Ir ao conteúdo
  • Cadastre-se
rg_sc

Note lento, não abre sites, não encerra e nem reinicia

Posts recomendados

Boa noite amigos Analistas,

 

Note está com um comportamento muito estranho, estou na dúvida se é malware ou invasão/infecção. No Youtube, por exemplo, o navegador trava e não consigo rodar nada. Netflix, mesma coisa.

Agradeço a sua ajuda!

Obrigado

Chrome youtube travado.png

defender travado.png

ZA-Scan.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @rg_sc

 

Recomendo que salve esse tópico em seus Favoritos para facilitar na hora de encontrá-lo.

 

Antes de continuarmos é recomendável que leia as regras dessa área em Leia Antes de Postar!

 

Também temos Leiam nosso FAQs! para facilitar.

 

Note que, a partir do momento que dê continuidade com o tópico, assume-se que está de acordo com as regras.

 

Por favor, atente para o seguinte:

  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Sempre coloque suas respostas neste tópico... Não abra outro!
  • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  • Sempre antes de executar qualquer ferramenta passada aqui, tenha certeza que todos os programas estejam fechados.
  • Respeite a ordem das instruções passadas.

 

Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

 

# Etapa nº 1 #

 

Desative temporariamente seu antivírus, antispywares para não causar conflitos.

 

Faça o download da Farbar Recovery Scan Tool e salve-a em seu Desktop (Área de Trabalho).

 

Nota1 : Você precisa executar a versão compatível com o seu sistema (32-Bit ou 64-Bit). Se você não tiver certeza de qual versão se aplica ao seu sistema, faça o download dos dois e tente executá-los. Apenas um deles será executado, que será a versão correta.

 

Nota2 : Lembre-se, a ferramenta deve ser executada diretamente do Desktop (Área de Trabalho).

 

  1. Clique com o botão direito em FRST.exe ou FRST64.exe e escolha Executar como Administrador.
  2. Quando a ferramenta abrir click em Yes para o termo de responsabilidade.
  3. Pressione o botão Scan (Examinar).
  4. Dois logs (relatórios) serão gerados: FRST.txt e Addition.txt no Desktop.
  5. Abra o FRST.txt e copie todo seu conteúdo e cole em sua próxima resposta.
  6. Anexe o log Addition.txt.

 

Ative novamente seu antivírus, antispywares 👍

 

Abraços :D

  • Curtir 1

Compartilhar este post


Link para o post
Compartilhar em outros sites

@diego_moicano obrigado.

Segue post cfe. instruído.

Abç

 

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 28-06-2020
Executado por Isa (administrador) em LAPTOP-ISA (SAMSUNG ELECTRONICS CO., LTD. 340XAA/350XAA/550XAA) (28-06-2020 13:41:29)
Executando a partir de C:\Users\Isa\Desktop
Perfis Carregados: Isa
Platform: Windows 10 Home Single Language Versão 1903 18362.900 (X64) Idioma: Português (Brasil)
Navegador padrão: Chrome
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <5>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <19>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2d96c89078fd0804\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2d96c89078fd0804\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2d96c89078fd0804\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2d96c89078fd0804\IntelCpHeciSvc.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\MMSSHost\MMSSHOST.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\VSCore_18_12\mcapexe.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20400.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20400.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12006.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\NisSrv.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf) C:\Program Files\Diebold\Warsaw\core.exe <2>
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Samsung Electronics CO., LTD. -> ) C:\Program Files\Samsung\SamsungSettings\SamsungSettingsExpLauncher.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlClient.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlService.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\SamsungPCCleaner\SamsungPCCleanerService.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\SamsungSecurity\CmdServer\SamsungSecurityCmdServer.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\SamsungSecurity\CmdServer\SamsungSecurityEventHandler.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\SamsungSecurity\CmdServer\SamsungSecurityLauncher.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Recovery\BulletService.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SamsungSettings\SamsungSettingsExpansionPack.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SamsungSettings\SamsungSettingsExpansionUI.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SamsungUpdate\SUEngine.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SamsungUpdate\SUService.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SamsungUpdate\SUUserModeWorker.exe
(Samsung Electronics CO., LTD. -> Samsung) C:\Program Files\Samsung\SamsungSettings\WlanAniControl.exe

==================== Registro (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2042424 2020-03-16] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1936307417-1397197444-788187546-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [648328 2020-04-13] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1936307417-1397197444-788187546-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Isa\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-1936307417-1397197444-788187546-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Isa\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-1936307417-1397197444-788187546-1001\...\RunOnce: [Uninstall 20.064.0329.0008\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Isa\AppData\Local\Microsoft\OneDrive\20.064.0329.0008\amd64"
HKU\S-1-5-21-1936307417-1397197444-788187546-1001\...\RunOnce: [Uninstall 20.064.0329.0008] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Isa\AppData\Local\Microsoft\OneDrive\20.064.0329.0008"
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Samsung\SamsungSettings\WlanAniControl.exe [3379096 2017-06-27] (Samsung Electronics CO., LTD. -> Samsung)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Samsung\SamsungSettings\WlanAniControl.exe [3379096 2017-06-27] (Samsung Electronics CO., LTD. -> Samsung)
HKU\S-1-5-18\...\RunOnce: [Application Restart #3] => C:\Program Files\Samsung\SamsungSettings\WlanAniControl.exe [3379096 2017-06-27] (Samsung Electronics CO., LTD. -> Samsung)
HKU\S-1-5-18\...\RunOnce: [Application Restart #2] => C:\Program Files\Samsung\SamsungSettings\WlanAniControl.exe [3379096 2017-06-27] (Samsung Electronics CO., LTD. -> Samsung)
HKLM\...\Print\Monitors\HP DF11 Status Monitor: C:\windows\system32\hpinkstsDF11LM.dll [393352 2017-04-13] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-23] (Google LLC -> Google LLC)

