Microsoft Office (x64) (HKLM\...\{17BD99A4-9C11-47D4-91AF-8814DD3FFCC2}) (Version: 8.1.920 - Softland) novaPDF 8 add-in for Microsoft Office (x86) (HKLM-x32\...\{B6E0BB99-B532-4EC1-9D84-ACC8CED590B3}) (Version: 8.1.920 - Softland) novaPDF 8 Printer Driver (HKLM\...\{3A1637B5-233D-47B1-B89F-EBF718C04CFD}) (Version: 8.1.920 - Softland) OpenOffice 4.1.1 (HKLM-x32\...\{503D2C42-D698-43BC-97FE-3610F4E8CDDC}) (Version: 4.11.9775 - Apache Software Foundation) Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation) Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden Plano de Negócio (HKLM-x32\...\{D233EC4A-EF4B-4CCA-AE37-7994A3E1A483}) (Version: 2.0.4 - SEBRAE) PlayMemories Home (HKLM-x32\...\{93AA5B49-0994-4EF6-80F3-868C9CEA88ED}) (Version: 4.1.00.12152 - Sony Corporation) PMB_ModeEditor (x32 Version: 9.1.00 - Sony Corporation) Hidden PMB_ServiceUploader (x32 Version: 9.1.00 - Sony Corporation) Hidden RealDownloader (x32 Version: 18.1.4.137 - RealNetworks, Inc.) Hidden RealDownloader (x32 Version: 18.1.4.142 - RealNetworks) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (RealTimes) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.4 - RealNetworks) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0212 - REALTEK Semiconductor Corp.) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden TZWebChart Chrome Compat versão 1.0 (HKLM-x32\...\{11B4A1FB-2794-4E0E-B96D-8E8611FED667}_is1) (Version: 1.0 - Tradezone - IT Evolution) Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{2BA6245D-FBB9-42F6-AFD9-C0DC52763AD5}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft) UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden vc2012_redist (x32 Version: 1.0.0.0 - Realnetworks) Hidden Video Downloader (x32 Version: 1.1.0 - RealNetworks) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation) WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) WinZip (HKLM-x32\...\WinZip) (Version: 2.2.50 - Winzipper Pvt Ltd.) <==== ATENÇÃO X Codec Pack (HKLM\...\X Codec Pack) (Version: 2.6.8 - X Codec Pack team) Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Vanessa Musso\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Vanessa Musso\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Vanessa Musso\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll () CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Vanessa Musso\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {07605517-216F-4533-B3BE-0770929D7530} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-106726862-4054988722-2312773982-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2016-05-13] (RealNetworks, Inc.) Task: {0B8E4CF9-AA0D-4EFA-8AAC-05B6EB3CEA4E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001Core => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-05] (Facebook Inc.) Task: {22FB0059-9011-4FD2-A05B-E18116D1C309} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {28027D36-8669-4212-8F17-17B61823F339} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {5D2092CE-F1C0-475F-8F6D-DEA5CB98DDAB} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2016-05-13] () Task: {60366634-ADEB-4059-A94A-DBA7CD3148A4} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-106726862-4054988722-2312773982-1001 => C:\Users\Vanessa Musso\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-05-19] (Microsoft Corporation) Task: {93E6214D-71BA-4939-93AD-AAD31B36D9C8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001UA => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-05] (Facebook Inc.) Task: {9ACE707B-7DC3-4A61-9E96-748D88414B93} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {9FEAB704-BA7A-4BD5-A55A-30E0B61FF4F9} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-106726862-4054988722-2312773982-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.) Task: {BB76340F-31BF-42DC-9519-5ED92BEF31C1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {C09037B4-EBA3-42DA-BF13-430CE02DB155} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2014-01-16] (Sony Corporation) Task: {C4EE6676-AF5B-41B1-A69D-72E9D2056BC2} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-106726862-4054988722-2312773982-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.) Task: {CA0FCC68-DAE3-4F5C-86B6-F8B69C1DF5CE} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software) Task: {CCD2161D-7951-434A-9932-B73EE712F199} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {D6B1F080-3FDE-4F99-A20D-F0A664F81AD9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {F38542EF-3C29-4C8D-B1F4-7B4F47C401F5} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {F68DD45D-F9F6-4978-9605-6EAF1BF1AD38} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [2014-11-21] () Task: {F94D331E-5975-4488-A0DE-9659DE9C28F0} - System32\Tasks\{C854BB84-73CD-45B7-A5A8-775F01CBF0D0} => pcalua.exe -a C:\WINDOWS\st6unst.exe -c -n "C:\FloriculturasManager\ST6UNST.LOG" Task: {FA06CE44-F3CB-4E26-BF71-DF94D2C6DFB7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-24] (AVAST Software) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001Core.job => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001UA.job => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) Shortcut: C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.8\Useful links\Download Codecs & Tools.lnk -> hxxp://www.codecs.com/ (Nenhum Arquivo) Shortcut: C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.8\Useful links\Talk about Codecs.lnk -> hxxp://codecs.com/forum (Nenhum Arquivo) Shortcut: C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.8\Useful links\X Codec Pack homepage.lnk -> hxxp://www.xpcodecpack.com/ (Nenhum Arquivo) ==================== Módulos Carregados (Whitelisted) ============== 2016-02-02 01:53 - 2016-02-02 01:53 - 39622144 _____ () C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe 2016-02-02 01:55 - 2016-02-02 01:55 - 00333312 _____ () C:\Program Files\MySQL\MySQL Server 5.7\lib\plugin\keyring_file.dll 2014-11-21 19:06 - 2014-11-21 19:06 - 00137368 _____ () C:\Program Files\Softland\novaPDF 8\Server\AgileDotNetRT64.dll 2016-05-13 15:13 - 2016-05-13 15:13 - 00032544 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe 2016-05-13 14:27 - 2016-05-13 14:27 - 00714992 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe 2015-07-24 22:03 - 2015-07-24 22:03 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-07-24 22:03 - 2015-07-24 22:03 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-07-08 18:56 - 2016-07-08 18:56 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\16070803\algo.dll 2016-07-11 10:06 - 2016-07-11 10:06 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\16071100\algo.dll 2016-05-13 15:13 - 2016-05-13 15:13 - 00037688 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll 2016-05-13 15:13 - 2016-05-13 