cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:30-04-2016
Executado por Gateway (administrador) em FAMILIA (01-05-2016 10:50:07)
Executando a partir de C:\Users\Gateway\Downloads
Perfis Carregados: Gateway (Perfis Disponíveis: Gateway & andre_000 & Administrador)
Platform: Windows 10 Home Single Language Versão 1511 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Edge)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Microsoft Corporation) C:\ProgramData\Windows Security\winsecurity.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe
(skype.cog.cc) C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Users\Gateway\Downloads\Adobe Premiere Pro CS6 6.0.0 LS7 Multilanguage [ChingLiu]\PremierePro_6_LS7.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
() C:\ProgramData\Microsoft\Network\Dsq\browser\syshostctl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
(© 2015 Microsoft Corporation) C:\Users\Gateway\AppData\Local\Microsoft\BingSvc\BingSvc.exe
() C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe
() C:\ProgramData\WindowsMsg\osmsg.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-09] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [gmsd_br_554] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [gmsd_br_034010047] => [X]
HKLM-x32\...\Run: [rec_br_70] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-07-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
Winlogon\Notify\ GbPluginScd: C:\Program Files (x86)\GbPlugin\gbiehScd.dll [2015-10-06] (Sicredi)
HKU\S-1-5-21-1412601872-4003495661-3799204136-1001\...\Run: [BingSvc] => C:\Users\Gateway\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-03-15] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1412601872-4003495661-3799204136-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176 2012-11-12] ()
HKU\S-1-5-21-1412601872-4003495661-3799204136-1001\...\Run: [Pritc] => C:\Users\Gateway\AppData\Local\Temp\00023320\casrss.exe [2958848 2016-04-29] (VLOME) <===== ATENÇÃO
HKU\S-1-5-21-1412601872-4003495661-3799204136-1001\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [2055168 2016-04-16] ()
HKU\S-1-5-21-1412601872-4003495661-3799204136-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1412601872-4003495661-3799204136-1001\...\RunOnce: [Uninstall C:\Users\Gateway\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gateway\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64"
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399011} - C:\Program Files (x86)\GbPlugin\gbiehscd.dll [1839640 2015-10-06] (Sicredi)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Gateway MyBackup Tray.lnk [2012-09-05]
ShortcutTarget: Gateway MyBackup Tray.lnk -> C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe (NTI Corporation)
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

ProxyEnable: [S-1-5-21-1412601872-4003495661-3799204136-1001] => Proxy está habilitado.
ProxyServer: [S-1-5-21-1412601872-4003495661-3799204136-1001] => http=127.0.0.1:8080;https=127.0.0.1:8080
Winsock: Catalog5 07 C:\ProgramData\System32\SafeGuard32.dll Nenhum Arquivo
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6c2cef98-cb19-43b5-a43c-dcdf109457f7}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{77e84ed7-f1b3-4972-ae64-98ec2b0ff7a2}: [DhcpNameServer] 192.168.1.1
ManualProxies: 1http=127.0.0.1:8080;https=127.0.0.1:8080

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://nav.brotstation.com?uid={e29b01b6944a4be59dffa82a89fc56d4}&r=eg
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.searchult.com/?bd=ds&oem=instlm&uid=WDCXWD5000LPVX-22V0TT0_WD-WXU1E83RAFH1RAFH1&version=2.3.0.8956&pid=414031160&tid=454&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.navegaki.com?q={searchTerms}&uid={e29b01b6944a4be59dffa82a89fc56d4}&r=eg
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://nav.brotstation.com?uid={e29b01b6944a4be59dffa82a89fc56d4}&r=eg
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.searchult.com/?bd=ds&oem=instlm&uid=WDCXWD5000LPVX-22V0TT0_WD-WXU1E83RAFH1RAFH1&version=2.3.0.8956&pid=414031160&tid=454&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.navegaki.com?q={searchTerms}&uid={e29b01b6944a4be59dffa82a89fc56d4}&r=eg
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://nav.brotstation.com?uid={e29b01b6944a4be59dffa82a89fc56d4}&r=eg
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://nav.brotstation.com?uid={e29b01b6944a4be59dffa82a89fc56d4}&r=eg
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.navegaki.com?q={searchTerms}&uid={e29b01b6944a4be59dffa82a89fc56d4}&r=eg
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.navegaki.com?q={searchTerms}&uid={e29b01b6944a4be59dffa82a89fc56d4}&r=eg
HKU\S-1-5-21-1412601872-4003495661-3799204136-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-1412601872-4003495661-3799204136-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?pc=UE01&ocid=UE01DHP
SearchScopes: HKLM -> DefaultScope {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.searchult.com/?bd=ds&oem=instlm&uid=WDCXWD5000LPVX-22V0TT0_WD-WXU1E83RAFH1RAFH1&version=2.3.0.8956&pid=414031160&tid=454&q={searchTerms}
SearchScopes: HKLM -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.searchult.com/?bd=ds&oem=instlm&uid=WDCXWD5000LPVX-22V0TT0_WD-WXU1E83RAFH1RAFH1&version=2.3.0.8956&pid=414031160&tid=454&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.navegaki.com?q={searchTerms}&uid={e29b01b6944a4be59dffa82a89fc56d4}&r=eg
SearchScopes: HKLM-x32 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.navegaki.com?q={searchTerms}&uid={e29b01b6944a4be59dffa82a89fc56d4}&r=eg