==================== Tarefas Agendadas (Whitelisted) ============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {082B4935-216E-4BA6-9C4C-68B849741DFB} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
Task: {133FC550-B8A7-4981-B669-F1054664CE4D} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.4.148\DADUpdater.exe [4185384 2020-05-15] (McAfee, LLC -> McAfee, LLC)
Task: {1646BD5C-2768-4D6E-A8A3-D64830A04C5E} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1022656 2018-12-17] (McAfee, Inc. -> McAfee, Inc.)
Task: {24ABF23A-630D-4F63-909C-115A6D91DDD4} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {29D10F7D-1F33-4E41-A385-B66E6C8B5D10} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [816960 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {36A1B3C1-F615-48CE-89AA-73E49BF5B9D6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23756168 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {4A54F921-AEE3-4D47-B3B5-FA798A5E55BB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4368792 2020-06-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {4BFD211A-4FDA-433E-A9A1-226B21E1F02F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {4CAAC956-5ABA-4995-8E70-CBE075D63828} - System32\Tasks\Samsung\SamsungUpdate\UserModeWorker => C:\Program Files\Samsung\SamsungUpdate\SUUserModeWorker.exe [28000 2019-01-23] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {5061B80E-577E-468B-8500-9C6CB7FE8C03} - System32\Tasks\DPICustomized => C:\ProgramData\Samsung\DPICustomizing\FontCustomizing.exe [24736 2017-11-06] (Samsung Electronics CO., LTD. -> )
Task: {512BD475-5749-4919-B8DE-74E8B4626C6B} - System32\Tasks\Rerun Warsaw's CoreFixer => C:\WINDOWS\TEMP\is-FLIH5.tmp\corefixer.exe <==== ATENÇÃO
Task: {569AA436-215D-40C2-B0E5-3013A8DD43D5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124776 2020-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {594F6CBB-13F3-4CA5-880D-C3162A8EDB49} - System32\Tasks\Samsung\SamsungSecurity\SamsungSecurityPatternLoginAccountMonitor => C:\Program Files (x86)\Samsung\SamsungSecurity\SMessage.exe [499096 2017-12-19] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {6896DFEB-8C5A-4FC4-A8CB-38AB9207A024} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {69BCE401-BED5-4E54-BA3F-8504618BC576} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\RtkAudUService64.exe [1080552 2020-02-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" foi desbloqueado. <==== ATENÇÃO
Task: {6E7B439A-7D57-416C-A0A7-D4C41BE20185} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1022656 2018-12-17] (McAfee, Inc. -> McAfee, Inc.)
Task: {794B87AF-FE19-47CD-A89B-A22F3D6C283C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-24] (Google Inc -> Google Inc.)
Task: {7B381043-FA84-4A7C-987C-D10204011263} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-20] (Adobe Inc. -> Adobe)
Task: {85D11447-86A7-4DA8-9738-65EBD062C6A5} - System32\Tasks\Microsoft\Office\IMESharePointDictionary => c:\Program Files (x86)\Common Files\Microsoft Shared\IME16\IMESharePointDictionary.exe [201048 2002-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {866DB24C-E076-4016-85E4-F7732717A398} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124776 2020-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {889AD2E4-9B8F-44CB-A937-8DAAEF4F1D38} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23756168 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B70F85A-42DC-4092-9832-0BE8D3049EA7} - System32\Tasks\Samsung\SamsungSecurity\SamsungSecurityPatternLoginMonitor => C:\Program Files (x86)\Samsung\SamsungSecurity\SMessage.exe [499096 2017-12-19] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {A6742F4E-2718-4E47-ACFB-06EEA91D8C35} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A92B1A69-431C-45A4-80DA-B70702D31B87} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-24] (Google Inc -> Google Inc.)
Task: {B7A5BC64-A8F9-43DD-BB78-A96D930E968F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4368792 2020-06-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3F7BACE-7707-4A96-B63B-6C051839BA9A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_pepper.exe [1454648 2020-06-20] (Adobe Inc. -> Adobe)
Task: {D480157D-48FE-43C5-B198-304DED7DCAB9} - System32\Tasks\Samsung\SamsungPCCleaner\SamsungPCCleanerService => C:\Program Files (x86)\Samsung\SamsungPCCleaner\SamsungPCCleanerService.exe [117712 2017-10-12] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {D613D029-4DBC-4971-8B5C-F030832CCCEA} - System32\Tasks\PowerManagement => C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlClient.exe [2760552 2017-05-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {DC88F43D-2DD3-4208-8A44-A3ABCD8FDBD7} - System32\Tasks\Samsung\Recovery8\BulletUserModeWorker => C:\Program Files\Samsung\Recovery\BulletUserModeWorker.exe [316648 2018-01-09] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {E0E69108-1058-484B-9544-2EEF902EC467} - System32\Tasks\ColorEngine => C:\Program Files\Samsung\ColorEngine\ColorEngine.exe
Task: {E120F62B-5310-41DA-9079-A3473A7E0385} - System32\Tasks\SamsungUpdateServiceUpdate => C:\ProgramData\Samsung\SamsungUpdate3\data\SelfUpdate\SUInst.exe [2115392 2017-11-08] (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.)
Task: {E2D4FDF2-2972-4651-9473-783F08924CE9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E3DA4C41-8DA0-4AFE-8E0C-982AA3FC1685} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E979A944-4D3F-4FDF-A02E-DD8DFFAB9D9C} - System32\Tasks\SecTimeSync\TimeSyncInit => C:\Windows\SecTimeSync.exe [1630256 2013-08-23] (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.)
Task: {EA8EE9B4-BE1F-4BF1-A307-D772377540E7} - \Samsung\Settings\SettingsHibernateMonitor -> Nenhum Arquivo <==== ATENÇÃO
Task: {F9D89AD5-7F85-4980-B8F3-1295D9086AC9} - System32\Tasks\Samsung\Wifi Camera\WiFi Camera Agent => C:\Program Files\Samsung\WiFiCamera\WiFiCameraAgent.exe [434904 2017-09-26] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{88760459-7513-4c40-bfde-a7a83e5a8f30}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{97399889-3f28-448a-8b71-009309139447}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{a7b6f9eb-11b6-40c0-bab1-f60aaaa9e42e}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1936307417-1397197444-788187546-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com.br/
HKU\S-1-5-21-1936307417-1397197444-788187546-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung17win10.msn.com/?pc=SMTE
SearchScopes: HKU\S-1-5-21-1936307417-1397197444-788187546-1001 -> DefaultScope {46DEB958-C6F0-4660-B9A5-CE8BC0FFF3D9} URL = 
SearchScopes: HKU\S-1-5-21-1936307417-1397197444-788187546-1001 -> {46DEB958-C6F0-4660-B9A5-CE8BC0FFF3D9} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-11] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-06-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-06-17] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-08] (Microsoft Corporation -> Microsoft Corporation)

Edge: 
======
DownloadDir: 
Edge Profile: C:\Users\Isa\AppData\Local\Microsoft\Edge\User Data\Default [2020-06-21]