15:13 - 00039224 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll 2016-05-13 15:13 - 2016-05-13 15:13 - 00037192 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll 2014-07-18 11:01 - 2012-07-18 15:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2016-05-29 14:54 - 2016-05-29 14:54 - 00022800 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Tools\ffmpeg\mediautil.dll 2015-07-24 22:03 - 2015-07-24 22:03 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2016-05-13 14:20 - 2016-05-13 14:20 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll 2016-05-29 14:54 - 2016-05-29 14:54 - 00654608 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Lib\r1api.dll 2016-05-13 14:27 - 2016-05-13 14:27 - 00077552 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll 2016-06-18 00:04 - 2016-06-15 06:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll 2016-06-18 00:04 - 2016-06-15 06:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll 2016-06-18 00:04 - 2016-06-15 06:15 - 17599640 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\caixa.gov.br -> imagem.caixa.gov.br ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2013-08-22 10:25 - 2016-07-06 20:48 - 00000035 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-106726862-4054988722-2312773982-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{CB4F4E25-AEC5-4EE4-AF0B-9571994E14E4}] => (Allow) C:\Users\Vanessa Musso\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{11F2D4D9-66A2-479B-8AA7-000E4590FA68}] => (Allow) C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{A59307A3-2557-4618-9919-A89AE38311C7}] => (Allow) C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{9FC05A92-269A-4AD7-9BA5-28A1F136CE89}] => (Allow) LPort=1900 FirewallRules: [{D0C56131-F94E-4DD1-AF1B-B4510A7AA254}] => (Allow) LPort=2869 FirewallRules: [{DFBFD68D-60D3-469E-BF8B-64ADD45ECE5B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [TCP Query User{2C4E19D5-8DC5-4AAA-B73E-4B07E9164E07}C:\program files (x86)\philips\mediamanager\twonkymanager.exe] => (Allow) C:\program files (x86)\philips\mediamanager\twonkymanager.exe FirewallRules: [UDP Query User{F43064C2-8C9E-43C1-B9B5-0B64D56CC2EA}C:\program files (x86)\philips\mediamanager\twonkymanager.exe] => (Allow) C:\program files (x86)\philips\mediamanager\twonkymanager.exe FirewallRules: [TCP Query User{AF65F942-7007-4F6E-AACC-4A113F47A7CC}C:\program files (x86)\philips\mediamanager\twonkyrenderer.exe] => (Allow) C:\program files (x86)\philips\mediamanager\twonkyrenderer.exe FirewallRules: [UDP Query User{3E40E999-D346-4459-8746-B5EC3BDA63EF}C:\program files (x86)\philips\mediamanager\twonkyrenderer.exe] => (Allow) C:\program files (x86)\philips\mediamanager\twonkyrenderer.exe FirewallRules: [{5CA268D2-D2B6-454A-89CF-2F3A58409C57}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe FirewallRules: [{46B9B203-B88C-4C0F-AC16-F483B79193E9}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe FirewallRules: [{1D7C6D3C-F214-4722-BAF3-38927E786FF4}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe FirewallRules: [{747D8045-E917-405D-9E0A-B93375B2051B}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe FirewallRules: [{96C902B5-E584-4D82-B719-CA206A97C808}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe FirewallRules: [{994FFEEC-8A20-4DF7-AFFF-633ECFC285D3}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe FirewallRules: [{B6A6D811-8A79-424E-A00B-700CE239C4BC}] => (Allow) C:\Program Files (x86)\TVMOBiLi\bin\tvMobiliService.exe FirewallRules: [{C3A08EBA-7D05-4DF4-B1D3-7CA8B8290A00}] => (Allow) LPort=8501 FirewallRules: [{A85E346C-7FB9-4CA0-A4C9-29F2E8DBD8CA}] => (Allow) LPort=8501 FirewallRules: [{EF1B2C42-BB87-42C2-B355-47BF1E43D134}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe FirewallRules: [{A131DE02-FD8D-4592-BD20-5B103C9525A4}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe FirewallRules: [{9269504F-7FDF-40FF-93EE-FC85CAB60F19}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe FirewallRules: [{10264800-7CE2-4624-A9DC-4EDC458F2F03}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe FirewallRules: [{690FCEE5-ABC9-4BDA-90D8-488DBA3A6FD1}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe FirewallRules: [{07013D7F-48AF-44A8-9206-C954F99A53CE}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{CA735CAE-5CF9-4DE8-BDC6-F48B13C04153}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{5345C1EE-BE85-4816-A6D9-66EBB45B2350}] => (Allow) C:\Users\Vanessa Musso\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{28621DB5-E1B4-4142-A66D-544E8313D8A6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{1260428E-F5C7-42E0-BBB4-81C20351033E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{79CEFEEA-BC27-4313-BD60-A08170E68ED2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{4FBBBD86-8A27-4D63-B733-567CED0CE851}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{29A9E71B-F313-4A42-B34F-C33494CBDA85}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{E359857F-8FC6-4726-9DC6-3AC9B3407C72}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{4A9EF3A8-6CA3-4A07-A650-CD52A903ED64}] => (Allow) LPort=3306 FirewallRules: [{5E648112-03E2-4F91-B38E-AB5DEFB61D0F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{C35AB92E-FCE3-4A8B-B10F-17BC2653F3AD}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{36BD014C-21DF-4947-8835-36B95FD7336C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{838145EF-3105-4B37-8CAE-6002B2E75BDA}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [TCP Query User{FA7EC0A9-2418-453C-8DDD-CB9077291ABF}C:\users\vanessa musso\appdata\local\apps\2.0\h6gah8o3.ggl\jtqr8qqt.znz\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\vanessa musso\appdata\local\apps\2.0\h6gah8o3.ggl\jtqr8qqt.znz\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe FirewallRules: [UDP Query User{5C8131F8-EC1C-405A-8D16-43469861E9FB}C:\users\vanessa musso\appdata\local\apps\2.0\h6gah8o3.ggl\jtqr8qqt.znz\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\vanessa musso\appdata\local\apps\2.0\h6gah8o3.ggl\jtqr8qqt.znz\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe FirewallRules: [{ED451CAE-1C5D-4EC4-87B2-235F6AFB68E8}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe FirewallRules: [TCP Query User{862C2861-322B-4DF4-BD46-FB6536199B21}C:\users\vanessa musso\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vanessa musso\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{59AF6811-88AA-4543-8562-145816AD8879}C:\users\vanessa musso\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vanessa musso\appdata\local\akamai\netsession_win.exe FirewallRules: [{1C964E36-A8CA-4850-ACD9-3CDDB6B5BAB1}] => (Allow) LPort=1688 FirewallRules: [{BA44EAEF-63C0-4C2D-ACB4-4FC3063CFC6E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{616E1816-C1C9-4F83-B2EC-24A3FFCB624E}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe FirewallRules: [{1D6B90E3-33D4-40EF-8F7C-8C461EC66EFA}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe ==================== Pontos de Restauração ========================= 21-06-2016 23:53:30 JRT Pre-Junkware Removal 28-06-2016 11:15:42 Windows Update 03-07-2016 11:24:13 Chrome Cleanup Tool 06-07-2016 20:47:17 Restore Point Created by FRST ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: CDC Serial Description: CDC Serial Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (07/11/2016 07:54:51 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Falha ao criar ponto de restauração (Processo = C:\WINDOWS\system32\svchost.exe -k netsvcs; Descrição = Windows Update; Erro = 0x81000101). Error: (07/09/2016 08:17:29 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (07/08/2016 10:07:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: SpfService64.exe, versão: 1.3.0.9090, carimbo de data/hora: 0x4e684dec Nome do módulo com falha: ntdll.dll, versão: 6.3.9600.18233, carimbo de data/hora: 0x56bb4ebb Código de exceção: 0xc0000005 Deslocamento da falha: 0x000000000003e8b6 ID do processo com falha: 0xb98 Hora de início do aplicativo com falha: 0xSpfService64.exe0 Caminho do aplicativo com falha: SpfService64.exe1 Caminho do módulo com falha: SpfService64.exe2 ID do Relatório: SpfService64.exe3 Nome completo do pacote com falha: SpfService64.exe4 ID do aplicativo relativo ao pacote com falha: SpfService64.exe5 Error: (07/08/2016 01:00:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: SpfService64.exe, versão: 1.3.0.9090, carimbo de data/hora: 0x4e684dec Nome do módulo com falha: ntdll.dll, versão: 6.3.9600.18233, carimbo de data/hora: 0x56bb4ebb Código de exceção: 0xc0000005 Deslocamento da falha: 0x000000000003e8b6 ID do processo com falha: 0x880 Hora de início do aplicativo com falha: 0xSpfService64.exe0 Caminho do aplicativo com falha: SpfService64.exe1 Caminho do módulo com falha: SpfService64.exe2 ID do Relatório: SpfService64.exe3 Nome completo do pacote com falha: SpfService64.exe4 ID do aplicativo relativo ao pacote com falha: SpfService64.exe5 Error: (07/08/2016 12:54:56 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Falha na geração de contexto de ativação para "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1". Assembly dependente rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado. Error: (07/08/2016 09:49:55 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (07/07/2016 11:48:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: vanessa) Description: Falha na ativação do aplicativo Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (07/07/2016 11:40:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: vanessa) Description: Falha na ativação do aplicativo Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (07/07/2016 09:01:57 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: CorelPP.exe, versão: 17.1.0.572, carimbo de data/hora: 0x538e8a18 Nome do módulo com falha: corelpp.dll, versão: 17.1.0.572, carimbo de data/hora: 0x538e8d97 Código de exceção: 0xc0000005 Deslocamento da falha: 0x0000000000877fbc ID do processo com falha: 0xa04 Hora de início do aplicativo com falha: 0xCorelPP.exe0 Caminho do aplicativo com falha: CorelPP.exe1 Caminho do módulo com falha: CorelPP.exe2 ID do Relatório: CorelPP.exe3 Nome completo do pacote com falha: CorelPP.exe4 ID do aplicativo relativo ao pacote com falha: CorelPP.exe5 Error: (07/07/2016 09:01:57 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicativo: CorelPP.exe Versão do Framework: v4.0.30319 Descrição: O processo foi terminado devido a uma exceção sem tratamento. Informações da Exceção: código da exceção c0000005, endereço da exceção 00007FF83AA87FBC Pilha: Erros de Sistema: ============= Error: (07/11/2016 12:00:18 PM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (07/11/2016 11:59:48 AM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (07/11/2016 11:34:54 AM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (07/11/2016 11:34:24 AM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (07/11/2016 11:26:23 AM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (07/11/2016 11:25:53 AM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (07/11/2016 10:40:03 AM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (07/11/2016 10:39:33 AM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (07/11/2016 09:11:53 AM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (07/11/2016 09:11:22 AM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} CodeIntegrity: =================================== Date: 2015-08-12 12:01:16.210 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Informações da Memória =========================== Processador: Intel(R) Celeron(R) CPU 1037U @ 1.80GHz Percentagem de memória em uso: 57% RAM física total: 3932.14 MB RAM física disponível: 1673.13 MB Virtual Total: 5788.14 MB Virtual disponível: 2904.04 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:449.07 GB) (Free:131.75 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. ==================== Fim de Addition.txt ============================
  12. beleza Moicano! O log está aí embaixo: Malwarebytes Anti-Malware www.malwarebytes.org Data da verificação: 08/07/2016 Hora da verificação: 09:58 Arquivo de registro: log malware.txt Administrador: Sim Versão: 2.2.1.1043 Banco de dados de malware: v2016.07.08.04 Banco de dados de rootkit: v2016.05.27.01 Licença: Gratuita Proteção contra malware: Desabilitado Proteção contra website malicioso: Desabilitado Autoproteção: Desabilitado Sistema operacional: Windows 8.1 CPU: x64 Sistema de arquivos: NTFS Usuário: Vanessa Musso Tipo de verificação: Verificação da ameaça Resultado: Concluído Objetos verificados: 345472 Tempo decorrido: 1 hr, 33 min, 42 seg Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Habilitado PUM: Habilitado Processos: 0 (Nenhum item malicioso detectado) Módulos: 0 (Nenhum item malicioso detectado) Chaves de registro: 0 (Nenhum item malicioso detectado) Valores de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Pastas: 0 (Nenhum item malicioso detectado) Arquivos: 0 (Nenhum item malicioso detectado) Setores físicos: 0 (Nenhum item malicioso detectado) (end)
  13. Bom dia amigo, Tem mais um detalhe, agora a pouco meu navegador travou e quando reiniciei apareceu isto: http://www.nuesearch.com/?type=hp&ts=1467902747&z=05de935106072ef800cc7b5g6zcq8mbtaecocm9z4t&from=wpm0616&uid=HGSTXHTS545050A7E380_TM8513PY3LX42M3LX42MX Será que alguém está acessando remotamente meu pc? Não entrei em site nenhum, não baixei nada e do nada esta M.rda aí... beleza! obrigado