SearchScopes: HKU\S-1-5-21-1412601872-4003495661-3799204136-1001 -> {98940BD0-B3AE-4EE8-9F36-BE815103B541} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-29] (Oracle Corporation)
BHO-x32: Sem Nome -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> Nenhum Arquivo
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540011} -> C:\Program Files (x86)\GbPlugin\gbiehscd.dll [2015-10-06] (Sicredi)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-29] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://nav.brotstation.com?uid={e29b01b6944a4be59dffa82a89fc56d4}&r=eg

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-23] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-20] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-23] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1412601872-4003495661-3799204136-1001: gastecnologia.com.br/sf/abn -> C:\Users\Gateway\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll [2015-02-21] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-1412601872-4003495661-3799204136-1001: gastecnologia.com.br/sf/abn64 -> C:\Users\Gateway\AppData\Local\GAS Tecnologia\GBBD\npsf_abn_64.dll [2015-04-02] (GAS Tecnologia)
FF HKLM\...\Firefox\Extensions: [{9C49C861-442A-41D6-aD4E-417AD8F2215D}] - C:\Program Files\shopperz100920151212\Firefox => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFFPlgn => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.2.15\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.2.15\coFFPlgn [2016-04-29] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [{9C49C861-442A-41D6-aD4E-417AD8F2215D}] - C:\Program Files\shopperz100920151212\Firefox => não encontrado (a)

Chrome:
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=pt-br
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxps://br.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Gateway\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Gateway\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-20]
CHR Extension: (Google Drive) - C:\Users\Gateway\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-20]
CHR Extension: (YouTube) - C:\Users\Gateway\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-20]
CHR Extension: (Pesquisa do Google) - C:\Users\Gateway\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-04]
CHR Extension: (Bing) - C:\Users\Gateway\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2016-03-20]
CHR Extension: (Documentos Google off-line) - C:\Users\Gateway\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-20]
CHR Extension: (Norton Identity Safe) - C:\Users\Gateway\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-03-20]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Gateway\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-01]
CHR Extension: (Gmail) - C:\Users\Gateway\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-20]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-08-05]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1412601872-4003495661-3799204136-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-08-05]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-07-22] (Adobe Systems Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Gateway\Gateway Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-09] (ELAN Microelectronics Corp.)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [658432 2015-05-02] (Macrovision Europe Ltd.) [Arquivo não assinado]
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [587576 2015-10-06] (GAS Tecnologia)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-08] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe [282016 2015-07-16] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-11-12] (Dritek System INC.)
R2 SkypeUpdateEx; C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe [167352 2016-03-21] (skype.cog.cc)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 WindowsSecurity; C:\ProgramData\Windows Security\winsecurity.exe [1697752 2016-04-20] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-07-31] (Atheros) [Arquivo não assinado]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

U5 b57xdmp; C:\Windows\System32\Drivers\b57xdmp.sys [21080 2012-08-13] (Broadcom Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\BASHDefs\20150706.001\BHDrvx64.sys [1648880 2015-07-10] (Symantec Corporation)
R1 bsdriver; C:\WINDOWS\system32\drivers\bsdriver.sys [34720 2015-09-16] ()
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1605020.00F\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [56736 2015-08-20] (Windows (R) Win 7 DDK provider)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-27] (Symantec Corporation)
R1 egg_protect; C:\Windows\EProtect_amd64.sys [19856 2016-04-24] ()
S3 EraserUtilDrv11511; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11511.sys [153936 2015-07-27] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-24] (Symantec Corporation)
S1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [0 2015-09-21] () <==== ATENÇÃO (zero byte Arquivo/Pasta)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [21720 2015-04-29] (GAS Tecnologia)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\IPSDefs\20150710.001\IDSVia64.sys [692984 2015-07-10] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\VirusDefs\20150805.002\ENG64.SYS [138488 2015-05-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\VirusDefs\20150805.002\EX64.SYS [2146040 2015-05-20] (Symantec Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-11-12] (Dritek System Inc.)