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-03-16] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-06-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-06-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-03-16] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-1936307417-1397197444-788187546-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Isa\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-30] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default [2020-06-28]
CHR DefaultSearchURL: Default -> hxxps://canvas.apps.chrome/assets/canvas_48.png
CHR Extension: (Apresentações) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-24]
CHR Extension: (Documentos) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-24]
CHR Extension: (Google Drive) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-24]
CHR Extension: (YouTube) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-24]
CHR Extension: (Adobe Acrobat) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-06-23]
CHR Extension: (Planilhas) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-24]
CHR Extension: (Documentos Google off-line) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-21]
CHR Extension: (Chrome Canvas) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieailfmhaghpphfffooibmlghaeopach [2020-06-13]
CHR Extension: (Canva) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbcfmcoibkecmionmehabndbljdleekf [2020-06-13]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-28]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Serviços (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-20] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [820280 2020-03-16] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [421800 2017-12-01] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10634632 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_18_12\McApExe.exe [745880 2019-01-23] (McAfee, Inc. -> McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [454560 2017-01-17] (McAfee, Inc. -> McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [371840 2019-01-15] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [604216 2019-01-15] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\windows\system32\mfevtps.exe [509728 2019-01-15] (McAfee, Inc. -> McAfee, LLC)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [766832 2018-08-21] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Samsung Settings Expansion Launcher; C:\Program Files\Samsung\SamsungSettings\SamsungSettingsExpLauncher.exe [226576 2019-01-31] (Samsung Electronics CO., LTD. -> )
R2 SamsungRecoveryService; C:\Program Files\Samsung\Recovery\BulletService.exe [478448 2018-01-09] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 SamsungSecurity Launcher; C:\Program Files (x86)\Samsung\SamsungSecurity\CmdServer\SamsungSecurityLauncher.exe [2010008 2017-12-19] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 SamsungUpdateService; C:\Program Files\Samsung\SamsungUpdate\\SUService.exe [422232 2019-01-23] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 SecPowerCtrlService; C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlService.exe [1652584 2017-05-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [1118256 2019-11-22] (PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
S2 sService Agent Launcher; C:\Program Files\Samsung\sService\sServiceAgentLauncherSvc.exe [X]
S3 sServiceLoopBack; "C:\Program Files\Samsung\sService\sServiceLoopBackSvc.exe" [X]

===================== Drivers (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [70568 2017-12-01] (Qualcomm Atheros -> Qualcomm)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77384 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
R3 IntcAudioBus; C:\WINDOWS\System32\drivers\IntcAudioBus.sys [280008 2019-03-26] (Intel(R) Smart Sound Technology -> Intel(R) Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [511024 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [373808 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [86136 2019-01-22] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [517168 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [981032 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [117800 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [254024 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
R3 mxtBootBridge; C:\WINDOWS\System32\drivers\mxtBootBridge.sys [39856 2017-11-02] (Solomon Systech Limited -> Atmel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvsm.inf_amd64_d08fde7a5255aaa3\nvlddmkm.sys [17212856 2018-09-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 pmxdrv; C:\windows\system32\drivers\pmxdrv.sys [31152 2018-11-06] (PAIPTAC  Driver -> )
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2358736 2018-09-19] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R3 SamsungEventController; C:\WINDOWS\System32\drivers\SamsungEventController.sys [41648 2017-10-23] (Samsung Electronics CO., LTD. -> Samsung)
R3 Shci; C:\WINDOWS\System32\drivers\Shci.sys [68096 2017-09-26] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 Snscr; C:\WINDOWS\System32\drivers\Snscr.sys [52224 2016-10-31] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-06-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [401120 2020-06-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-04] (Microsoft Windows -> Microsoft Corporation)
S1 wsddfac; C:\WINDOWS\System32\drivers\wsddfac.sys [47800 2020-06-21] (Gas Informatica Ltda -> GAS Tecnologia)
R1 wsddntf; C:\WINDOWS\system32\DRIVERS\wsddntf.sys [57016 2019-08-20] (Gas Informatica Ltda -> GAS Tecnologia)
R1 wsddpp; C:\WINDOWS\system32\drivers\wsddpp.sys [44728 2019-04-15] (Gas Informatica Ltda -> GAS Tecnologia)
R3 wsddprm; C:\WINDOWS\system32\drivers\wsddprm.sys [43560 2018-01-09] (Gas Informatica Ltda -> GAS Tecnologia)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um mês (criados) ===================