  14. Meu caro Moicano, Quero agradecer por se prontificado a me ajudar, obrigado! Segue abaixo o solicitado: Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 02-07-2016 Executado por Vanessa Musso (2016-07-06 20:47:13) Run:1 Executando a partir de C:\Users\Vanessa Musso\Desktop Perfis Carregados: Vanessa Musso (Perfis Disponíveis: Vanessa Musso) Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** CreateRestorePoint: CloseProcesses: Cheapster for Google Chrome (HKLM-x32\...\Cheapster_Chrome) (Version: 1.0.0.915 - Koyote-Lab inc) <==== ATENÇÃO qksee (HKLM-x32\...\qksee) (Version: - Taiwan Shui Mu Chih Ching Technology Limited) <==== ATENÇÃO WinZip (HKLM-x32\...\WinZip) (Version: 2.2.40 - Winzipper Pvt Ltd.) <==== ATENÇÃO Task: {775776E8-4738-4BBF-90D2-F8EFC254017A} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files (x86)\TXQQBrowser\Update\BEE455E05AB58B26FB17EBA0AA038663\Update\BrowserUpdate.exe [2016-04-25] (Tencent) <==== ATENÇÃO HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\Run: [Cheapsterx64] => "C:\Program Files (x86)\Cheapster\msilnk64.exe" S2 ArkconfigurationSrv; "C:\Program Files (x86)\Arikoiedrumition\ArkconfigurationSrv.html5" {79740E79-A383-47A7-B513-3DF6563D007F} {8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} [X] C:\Program Files (x86)\Arikoiedrumition\ArkconfigurationSrv.html5 S2 SmgBlds; "C:\Program Files (x86)\Semughdabuck\SmgBlds.xhtm5" {79740E79-A383-47A7-B513-3DF6563D007F} {8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} [X] C:\Program Files (x86)\Semughdabuck\SmgBlds.xhtm5 S2 wonutocezbt; C:\Program Files (x86)\003C293C-1466534344-003D-9CE1-3C00D1DF6549\knssF538.tmp [X] C:\Program Files (x86)\003C293C-1466534344-003D-9CE1-3C00D1DF6549\knssF538.tmp S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X] S1 eypttfre; \??\C:\WINDOWS\system32\drivers\eypttfre.sys [X] S1 gbpddfac; system32\drivers\gbpddfac64.sys [X] S0 gbpddreg; system32\drivers\gbpddreg64.sys [X] S1 lobfjsou; \??\C:\WINDOWS\system32\drivers\lobfjsou.sys [X] 2016-04-03 10:43 - 2016-04-03 10:43 - 0000000 ____H () C:\Users\Vanessa Musso\AppData\Local\BIT7F73.tmp 2015-04-30 17:47 - 2016-01-06 22:41 - 0000088 __RSH () C:\ProgramData\3EA4D33338.sys 2015-04-30 17:47 - 2016-01-06 22:42 - 0002828 ___SH () C:\ProgramData\KGyGaAvL.sys 2016-06-29 09:09 - 2016-02-14 23:21 - 00582144 _____ () C:\Program Files (x86)\qksee\curlpp.dll 2016-06-29 09:09 - 2016-06-28 23:38 - 00065784 _____ () C:\Program Files (x86)\qksee\zlib1.dll C:\Users\Vanessa Musso\AppData\Local\Temp\AcDeltree.exe C:\Users\Vanessa Musso\AppData\Local\Temp\c6ac0830-2ccc-4a92-812b-1666eb440d71.exe C:\Users\Vanessa Musso\AppData\Local\Temp\Corel Universal Keygen 2015 Free Serial Key for al.exe C:\Users\Vanessa Musso\AppData\Local\Temp\ex2.exe C:\Users\Vanessa Musso\AppData\Local\Temp\ex4.exe C:\Users\Vanessa Musso\AppData\Local\Temp\F068.tmp.exe C:\Users\Vanessa Musso\AppData\Local\Temp\fsd90D9.exe C:\Users\Vanessa Musso\AppData\Local\Temp\ICReinstall_F068.tmp.exe C:\Users\Vanessa Musso\AppData\Local\Temp\jre-8u77-windows-au.exe C:\Users\Vanessa Musso\AppData\Local\Temp\jre-8u91-windows-au.exe C:\Users\Vanessa Musso\AppData\Local\Temp\kolsrchlnas.ru_BR.exe C:\Users\Vanessa Musso\AppData\Local\Temp\libeay32.dll C:\Users\Vanessa Musso\AppData\Local\Temp\msvcr120.dll C:\Users\Vanessa Musso\AppData\Local\Temp\NGM.exe C:\Users\Vanessa Musso\AppData\Local\Temp\NGMDll.dll C:\Users\Vanessa Musso\AppData\Local\Temp\NGMResource.dll C:\Users\Vanessa Musso\AppData\Local\Temp\NGMSetup.exe C:\Users\Vanessa Musso\AppData\Local\Temp\nsaA.tmp.exe C:\Users\Vanessa Musso\AppData\Local\Temp\PidGenX.dll C:\Users\Vanessa Musso\AppData\Local\Temp\sqlite3.dll C:\Users\Vanessa Musso\AppData\Local\Temp\stubhelper.dll C:\Users\Vanessa Musso\AppData\Local\Temp\unicows.dll C:\Users\Vanessa Musso\AppData\Local\Temp\vcredist_x86.exe C:\Users\Vanessa Musso\AppData\Local\Temp\VideoBox.exe C:\Users\Vanessa Musso\AppData\Local\Temp\{3E3523B6-159E-44AE-AD30-F42CF3982F08}-51.0.2704.103_51.0.2704.84_chrome_updater.exe C:\Users\Vanessa Musso\AppData\Local\Temp\{A5E29AC8-BA3B-4EB4-B104-21FC5CBE6A37}-48.0.2564.97_47.0.2526.111_chrome_updater_3stage.exe Hosts: CMD: ipconfig /flushdns EmptyTemp: ***************** Ponto de Restauração criado com sucesso. Processos fechados com sucesso. Cheapster for Google Chrome (HKLM-x32\...\Cheapster_Chrome) (Version: 1.0.0.915 - Koyote-Lab inc) <==== ATENÇÃO => Erro: Nenhuma correção automática foi encontrada para esta entrada. qksee (HKLM-x32\...\qksee) (Version: - Taiwan Shui Mu Chih Ching Technology Limited) <==== ATENÇÃO => Erro: Nenhuma correção automática foi encontrada para esta entrada. WinZip (HKLM-x32\...\WinZip) (Version: 2.2.40 - Winzipper Pvt Ltd.) <==== ATENÇÃO => Erro: Nenhuma correção automática foi encontrada para esta entrada. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{775776E8-4738-4BBF-90D2-F8EFC254017A}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{775776E8-4738-4BBF-90D2-F8EFC254017A}" => chave removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Browser Updater Task(Core) => movido com sucesso "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Browser Updater Task(Core)" => chave removido (a) com sucesso. HKU\S-1-5-21-106726862-4054988722-2312773982-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Cheapsterx64 => valor removido (a) com sucesso. ArkconfigurationSrv => serviço removido (a) com sucesso. "C:\Program Files (x86)\Arikoiedrumition\ArkconfigurationSrv.html5" => não encontrado (a). SmgBlds => serviço removido (a) com sucesso. C:\Program Files (x86)\Semughdabuck\SmgBlds.xhtm5 => movido com sucesso wonutocezbt => serviço não encontrado (a). "C:\Program Files (x86)\003C293C-1466534344-003D-9CE1-3C00D1DF6549\knssF538.tmp" => não encontrado (a). EagleX64 => serviço removido (a) com sucesso. eypttfre => serviço removido (a) com sucesso. gbpddfac => serviço removido (a) com sucesso. gbpddreg => serviço removido (a) com sucesso. lobfjsou => serviço removido (a) com sucesso. "C:\Users\Vanessa Musso\AppData\Local\BIT7F73.tmp" => não encontrado (a). C:\ProgramData\3EA4D33338.sys => movido com sucesso C:\ProgramData\KGyGaAvL.sys => movido com sucesso "C:\Program Files (x86)\qksee\curlpp.dll" => não encontrado (a). "C:\Program Files (x86)\qksee\zlib1.dll" => não encontrado (a). C:\Users\Vanessa Musso\AppData\Local\Temp\AcDeltree.exe => movido com sucesso C:\Users\Vanessa Musso\AppData\Local\Temp\c6ac0830-2ccc-4a92-812b-1666eb440d71.exe => movido com sucesso C:\Users\Vanessa Musso\AppData\Local\Temp\Corel Universal Keygen 2015 Free Serial Key for al.exe => movido com sucesso C:\Users\Vanessa Musso\AppData\Local\Temp\ex2.exe => movido com sucesso C:\Users\Vanessa Musso\AppData\Local\Temp\ex4.exe => movido com sucesso C:\Users\Vanessa Musso\AppData\Local\Temp\F068.tmp.exe => movido com sucesso C:\Users\Vanessa