R3 SRTSP; C:\Windows\system32\drivers\NISx64\1605020.00F\SRTSP64.SYS [926448 2015-07-10] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1605020.00F\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NISx64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-10] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NISx64\1605020.00F\SymELAM.sys [24192 2015-07-10] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-08-05] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1605020.00F\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1605020.00F\SYMNETS.SYS [576248 2015-07-10] (Symantec Corporation)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-04-29] (GAS Tecnologia LTDA)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R1 {5655cc61-ac65-4711-a3fb-e51623487b85}Gw64; C:\Windows\System32\drivers\{5655cc61-ac65-4711-a3fb-e51623487b85}Gw64.sys [48744 2015-09-15] (StdLib)
R1 {a082162f-33bb-4f89-ba4c-d28e11958f60}Gw64; C:\Windows\System32\drivers\{a082162f-33bb-4f89-ba4c-d28e11958f60}Gw64.sys [48744 2015-09-23] (StdLib)
R1 {c0cf61bf-d178-443b-a3dd-1d6cfdd7cd43}Gw64; C:\Windows\System32\drivers\{c0cf61bf-d178-443b-a3dd-1d6cfdd7cd43}Gw64.sys [48744 2015-09-23] (StdLib)
R1 {eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw64; C:\Windows\System32\drivers\{eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw64.sys [48776 2015-06-02] (StdLib)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-05-01 10:50 - 2016-05-01 10:51 - 00027207 _____ C:\Users\Gateway\Downloads\FRST.txt
2016-05-01 10:49 - 2016-05-01 10:50 - 00000000 ____D C:\FRST
2016-05-01 10:48 - 2016-05-01 10:49 - 02377216 _____ (Farbar) C:\Users\Gateway\Downloads\FRST64.exe
2016-04-30 20:23 - 2016-04-30 20:30 - 111600518 _____ (Sony Creative Software Inc.) C:\Users\andre_000\Downloads\vegaspro13.0.373_64bit.exe.mgqjlhv.partial
2016-04-30 19:01 - 2016-04-30 19:01 - 00003668 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-andreyvalenca@hotmail.com
2016-04-30 18:55 - 2016-04-30 18:56 - 00000000 ____D C:\Users\andre_000\AppData\Roaming\PACE Anti-Piracy
2016-04-30 18:55 - 2016-04-30 18:56 - 00000000 ____D C:\Users\andre_000\AppData\Local\PACE Anti-Piracy
2016-04-30 18:51 - 2016-04-30 18:51 - 00000000 ____D C:\Users\andre_000\Documents\Adobe
2016-04-30 18:30 - 2016-04-30 18:35 - 396193404 _____ C:\Users\andre_000\Downloads\Sony Vegas 10 pro + crack.rar
2016-04-30 18:16 - 2016-04-30 18:16 - 00000000 ____D C:\Users\andre_000\Downloads\updates
2016-04-30 18:15 - 2016-04-30 18:15 - 00000000 ____D C:\Users\andre_000\AppData\Roaming\uTorrent
2016-04-30 18:12 - 2016-04-30 18:12 - 00000000 _____ C:\Users\andre_000\Downloads\uTorrent (3) (1).exe.dj8ykoe.partial
2016-04-30 18:11 - 2016-04-30 18:15 - 01959424 _____ (BitTorrent Inc.) C:\Users\andre_000\Downloads\uTorrent (4).exe
2016-04-30 18:11 - 2016-04-30 18:11 - 01959424 _____ (BitTorrent Inc.) C:\Users\andre_000\Downloads\uTorrent (3).exe
2016-04-30 18:11 - 2016-04-30 18:11 - 01959424 _____ (BitTorrent Inc.) C:\Users\andre_000\Downloads\uTorrent (2).exe
2016-04-30 18:11 - 2016-04-30 18:11 - 00000000 _____ C:\Users\andre_000\Downloads\uTorrent (5).exe.zcl5xb9.partial
2016-04-30 18:11 - 2016-04-30 18:11 - 00000000 _____ C:\Users\andre_000\Downloads\uTorrent (2) (1).exe.i4gneuq.partial
2016-04-30 18:11 - 2016-04-30 18:11 - 00000000 _____ C:\Users\andre_000\Downloads\uTorrent (1) (1).exe.gqfhl2m.partial
2016-04-30 18:10 - 2016-04-30 18:12 - 01959424 _____ (BitTorrent Inc.) C:\Users\andre_000\Downloads\uTorrent.exe
2016-04-30 18:10 - 2016-04-30 18:11 - 01959424 _____ (BitTorrent Inc.) C:\Users\andre_000\Downloads\uTorrent (1).exe
2016-04-30 17:07 - 2016-04-30 17:07 - 00003662 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-elisavalenca@hotmail.com
2016-04-30 16:28 - 2016-04-30 16:28 - 00000000 ____D C:\Users\Todos os Usuários\PACE Anti-Piracy
2016-04-30 16:28 - 2016-04-30 16:28 - 00000000 ____D C:\Users\Gateway\AppData\Roaming\PACE Anti-Piracy
2016-04-30 16:28 - 2016-04-30 16:28 - 00000000 ____D C:\Users\Gateway\AppData\Local\PACE Anti-Piracy
2016-04-30 16:28 - 2016-04-30 16:28 - 00000000 ____D C:\ProgramData\PACE Anti-Piracy
2016-04-30 16:13 - 2011-11-03 03:01 - 00056208 ____N (Rovi Corporation) C:\WINDOWS\system32\Drivers\PxHlpa64.sys
2016-04-30 16:13 - 2011-10-17 03:00 - 00010224 ____N (Sonic Solutions) C:\WINDOWS\system32\Drivers\cdralw2k.sys
2016-04-30 16:13 - 2011-10-17 03:00 - 00010224 ____N (Sonic Solutions) C:\WINDOWS\system32\Drivers\cdr4_xp.sys
2016-04-30 16:12 - 2016-04-30 16:12 - 00000000 ____D C:\Program Files (x86)\My Company Name
2016-04-30 16:10 - 2016-04-30 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2016-04-30 16:09 - 2016-04-30 16:20 - 00000000 ____D C:\Program Files\Adobe
2016-04-30 16:06 - 2016-04-30 16:06 - 00001077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2016-04-30 16:01 - 2016-04-30 16:20 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-04-30 15:37 - 2016-04-30 15:44 - 00000000 ____D C:\Users\Gateway\Desktop\Adobe Premiere Pro CS6
2016-04-30 15:26 - 2016-04-30 15:26 - 00000000 ____D C:\Users\Gateway\Downloads\Adobe Premiere Pro CS6 6.0.0 LS7 Multilanguage [ChingLiu]
2016-04-30 14:45 - 2016-04-30 18:32 - 00000000 ____D C:\Users\andre_000\Desktop\Adobe Premiere Pro CS6
2016-04-30 14:41 - 2016-04-30 14:41 - 00000000 ____D C:\Users\andre_000\AppData\Roaming\PlutoTV
2016-04-29 20:54 - 2016-04-29 20:54 - 00000000 ____D C:\Users\Gateway\AppData\Roaming\PlutoTV
2016-04-29 20:53 - 2016-04-29 20:53 - 00000000 ____D C:\Users\Gateway\AppData\Roaming\RPEng
2016-04-29 20:51 - 2016-05-01 10:46 - 00000000 ____D C:\Users\Gateway\AppData\Roaming\uTorrent
2016-04-29 20:50 - 2016-04-29 20:51 - 01959424 _____ (BitTorrent Inc.) C:\Users\Gateway\Downloads\uTorrent.exe
2016-04-29 20:44 - 2016-05-01 10:38 - 00003644 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-04-29 20:44 - 2016-04-29 20:44 - 00003110 _____ C:\WINDOWS\System32\Tasks\ttwifi
2016-04-29 20:44 - 2016-04-29 20:44 - 00003004 _____ C:\WINDOWS\System32\Tasks\osTip
2016-04-29 20:43 - 2016-04-29 20:44 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-04-29 20:43 - 2016-04-29 20:44 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-04-29 20:43 - 2016-04-29 20:43 - 00003044 _____ C:\WINDOWS\System32\Tasks\Pritc