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2020-06-28 13:41 - 2020-06-28 13:44 - 000032687 _____ C:\Users\Isa\Desktop\FRST.txt
2020-06-28 13:41 - 2020-06-28 13:43 - 000000000 ____D C:\FRST
2020-06-28 13:37 - 2020-06-28 13:39 - 002291712 _____ (Farbar) C:\Users\Isa\Desktop\FRST64.exe
2020-06-26 13:14 - 2020-06-26 12:16 - 003802216 _____ C:\Users\Isa\Documents\video.mp4
2020-06-24 09:18 - 2020-06-24 09:18 - 000000000 ____D C:\Users\Isa\AppData\Roaming\Skype
2020-06-23 22:20 - 2020-06-23 22:20 - 000266577 _____ C:\Users\Isa\Downloads\[Reading_Certificate]_Isabela_Barbosa Goede_24_Jun_2020.pdf
2020-06-23 22:19 - 2020-06-23 22:19 - 000000328 _____ C:\Users\Isa\Downloads\[Reading_Progress]_Isabela_Barbosa Goede_24_Jun_2020.csv
2020-06-22 14:29 - 2020-06-22 14:29 - 001295576 _____ (Google LLC) C:\Users\Isa\Downloads\installbackupandsync.exe
2020-06-22 14:25 - 2020-06-22 14:26 - 013261730 _____ C:\Users\Isa\Downloads\Vídeo de Jaque
2020-06-21 15:15 - 2020-06-26 08:37 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-06-21 15:15 - 2020-06-26 08:37 - 000002276 _____ C:\Users\Todos os Usuários\Desktop\Microsoft Edge.lnk
2020-06-21 15:15 - 2020-06-26 08:37 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-06-21 15:15 - 2020-06-26 08:37 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-06-21 15:15 - 2020-06-22 09:03 - 000003618 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-06-21 15:15 - 2020-06-22 09:03 - 000003494 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-06-20 19:09 - 2020-06-20 19:09 - 000004442 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-06-17 22:46 - 2020-06-17 22:46 - 000096967 _____ C:\Users\Isa\Desktop\CRLV Digital.pdf
2020-06-17 22:31 - 2020-06-17 22:31 - 000021730 _____ C:\Users\Isa\Downloads\ZA-Scan.txt
2020-06-17 22:13 - 2020-06-17 22:13 - 000021730 _____ C:\ZA-Scan.txt
2020-06-17 22:04 - 2020-06-17 22:04 - 000000000 ____D C:\zoek_backup
2020-06-17 22:03 - 2020-06-17 22:16 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-06-17 22:01 - 2020-06-17 22:01 - 000000000 ____D C:\WINDOWS\pss
2020-06-17 21:48 - 2018-04-18 00:39 - 002038755 _____ C:\Users\Isa\Desktop\ZA-Scan.exe
2020-06-17 21:47 - 2020-06-17 21:47 - 006102389 _____ C:\Users\Isa\Desktop\zoek.zip
2020-06-15 19:02 - 2020-06-15 19:02 - 000322257 _____ C:\Users\Isa\Downloads\Já trouxe seu pet para consulta de rotina_ (1).mp4
2020-06-15 19:00 - 2020-06-15 19:00 - 000253451 _____ C:\Users\Isa\Downloads\Já trouxe seu pet para consulta de rotina_.mp4
2020-06-15 14:51 - 2020-06-15 14:51 - 001486545 _____ C:\Users\Isa\Desktop\PDF_336830_2020_06_08_11_26_15.pdf
2020-06-14 19:42 - 2020-06-14 19:42 - 000822910 _____ C:\Users\Isa\Downloads\E se a vida se tornar uma barra, que seja de chocolate!.pdf
2020-06-14 18:37 - 2020-06-14 18:37 - 003537570 _____ C:\Users\Isa\Downloads\MINHA CONFIRMAÇÂO-AVISO (3).pdf
2020-06-14 14:25 - 2020-06-14 14:25 - 003537576 _____ C:\Users\Isa\Downloads\MINHA CONFIRMAÇÂO-AVISO (2).pdf
2020-06-14 14:20 - 2020-06-14 14:20 - 003537279 _____ C:\Users\Isa\Downloads\MINHA CONFIRMAÇÂO-AVISO (1).pdf
2020-06-14 14:13 - 2020-06-14 14:13 - 003536027 _____ C:\Users\Isa\Downloads\MINHA CONFIRMAÇÂO-AVISO.pdf
2020-06-14 10:47 - 2020-06-05 18:03 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-06-14 10:47 - 2020-06-05 18:03 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-13 21:30 - 2020-06-13 21:36 - 000000000 ____D C:\Users\Isa\Documents\Adobe
2020-06-13 21:30 - 2020-06-13 21:30 - 000000000 ____D C:\Users\Isa\AppData\Local\UXP
2020-06-13 21:29 - 2020-06-13 21:29 - 000000000 ____D C:\Users\Isa\AppData\Roaming\NVIDIA
2020-06-13 21:29 - 2020-06-13 21:29 - 000000000 ____D C:\Users\Isa\AppData\Local\NVIDIA
2020-06-13 21:28 - 2020-06-13 21:28 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2020.lnk
2020-06-13 21:07 - 2020-06-15 09:31 - 000000000 __RHD C:\Users\Isa\Creative Cloud Files
2020-06-13 21:07 - 2020-06-13 21:07 - 000000040 ____H C:\940DDD31DDB6
2020-06-13 21:03 - 2020-06-13 21:03 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2020-06-13 21:02 - 2020-06-28 12:41 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-06-13 21:01 - 2020-06-13 21:01 - 000001364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2020-06-13 20:59 - 2020-06-13 21:28 - 000000000 ____D C:\Program Files\Common Files\Adobe
2020-06-13 20:59 - 2020-06-13 21:07 - 000000000 ____D C:\Program Files\Adobe
2020-06-13 20:54 - 2020-06-13 20:54 - 002142048 _____ (Adobe Inc.) C:\Users\Isa\Downloads\Photoshop_Set-Up-CC.exe
2020-06-13 20:43 - 2020-06-13 20:43 - 000224324 _____ C:\Users\Isa\Downloads\Design sem nome.pdf
2020-06-13 20:02 - 2020-06-13 20:02 - 000336210 _____ C:\Users\Isa\Downloads\Adote, não compre!.mp4
2020-06-13 18:51 - 2020-06-13 18:51 - 011608064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-06-13 18:51 - 2020-06-13 18:51 - 009712640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-06-13 18:51 - 2020-06-13 18:51 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-06-13 18:51 - 2020-06-13 18:51 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-06-13 18:51 - 2020-06-13 18:51 - 001539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-06-13 18:51 - 2020-06-13 18:51 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-06-13 18:51 - 2020-06-13 18:51 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2020-06-13 18:51 - 2020-06-13 18:51 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-06-13 18:51 - 2020-06-13 18:51 - 000688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2020-06-13 18:51 - 2020-06-13 18:51 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2020-06-13 18:51 - 2020-06-13 18:51 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2020-06-13 18:51 - 2020-06-13 18:51 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2020-06-13 18:51 - 2020-06-13 18:51 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2020-06-13 18:51 - 2020-06-13 18:51 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-06-13 18:51 - 2020-06-13 18:51 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-06-13 18:51 - 2020-06-13 18:51 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2020-06-13 18:51 - 2020-06-13 18:51 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2020-06-13 18:51 - 2020-06-13 18:51 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2020-06-13 18:51 - 2020-06-13 18:51 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2020-06-13 18:50 - 2020-06-13 18:50 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 019851776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 018029056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 008015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 007760384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 007268864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 007012864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 006292480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 005909504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 005765144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 004858880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 004610560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 003515392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 003398656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-06-13 18:50 - 2020-06-13 18:50 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-06-13 18:50 - 2020-06-13 18:50 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 002281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 002204160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 002184504 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2020-06-13 18:50 - 2020-06-13 18:50 - 001704448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 001467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 001410048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2020-06-13 18:50 - 2020-06-13 18:50 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-06-13 18:50 - 2020-06-13 18:50 - 001344512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMNetMgr.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 001284608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-06-13 18:50 - 2020-06-13 18:50 - 001193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 001112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMNetMgr.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 001099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-06-13 18:50 - 2020-06-13 18:50 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdosys.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi3.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-06-13 18:50 - 2020-06-13 18:50 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi3.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdosys.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-06-13 18:50 - 2020-06-13 18:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000747832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000619008 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\psisdecd.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000575488 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2020-06-13 18:50 - 2020-06-13 18:50 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-06-13 18:50 - 2020-06-13 18:50 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2020-06-13 18:50 - 2020-06-13 18:50 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroles.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisdecd.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000478208 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassdo.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\termmgr.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswmdm.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000407864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000384512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\termmgr.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassdo.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswmdm.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wavemsp.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2020-06-13 18:50 - 2020-06-13 18:50 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2020-06-13 18:50 - 2020-06-13 18:50 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wavemsp.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2020-06-13 18:50 - 2020-06-13 18:50 - 000204008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmidx.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrecst.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmidx.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrecst.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbrokerAx.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaatext.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-06-13 18:50 - 2020-06-13 18:50 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2020-06-13 18:50 - 2020-06-13 18:50 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkspbrokerAx.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000093448 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwanRadioManager.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2020-06-13 18:50 - 2020-06-13 18:50 - 000083600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasads.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2020-06-13 18:50 - 2020-06-13 18:50 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasads.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000041864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBrokerPS.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000028368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SecurityCenterBrokerPS.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-06-13 18:50 - 2020-06-13 18:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-06-13 18:50 - 2020-06-13 18:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-06-13 18:50 - 2020-06-13 18:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-06-13 18:50 - 2020-06-13 18:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-06-13 18:50 - 2020-06-13 18:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-06-13 18:50 - 2020-06-13 18:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-06-13 18:50 - 2020-06-13 18:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-06-13 18:50 - 2020-06-13 18:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-06-13 18:50 - 2020-06-13 18:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-06-13 18:50 - 2020-06-13 18:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-06-13 18:50 - 2020-06-13 18:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-06-13 18:50 - 2020-06-13 18:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-06-13 18:49 - 2020-06-13 18:49 - 009931576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 007911176 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 007604592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 007266080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 006091048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 006066808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 005283264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 005195432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 005111808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 005004344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 003726848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-06-13 18:49 - 2020-06-13 18:49 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-06-13 18:49 - 2020-06-13 18:49 - 003368104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 003187200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 002831872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-06-13 18:49 - 2020-06-13 18:49 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-06-13 18:49 - 2020-06-13 18:49 - 002656256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 002289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 002235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001683968 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001654960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001583104 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 001416224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001393952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001261568 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001260744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001100288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001055184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 001003832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkObjCore.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000894024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000892048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-06-13 18:49 - 2020-06-13 18:49 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000797464 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 000760296 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000716320 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkObjCore.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000684856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000651776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000628408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000593424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-06-13 18:49 - 2020-06-13 18:49 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-06-13 18:49 - 2020-06-13 18:49 - 000548984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-06-13 18:49 - 2020-06-13 18:49 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 000508720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000508216 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 000451864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-06-13 18:49 - 2020-06-13 18:49 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000425056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000405936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000357176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-06-13 18:49 - 2020-06-13 18:49 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-06-13 18:49 - 2020-06-13 18:49 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000280376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\psr.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpdMtp.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 000221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psr.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-06-13 18:49 - 2020-06-13 18:49 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaatext.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 000165296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000165192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpdMtpUS.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 000132424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000129600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\atl.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000090952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcEpMap.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanRadioManager.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxGipRadioManager.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-06-13 18:49 - 2020-06-13 18:49 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-06-13 18:49 - 2020-06-13 18:49 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-06-13 18:12 - 2020-06-13 18:13 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-06-13 18:12 - 2020-06-13 18:13 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-06-13 18:00 - 2020-06-13 18:00 - 000000000 ____D C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\apps do Chrome
2020-06-13 17:58 - 2020-06-13 17:58 - 003135424 _____ ( ) C:\Users\Isa\Downloads\Baixaki_GIMP_0577637697.exe
2020-06-13 17:57 - 2020-06-13 17:57 - 000018769 _____ C:\Users\Isa\Downloads\gimp-2.10.20-setup-1.exe.torrent
2020-05-30 16:40 - 2020-05-30 16:40 - 000000000 ____D C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom

==================== Um mês (modificados) ==================

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2020-06-28 13:45 - 2019-03-19 01:52 - 000000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2020-06-28 13:45 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-28 12:55 - 2019-09-20 00:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-06-28 12:38 - 2019-09-20 21:58 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1936307417-1397197444-788187546-1001
2020-06-28 12:38 - 2019-09-20 00:13 - 000002363 _____ C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-06-28 12:38 - 2018-11-05 23:11 - 000000000 ___RD C:\Users\Isa\OneDrive
2020-06-28 12:34 - 2018-11-05 23:07 - 000000000 __SHD C:\Users\Isa\IntelGraphicsProfiles
2020-06-27 22:43 - 2018-03-21 12:27 - 000000000 ____D C:\Users\Todos os Usuários\NVIDIA
2020-06-27 22:43 - 2018-03-21 12:27 - 000000000 ____D C:\ProgramData\NVIDIA
2020-06-26 18:40 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-06-26 18:24 - 2019-09-20 21:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-06-26 18:23 - 2019-03-19 01:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-06-26 08:48 - 2019-09-20 21:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\Samsung
2020-06-24 17:33 - 2019-04-17 21:24 - 000000653 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2020-06-24 12:54 - 2019-01-10 21:48 - 000000000 ____D C:\Users\Isa\AppData\Local\PlaceholderTileLogoFolder
2020-06-24 09:18 - 2020-04-29 12:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-06-23 20:39 - 2019-04-17 21:55 - 000000000 ____D C:\Users\Isa\AppData\Local\ElevatedDiagnostics
2020-06-23 14:48 - 2018-12-24 11:43 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-21 15:10 - 2019-03-19 01:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-06-21 14:46 - 2020-04-02 11:16 - 000047800 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys
2020-06-20 20:50 - 2019-11-18 22:57 - 000000000 ____D C:\Users\Isa\AppData\Local\Adobe
2020-06-20 19:09 - 2020-03-21 18:49 - 000004616 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-06-20 19:08 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-06-20 19:08 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-06-20 15:55 - 2019-03-19 01:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-20 15:54 - 2018-12-25 09:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-06-17 22:34 - 2019-09-20 00:24 - 001742324 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-06-17 22:34 - 2019-03-19 09:46 - 000754292 _____ C:\WINDOWS\system32\prfh0416.dat
2020-06-17 22:34 - 2019-03-19 09:46 - 000149292 _____ C:\WINDOWS\system32\prfc0416.dat
2020-06-17 22:34 - 2019-03-19 01:50 - 000000000 ____D C:\WINDOWS\INF
2020-06-17 22:01 - 2019-09-20 00:13 - 000000000 ____D C:\Users\Isa
2020-06-17 21:57 - 2019-09-20 21:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2020-06-17 21:51 - 2019-09-19 22:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-06-17 21:51 - 2019-09-19 22:32 - 000000000 ____D C:\Program Files (x86)\Java
2020-06-17 21:50 - 2019-09-19 22:33 - 000114344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2020-06-14 10:48 - 2018-11-05 23:07 - 000000000 ___RD C:\Users\Isa\3D Objects
2020-06-14 10:48 - 2018-03-21 12:21 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-06-14 10:46 - 2019-09-20 00:01 - 000346448 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-06-13 21:39 - 2019-03-19 09:49 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-06-13 21:39 - 2019-03-19 09:49 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-06-13 21:39 - 2019-03-19 01:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-06-13 21:39 - 2019-03-19 01:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-06-13 21:39 - 2019-03-19 01:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-06-13 21:39 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-06-13 21:39 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-06-13 21:39 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-06-13 21:39 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-06-13 21:39 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-06-13 21:39 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-06-13 21:39 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\Com
2020-06-13 21:39 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-06-13 21:39 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-06-13 21:39 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-06-13 21:36 - 2018-11-05 23:07 - 000000000 ____D C:\Users\Isa\AppData\Roaming\Adobe
2020-06-13 21:30 - 2019-04-17 21:34 - 000000000 ____D C:\Users\Isa\AppData\Local\D3DSCache
2020-06-13 21:15 - 2019-11-18 22:58 - 000000000 ____D C:\Users\Todos os Usuários\Adobe
2020-06-13 21:15 - 2019-11-18 22:58 - 000000000 ____D C:\ProgramData\Adobe
2020-06-13 21:06 - 2019-11-18 23:00 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-06-13 21:04 - 2019-02-15 23:15 - 000000000 ____D C:\Users\Todos os Usuários\Packages
2020-06-13 21:04 - 2019-02-15 23:15 - 000000000 ____D C:\ProgramData\Packages
2020-06-13 21:04 - 2018-11-05 23:07 - 000000000 ____D C:\Users\Isa\AppData\Local\Packages
2020-06-13 21:00 - 2018-03-21 12:23 - 000000000 ____D C:\Users\Todos os Usuários\Package Cache
2020-06-13 21:00 - 2018-03-21 12:23 - 000000000 ____D C:\ProgramData\Package Cache
2020-06-13 20:59 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-06-13 18:49 - 2019-09-20 00:07 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-06-04 13:58 - 2019-11-18 23:00 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-04 08:59 - 2019-02-15 23:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-05-30 16:40 - 2020-04-03 16:43 - 000000000 ____D C:\Users\Isa\AppData\Roaming\Zoom
2020-05-29 14:26 - 2019-06-19 21:10 - 000000000 ____D C:\Program Files\UNP