Musso\AppData\Local\Temp\fsd90D9.exe => movido com sucesso C:\Users\Vanessa Musso\AppData\Local\Temp\ICReinstall_F068.tmp.exe => movido com sucesso C:\Users\Vanessa Musso\AppData\Local\Temp\jre-8u77-windows-au.exe => movido com sucesso C:\Users\Vanessa Musso\AppData\Local\Temp\jre-8u91-windows-au.exe => movido com sucesso C:\Users\Vanessa Musso\AppData\Local\Temp\kolsrchlnas.ru_BR.exe => movido com sucesso C:\Users\Vanessa Musso\AppData\Local\Temp\libeay32.dll => movido com sucesso C:\Users\Vanessa Musso\AppData\Local\Temp\msvcr120.dll => movido com sucesso C:\Users\Vanessa Musso\AppData\Local\Temp\NGM.exe => movido com sucesso C:\Users\Vanessa Musso\AppData\Local\Temp\NGMDll.dll => movido com sucesso C:\Users\Vanessa Musso\AppData\Local\Temp\NGMResource.dll => movido com sucesso C:\Users\Vanessa Musso\AppData\Local\Temp\NGMSetup.exe => movido com sucesso C:\Users\Vanessa Musso\AppData\Local\Temp\nsaA.tmp.exe => movido com sucesso C:\Users\Vanessa Musso\AppData\Local\Temp\PidGenX.dll => movido com sucesso C:\Users\Vanessa Musso\AppData\Local\Temp\sqlite3.dll => movido com sucesso C:\Users\Vanessa Musso\AppData\Local\Temp\stubhelper.dll => movido com sucesso C:\Users\Vanessa Musso\AppData\Local\Temp\unicows.dll => movido com sucesso C:\Users\Vanessa Musso\AppData\Local\Temp\vcredist_x86.exe => movido com sucesso C:\Users\Vanessa Musso\AppData\Local\Temp\VideoBox.exe => movido com sucesso C:\Users\Vanessa Musso\AppData\Local\Temp\{3E3523B6-159E-44AE-AD30-F42CF3982F08}-51.0.2704.103_51.0.2704.84_chrome_updater.exe => movido com sucesso C:\Users\Vanessa Musso\AppData\Local\Temp\{A5E29AC8-BA3B-4EB4-B104-21FC5CBE6A37}-48.0.2564.97_47.0.2526.111_chrome_updater_3stage.exe => movido com sucesso C:\Windows\System32\Drivers\etc\hosts => movido com sucesso Hosts restaurado com sucesso. ========= ipconfig /flushdns ========= Configura��o de IP do Windows Libera��o do Cache do DNS Resolver bem-sucedida. ========= Fim de CMD: ========= =========== EmptyTemp: ========== BITS transfer queue => 16777216 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 31305595 B Java, Flash, Steam htmlcache => 8965 B Windows/system/drivers => 217732694 B Edge => 0 B Chrome => 22211124 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 128 B systemprofile32 => 1359 B LocalService => 577510 B NetworkService => 120934 B Vanessa Musso => 2178305335 B RecycleBin => 22637344728 B EmptyTemp: => 23.4 GB de dados temporários Removidos. ================================ O sistema precisou ser reiniciado. ==== Fim de Fixlog 21:04:09 ====
  15. Olá Amigo, Vanessa Musso Limas é minha esposa, rssss. segue relatório a partir da area de trabalho: Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 02-07-2016 Executado por Vanessa Musso (2016-07-04 10:42:30) Executando a partir de C:\Users\Vanessa Musso\Desktop Windows 8.1 Single Language (Update) (X64) (2014-11-09 02:37:03) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-106726862-4054988722-2312773982-500 - Administrator - Disabled) Convidado (S-1-5-21-106726862-4054988722-2312773982-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-106726862-4054988722-2312773982-1009 - Limited - Enabled) Vanessa Musso (S-1-5-21-106726862-4054988722-2312773982-1001 - Administrator - Enabled) => C:\Users\Vanessa Musso ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.) 64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden Akamai NetSession Interface (HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\Akamai) (Version: - Akamai Technologies, Inc) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2223 - AVAST Software) CGS17_Setup_x64 (Version: 17.1 - Corel Corporation) Hidden Cheapster for Google Chrome (HKLM-x32\...\Cheapster_Chrome) (Version: 1.0.0.915 - Koyote-Lab inc) <==== ATENÇÃO Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.) Corel Graphics - Windows Shell Extension (HKLM\...\_{4DC318F5-1640-4417-A218-912ED9905FAA}) (Version: 17.1.0.572 - Corel Corporation) Corel Graphics - Windows Shell Extension (Version: 17.1.572 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.1.572 - Corel Corporation) Hidden Corel Shell Extension - 64Bit (Version: 14.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - BR (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1.0.572 - Corel Corporation) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden doPDF (Version: 8.1.920 - Softland) Hidden doPDF 8 (HKLM-x32\...\{7ced5c6b-4b09-4bd7-8707-b3cce8eead22}) (Version: 8.1.920 - Softland) EPSON L355 Series Printer Uninstall (HKLM\...\EPSON L355 Series) (Version: - SEIKO EPSON Corporation) ETDWare PS/2-X64 11.10.5.13_WHQL (HKLM\...\Elantech) (Version: 11.10.5.13 - ELAN Microelectronic Corp.) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Floriculturas Manager (HKLM-x32\...\ST6UNST #1) (Version: - ) Galeria de Fotos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.12.0.2 - ) Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.) Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation) Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel) Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation) K-Lite Codec Pack 9.8.0 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.8.0 - ) MakeMoney 10! (HKLM-x32\...\{9E35D32B-00B8-4EC8-A086-565FF4784182}) (Version: 10.0.99 - Starta - Empreendedorismo e Inovação) MergeModule_x64 (Version: 9.1.00 - Sony Corporation) Hidden MergeModule_x86 (x32 Version: 9.1.00 - Sony Corporation) Hidden Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden MySQL Server 5.7 (HKLM\...\{2B08DE80-EE6F-489E-88CA-100046FB9763}) (Version: 5.7.11 - Oracle Corporation) novaPDF 8 add-in for Microsoft Office (x64) (HKLM\...\{17BD99A4-9C11-47D4-91AF-8814DD3FFCC2}) (Version: 8.1.920 - Softland) novaPDF 8 add-in for Microsoft Office (x86) (HKLM-x32\...\{B6E0BB99-B532-4EC1-9D84-ACC8CED590B3}) (Version: 8.1.920 - Softland) novaPDF 8 Printer Driver (HKLM\...\{3A1637B5-233D-47B1-B89F-EBF718C04CFD}) (Version: 8.1.920 - Softland) OpenOffice 4.1.1 (HKLM-x32\...\{503D2C42-D698-43BC-97FE-3610F4E8CDDC}) (Version: 4.11.9775 - Apache Software Foundation) Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation) Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden Plano de Negócio (HKLM-x32\...\{D233EC4A-EF4B-4CCA-AE37-7994A3E1A483}) (Version: 2.0.4 - SEBRAE) PlayMemories Home (HKLM-x32\...\{93AA5B49-0994-4EF6-80F3-868C9CEA88ED}) (Version: 4.1.00.12152 - Sony Corporation) PMB_ModeEditor (x32 Version: 9.1.00 - Sony Corporation) Hidden PMB_ServiceUploader (x32 Version: 9.1.00 - Sony Corporation) Hidden qksee (HKLM-x32\...\qksee) (Version: - Taiwan Shui Mu Chih Ching Technology Limited) <==== ATENÇÃO RealDownloader (x32 Version: 18.1.4.137 - RealNetworks, Inc.) Hidden RealDownloader (x32 Version: 18.1.4.142 - RealNetworks) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (RealTimes) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.4 - RealNetworks) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0212 - REALTEK Semiconductor Corp.) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden TZWebChart Chrome Compat versão 1.0 (HKLM-x32\...\{11B4A1FB-2794-4E0E-B96D-8E8611FED667}_is1) (Version: 1.0 - Tradezone - IT Evolution) Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{2BA6245D-FBB9-42F6-AFD9-C0DC52763AD5}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft) UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden vc2012_redist (x32 Version: 1.0.0.0 - Realnetworks) Hidden Video Downloader (x32 Version: 1.1.0 - RealNetworks) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation) WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) WinZip (HKLM-x32\...\WinZip) (Version: 2.2.40 - Winzipper Pvt Ltd.) <==== ATENÇÃO X Codec Pack (HKLM\...\X Codec Pack) (Version: 2.6.8 - X Codec Pack team) Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Vanessa Musso\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Vanessa Musso\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Vanessa Musso\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll () CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Vanessa Musso\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {07605517-216F-4533-B3BE-0770929D7530} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-106726862-4054988722-2312773982-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2016-05-13] (RealNetworks, Inc.) Task: {0B8E4CF9-AA0D-4EFA-8AAC-05B6EB3CEA4E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001Core => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-05] (Facebook Inc.) Task: {22FB0059-9011-4FD2-A05B-E18116D1C309} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {28027D36-8669-4212-8F17-17B61823F339} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {5D2092CE-F1C0-475F-8F6D-DEA5CB98DDAB} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2016-05-13] () Task: {60366634-ADEB-4059-A94A-DBA7CD3148A4} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-106726862-4054988722-2312773982-1001 => C:\Users\Vanessa Musso\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-05-19] (Microsoft Corporation) Task: {775776E8-4738-4BBF-90D2-F8EFC254017A} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files (x86)\TXQQBrowser\Update\BEE455E05AB58B26FB17EBA0AA038663\Update\BrowserUpdate.exe [2016-04-25] (Tencent) <==== ATENÇÃO Task: {93E6214D-71BA-4939-93AD-AAD31B36D9C8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001UA => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-05] (Facebook Inc.) Task: {9A0EFFF5-43DB-4AB0-A01B-AC98DFAA7150} - System32\Tasks\Semughdabuck Builder => C:\Program Files (x86)\Semughdabuck\SmgBldts.exe [2016-06-20] () Task: {9ACE707B-7DC3-4A61-9E96-748D88414B93} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {9FEAB704-BA7A-4BD5-A55A-30E0B61FF4F9} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-106726862-4054988722-2312773982-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.) Task: {BB76340F-31BF-42DC-9519-5ED92BEF31C1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {C09037B4-EBA3-42DA-BF13-430CE02DB155} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2014-01-16] (Sony Corporation) Task: {C4EE6676-AF5B-41B1-A69D-72E9D2056BC2} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-106726862-4054988722-2312773982-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.) Task: {CA0FCC68-DAE3-4F5C-86B6-F8B69C1DF5CE} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software) Task: {CCD2161D-7951-434A-9932-B73EE712F199} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {D6B1F080-3FDE-4F99-A20D-F0A664F81AD9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {F38542EF-3C29-4C8D-B1F4-7B4F47C401F5} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {F68DD45D-F9F6-4978-9605-6EAF1BF1AD38} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [2014-11-21] () Task: {F94D331E-5975-4488-A0DE-9659DE9C28F0} - System32\Tasks\{C854BB84-73CD-45B7-A5A8-775F01CBF0D0} => pcalua.exe -a C:\WINDOWS\st6unst.exe -c -n "C:\FloriculturasManager\ST6UNST.LOG" Task: {FA06CE44-F3CB-4E26-BF71-DF94D2C6DFB7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-24] (AVAST Software) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001Core.job => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001UA.job => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) Shortcut: C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.8\Useful links\Download Codecs & Tools.lnk -> hxxp://www.codecs.com/ (Nenhum Arquivo) Shortcut: C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.8\Useful links\Talk about Codecs.lnk -> hxxp://codecs.com/forum (Nenhum Arquivo) Shortcut: C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.8\Useful links\X Codec Pack homepage.lnk -> hxxp://www.xpcodecpack.com/ (Nenhum Arquivo) ==================== Módulos Carregados (Whitelisted) ============== 2016-05-19 22:02 - 2016-05-19 22:02 - 00959168 _____ () C:\Users\Vanessa Musso\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2016-02-02 01:53 - 2016-02-02 01:53 - 39622144 _____ () C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe 2016-02-02 01:55 - 2016-02-02 01:55 - 00333312 _____ () C:\Program Files\MySQL\MySQL Server 5.7\lib\plugin\keyring_file.dll 2014-11-21 19:06 - 2014-11-21 19:06 - 00137368 _____ () C:\Program Files\Softland\novaPDF 8\Server\AgileDotNetRT64.dll 2016-05-13 15:13 - 2016-05-13 15:13 - 00032544 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe 2014-06-03 23:11 - 2014-06-03 23:11 - 00798576 _____ () c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Draw\PsiClient.dll 2016-05-13 14:27 - 2016-05-13 14:27 - 00714992 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe 2015-07-24 22:03 - 2015-07-24 22:03 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-07-24 22:03 - 2015-07-24 22:03 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-06-29 11:15 - 2016-06-29 11:15 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\16062900\algo.dll 2016-06-29 17:51 - 2016-06-29 17:51 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\16062901\algo.dll 2016-07-04 00:48 - 2016-07-04 00:48 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\16070301\algo.dll 2016-06-29 09:09 - 2016-02-14 23:21 - 00582144 _____ () C:\Program Files (x86)\qksee\curlpp.dll 2016-06-29 09:09 - 2016-06-28 23:38 - 00065784 _____ () C:\Program Files (x86)\qksee\zlib1.dll 2016-06-29 09:09 - 2016-06-29 09:09 - 00582144 _____ () C:\Program Files (x86)\WinZipper\curlpp.dll 2016-06-29 09:09 - 2016-06-29 09:09 - 00066560 _____ () C:\Program Files (x86)\WinZipper\zlib1.dll 2016-05-13 15:13 - 2016-05-13 15:13 - 00037688 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll 2016-05-13 15:13 - 2016-05-13 15:13 - 00039224 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll 2016-05-13 15:13 - 2016-05-13 15:13 - 00037192 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll 2016-05-13 14:27 - 2016-05-13 14:27 - 00077552 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll 2016-05-29 14:54 - 2016-05-29 14:54 - 00022800 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Tools\ffmpeg\mediautil.dll 2015-07-24 22:03 - 2015-07-24 22:03 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-07-18 11:01 - 2012-07-18 15:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2016-05-13 14:20 - 2016-05-13 14:20 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll 2016-05-29 14:54 - 2016-05-29 14:54 - 00654608 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Lib\r1api.dll 2016-06-18 00:04 - 2016-06-15 06:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll 2016-06-18 00:04 - 2016-06-15 06:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll 2016-06-18 00:04 - 2016-06-15 06:15 - 17599640 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\caixa.gov.br -> imagem.caixa.gov.br ==================== Hosts Conteúdo: ========================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2013-08-22 10:25 - 2016-06-21 15:36 - 00001038 ____N C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 clients2.google.com 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-106726862-4054988722-2312773982-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{CB4F4E25-AEC5-4EE4-AF0B-9571994E14E4}] => (Allow) C:\Users\Vanessa Musso\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{11F2D4D9-66A2-479B-8AA7-000E4590FA68}] => (Allow) C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{A59307A3-2557-4618-9919-A89AE38311C7}] => (Allow) C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{9FC05A92-269A-4AD7-9BA5-28A1F136CE89}] => (Allow) LPort=1900 FirewallRules: [{D0C56131-F94E-4DD1-AF1B-B4510A7AA254}] => (Allow) LPort=2869 FirewallRules: [{DFBFD68D-60D3-469E-BF8B-64ADD45ECE5B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [TCP Query User{2C4E19D5-8DC5-4AAA-B73E-4B07E9164E07}C:\program files (x86)\philips\mediamanager\twonkymanager.exe] => (Allow) C:\program files (x86)\philips\mediamanager\twonkymanager.exe FirewallRules: [UDP Query User{F43064C2-8C9E-43C1-B9B5-0B64D56CC2EA}C:\program files (x86)\philips\mediamanager\twonkymanager.exe] => (Allow) C:\program files (x86)\philips\mediamanager\twonkymanager.exe FirewallRules: [TCP Query User{AF65F942-7007-4F6E-AACC-4A113F47A7CC}C:\program files (x86)\philips\mediamanager\twonkyrenderer.exe] => (Allow) C:\program files (x86)\philips\mediamanager\twonkyrenderer.exe FirewallRules: [UDP Query User{3E40E999-D346-4459-8746-B5EC3BDA63EF}C:\program files (x86)\philips\mediamanager\twonkyrenderer.exe] => (Allow) C:\program files (x86)\philips\mediamanager\twonkyrenderer.exe FirewallRules: [{5CA268D2-D2B6-454A-89CF-2F3A58409C57}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe FirewallRules: [{46B9B203-B88C-4C0F-AC16-F483B79193E9}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe FirewallRules: [{1D7C6D3C-F214-4722-BAF3-38927E786FF4}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe FirewallRules: [{747D8045-E917-405D-9E0A-B93375B2051B}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe FirewallRules: [{96C902B5-E584-4D82-B719-CA206A97C808}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe FirewallRules: [{994FFEEC-8A20-4DF7-AFFF-633ECFC285D3}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe FirewallRules: [{B6A6D811-8A79-424E-A00B-700CE239C4BC}] => (Allow) C:\Program Files (x86)\TVMOBiLi\bin\tvMobiliService.exe FirewallRules: [{C3A08EBA-7D05-4DF4-B1D3-7CA8B8290A00}] => (Allow) LPort=8501 FirewallRules: [{A85E346C-7FB9-4CA0-A4C9-29F2E8DBD8CA}] => (Allow) LPort=8501 FirewallRules: [{EF1B2C42-BB87-42C2-B355-47BF1E43D134}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe FirewallRules: [{A131DE02-FD8D-4592-BD20-5B103C9525A4}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe FirewallRules: [{9269504F-7FDF-40FF-93EE-FC85CAB60F19}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe FirewallRules: [{10264800-7CE2-4624-A9DC-4EDC458F2F03}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe FirewallRules: [{690FCEE5-ABC9-4BDA-90D8-488DBA3A6FD1}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe FirewallRules: [{07013D7F-48AF-44A8-9206-C954F99A53CE}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{CA735CAE-5CF9-4DE8-BDC6-F48B13C04153}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{5345C1EE-BE85-4816-A6D9-66EBB45B2350}] => (Allow) C:\Users\Vanessa Musso\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{28621DB5-E1B4-4142-A66D-544E8313D8A6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{1260428E-F5C7-42E0-BBB4-81C20351033E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{79CEFEEA-BC27-4313-BD60-A08170E68ED2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{4FBBBD86-8A27-4D63-B733-567CED0CE851}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{29A9E71B-F313-4A42-B34F-C33494CBDA85}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{E359857F-8FC6-4726-9DC6-3AC9B3407C72}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{4A9EF3A8-6CA3-4A07-A650-CD52A903ED64}] => (Allow) LPort=3306 FirewallRules: [{5E648112-03E2-4F91-B38E-AB5DEFB61D0F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{C35AB92E-FCE3-4A8B-B10F-17BC2653F3AD}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{36BD014C-21DF-4947-8835-36B95FD7336C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{838145EF-3105-4B37-8CAE-6002B2E75BDA}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [TCP Query User{FA7EC0A9-2418-453C-8DDD-CB9077291ABF}C:\users\vanessa musso\appdata\local\apps\2.0\h6gah8o3.ggl\jtqr8qqt.znz\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\vanessa musso\appdata\local\apps\2.0\h6gah8o3.ggl\jtqr8qqt.znz\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe FirewallRules: [UDP Query User{5C8131F8-EC1C-405A-8D16-43469861E9FB}C:\users\vanessa musso\appdata\local\apps\2.0\h6gah8o3.ggl\jtqr8qqt.znz\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\vanessa musso\appdata\local\apps\2.0\h6gah8o3.ggl\jtqr8qqt.znz\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe FirewallRules: [{ED451CAE-1C5D-4EC4-87B2-235F6AFB68E8}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe FirewallRules: [TCP Query User{862C2861-322B-4DF4-BD46-FB6536199B21}C:\users\vanessa musso\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vanessa musso\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{59AF6811-88AA-4543-8562-145816AD8879}C:\users\vanessa musso\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vanessa musso\appdata\local\akamai\netsession_win.exe FirewallRules: [{1C964E36-A8CA-4850-ACD9-3CDDB6B5BAB1}] => (Allow) LPort=1688 FirewallRules: [{BA44EAEF-63C0-4C2D-ACB4-4FC3063CFC6E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{616E1816-C1C9-4F83-B2EC-24A3FFCB624E}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe FirewallRules: [{1D6B90E3-33D4-40EF-8F7C-8C461EC66EFA}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe ==================== Pontos de Restauração ========================= 16-06-2016 23:34:33 Windows Update 20-06-2016 13:38:24 Windows Update 21-06-2016 20:31:27 Installed MakeMoney 10! 