2016-04-29 20:15 - 2016-04-29 20:15 - 00621585 _____ C:\Users\Gateway\Sony Vegas Pro 11 (32 Bit) {+ Crack and Keygen}.zip
2016-04-29 19:54 - 2016-05-01 10:36 - 00000000 ___HD C:\OneDriveTemp
2016-04-29 19:39 - 2016-04-29 19:48 - 00000000 ____D C:\Users\TEMP\AppData\Local\Packages
2016-04-29 19:39 - 2016-04-29 19:39 - 00000000 ____D C:\Users\TEMP\AppData\Local\TileDataLayer
2016-04-29 19:38 - 2016-04-29 19:48 - 00000000 ____D C:\Users\TEMP
2016-04-27 14:10 - 2016-03-29 02:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-27 14:10 - 2016-03-29 02:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-27 14:10 - 2016-03-29 02:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-27 14:10 - 2016-03-29 02:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-27 14:09 - 2016-04-02 01:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-27 14:09 - 2016-04-02 01:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-27 14:09 - 2016-04-02 00:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-27 14:09 - 2016-04-02 00:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-27 14:09 - 2016-04-02 00:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-27 14:09 - 2016-04-02 00:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-27 14:09 - 2016-04-02 00:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-27 14:09 - 2016-04-02 00:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-27 14:09 - 2016-04-02 00:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-27 14:09 - 2016-04-02 00:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-27 14:09 - 2016-04-02 00:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-27 14:09 - 2016-04-02 00:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-27 14:09 - 2016-03-29 07:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-27 14:09 - 2016-03-29 07:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-27 14:09 - 2016-03-29 07:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-27 14:09 - 2016-03-29 07:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-27 14:09 - 2016-03-29 07:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-27 14:09 - 2016-03-29 07:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-27 14:09 - 2016-03-29 07:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-27 14:09 - 2016-03-29 06:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-27 14:09 - 2016-03-29 06:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-27 14:09 - 2016-03-29 06:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-27 14:09 - 2016-03-29 06:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-27 14:09 - 2016-03-29 06:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-27 14:09 - 2016-03-29 06:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-27 14:09 - 2016-03-29 05:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-27 14:09 - 2016-03-29 05:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-27 14:09 - 2016-03-29 05:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-27 14:09 - 2016-03-29 05:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-27 14:09 - 2016-03-29 05:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-27 14:09 - 2016-03-29 04:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-27 14:09 - 2016-03-29 04:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-27 14:09 - 2016-03-29 04:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-27 14:09 - 2016-03-29 04:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-27 14:09 - 2016-03-29 04:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-27 14:09 - 2016-03-29 04:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-27 14:09 - 2016-03-29 04:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-27 14:09 - 2016-03-29 04:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-27 14:09 - 2016-03-29 04:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-27 14:09 - 2016-03-29 04:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-27 14:09 - 2016-03-29 04:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-27 14:09 - 2016-03-29 04:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-27 14:09 - 2016-03-29 04:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-27 14:09 - 2016-03-29 04:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-27 14:09 - 2016-03-29 04:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-27 14:09 - 2016-03-29 04:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-27 14:09 - 2016-03-29 04:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-27 14:09 - 2016-03-29 04:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-27 14:09 - 2016-03-29 04:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-27 14:09 - 2016-03-29 04:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-27 14:09 - 2016-03-29 04:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-27 14:09 - 2016-03-29 04:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-27 14:09 - 2016-03-29 04:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-27 14:09 - 2016-03-29 04:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-27 14:09 - 2016-03-29 04:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-27 14:09 - 2016-03-29 04:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-27 14:09 - 2016-03-29 04:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-27 14:09 - 2016-03-29 04:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-27 14:09 - 2016-03-29 04:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-27 14:09 - 2016-03-29 03:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-27 14:09 - 2016-03-29 03:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-27 14:09 - 2016-03-29 03:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-27 14:09 - 2016-03-29 03:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-27 14:09 - 2016-03-29 03:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-27 14:09 - 2016-03-29 03:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-27 14:09 - 2016-03-29 03:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-27 14:09 - 2016-03-29 03:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-27 