==================== Arquivos na raiz de alguns diretórios ========

2020-06-13 21:00 - 2020-06-13 21:00 - 000000410 _____ () C:\Users\Isa\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(Não há correção automática para arquivos que não passaram na verificação.)

==================== Fim de FRST.txt ========================

Addition.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @rg_sc

 

Desative temporariamente seu antivírus, antispywares para não causar conflitos.

 

Salve o arquivo (fixlist.txt) no anexo dessa mensagem em seu Desktop (Área de Trabalho).

  1. Clique com o botão direito em FRST.exe ou FRST64.exe e escolha Executar como Administrador.
  2. Clique no botão Fix (Corrigir) e aguarde.
  3. O sistema pode ser reiniciado.
  4. Será criado um arquivo de texto Fixlog.txt em seu Desktop.
  5. Anexe-o em sua próxima resposta.

Novamente:

  1. Execute novamente o FRST.exe ou FRST64.exe e escolha Executar como Administrador.
  2. Marque a opção Addition.txt.
  3. Pressione o botão Scan (Examinar).
  4. Anexe os dois logs.

Note: espero três logs em sua próxima resposta.

 

Ative novamente seu antivírus, antispywares 👍

 

Abraços :D

fixlist.txt

  • Curtir 1

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @rg_sc

 

# Etapa nº 1 #

 

Desative temporariamente seu antivírus, antispywares para não causar conflitos.

 

Salve o arquivo (fixlist.txt) no anexo dessa mensagem em seu Desktop (Área de Trabalho).

  1. Clique com o botão direito em FRST.exe ou FRST64.exe e escolha Executar como Administrador.
  2. Clique no botão Fix (Corrigir) e aguarde.
  3. O sistema pode ser reiniciado.
  4. Será criado um arquivo de texto Fixlog.txt em seu Desktop.
  5. Anexe-o em sua próxima resposta.

 

# Etapa nº 2 #

 

Desative temporariamente seu antivírus, antispywares para não causar conflitos.

 

Faça o download da AdwCleaner e salve-a em seu Desktop (Área de Trabalho).

 

  1. Feche todos os programas abertos.
  2. Clique com o botão direito em adwcleaner_nºVersion.exe e escolha Executar como Administrador
  3. Clique em I agree para aceitar o termo de responsabilidade.
  4. Clique no botão Scan Now e aguarde.
  5. Clique no botão Run Basic Repair.
  6. Clique no botão LogFile, depois clique no relatório que será aberto pelo Bloco de Notas.
  7. Selecione todo seu conteúdo, copie e cole em sua próxima resposta.

 

O log também será salvo em C:\AdwCleaner\Logs


NOTA: Se o AdwCleaner encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC. Faça isso imediatamente, ao ser perguntado.

 

# Etapa nº 3 #

 

Desative temporariamente seu antivírus, antispywares para não causar conflitos.

 

Faça o download do ZHPCleaner e salve em sua Área de trabalho (Desktop)

 

  1. Clique com o botão direito em ZHPCleaner.exe e escolha Executar como Administrador.
  2. Clique em I agree para aceitar o termo de responsabilidade.
  3. Clique no botão Scanner e aguarde.
  4. Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  5. Obs: o navegador pode abrir a qualquer momento, pode fechá-lo.
  6. Em seguida clique no botão Repair.
  7. Na janela que abrir, clique novamente no botão Repair.
  8. Obs: o navegador pode abrir a qualquer momento, pode fechá-lo.
  9. No Desktop irá aparecer dois logs: ZHPCleaner(S).txt e ZHPCleaner(R).txt.
  10. Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Ative novamente seu antivírus, antispywares 👍

 

Abraços :D

fixlist.txt

  • Curtir 1

Compartilhar este post


Link para o post
Compartilhar em outros sites

Prezado @diego_moicano

Agradeço as instruções! Seguem logs. No ZHPCleaner informou que não era necessário fazer nenhum reparo.

 

# -------------------------------
# Malwarebytes AdwCleaner 8.0.6.0
# -------------------------------
# Build:    06-24-2020
# Database: 2020-06-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    07-06-2020
# Duration: 00:00:37
# OS:       Windows 10 Home Single Language
# Scanned:  31836
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1266 octets] - [17/04/2019 21:40:52]
AdwCleaner[C00].txt - [1452 octets] - [17/04/2019 21:41:37]
AdwCleaner[S01].txt - [1388 octets] - [17/04/2019 21:46:50]
AdwCleaner[S02].txt - [1820 octets] - [21/03/2020 13:50:50]
AdwCleaner[C02].txt - [2047 octets] - [21/03/2020 13:52:24]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########
 

~ ZHPCleaner v2020.7.5.210 by Nicolas Coolman (2020/07/05)
~ Run by Isa (Administrator)  (06/07/2020 21:43:12)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scan
~ Report : C:\Users\Isa\Desktop\ZHPCleaner (S).txt
~ Quarantine : C:\Users\Isa\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : 
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home Single Language, 64-bit  (Build 18362)


---\\  Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.