21-06-2016 23:53:30 JRT Pre-Junkware Removal 28-06-2016 11:15:42 Windows Update 03-07-2016 11:24:13 Chrome Cleanup Tool ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (07/01/2016 05:19:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: vanessa) Description: Falha na ativação do aplicativo Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (07/01/2016 05:18:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: vanessa) Description: Falha na ativação do aplicativo Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (07/01/2016 04:43:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: CorelPP.exe, versão: 17.1.0.572, carimbo de data/hora: 0x538e8a18 Nome do módulo com falha: corelpp.dll, versão: 17.1.0.572, carimbo de data/hora: 0x538e8d97 Código de exceção: 0xc0000005 Deslocamento da falha: 0x0000000000877fbc ID do processo com falha: 0x1acc Hora de início do aplicativo com falha: 0xCorelPP.exe0 Caminho do aplicativo com falha: CorelPP.exe1 Caminho do módulo com falha: CorelPP.exe2 ID do Relatório: CorelPP.exe3 Nome completo do pacote com falha: CorelPP.exe4 ID do aplicativo relativo ao pacote com falha: CorelPP.exe5 Error: (07/01/2016 04:43:35 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicativo: CorelPP.exe Versão do Framework: v4.0.30319 Descrição: O processo foi terminado devido a uma exceção sem tratamento. Informações da Exceção: código da exceção c0000005, endereço da exceção 00007FF877387FBC Pilha: Error: (07/01/2016 12:19:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: CorelDrw.exe, versão: 17.1.0.572, carimbo de data/hora: 0x538e8a1a Nome do módulo com falha: CrlFrmWk.dll, versão: 17.1.0.572, carimbo de data/hora: 0x538e8b14 Código de exceção: 0xc0000005 Deslocamento da falha: 0x00000000001b8fff ID do processo com falha: 0xe98 Hora de início do aplicativo com falha: 0xCorelDrw.exe0 Caminho do aplicativo com falha: CorelDrw.exe1 Caminho do módulo com falha: CorelDrw.exe2 ID do Relatório: CorelDrw.exe3 Nome completo do pacote com falha: CorelDrw.exe4 ID do aplicativo relativo ao pacote com falha: CorelDrw.exe5 Error: (07/01/2016 12:19:52 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicativo: CorelDrw.exe Versão do Framework: v4.0.30319 Descrição: O processo foi terminado devido a uma exceção sem tratamento. Informações da Exceção: código da exceção c0000005, endereço da exceção 00007FF88B408FFF Pilha: Error: (06/30/2016 07:02:14 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: CorelDrw.exe, versão: 17.1.0.572, carimbo de data/hora: 0x538e8a1a Nome do módulo com falha: CdrGfx.dll, versão: 17.1.0.572, carimbo de data/hora: 0x538e8b78 Código de exceção: 0xc0000005 Deslocamento da falha: 0x000000000008bd5f ID do processo com falha: 0x1798 Hora de início do aplicativo com falha: 0xCorelDrw.exe0 Caminho do aplicativo com falha: CorelDrw.exe1 Caminho do módulo com falha: CorelDrw.exe2 ID do Relatório: CorelDrw.exe3 Nome completo do pacote com falha: CorelDrw.exe4 ID do aplicativo relativo ao pacote com falha: CorelDrw.exe5 Error: (06/30/2016 07:02:12 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicativo: CorelDrw.exe Versão do Framework: v4.0.30319 Descrição: O processo foi terminado devido a uma exceção sem tratamento. Informações da Exceção: código da exceção c0000005, endereço da exceção 00007FF888EEBD5F Pilha: Error: (06/30/2016 03:02:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: CorelDRW.exe, versão: 17.1.0.572, carimbo de data/hora: 0x538e8a1a Nome do módulo com falha: ntdll.dll, versão: 6.3.9600.18233, carimbo de data/hora: 0x56bb4ebb Código de exceção: 0xc0000374 Deslocamento da falha: 0x00000000000f1b70 ID do processo com falha: 0x1860 Hora de início do aplicativo com falha: 0xCorelDRW.exe0 Caminho do aplicativo com falha: CorelDRW.exe1 Caminho do módulo com falha: CorelDRW.exe2 ID do Relatório: CorelDRW.exe3 Nome completo do pacote com falha: CorelDRW.exe4 ID do aplicativo relativo ao pacote com falha: CorelDRW.exe5 Error: (06/29/2016 05:43:31 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: SpfService64.exe, versão: 1.3.0.9090, carimbo de data/hora: 0x4e684dec Nome do módulo com falha: ntdll.dll, versão: 6.3.9600.18233, carimbo de data/hora: 0x56bb4ebb Código de exceção: 0xc0000005 Deslocamento da falha: 0x000000000003e8b6 ID do processo com falha: 0x1074 Hora de início do aplicativo com falha: 0xSpfService64.exe0 Caminho do aplicativo com falha: SpfService64.exe1 Caminho do módulo com falha: SpfService64.exe2 ID do Relatório: SpfService64.exe3 Nome completo do pacote com falha: SpfService64.exe4 ID do aplicativo relativo ao pacote com falha: SpfService64.exe5 Erros de Sistema: ============= Error: (07/03/2016 11:56:27 AM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (07/03/2016 11:55:57 AM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (07/02/2016 11:44:33 AM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (07/02/2016 11:44:02 AM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (07/01/2016 05:19:01 PM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: Microsoft.Reader Error: (07/01/2016 05:18:49 PM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: Microsoft.Reader.AppXqwpk1t4bvqdvwhxhbyg53psw2e2hmdrd.mca Error: (07/01/2016 11:49:54 AM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (07/01/2016 11:49:23 AM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (06/30/2016 09:37:55 AM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (06/30/2016 09:37:25 AM) (Source: DCOM) (EventID: 10010) (User: vanessa) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} CodeIntegrity: =================================== Date: 2015-08-12 12:01:16.210 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Informações da Memória =========================== Processador: Intel(R) Celeron(R) CPU 1037U @ 1.80GHz Percentagem de memória em uso: 74% RAM física total: 3932.14 MB RAM física disponível: 1016.45 MB Virtual Total: 7033.62 MB Virtual disponível: 1652.99 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:449.07 GB) (Free:106.92 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. ==================== Fim de Addition.txt ============================

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×