14:09 - 2016-03-29 03:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-27 14:09 - 2016-03-29 03:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-27 14:09 - 2016-03-29 03:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-27 14:09 - 2016-03-29 03:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-27 14:09 - 2016-03-29 03:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-27 14:09 - 2016-03-29 03:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-27 14:09 - 2016-03-29 03:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-27 14:09 - 2016-03-29 03:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-27 14:09 - 2016-03-29 03:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-27 14:09 - 2016-03-29 03:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-27 14:09 - 2016-03-29 03:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-27 14:09 - 2016-03-29 03:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-27 14:09 - 2016-03-29 03:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-27 14:09 - 2016-03-29 03:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-27 14:09 - 2016-03-29 03:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-27 14:09 - 2016-03-29 03:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-27 14:09 - 2016-03-29 03:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-27 14:09 - 2016-03-29 03:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-27 14:09 - 2016-03-29 03:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-27 14:09 - 2016-03-29 03:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-27 14:09 - 2016-03-29 03:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-27 14:09 - 2016-03-29 03:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-27 14:09 - 2016-03-29 03:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-27 14:09 - 2016-03-29 03:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-27 14:09 - 2016-03-29 03:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-27 14:09 - 2016-03-29 02:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-27 14:09 - 2016-03-29 02:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-27 14:09 - 2016-03-29 02:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-27 14:09 - 2016-03-29 02:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-27 14:09 - 2016-03-29 02:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-27 14:09 - 2016-03-29 02:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-27 14:09 - 2016-03-29 02:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-27 14:09 - 2016-03-29 02:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-27 14:09 - 2016-03-29 02:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-27 14:09 - 2016-03-29 02:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-27 14:09 - 2016-03-29 02:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-27 14:09 - 2016-03-29 02:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-27 14:09 - 2016-03-29 02:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-27 14:09 - 2016-03-29 02:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-27 14:09 - 2016-03-29 02:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-27 14:08 - 2016-04-02 01:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-27 14:08 - 2016-04-02 01:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-27 14:08 - 2016-04-02 00:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-27 14:08 - 2016-04-02 00:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-27 14:08 - 2016-04-02 00:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-27 14:08 - 2016-04-02 00:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-27 14:08 - 2016-04-02 00:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-27 14:08 - 2016-04-02 00:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-27 14:08 - 2016-04-02 00:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-27 14:08 - 2016-04-02 00:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-27 14:08 - 2016-04-02 00:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-27 14:08 - 2016-03-29 07:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-27 14:08 - 2016-03-29 07:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-27 14:08 - 2016-03-29 07:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-27 14:08 - 2016-03-29 07:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-27 14:08 - 2016-03-29 07:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-27 14:08 - 2016-03-29 07:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-27 14:08 - 2016-03-29 06:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-27 14:08 - 2016-03-29 06:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-27 14:08 - 2016-03-29 06:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-27 14:08 - 2016-03-29 06:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-27 14:08 - 2016-03-29 06:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-27 14:08 - 2016-03-29 06:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-27 14:08 - 2016-03-29 06:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-27 14:08 - 2016-03-29 06:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-27 14:08 - 2016-03-29 06:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-27 14:08 - 2016-03-29 06:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-27 14:08 - 2016-03-29 06:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-27 14:08 - 2016-03-29 06:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-27 14:08 - 2016-03-29 05:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-27 14:08 - 2016-03-29 05:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-27 14:08 - 2016-03-29 05:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-27 14:08 - 2016-03-29 05:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-27 14:08 - 2016-03-29 05:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-27 14:08 - 2016-03-29 05:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-27 14:08 - 2016-03-29 05:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-27 14:08 - 2016-03-29 05:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-27 14:08 - 2016-03-29 05:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-27 14:08 - 2016-03-29 05:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-27 14:08 - 2016-03-29 05:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-27 14:08 - 2016-03-29 05:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-27 14:08 - 2016-03-29 05:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-27 14:08 - 2016-03-29 05:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-27 14:08 - 2016-03-29 05:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-27 14:08 - 2016-03-29 05:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-27 14:08 - 2016-03-29 05:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-27 14:08 - 2016-03-29 05:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-27 14:08 - 2016-03-29 05:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-27 14:08 - 2016-03-29 05:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-27 14:08 - 2016-03-29 05:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-27 14:08 - 2016-03-29 04:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-27 14:08 - 2016-03-29 04:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-27 14:08 - 2016-03-29 04:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-27 14:08 - 2016-03-29 04:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-27 14:08 - 2016-03-29 04:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-27 14:08 - 2016-03-29 04:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-27 14:08 - 2016-03-29 04:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-27 14:08 - 2016-03-29 04:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-27 14:08 - 2016-03-29 04:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-27 14:08 - 2016-03-29 04:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-27 14:08 - 2016-03-29 04:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-27 14:08 - 2016-03-29 04:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-27 14:08 - 2016-03-29 04:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-27 14:08 - 2016-03-29 04:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-27 14:08 - 2016-03-29 04:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-27 14:08 - 2016-03-29 04:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-27 14:08 - 2016-03-29 04:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-27 14:08 - 2016-03-29 04:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-27 14:08 - 2016-03-29 04:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-27 14:08 - 2016-03-29 04:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-27 14:08 - 2016-03-29 04:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-27 14:08 - 2016-03-29 04:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-27 14:08 - 2016-03-29 04:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-27 14:08 - 2016-03-29 04:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-27 14:08 - 2016-03-29 04:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-27 14:08 - 2016-03-29 04:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-27 14:08 - 2016-03-29 04:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-27 14:08 - 2016-03-29 04:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-27 14:08 - 2016-03-29 04:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-27 14:08 - 2016-03-29 04:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-27 14:08 - 2016-03-29 04:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-27 14:08 - 2016-03-29 04:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-27 14:08 - 2016-03-29 04:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-27 14:08 - 2016-03-29 04:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-27 14:08 - 2016-03-29 04:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-27 14:08 - 2016-03-29 04:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-27 14:08 - 2016-03-29 04:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-27 14:08 - 2016-03-29 04:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-27 14:08 - 2016-03-29 04:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-27 14:08 - 2016-03-29 04:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-27 14:08 - 2016-03-29 04:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-27 14:08 - 2016-03-29 04:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-27 14:08 - 2016-03-29 04:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-27 14:08 - 2016-03-29 04:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-27 14:08 - 2016-03-29 04:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-27 14:08 - 2016-03-29 04:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-27 14:08 - 2016-03-29 04:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-27 14:08 - 2016-03-29 04:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-27 14:08 - 2016-03-29 04:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-27 14:08 - 2016-03-29 04:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-27 14:08 - 2016-03-29 04:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-27 14:08 - 2016-03-29 04:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-27 14:08 - 2016-03-29 04:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-27 14:08 - 2016-03-29 04:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-27 14:08 - 2016-03-29 04:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-27 14:08 - 2016-03-29 04:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-27 14:08 - 2016-03-29 04:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-27 14:08 - 2016-03-29 04:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-27 14:08 - 2016-03-29 04:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-27 14:08 - 2016-03-29 04:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-27 14:08 - 2016-03-29 04:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-27 14:08 - 2016-03-29 04:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-27 14:08 - 2016-03-29 04:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-27 14:08 - 2016-03-29 04:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-27 14:08 - 2016-03-29 04:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-27 14:08 - 2016-03-29 04:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-27 14:08 - 2016-03-29 04:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-27 14:08 - 2016-03-29 04:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-27 14:08 - 2016-03-29 04:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-27 14:08 - 2016-03-29 04:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-27 14:08 - 2016-03-29 04:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-27 14:08 - 2016-03-29 04:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-27 14:08 - 2016-03-29 04:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-27 14:08 - 2016-03-29 03:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-27 14:08 - 2016-03-29 03:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-27 14:08 - 2016-03-29 03:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-27 14:08 - 2016-03-29 03:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-27 14:08 - 2016-03-29 03:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-27 14:08 - 2016-03-29 03:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-27 14:08 - 2016-03-29 03:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-27 14:08 - 2016-03-29 03:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-27 14:08 - 2016-03-29 03:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-27 14:08 - 2016-03-29 03:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-27 14:08 - 2016-03-29 03:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-27 14:08 - 2016-03-29 03:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-27 14:08 - 2016-03-29 03:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-27 14:08 - 2016-03-29 03:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-27 14:08 - 2016-03-29 03:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-27 14:08 - 2016-03-29 03:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-27 14:08 - 2016-03-29 03:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-27 14:08 - 2016-03-29 03:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-27 14:08 - 2016-03-29 03:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-27 14:08 - 2016-03-29 03:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-27 14:08 - 2016-03-29 03:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-27 14:08 - 2016-03-29 03:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-27 14:08 - 2016-03-29 03:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-27 14:08 - 2016-03-29 03:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-27 14:08 - 2016-03-29 03:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-27 14:08 - 2016-03-29 03:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-27 14:08 - 2016-03-29 03:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-27 14:08 - 2016-03-29 03:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-27 14:08 - 2016-03-29 03:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-27 14:08 - 2016-03-29 03:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-27 14:08 - 2016-03-29 03:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-27 14:08 - 2016-03-29 03:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-27 14:08 - 2016-03-29 03:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-27 14:08 - 2016-03-29 03:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-27 14:08 - 2016-03-29 03:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-27 14:08 - 2016-03-29 03:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-27 14:08 - 2016-03-29 03:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-27 14:08 - 2016-03-29 03:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-27 14:08 - 2016-03-29 03:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-27 14:08 - 2016-03-29 03:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-27 14:08 - 2016-03-29 03:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-27 14:08 - 2016-03-29 03:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-27 14:08 - 2016-03-29 02:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-27 14:08 - 2016-03-29 02:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-27 14:08 - 2016-03-29 02:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-27 14:08 - 2016-03-29 02:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-27 14:08 - 2016-03-29 02:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-27 14:08 - 2016-03-29 02:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-27 14:08 - 2016-03-29 02:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-27 14:08 - 2016-03-29 02:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-27 14:07 - 2016-03-29 03:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-24 20:20 - 2016-04-24 20:20 - 00019856 _____ C:\WINDOWS\EProtect_amd64.sys

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-05-01 10:45 - 2016-03-20 21:57 - 00002343 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-01 10:45 - 2016-03-20 21:57 - 00002331 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-01 10:40 - 2015-09-17 17:34 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-05-01 10:38 - 2015-03-07 13:23 - 00004178 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F5BE1CCE-1B62-4B22-9F01-2D5C791813D1}
2016-05-01 10:36 - 2016-03-20 21:56 - 00001082 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-01 10:36 - 2015-02-14 15:17 - 00000000 __RDO C:\Users\Gateway\OneDrive
2016-05-01 10:35 - 2015-06-04 22:24 - 00000362 _____ C:\WINDOWS\Tasks\HSNSMWXB1.job
2016-05-01 10:35 - 2015-06-04 22:23 - 00000688 _____ C:\WINDOWS\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job
2016-05-01 10:35 - 2015-02-14 15:14 - 00000000 __SHD C:\Users\Gateway\IntelGraphicsProfiles
2016-04-30 21:14 - 2015-06-04 20:25 - 00000000 ____D C:\Users\Gateway\AppData\Local\CrashDumps
2016-04-30 21:01 - 2016-03-20 21:56 - 00001086 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-30 20:37 - 2016-03-15 18:22 - 00000000 ____D C:\Users\Gateway
2016-04-30 20:37 - 2016-03-15 18:22 - 00000000 ____D C:\Users\andre_000
2016-04-30 20:36 - 2015-02-10 21:20 - 00000000 __RDO C:\Users\andre_000\OneDrive
2016-04-30 20:12 - 2015-02-14 10:50 - 00000000 ____D C:\Users\andre_000\AppData\Local\CrashDumps