---\\  Services (0)
~ No malicious or unnecessary items found.


---\\  Browser internet (0)
~ No malicious or unnecessary items found.


---\\  Hosts file (1)
~ The hosts file is legitimate (21)


---\\  Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.


---\\  Explorer ( File, Folder) (0)
~ No malicious or unnecessary items found.


---\\  Registry ( Key, Value, Data) (0)
~ No malicious or unnecessary items found.


---\\ Result of repair
~ Any repair made
~ Google Chrome OK
~ Internet Explorer OK


---\\ Statistics
~ Items scanned : 100786
~ Items found : 0
~ Items cancelled : 0
~ Space saving (bytes) : 0
~ Items options : 8/15


---\\ OPTIONS NOT ACTIVES
~ Temporary file analysis
~ Temporary folder analysis
~ Empty Folder CLSID Analysis
~ Empty Other Folder Analysis
~ Empty LocalLow Folder Analysis
~ Empty Local Folder Analysis
~ Obsolete Installer File Analysis

~ End of search in 00h10mn51s

---\\  Reports (0)
ZHPCleaner--06072020-21_54_03.txt
 

 

Fixlog.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @rg_sc

 

Desative temporariamente seu antivírus, antispywares para não causar conflitos.

 

Faça o download da RogueKiller Free e salve-a em seu Desktop (Área de Trabalho).

 

  1. Desconecte qualquer mídia externa (USB, HD, etc)
  2. Clique com o botão direito rogueKiller.exe e escolha Executar como Administrador
  3. Clique no botão Accept do termo de responsabilidade.
  4. Clique em Scan no painel esquerdo.
  5. Clique no botão Start em Standard Scan (recommended).
  6. Aguarde o término do scan e clique no botão Results.
  7. Veja abaixo como proceder (interpretação das cores) com os resultados.
  8. Depois da sua decisão clique no botão Finish.

 

As cores do resultado são interpretadas da seguinte forma:

 

Vermelho - Software malicioso ou infecções por malware.
Laranja - Programas potencialmente indesejados (PUPs), geralmente malicioso.
Cinza - Suspeito. Excluir ou mantê-lo, depende de você.
Verde - Seguro.

 

Nota 1: Caso você fique em dúvida sobre o resultado clique no botão Report, me envie e me aguarde.

Nota 2: Caso contrário clique no botão Removal, depois clique no botão Report, salve o relatório no Desktop, reinicie seu computador e anexo o log em sua próxima resposta.

 

Observação: você pode marcar e desmarcar cada entrada através do checkbox esquerdo de cada um no resultado.

 

Ative novamente seu antivírus, antispywares 👍

 

Abraços :D

  • Curtir 1

Compartilhar este post


Link para o post
Compartilhar em outros sites

@diego_moicano , boa noite!

Desculpe-me a demora na resposta. Vamos aos resultados, note que eu acabei optando em excluir o arquivo (acusou cor laranja).

 

RogueKiller Anti-Malware V14.6.1.0 (x64) [Jun 17 2020] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.18362) 64 bits
Started in : Normal mode
User : Isa [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20200712_165958, Driver : Loaded
Mode : Standard Scan, Delete -- Date : 2020/07/13 20:01:35 (Duration : 00:20:20)
Switches : -minimize

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[Suspicious.Path (Potentially Malicious)] \Rerun Warsaw's CoreFixer -- C:\WINDOWS\TEMP\is-FLIH5.tmp\corefixer.exe (/norerun) -> Deleted
 

Aguardo, obrigado!

 

Sds

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @rg_sc

 

Desative temporariamente seu antivírus, antispywares para não causar conflitos.

 

Faça o download da RogueKiller Free e salve-a em seu Desktop (Área de Trabalho).

 

  1. Desconecte qualquer mídia externa (USB, HD, etc)
  2. Clique com o botão direito rogueKiller.exe e escolha Executar como Administrador
  3. Clique no botão Accept do termo de responsabilidade.
  4. Clique em Scan no painel esquerdo.
  5. Clique no botão Start em Standard Scan (recommended).
  6. Aguarde o término do scan e clique no botão Results.
  7. Veja abaixo como proceder (interpretação das cores) com os resultados.
  8. Depois da sua decisão clique no botão Finish.

 

As cores do resultado são interpretadas da seguinte forma:

 

Vermelho - Software malicioso ou infecções por malware.
Laranja - Programas potencialmente indesejados (PUPs), geralmente malicioso.
Cinza - Suspeito. Excluir ou mantê-lo, depende de você.
Verde - Seguro.

 

Nota 1: Caso você fique em dúvida sobre o resultado clique no botão Report, me envie e me aguarde.

Nota 2: Caso contrário clique no botão Removal, depois clique no botão Report, salve o relatório no Desktop, reinicie seu computador e anexo o log em sua próxima resposta.

 

Observação: você pode marcar e desmarcar cada entrada através do checkbox esquerdo de cada um no resultado.

 

Ative novamente seu antivírus, antispywares 👍

 

Abraços :D

  • Curtir 1

Compartilhar este post


Link para o post
Compartilhar em outros sites

@diego_moicano

 

RogueKiller Anti-Malware V14.6.1.0 (x64) [Jun 17 2020] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.18362) 64 bits
Started in : Normal mode
User : Isa [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20200717_191149, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2020/07/17 21:35:45 (Duration : 00:22:36)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Antirootkit ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @rg_sc

 

Atualize seu antivírus, faça um scan completo e poste o resultado.

 

Abraços :D

  • Curtir 1

Compartilhar este post


Link para o post
Compartilhar em outros sites

@diego_moicano boa noite

 

Segue o resultado.

scan.jpg

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @rg_sc

 

Como está seu Windows?

 

Desative temporariamente seu antivírus, antispywares para não causar conflitos.

 

# Etapa nº 1 #

 

Renomeie o FRST.exe ou FRST64.exe para uninstall.exe
Clique com o botão direito em uninstall.exe e escolha Executar como Administrador.
Aguarde.

 

# Etapa nº 2 #

 

Clique com o botão direito em adwcleaner_nºVersion.exe e escolha Executar como Administrador

Clique em Settings e depois em Applications.

Em Remove AdwCleaner clique no botão Remove.


# Etapa nº 3 #

O programa RogueKiller é pago (total funcionalidade), no caso nós usamos somente para remoção, porém vai da sua decisão mantê-lo instalado (e atualizado) ou não. 

 

# Etapa nº 4 #

 

Faça o download da KpRm by Kernel-panik e salve-a em seu Desktop (Área de Trabalho).

Clique com o botão direito e escolha Executar como Administrador.

Marque os itens em Actions:

- Delete tools
- Delete Restore Points
- Create Restore Point
- Registry Backup
- UAC Restore
- Restore System Settings

Marque os itens em Delete Quarentines:

- Delete now

Clique no botão Run.
Uma vez terminado clique em Ok.

O log irá abrir com o título kprm-(data).txt.

Selecione todo o conteúdo, copie e cole em sua próxima resposta (caso ache necessário).

 

# Etapa nº 5 #

 

Faça o download da Security Check by glax24.25 e salve-a em seu Desktop (Área de Trabalho).

 

Clique com o botão direito em SecurityCheckH.exe e escolha Executar como Administrador.
Aguarde... irá abrir o navegador.
Confira cada aviso (Warning!) e faça as devidas atualizações (Download Update).


<<@>> Mantenha sempre seu Windows atualizado; mantenha uma vigilância constante com o firewall e antivírus e por fim, lembre-se que, a melhor forma de prevenir começa pelas nossas atitudes!

 

Nota: Caso queira pode deletar o(s) arquivo(s) depois do fechamento desse tópico.

 

Ative novamente seu antivírus, antispywares 👍

 

# Etapa nº 6 #

 

O Ccleaner é um excelente utilitário de limpeza para o computador.

 

Faça o download dele aqui Ccleaner

 

  • Após a instalação vá até o local onde o programa foi instalado, geralmente em C:\Arquivos de programas\CCleaner.
  • Clique duas vezes nesta pasta;
  • Numa área vazia desta janela, clique com o botão direito do mouse e escolha Novo > pasta e crie uma nova pasta;
  • Coloque o nome de backups.
  • Abra o programa e clique em Executar Limpeza;
  • Clique no botão Registro > Procurar Erros > Corrigir erro(s) seleciona(s)...
  • Observação: Não se esqueça de aceitar o backup das correções, e salvá-los nas pasta criada acima!

 

Abraços :D

  • Curtir 1

Compartilhar este post


Link para o post
Compartilhar em outros sites

@diego_moicano, boa noite!

 

Aparentemente tudo normal.

Sobre a etapa 5, o Defender reconheceu esse arquivo que baixei do link abaixo como cavalo de tróia. Devo mantê-lo?

 

1131731256_ErroSecurityCheckH.png.3f91098c115a01b6fd961384227599ad.png
Obrigado!

 

# Run at 20/07/2020 22:17:00
# KpRm (Kernel-panik) version 2.8
# Website https://kernel-panik.me/tool/kprm/
# Run by Isa from C:\Users\Isa\Desktop
# Computer Name: LAPTOP-ISA
# OS: Windows 10 X64 (18362) 
# Number of passes: 1

- Checked options -

    ~ Registry Backup
    ~ Delete Tools
    ~ Restore System Settings
    ~ UAC Restore
    ~ Delete Restore Points
    ~ Create Restore Point
    ~ Delete Quarantines

- Create Registry Backup -

   ~ [OK] Hive C:\WINDOWS\System32\config\SOFTWARE backed up
   ~ [OK] Hive C:\Users\Isa\NTUSER.dat backed up

     [OK] Registry Backup: C:\KPRM\backup\2020-07-20-22-17-00

- Delete Tools -


  ## AdwCleaner
     [OK] C:\Users\Isa\Desktop\adwcleaner_8.0.3.exe deleted

  ## ZHP Tools
     [OK] C:\Users\Isa\AppData\Local\ZHP deleted
     [OK] HKCU\SOFTWARE\ZHP deleted

  ## Zoek
     [OK] C:\zoek_backup deleted

- Other Lines -


  ## Quarantines never deleted
    ~ C:\Users\Isa\AppData\Roaming\ZHP (ZHP)

- Restore System Settings -

     [OK] Reset WinSock
     [OK] FLUSHDNS
     [OK] Hide Hidden file.
     [OK] Show Extensions for known file types
     [OK] Hide protected operating system files

- Restore UAC -

     [OK] Set EnableLUA with default (1) value
     [OK] Set ConsentPromptBehaviorAdmin with default (5) value
     [OK] Set ConsentPromptBehaviorUser with default (3) value
     [OK] Set EnableInstallerDetection with default (0) value
     [OK] Set EnableSecureUIAPaths with default (1) value
     [OK] Set EnableUIADesktopToggle with default (0) value
     [OK] Set EnableVirtualization with default (1) value
     [OK] Set FilterAdministratorToken with default (0) value
     [OK] Set PromptOnSecureDesktop with default (1) value
     [OK] Set ValidateAdminCodeSignatures with default (0) value

- Clear Restore Points -

   ~ [OK] RP named Ponto de Verificação Agendado created at 06/30/2020 21:34:34 deleted
   ~ [OK] RP named Restore Point Created by FRST created at 07/07/2020 00:26:09 deleted
   ~ [OK] RP named Windows Update created at 07/18/2020 22:49:01 deleted
     [OK] All system restore points have been successfully deleted

- Create Restore Point -

     [OK] System Restore Point created

- Display System Restore Point -

   ~ RP named KpRm created at 07/21/2020 01:17:44

-- KPRM finished in 101.09s --

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@rg_sc

 

10 horas atrás, rg_sc disse:

Sobre a etapa 5, o Defender reconheceu esse arquivo que baixei do link abaixo como cavalo de tróia. Devo mantê-lo?

 

Falso positivo meu amigo. Mas se quiser pode deletá-lo e baixar quando precisar ;)

 

Podemos finalizar?

 

Abraços :D

  • Curtir 1

Compartilhar este post


Link para o post
Compartilhar em outros sites

@diego_moicano ok, vou instalar então.

 

Podemos finalizar sim meu amigo, muito obrigado pela ajuda mais uma vez!

Obs.: estou com um problema no notebook da minha esposa, quanto tempo preciso esperar para poder solicitar ajuda novamente?

Sds!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @rg_sc

 

De acordo com as regras: Tópicos de um mesmo usuário abertos em menos de um mês serão excluídos sem aviso prévio.

 

Agora se for urgente, entre em contato com os coordenadores da área @RenatoM ou @Turco e veja com eles como proceder.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Problema resolvido!

 

Caso o autor necessite, o mesmo será reaberto, para isso deverá entrar em contato com um Analista de Segurança ou Coordenador solicitando o desbloqueio.

 

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas comunidades sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...

Aprenda a ler resistores e capacitores

EBOOK GRÁTIS!

CLIQUE AQUI E BAIXE AGORA MESMO!