2016-04-30 19:24 - 2014-12-24 14:19 - 00000000 ____D C:\Users\andre_000\AppData\Roaming\Adobe
2016-04-30 19:11 - 2015-04-08 18:40 - 00000000 ____D C:\Users\andre_000\AppData\Local\Adobe
2016-04-30 18:56 - 2015-12-28 02:12 - 00000000 ___HD C:\Users\andre_000\AppData\Local\Jwr0hnSvHj
2016-04-30 18:56 - 2014-07-22 11:50 - 00000000 ___HD C:\Users\andre_000\AppData\Local\sUb9bHrwKOF6KkF
2016-04-30 16:53 - 2015-09-16 20:22 - 00000000 ____D C:\Users\Gateway\AppData\Local\Adobe
2016-04-30 16:28 - 2015-07-13 16:04 - 00000000 ___HD C:\Users\Gateway\AppData\Local\sUb9bHrwKOF6KkF
2016-04-30 16:28 - 2014-10-04 06:43 - 00000000 ___HD C:\Users\Gateway\AppData\Local\Jwr0hnSvHj
2016-04-30 16:27 - 2014-12-25 21:07 - 00000000 ____D C:\Users\Gateway\AppData\Roaming\Adobe
2016-04-30 16:21 - 2015-09-16 20:43 - 00000000 ____D C:\Users\Todos os Usuários\regid.1986-12.com.adobe
2016-04-30 16:21 - 2015-09-16 20:43 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-04-30 16:13 - 2015-10-30 04:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-30 16:10 - 2015-09-16 20:23 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-04-30 16:10 - 2015-09-16 20:23 - 00000000 ____D C:\ProgramData\Adobe
2016-04-30 14:44 - 2015-02-18 11:22 - 00004182 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E9637275-0C20-44F4-8F35-93EE7A30216B}
2016-04-30 14:40 - 2015-10-13 20:44 - 00000437 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2016-04-30 14:40 - 2015-02-10 21:16 - 00000000 __SHD C:\Users\andre_000\IntelGraphicsProfiles
2016-04-29 20:19 - 2015-10-30 04:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-29 20:07 - 2015-08-08 23:07 - 00002424 _____ C:\Users\Gateway\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-29 20:00 - 2015-08-05 20:06 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security
2016-04-29 19:58 - 2015-10-30 16:12 - 00794514 _____ C:\WINDOWS\system32\prfh0416.dat
2016-04-29 19:58 - 2015-10-30 16:12 - 00158950 _____ C:\WINDOWS\system32\prfc0416.dat
2016-04-29 19:58 - 2015-08-04 14:46 - 01845856 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-29 19:55 - 2014-12-25 20:32 - 00000000 ____D C:\Users\Todos os Usuários\boost_interprocess
2016-04-29 19:55 - 2014-12-25 20:32 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-04-29 19:51 - 2014-12-25 20:32 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-04-29 19:50 - 2016-03-15 18:51 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-29 19:50 - 2015-10-30 03:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-04-29 19:47 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-29 19:40 - 2013-02-20 15:43 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-04-29 19:39 - 2015-10-30 03:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-04-29 19:35 - 2016-03-15 18:13 - 05006744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-29 19:35 - 2014-12-25 20:32 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-04-29 19:35 - 2014-12-25 20:32 - 00000000 ____D C:\ProgramData\GbPlugin
2016-04-29 19:33 - 2016-03-16 16:32 - 00000000 ____D C:\Users\Todos os Usuários\System32
2016-04-29 19:33 - 2016-03-16 16:32 - 00000000 ____D C:\ProgramData\System32
2016-04-29 19:33 - 2016-03-15 20:25 - 00000000 ____D C:\Users\Gateway\AppData\Roaming\XBox
2016-04-27 19:14 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-27 19:14 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-27 19:13 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-27 19:13 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-27 18:50 - 2014-12-26 17:08 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-27 14:18 - 2014-12-26 17:08 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-27 14:17 - 2014-12-26 20:29 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-04-24 20:18 - 2016-03-29 22:41 - 00000000 ____D C:\WINDOWS\19
2016-04-24 20:18 - 2016-03-27 17:37 - 00000000 ____D C:\Users\Todos os Usuários\Windows Security
2016-04-24 20:18 - 2016-03-27 17:37 - 00000000 ____D C:\ProgramData\Windows Security
2016-04-24 20:18 - 2015-08-04 16:07 - 00002430 _____ C:\Users\andre_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-22 04:57 - 2015-03-31 23:52 - 00453288 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-13 16:22 - 2015-10-30 04:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-13 16:22 - 2014-09-30 22:21 - 00000000 ____D C:\Users\Gateway\AppData\Local\Packages
2016-04-06 15:32 - 2015-10-30 04:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-06 15:32 - 2015-10-30 04:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-03 20:34 - 2014-10-01 00:02 - 00000000 ____D C:\Users\andre_000\AppData\Local\Packages

==================== Arquivos na raiz de alguns diretórios =======

2015-02-14 15:42 - 2015-02-14 15:42 - 0016787 _____ () C:\Users\Gateway\AppData\Roaming\unins000.dat
2015-02-14 15:42 - 2015-02-14 15:42 - 0811218 _____ () C:\Users\Gateway\AppData\Roaming\unins000.exe
2015-05-31 12:25 - 2015-05-31 12:25 - 0613255 _____ (CMI Limited) C:\Users\Gateway\AppData\Local\nsc13F0.tmp
2015-11-02 13:57 - 2015-11-02 13:58 - 0007603 _____ () C:\Users\Gateway\AppData\Local\resmon.resmoncfg
2014-12-26 20:04 - 2014-12-26 20:04 - 0000000 _____ () C:\Users\Gateway\AppData\Local\{20A29863-0AC2-40AD-8DE1-4AE4131639B2}
2015-08-04 14:23 - 2015-08-04 14:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Arquivos para serem movidos ou deletados:
====================
C:\Users\Gateway\AppData\Local\Temp\00023320\casrss.exe
C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job


Alguns arquivos em TEMP:
====================
C:\Users\Gateway\AppData\Local\Temp\AdobePIM.dll
C:\Users\Gateway\AppData\Local\Temp\BingSvc.exe
C:\Users\Gateway\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\Gateway\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\Gateway\AppData\Local\Temp\Creative Cloud Uninstaller.exe
C:\Users\Gateway\AppData\Local\Temp\Setup_35626.exe


Alguns com tamanho de zero byte arquivos/pastas:
==========================
C:\Windows\System32\Drivers\gbpddfac64.sys

==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-04-24 21:48

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité