Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:19-05-2016
Executado por Admin (administrador) em DESKTOP-9AID8SH (19-05-2016 23:32:48)
Executando a partir de d:\Users\Admin\Documents\EGDownloads
Perfis Carregados: Admin (Perfis Disponíveis: Admin)
Platform: Windows 10 Pro Versão 1511 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
() C:\Program Files (x86)\EagleGet\EGMonitor.exe
() C:\Windows\KMS-R@1n.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\EagleGet\EGMonitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(EagleGet.com) C:\Program Files (x86)\EagleGet\EagleGet.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_73\bin\javaw.exe
() D:\Users\Admin\Documents\EGDownloads\Crashday_Game.exe
(Draughts) C:\Users\Admin\AppData\Roaming\Checkers\Draughts\Draughts.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\ProgramData\WindowsMsg\osmsg.exe
(VLOME) C:\Users\Admin\AppData\Local\Temp\00027809\casrss.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
() C:\Users\Admin\AppData\Local\Temp\28564\Setup.exe
() C:\Users\Admin\AppData\Local\Temp\pps-qq-19.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-12-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-12-20] (Realtek Semiconductor)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [858424 2015-06-19] (GAS Tecnologia LTDA)
HKLM\...\Run: [SynTPEnh] => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [MTview] => C:\Program Files (x86)\MTV20160128\MTView.exe -mini
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595504 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-05-06] (LogMeIn Inc.)
HKLM-x32\...\RunOnce: [GrpConv] => grpconv -o
Winlogon\Notify\ GbPluginBnt: C:\Program Files (x86)\GbPlugin\gbiehBnt.dll [2014-09-04] (Banco do Estado do Espirito Santo - BANESTES)
HKU\S-1-5-21-999747866-102080690-3096279064-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50676864 2016-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-999747866-102080690-3096279064-1001\...\Run: [EagleGet] => C:\Program Files (x86)\EagleGet\Eagleget.exe [1908736 2016-04-21] (EagleGet.com)
HKU\S-1-5-21-999747866-102080690-3096279064-1001\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [2055168 2016-04-16] ()
HKU\S-1-5-21-999747866-102080690-3096279064-1001\...\Run: [Pritc] => C:\Users\Admin\AppData\Local\Temp\00027809\casrss.exe [2958848 2016-05-19] (VLOME) <===== ATENÇÃO
HKU\S-1-5-21-999747866-102080690-3096279064-1001\...\MountPoints2: {4ef41348-cb94-11e5-9bc5-8056f2cc2cb0} - "F:\LGAutoRun.exe"
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399017} - C:\Program Files (x86)\GbPlugin\gbiehbnt.dll [1722880 2014-09-04] (Banco do Estado do Espirito Santo - BANESTES)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Nenhum Arquivo
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
ProxyServer: [S-1-5-21-999747866-102080690-3096279064-1001] => 177.130.59.66:3128
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 8.8.8.8
Tcpip\..\Interfaces\{05712d2f-ae4e-4177-87a8-6069087ced17}: [DhcpNameServer] 192.168.2.1 8.8.8.8
Tcpip\..\Interfaces\{26b11a49-585f-4b43-a90c-9af3c3d7b25b}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{2d8d1a06-a304-4634-875a-856c49226449}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{986367ed-22df-4b7e-a6ea-5fdabac3a97c}: [DhcpNameServer] 192.168.2.1 8.8.8.8
Tcpip\..\Interfaces\{c0e4c1e6-77ea-4535-ab5b-dd547a30d252}: [NameServer] 104.197.191.4
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkc_inner_hp_09_hao123_br&guid=cfcdee989a9349bd8b45d891be3023cc
HKU\S-1-5-21-999747866-102080690-3096279064-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={1D604466-D943-49D3-AE4F-CC029B761F8B}&mid=4c1870ffd5ef47ccb87d511fb428c543-ccccb671028b7fed32b57255ea03a0333aa382f1&lang=en&ds=AVG&coid=avgtbavg&cmpid=0216pi&pr=fr&d=2016-03-07 14:55:53&v=4.2.8.608&pid=wtu&sg=&sap=hp
SearchScopes: HKU\S-1-5-21-999747866-102080690-3096279064-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-999747866-102080690-3096279064-1001 -> {32EED27D-E6BD-48B2-9894-C048846D8912} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-999747866-102080690-3096279064-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={1D604466-D943-49D3-AE4F-CC029B761F8B}&mid=4c1870ffd5ef47ccb87d511fb428c543-ccccb671028b7fed32b57255ea03a0333aa382f1&lang=en&ds=AVG&coid=avgtbavg&cmpid=0216pi&pr=fr&d=2016-03-07 14:55:53&v=4.2.8.608&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Sem Nome -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Nenhum Arquivo
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.7.0\bin\jp2ssv.dll => Nenhum Arquivo
BHO-x32: EGet Class -> {1E871FF8-029C-4732-8AA7-39E3D3872057} -> C:\Program Files (x86)\EagleGet\eagleSniffer.dll [2016-04-21] (EagleGet.com)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-04-20] (Oracle Corporation)
BHO-x32: Sem Nome -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Nenhum Arquivo
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)
BHO-x32: Sem Nome -> {b608cc98-54de-4775-96c9-097de398500c} -> Nenhum Arquivo
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540017} -> C:\Program Files (x86)\GbPlugin\gbiehbnt.dll [2014-09-04] (Banco do Estado do Espirito Santo - BANESTES)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-04-20] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Profiles\pprsp1n1.default
FF NewTab: hxxp://d2ucfwpxlh3zh3.cloudfront.net/?ts=AHEqAnQlA3EoAU..&v=20160518&uid=A78156A04C67004A526910186C5BBF9B&ptid=icb&mode=loadm
FF DefaultSearchEngine: hohosearch
FF SelectedSearchEngine: hohosearch
FF Homepage: hxxp://d2ucfwpxlh3zh3.cloudfront.net/?ts=AHEqAnQlA3EoAU..&v=20160518&uid=A78156A04C67004A526910186C5BBF9B&ptid=icb&mode=loadm
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-12] ()
FF Plugin: @java.com/DTPlugin -> C:\Program Files\Java\jre1.7.0\bin\npDeployJava1.dll [Nenhum Arquivo]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.8\\npsitesafety.dll [Nenhum Arquivo]
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-04-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-04-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-999747866-102080690-3096279064-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-03-10] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-999747866-102080690-3096279064-1001: eagleget.com/EagleGet32 -> C:\Program Files (x86)\EagleGet\npEagleget.dll [2016-04-21] (EagleGet)
FF Plugin HKU\S-1-5-21-999747866-102080690-3096279064-1001: eagleget.com/EagleGet64 -> C:\Program Files (x86)\EagleGet\npEagleget64.dll [2016-04-21] (EagleGet)
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Profiles\pprsp1n1.default\searchplugins\c9gnvbu2.xml [2016-05-19]
FF Extension: Quick Searcher - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ebot1liw.default\Extensions\{d720d64d-c71a-4316-b59e-8a41b860178f} [2016-05-19] [não assinado]
FF Extension: GsearchFinder - C:\Users\Admin\AppData\Roaming\Profiles\pprsp1n1.default\Extensions\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi [2016-05-19]
FF Extension: Quick Searcher - C:\Users\Admin\AppData\Roaming\Profiles\pprsp1n1.default\Extensions\{d720d64d-c71a-4316-b59e-8a41b860178f} [2016-05-19] [não assinado]
Chrome:
=======
CHR HomePage: ChromeDefaultData -> hxxps://www.google.com.br/
CHR StartupUrls: ChromeDefaultData -> "hxxp://d2ucfwpxlh3zh3.cloudfront.net/?ts=AHEqAnQlA3EoAU..&v=20160518&uid=A78156A04C67004A526910186C5BBF9B&ptid=icb&mode=loadm"
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://d2ucfwpxlh3zh3.cloudfront.net/chrome.php?q={searchTerms}&ts=AHEqAnQlA3EoAU..&v=20160518&uid=A78156A04C67004A526910186C5BBF9B&ptid=icb&mode=loadm
CHR DefaultSearchKeyword: ChromeDefaultData -> hohosearch
CHR HKU\S-1-5-21-999747866-102080690-3096279064-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-999747866-102080690-3096279064-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2016-05-09]
CHR HKLM-x32\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2016-05-09]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-04-29] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-04-29] (Microsoft Corporation)
R2 egGetSvc; C:\Program Files (x86)\EagleGet\EGMonitor.exe [238592 2016-04-21] () [Arquivo não assinado]
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [546104 2014-07-22] (GAS Tecnologia)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-12-22] (Intel Corporation)
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2015-12-20] () [Arquivo não assinado]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [419248 2016-05-06] (LogMeIn, Inc.)
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [350688 2016-05-19] (DotC United Inc)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3758336 2015-11-29] (INCA Internet Co., Ltd.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-12-20] (Realtek Semiconductor)
S2 shefaleCloudservice; C:\Program Files (x86)\Shefale\shefaleCloudservice.exe [985752 2016-05-19] ()
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [858424 2015-06-19] (GAS Tecnologia LTDA)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4318760 2016-02-04] (Qualcomm Atheros Communications, Inc.)
R1 bsdriver; C:\Windows\system32\drivers\bsdriver.sys [34720 2016-03-06] ()
R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [56728 2016-03-06] (Windows (R) Win 7 DDK provider)
R3 eagleGet; C:\Windows\System32\Drivers\eagleGet.sys [86840 2016-04-10] (eagleGet) [Arquivo não assinado]
R3 Hamachi; C:\Windows\System32\drivers\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-12-20] (Intel Corporation)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-05-19] (DotC United Inc)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2016-01-30] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-04-01] (Basil)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36904 2016-05-19] (Wellbia.com Co., Ltd.)
R3 xspirit; C:\WINDOWS\xspirit.sys [19176 2016-05-17] ()
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-05-19 23:34 - 2016-05-19 23:34 - 00000000 ____D C:\Users\Admin\AppData\Local\Setup Wizard
2016-05-19 23:32 - 2016-05-19 23:32 - 00000000 ____D C:\FRST
2016-05-19 23:21 - 2016-05-19 23:21 - 00060136 _____ (DotC United Inc) C:\WINDOWS\system32\Drivers\MPCKpt.sys
2016-05-19 23:21 - 2016-05-19 23:21 - 00003656 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-05-19 23:21 - 2016-05-19 23:21 - 00003122 _____ C:\WINDOWS\System32\Tasks\ttwifi
2016-05-19 23:21 - 2016-05-19 23:21 - 00003052 _____ C:\WINDOWS\System32\Tasks\Pritc
2016-05-19 23:21 - 2016-05-19 23:21 - 00003016 _____ C:\WINDOWS\System32\Tasks\osTip
2016-05-19 23:21 - 2016-05-19 23:21 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-05-19 23:21 - 2016-05-19 23:21 - 00000000 ____D C:\Users\Todos os Usuários\VideoFetcher
2016-05-19 23:21 - 2016-05-19 23:21 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-05-19 23:21 - 2016-05-19 23:21 - 00000000 ____D C:\ProgramData\VideoFetcher
2016-05-19 23:21 - 2016-05-19 23:21 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-05-19 23:16 - 2016-05-19 23:23 - 00000728 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-05-19 23:16 - 2016-05-19 23:23 - 00000728 __RSH C:\ProgramData\ntuser.pol
2016-05-19 23:16 - 2016-05-19 23:16 - 00008940 _____ C:\WINDOWS\System32\Tasks\Shefale Cloud
2016-05-19 23:15 - 2016-05-19 23:23 - 00000000 ____D C:\Program Files (x86)\Razoghchak
2016-05-19 23:15 - 2016-05-19 23:16 - 00000000 ____D C:\Program Files (x86)\Shefale
2016-05-19 23:15 - 2016-05-19 23:16 - 00000000 ____D C:\Program Files (x86)\Ghtegeghums
2016-05-19 23:15 - 2016-05-19 23:16 - 00000000 ____D C:\Program Files (x86)\GetGo Software
2016-05-19 23:15 - 2016-05-19 23:15 - 00000000 ____D C:\Users\Admin\AppData\Roaming\GetGo Software
2016-05-19 23:15 - 2016-05-19 23:15 - 00000000 ____D C:\Users\Admin\AppData\Local\GetGo
2016-05-19 23:15 - 2016-05-19 23:15 - 00000000 ____D C:\Users\Admin\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-05-19 23:14 - 2016-05-19 23:23 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Checkers
2016-05-19 20:46 - 2016-05-09 19:11 - 01070904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFDEF.tmp
2016-05-19 20:46 - 2016-05-09 19:11 - 00465792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFF5B.tmp
2016-05-19 20:46 - 2016-05-09 19:11 - 00287528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFF7C.tmp
2016-05-19 20:46 - 2016-05-09 19:11 - 00166432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw48.tmp
2016-05-19 20:46 - 2016-05-09 19:11 - 00107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFF2A.tmp
2016-05-19 20:46 - 2016-05-09 19:11 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFE6D.tmp
2016-05-19 20:46 - 2016-05-09 19:11 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFF3B.tmp
2016-05-19 20:46 - 2016-05-09 19:11 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFF0A.tmp
2016-05-19 20:46 - 2016-05-09 19:11 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFD81.tmp
2016-05-14 13:02 - 2016-05-17 21:48 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Kodi
2016-05-14 13:00 - 2016-05-14 13:00 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-05-14 13:00 - 2016-05-14 13:00 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-14 12:58 - 2016-05-14 12:58 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2016-05-14 12:57 - 2016-05-14 12:58 - 00000000 ____D C:\Program Files (x86)\Kodi
2016-05-13 23:10 - 2016-05-13 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-05-13 23:10 - 2016-05-13 23:10 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-05-12 21:04 - 2016-05-12 21:04 - 00000000 ____D C:\Users\Admin\AppData\Roaming\MAXON
2016-05-12 17:32 - 2016-05-12 17:32 - 05995712 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-05-11 14:26 - 2016-04-23 02:09 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-05-11 14:26 - 2016-04-23 01:30 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-05-11 14:26 - 2016-04-23 01:28 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-11 14:26 - 2016-04-23 01:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-05-11 14:26 - 2016-04-23 01:18 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-11 14:25 - 2016-05-06 01:53 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-05-11 14:25 - 2016-04-30 03:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-05-11 14:25 - 2016-04-30 03:31 - 03591168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-05-11 14:25 - 2016-04-23 03:12 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-05-11 14:25 - 2016-04-23 03:12 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-05-11 14:25 - 2016-04-23 03:12 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-11 14:25 - 2016-04-23 03:12 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-05-11 14:25 - 2016-04-23 03:12 - 00294592 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-05-11 14:25 - 2016-04-23 03:12 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-05-11 14:25 - 2016-04-23 03:12 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-11 14:25 - 2016-04-23 02:28 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-05-11 14:25 - 2016-04-23 02:28 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-05-11 14:25 - 2016-04-23 02:24 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-11 14:25 - 2016-04-23 02:24 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-11 14:25 - 2016-04-23 02:24 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-11 14:25 - 2016-04-23 02:24 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-05-11 14:25 - 2016-04-23 02:22 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-11 14:25 - 2016-04-23 02:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-05-11 14:25 - 2016-04-23 02:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-05-11 14:25 - 2016-04-23 02:12 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-05-11 14:25 - 2016-04-23 02:11 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-11 14:25 - 2016-04-23 02:11 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-11 14:25 - 2016-04-23 02:10 - 03673424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-11 14:25 - 2016-04-23 02:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-05-11 14:25 - 2016-04-23 02:10 - 00330072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-05-11 14:25 - 2016-04-23 02:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-05-11 14:25 - 2016-04-23 02:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-05-11 14:25 - 2016-04-23 02:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-05-11 14:25 - 2016-04-23 02:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-05-11 14:25 - 2016-04-23 02:09 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-05-11 14:25 - 2016-04-23 02:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-05-11 14:25 - 2016-04-23 02:08 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-05-11 14:25 - 2016-04-23 02:08 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-05-11 14:25 - 2016-04-23 02:08 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-11 14:25 - 2016-04-23 02:07 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-11 14:25 - 2016-04-23 02:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-05-11 14:25 - 2016-04-23 02:01 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-11 14:25 - 2016-04-23 02:01 - 00650304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-05-11 14:25 - 2016-04-23 02:01 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-11 14:25 - 2016-04-23 02:01 - 00577368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-05-11 14:25 - 2016-04-23 02:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-05-11 14:25 - 2016-04-23 02:01 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-11 14:25 - 2016-04-23 02:00 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-11 14:25 - 2016-04-23 02:00 - 01594920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-11 14:25 - 2016-04-23 02:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-05-11 14:25 - 2016-04-23 02:00 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-11 14:25 - 2016-04-23 02:00 - 01372304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-05-11 14:25 - 2016-04-23 01:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-05-11 14:25 - 2016-04-23 01:24 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-11 14:25 - 2016-04-23 01:23 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-05-11 14:25 - 2016-04-23 01:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-05-11 14:25 - 2016-04-23 01:22 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-05-11 14:25 - 2016-04-23 01:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-05-11 14:25 - 2016-04-23 01:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-05-11 14:25 - 2016-04-23 01:20 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-05-11 14:25 - 2016-04-23 01:20 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-11 14:25 - 2016-04-23 01:20 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-05-11 14:25 - 2016-04-23 01:19 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-05-11 14:25 - 2016-04-23 01:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-11 14:25 - 2016-04-23 01:19 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-05-11 14:25 - 2016-04-23 01:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-11 14:25 - 2016-04-23 01:18 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-05-11 14:25 - 2016-04-23 01:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-05-11 14:25 - 2016-04-23 01:18 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-05-11 14:25 - 2016-04-23 01:18 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-05-11 14:25 - 2016-04-23 01:18 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-05-11 14:25 - 2016-04-23 01:18 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-11 14:25 - 2016-04-23 01:18 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-05-11 14:25 - 2016-04-23 01:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-05-11 14:25 - 2016-04-23 01:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-05-11 14:25 - 2016-04-23 01:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-05-11 14:25 - 2016-04-23 01:16 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-11 14:25 - 2016-04-23 01:15 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-11 14:25 - 2016-04-23 01:15 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-11 14:25 - 2016-04-23 01:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-05-11 14:25 - 2016-04-23 01:14 - 13383168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-11 14:25 - 2016-04-23 01:14 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-05-11 14:25 - 2016-04-23 01:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-05-11 14:25 - 2016-04-23 01:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-05-11 14:25 - 2016-04-23 01:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-05-11 14:25 - 2016-04-23 01:13 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-05-11 14:25 - 2016-04-23 01:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-05-11 14:25 - 2016-04-23 01:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-05-11 14:25 - 2016-04-23 01:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-05-11 14:25 - 2016-04-23 01:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-05-11 14:25 - 2016-04-23 01:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-05-11 14:25 - 2016-04-23 01:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-05-11 14:25 - 2016-04-23 01:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-05-11 14:25 - 2016-04-23 01:09 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-11 14:25 - 2016-04-23 01:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-05-11 14:25 - 2016-04-23 01:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-05-11 14:25 - 2016-04-23 01:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-05-11 14:25 - 2016-04-23 01:07 - 02598912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-11 14:25 - 2016-04-23 01:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-05-11 14:25 - 2016-04-23 01:06 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-11 14:25 - 2016-04-23 01:05 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-11 14:25 - 2016-04-23 01:05 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-11 14:25 - 2016-04-23 01:05 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-11 14:25 - 2016-04-23 01:05 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-11 14:25 - 2016-04-23 01:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-11 14:25 - 2016-04-23 01:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-05-11 14:25 - 2016-04-23 01:04 - 01731072 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-11 14:25 - 2016-04-23 01:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-05-11 14:25 - 2016-04-23 01:03 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-11 14:25 - 2016-04-23 01:03 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-05-11 14:25 - 2016-04-23 01:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-05-11 14:25 - 2016-04-23 01:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-05-11 14:25 - 2016-04-23 01:02 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-05-11 14:25 - 2016-04-23 01:02 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-11 14:25 - 2016-04-23 01:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-11 14:25 - 2016-04-23 01:00 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-11 14:25 - 2016-04-22 23:10 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-11 14:24 - 2016-05-06 01:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-05-11 14:24 - 2016-05-06 01:03 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-11 14:24 - 2016-05-06 00:53 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-05-11 14:24 - 2016-05-06 00:49 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-11 14:24 - 2016-05-06 00:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-05-11 14:24 - 2016-05-06 00:43 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-05-11 14:24 - 2016-05-06 00:23 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-11 14:24 - 2016-04-23 03:12 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-05-11 14:24 - 2016-04-23 02:26 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-05-11 14:24 - 2016-04-23 02:24 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-05-11 14:24 - 2016-04-23 02:24 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-05-11 14:24 - 2016-04-23 02:24 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-11 14:24 - 2016-04-23 02:18 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-05-11 14:24 - 2016-04-23 02:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-05-11 14:24 - 2016-04-23 02:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-05-11 14:24 - 2016-04-23 02:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-05-11 14:24 - 2016-04-23 02:11 - 00696672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-11 14:24 - 2016-04-23 02:11 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-05-11 14:24 - 2016-04-23 02:11 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-05-11 14:24 - 2016-04-23 02:11 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-05-11 14:24 - 2016-04-23 02:09 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-11 14:24 - 2016-04-23 02:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-05-11 14:24 - 2016-04-23 02:07 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-11 14:24 - 2016-04-23 02:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-05-11 14:24 - 2016-04-23 02:06 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-11 14:24 - 2016-04-23 02:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-05-11 14:24 - 2016-04-23 02:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-05-11 14:24 - 2016-04-23 02:01 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-05-11 14:24 - 2016-04-23 02:00 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-05-11 14:24 - 2016-04-23 02:00 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-05-11 14:24 - 2016-04-23 02:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-05-11 14:24 - 2016-04-23 02:00 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-05-11 14:24 - 2016-04-23 01:56 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-11 14:24 - 2016-04-23 01:39 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-05-11 14:24 - 2016-04-23 01:35 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-05-11 14:24 - 2016-04-23 01:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-05-11 14:24 - 2016-04-23 01:34 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-05-11 14:24 - 2016-04-23 01:34 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-11 14:24 - 2016-04-23 01:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-11 14:24 - 2016-04-23 01:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-05-11 14:24 - 2016-04-23 01:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-05-11 14:24 - 2016-04-23 01:33 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-11 14:24 - 2016-04-23 01:32 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-05-11 14:24 - 2016-04-23 01:32 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-11 14:24 - 2016-04-23 01:32 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-11 14:24 - 2016-04-23 01:31 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-05-11 14:24 - 2016-04-23 01:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-11 14:24 - 2016-04-23 01:30 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-05-11 14:24 - 2016-04-23 01:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-05-11 14:24 - 2016-04-23 01:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-05-11 14:24 - 2016-04-23 01:29 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-11 14:24 - 2016-04-23 01:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-05-11 14:24 - 2016-04-23 01:29 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-11 14:24 - 2016-04-23 01:29 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-05-11 14:24 - 2016-04-23 01:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2016-05-11 14:24 - 2016-04-23 01:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-05-11 14:24 - 2016-04-23 01:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-05-11 14:24 - 2016-04-23 01:28 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-11 14:24 - 2016-04-23 01:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-11 14:24 - 2016-04-23 01:28 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-05-11 14:24 - 2016-04-23 01:28 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-05-11 14:24 - 2016-04-23 01:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-05-11 14:24 - 2016-04-23 01:27 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-05-11 14:24 - 2016-04-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-05-11 14:24 - 2016-04-23 01:26 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-05-11 14:24 - 2016-04-23 01:26 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-05-11 14:24 - 2016-04-23 01:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-05-11 14:24 - 2016-04-23 01:25 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-05-11 14:24 - 2016-04-23 01:25 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-05-11 14:24 - 2016-04-23 01:25 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-05-11 14:24 - 2016-04-23 01:25 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-11 14:24 - 2016-04-23 01:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-05-11 14:24 - 2016-04-23 01:24 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-05-11 14:24 - 2016-04-23 01:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-05-11 14:24 - 2016-04-23 01:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-05-11 14:24 - 2016-04-23 01:24 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-05-11 14:24 - 2016-04-23 01:24 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-11 14:24 - 2016-04-23 01:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-05-11 14:24 - 2016-04-23 01:23 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-05-11 14:24 - 2016-04-23 01:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-05-11 14:24 - 2016-04-23 01:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-11 14:24 - 2016-04-23 01:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-05-11 14:24 - 2016-04-23 01:22 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-11 14:24 - 2016-04-23 01:21 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-11 14:24 - 2016-04-23 01:21 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-11 14:24 - 2016-04-23 01:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-05-11 14:24 - 2016-04-23 01:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-05-11 14:24 - 2016-04-23 01:19 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-05-11 14:24 - 2016-04-23 01:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2016-05-11 14:24 - 2016-04-23 01:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-05-11 14:24 - 2016-04-23 01:18 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-11 14:24 - 2016-04-23 01:18 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-11 14:24 - 2016-04-23 01:18 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-11 14:24 - 2016-04-23 01:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-05-11 14:24 - 2016-04-23 01:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-05-11 14:24 - 2016-04-23 01:18 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-05-11 14:24 - 2016-04-23 01:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-05-11 14:24 - 2016-04-23 01:17 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-05-11 14:24 - 2016-04-23 01:16 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-11 14:24 - 2016-04-23 01:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-05-11 14:24 - 2016-04-23 01:15 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-05-11 14:24 - 2016-04-23 01:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-05-11 14:24 - 2016-04-23 01:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-05-11 14:24 - 2016-04-23 01:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-05-11 14:24 - 2016-04-23 01:14 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-11 14:24 - 2016-04-23 01:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-05-11 14:24 - 2016-04-23 01:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-05-11 14:24 - 2016-04-23 01:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-05-11 14:24 - 2016-04-23 01:07 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-11 14:24 - 2016-04-23 01:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-05-11 14:24 - 2016-04-23 01:05 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-05-11 14:24 - 2016-04-23 01:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-05-11 14:24 - 2016-04-23 01:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-05-11 14:24 - 2016-04-23 01:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-05-11 14:24 - 2016-04-23 01:01 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-11 14:24 - 2016-04-23 00:45 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-05-11 14:24 - 2016-04-22 23:10 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-05-11 14:24 - 2016-04-18 19:30 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2016-05-11 13:38 - 2016-05-19 23:32 - 00000902 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-11 13:38 - 2016-05-12 17:33 - 00003888 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-05-11 13:35 - 2016-05-11 13:42 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2016-05-09 19:11 - 2016-05-09 19:11 - 00052184 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-05-09 00:24 - 2016-05-09 00:24 - 00001076 _____ C:\Users\Public\Desktop\EagleGet.lnk
2016-05-09 00:24 - 2016-05-09 00:24 - 00000000 ____D C:\Users\Todos os Usuários\EagleGet
2016-05-09 00:24 - 2016-05-09 00:24 - 00000000 ____D C:\Users\Admin\AppData\Roaming\EagleGet
2016-05-09 00:24 - 2016-05-09 00:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EagleGet
2016-05-09 00:24 - 2016-05-09 00:24 - 00000000 ____D C:\ProgramData\EagleGet
2016-05-09 00:24 - 2016-05-09 00:24 - 00000000 ____D C:\Program Files (x86)\EagleGet
2016-05-09 00:24 - 2016-04-10 16:04 - 00086840 _____ (eagleGet) C:\WINDOWS\system32\Drivers\eagleGet.update
2016-05-09 00:24 - 2016-04-10 16:04 - 00086840 _____ (eagleGet) C:\WINDOWS\system32\Drivers\eagleGet.sys
2016-05-08 23:43 - 2016-05-16 17:43 - 00000000 ____D C:\Users\Admin\AppData\Local\Deployment
2016-05-08 01:49 - 2016-05-19 22:56 - 00000000 ____D C:\Users\Admin\AppData\Roaming\TS3Client
2016-05-08 01:49 - 2016-05-13 10:35 - 00001280 _____ C:\Users\Admin\Desktop\TeamSpeak 3 Client.lnk
2016-05-08 01:49 - 2016-05-08 01:49 - 00001238 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2016-05-08 01:49 - 2016-05-08 01:49 - 00000000 ____D C:\Users\Admin\AppData\Local\TeamSpeak 3 Client
2016-05-06 19:42 - 2016-05-06 19:42 - 00000017 _____ C:\Users\Admin\Desktop\extreme hills e pantano.txt
2016-04-24 13:08 - 2016-04-24 13:08 - 00281344 _____ C:\Users\Admin\Desktop\Prev100527181931.pdf
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-05-19 23:28 - 2016-03-06 02:28 - 00000324 _____ C:\WINDOWS\Tasks\Price Fountain.job
2016-05-19 23:24 - 2015-10-30 04:21 - 00000000 ____D C:\WINDOWS\INF
2016-05-19 23:23 - 2016-04-15 16:50 - 00002184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-05-19 23:23 - 2016-04-15 16:50 - 00001930 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-05-19 23:23 - 2016-01-13 17:36 - 00002465 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-19 23:23 - 2016-01-13 17:36 - 00002417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-19 23:16 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-05-19 23:16 - 2015-07-10 08:04 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-05-19 22:13 - 2016-02-01 03:28 - 00000000 ____D C:\Users\Admin\AppData\Local\PointBlank
2016-05-19 22:11 - 2016-02-01 03:24 - 00036904 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2016-05-19 21:02 - 2016-01-04 16:04 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2016-05-19 20:49 - 2016-01-13 17:25 - 00001108 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-19 20:46 - 2016-03-07 14:53 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2016-05-19 20:46 - 2016-03-07 14:53 - 00000000 ____D C:\ProgramData\AVAST Software
2016-05-19 20:45 - 2016-01-04 15:39 - 00000000 ____D C:\Users\Admin\AppData\Local\SkypePlugin
2016-05-19 19:49 - 2016-01-13 17:25 - 00001104 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-19 17:49 - 2015-12-31 17:14 - 00004180 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C5CDDE82-2AC9-4096-BA80-93B8A065A5A0}
2016-05-19 17:48 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-19 17:45 - 2015-12-20 22:01 - 00000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2016-05-19 09:06 - 2015-10-30 04:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-18 23:02 - 2016-03-06 23:02 - 00000316 _____ C:\WINDOWS\Tasks\MAXDriverUpdater_UPDATES.job
2016-05-17 22:40 - 2016-01-04 16:44 - 00000000 ____D C:\Users\Admin\AppData\Local\LogMeIn Hamachi
2016-05-17 12:35 - 2016-02-01 03:24 - 00019176 _____ C:\WINDOWS\xspirit.sys
2016-05-17 08:43 - 2016-03-26 23:53 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-17 08:42 - 2015-10-30 03:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-05-16 23:37 - 2016-02-25 17:32 - 00000000 ____D C:\Users\Admin\.aria2
2016-05-16 18:09 - 2016-01-31 23:54 - 00000000 ____D C:\Users\Admin\AppData\Roaming\.minecraft
2016-05-14 13:38 - 2015-10-30 04:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-13 23:06 - 2016-03-26 23:35 - 00000000 ____D C:\Users\Admin
2016-05-13 13:52 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\rescache
2016-05-13 10:35 - 2015-12-22 21:07 - 00001545 _____ C:\Users\Admin\Desktop\mpc-hc64.lnk
2016-05-13 08:25 - 2015-12-20 20:51 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-13 02:30 - 2015-10-30 16:14 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-13 02:30 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-13 02:30 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-13 02:30 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-13 02:30 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-11 21:04 - 2015-10-30 04:24 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-11 21:01 - 2015-12-22 20:53 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-05-11 20:59 - 2015-12-22 19:57 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-11 20:40 - 2015-12-22 19:57 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-11 16:57 - 2015-10-30 04:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-05-11 16:57 - 2015-10-30 04:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-11 13:43 - 2016-03-03 22:22 - 00000000 ____D C:\Users\Admin\AppData\Local\Macromedia
2016-05-10 19:44 - 2016-01-13 17:25 - 00004166 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-10 19:44 - 2016-01-13 17:25 - 00003934 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-08 23:46 - 2016-02-25 14:56 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level Up
2016-05-08 13:07 - 2016-03-08 12:43 - 00000438 _____ C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job
2016-05-07 17:39 - 2016-01-04 17:01 - 00000000 ____D C:\Users\Admin\AppData\Local\ElevatedDiagnostics
2016-05-06 14:09 - 2016-01-04 16:04 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-03 21:25 - 2016-03-09 15:06 - 00000000 ____D C:\Users\Admin\Desktop\minhas coisas
2016-05-03 11:15 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-05-02 16:03 - 2015-12-20 20:51 - 00000000 ____D C:\Users\Admin\AppData\Local\Packages
2016-04-27 12:26 - 2015-12-20 20:51 - 01819274 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-27 12:26 - 2015-10-30 16:11 - 00785460 _____ C:\WINDOWS\system32\prfh0416.dat
2016-04-27 12:26 - 2015-10-30 16:11 - 00154246 _____ C:\WINDOWS\system32\prfc0416.dat
2016-04-21 11:31 - 2016-01-01 19:04 - 00000000 ____D C:\Users\Admin\Desktop\Ereny
2016-04-20 21:28 - 2016-01-04 16:53 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2016-04-20 21:28 - 2016-01-04 16:53 - 00000000 ____D C:\ProgramData\Oracle
2016-04-20 20:53 - 2016-03-14 16:10 - 00000000 ____D C:\Program Files (x86)\Java
2016-04-20 20:53 - 2016-03-14 00:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-20 15:18 - 2016-03-14 16:11 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-04-20 14:53 - 2016-03-07 14:55 - 00000000 ____D C:\Program Files\AVAST Software
2016-04-19 15:32 - 2016-03-26 23:27 - 00350120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-19 15:29 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-19 15:29 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
==================== Arquivos na raiz de alguns diretórios =======
2007-10-04 12:00 - 2007-10-04 12:00 - 0003134 __RSH () C:\Program Files (x86)\Common Files\Logo.ico
2016-03-03 21:51 - 2016-01-31 23:55 - 5126360 _____ () C:\Users\Admin\AppData\Roaming\1.7.2M.rar
2016-03-03 21:51 - 2016-02-04 17:31 - 56786528 _____ (Oracle Corporation) C:\Users\Admin\AppData\Roaming\jre-8u71-windows-x64.exe
2016-03-03 22:19 - 2016-03-03 22:22 - 54079312 _____ () C:\Users\Admin\AppData\Roaming\MacromediaFlash8Portable.exe
2016-03-03 21:51 - 2016-02-01 00:06 - 45860789 _____ () C:\Users\Admin\AppData\Roaming\Mod Das Sombras 1.7.rar
2016-03-03 21:51 - 2016-02-04 13:15 - 0956887 _____ () C:\Users\Admin\AppData\Roaming\OptiFine_1.8.4_HD_U_D4.jar
2016-03-17 17:05 - 2016-03-16 22:33 - 156990650 _____ () C:\Users\Admin\AppData\Roaming\Pixelmon Uan Region [1.7.10] v1.2.rar
2016-03-17 17:05 - 2016-03-17 14:57 - 45218400 _____ () C:\Users\Admin\AppData\Roaming\Uan Pixelmon Custom NPC Resource Pack.zip
2016-03-26 23:31 - 2016-03-26 23:31 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Arquivos para serem movidos ou deletados:
====================
C:\Users\Admin\AppData\Local\Temp\00027809\casrss.exe
Alguns arquivos em TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\287c499808bcff52a39d16f78044882a.dll
C:\Users\Admin\AppData\Local\Temp\99baf9ae966501afe52dab6269c14b76.dll
C:\Users\Admin\AppData\Local\Temp\Crashday Game.exe
C:\Users\Admin\AppData\Local\Temp\poiskovikis.ru_BR.exe
C:\Users\Admin\AppData\Local\Temp\pps-qq-19.exe
C:\Users\Admin\AppData\Local\Temp\setup.exe
C:\Users\Admin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Admin\AppData\Local\Temp\ttwifi.exe
C:\Users\Admin\AppData\Local\Temp\VideoBox.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-05-16 15:59
==================== Fim de FRST.txt ============================
Executado por Admin (administrador) em DESKTOP-9AID8SH (19-05-2016 23:32:48)
Executando a partir de d:\Users\Admin\Documents\EGDownloads
Perfis Carregados: Admin (Perfis Disponíveis: Admin)
Platform: Windows 10 Pro Versão 1511 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
() C:\Program Files (x86)\EagleGet\EGMonitor.exe
() C:\Windows\KMS-R@1n.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\EagleGet\EGMonitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(EagleGet.com) C:\Program Files (x86)\EagleGet\EagleGet.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_73\bin\javaw.exe
() D:\Users\Admin\Documents\EGDownloads\Crashday_Game.exe
(Draughts) C:\Users\Admin\AppData\Roaming\Checkers\Draughts\Draughts.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\ProgramData\WindowsMsg\osmsg.exe
(VLOME) C:\Users\Admin\AppData\Local\Temp\00027809\casrss.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
() C:\Users\Admin\AppData\Local\Temp\28564\Setup.exe
() C:\Users\Admin\AppData\Local\Temp\pps-qq-19.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-12-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-12-20] (Realtek Semiconductor)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [858424 2015-06-19] (GAS Tecnologia LTDA)
HKLM\...\Run: [SynTPEnh] => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [MTview] => C:\Program Files (x86)\MTV20160128\MTView.exe -mini
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595504 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-05-06] (LogMeIn Inc.)
HKLM-x32\...\RunOnce: [GrpConv] => grpconv -o
Winlogon\Notify\ GbPluginBnt: C:\Program Files (x86)\GbPlugin\gbiehBnt.dll [2014-09-04] (Banco do Estado do Espirito Santo - BANESTES)
HKU\S-1-5-21-999747866-102080690-3096279064-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50676864 2016-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-999747866-102080690-3096279064-1001\...\Run: [EagleGet] => C:\Program Files (x86)\EagleGet\Eagleget.exe [1908736 2016-04-21] (EagleGet.com)
HKU\S-1-5-21-999747866-102080690-3096279064-1001\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [2055168 2016-04-16] ()
HKU\S-1-5-21-999747866-102080690-3096279064-1001\...\Run: [Pritc] => C:\Users\Admin\AppData\Local\Temp\00027809\casrss.exe [2958848 2016-05-19] (VLOME) <===== ATENÇÃO
HKU\S-1-5-21-999747866-102080690-3096279064-1001\...\MountPoints2: {4ef41348-cb94-11e5-9bc5-8056f2cc2cb0} - "F:\LGAutoRun.exe"
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399017} - C:\Program Files (x86)\GbPlugin\gbiehbnt.dll [1722880 2014-09-04] (Banco do Estado do Espirito Santo - BANESTES)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Nenhum Arquivo
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
ProxyServer: [S-1-5-21-999747866-102080690-3096279064-1001] => 177.130.59.66:3128
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 8.8.8.8
Tcpip\..\Interfaces\{05712d2f-ae4e-4177-87a8-6069087ced17}: [DhcpNameServer] 192.168.2.1 8.8.8.8
Tcpip\..\Interfaces\{26b11a49-585f-4b43-a90c-9af3c3d7b25b}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{2d8d1a06-a304-4634-875a-856c49226449}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{986367ed-22df-4b7e-a6ea-5fdabac3a97c}: [DhcpNameServer] 192.168.2.1 8.8.8.8
Tcpip\..\Interfaces\{c0e4c1e6-77ea-4535-ab5b-dd547a30d252}: [NameServer] 104.197.191.4
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkc_inner_hp_09_hao123_br&guid=cfcdee989a9349bd8b45d891be3023cc
HKU\S-1-5-21-999747866-102080690-3096279064-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={1D604466-D943-49D3-AE4F-CC029B761F8B}&mid=4c1870ffd5ef47ccb87d511fb428c543-ccccb671028b7fed32b57255ea03a0333aa382f1&lang=en&ds=AVG&coid=avgtbavg&cmpid=0216pi&pr=fr&d=2016-03-07 14:55:53&v=4.2.8.608&pid=wtu&sg=&sap=hp
SearchScopes: HKU\S-1-5-21-999747866-102080690-3096279064-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-999747866-102080690-3096279064-1001 -> {32EED27D-E6BD-48B2-9894-C048846D8912} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-999747866-102080690-3096279064-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={1D604466-D943-49D3-AE4F-CC029B761F8B}&mid=4c1870ffd5ef47ccb87d511fb428c543-ccccb671028b7fed32b57255ea03a0333aa382f1&lang=en&ds=AVG&coid=avgtbavg&cmpid=0216pi&pr=fr&d=2016-03-07 14:55:53&v=4.2.8.608&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Sem Nome -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Nenhum Arquivo
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.7.0\bin\jp2ssv.dll => Nenhum Arquivo
BHO-x32: EGet Class -> {1E871FF8-029C-4732-8AA7-39E3D3872057} -> C:\Program Files (x86)\EagleGet\eagleSniffer.dll [2016-04-21] (EagleGet.com)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-04-20] (Oracle Corporation)
BHO-x32: Sem Nome -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Nenhum Arquivo
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)
BHO-x32: Sem Nome -> {b608cc98-54de-4775-96c9-097de398500c} -> Nenhum Arquivo
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540017} -> C:\Program Files (x86)\GbPlugin\gbiehbnt.dll [2014-09-04] (Banco do Estado do Espirito Santo - BANESTES)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-04-20] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Profiles\pprsp1n1.default
FF NewTab: hxxp://d2ucfwpxlh3zh3.cloudfront.net/?ts=AHEqAnQlA3EoAU..&v=20160518&uid=A78156A04C67004A526910186C5BBF9B&ptid=icb&mode=loadm
FF DefaultSearchEngine: hohosearch
FF SelectedSearchEngine: hohosearch
FF Homepage: hxxp://d2ucfwpxlh3zh3.cloudfront.net/?ts=AHEqAnQlA3EoAU..&v=20160518&uid=A78156A04C67004A526910186C5BBF9B&ptid=icb&mode=loadm
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-12] ()
FF Plugin: @java.com/DTPlugin -> C:\Program Files\Java\jre1.7.0\bin\npDeployJava1.dll [Nenhum Arquivo]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.8\\npsitesafety.dll [Nenhum Arquivo]
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-04-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-04-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-999747866-102080690-3096279064-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-03-10] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-999747866-102080690-3096279064-1001: eagleget.com/EagleGet32 -> C:\Program Files (x86)\EagleGet\npEagleget.dll [2016-04-21] (EagleGet)
FF Plugin HKU\S-1-5-21-999747866-102080690-3096279064-1001: eagleget.com/EagleGet64 -> C:\Program Files (x86)\EagleGet\npEagleget64.dll [2016-04-21] (EagleGet)
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Profiles\pprsp1n1.default\searchplugins\c9gnvbu2.xml [2016-05-19]
FF Extension: Quick Searcher - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ebot1liw.default\Extensions\{d720d64d-c71a-4316-b59e-8a41b860178f} [2016-05-19] [não assinado]
FF Extension: GsearchFinder - C:\Users\Admin\AppData\Roaming\Profiles\pprsp1n1.default\Extensions\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi [2016-05-19]
FF Extension: Quick Searcher - C:\Users\Admin\AppData\Roaming\Profiles\pprsp1n1.default\Extensions\{d720d64d-c71a-4316-b59e-8a41b860178f} [2016-05-19] [não assinado]
Chrome:
=======
CHR HomePage: ChromeDefaultData -> hxxps://www.google.com.br/
CHR StartupUrls: ChromeDefaultData -> "hxxp://d2ucfwpxlh3zh3.cloudfront.net/?ts=AHEqAnQlA3EoAU..&v=20160518&uid=A78156A04C67004A526910186C5BBF9B&ptid=icb&mode=loadm"
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://d2ucfwpxlh3zh3.cloudfront.net/chrome.php?q={searchTerms}&ts=AHEqAnQlA3EoAU..&v=20160518&uid=A78156A04C67004A526910186C5BBF9B&ptid=icb&mode=loadm
CHR DefaultSearchKeyword: ChromeDefaultData -> hohosearch
CHR HKU\S-1-5-21-999747866-102080690-3096279064-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-999747866-102080690-3096279064-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2016-05-09]
CHR HKLM-x32\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2016-05-09]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-04-29] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-04-29] (Microsoft Corporation)
R2 egGetSvc; C:\Program Files (x86)\EagleGet\EGMonitor.exe [238592 2016-04-21] () [Arquivo não assinado]
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [546104 2014-07-22] (GAS Tecnologia)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-12-22] (Intel Corporation)
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2015-12-20] () [Arquivo não assinado]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [419248 2016-05-06] (LogMeIn, Inc.)
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [350688 2016-05-19] (DotC United Inc)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3758336 2015-11-29] (INCA Internet Co., Ltd.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-12-20] (Realtek Semiconductor)
S2 shefaleCloudservice; C:\Program Files (x86)\Shefale\shefaleCloudservice.exe [985752 2016-05-19] ()
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [858424 2015-06-19] (GAS Tecnologia LTDA)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4318760 2016-02-04] (Qualcomm Atheros Communications, Inc.)
R1 bsdriver; C:\Windows\system32\drivers\bsdriver.sys [34720 2016-03-06] ()
R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [56728 2016-03-06] (Windows (R) Win 7 DDK provider)
R3 eagleGet; C:\Windows\System32\Drivers\eagleGet.sys [86840 2016-04-10] (eagleGet) [Arquivo não assinado]
R3 Hamachi; C:\Windows\System32\drivers\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-12-20] (Intel Corporation)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-05-19] (DotC United Inc)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2016-01-30] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-04-01] (Basil)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36904 2016-05-19] (Wellbia.com Co., Ltd.)
R3 xspirit; C:\WINDOWS\xspirit.sys [19176 2016-05-17] ()
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-05-19 23:34 - 2016-05-19 23:34 - 00000000 ____D C:\Users\Admin\AppData\Local\Setup Wizard
2016-05-19 23:32 - 2016-05-19 23:32 - 00000000 ____D C:\FRST
2016-05-19 23:21 - 2016-05-19 23:21 - 00060136 _____ (DotC United Inc) C:\WINDOWS\system32\Drivers\MPCKpt.sys
2016-05-19 23:21 - 2016-05-19 23:21 - 00003656 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-05-19 23:21 - 2016-05-19 23:21 - 00003122 _____ C:\WINDOWS\System32\Tasks\ttwifi
2016-05-19 23:21 - 2016-05-19 23:21 - 00003052 _____ C:\WINDOWS\System32\Tasks\Pritc
2016-05-19 23:21 - 2016-05-19 23:21 - 00003016 _____ C:\WINDOWS\System32\Tasks\osTip
2016-05-19 23:21 - 2016-05-19 23:21 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-05-19 23:21 - 2016-05-19 23:21 - 00000000 ____D C:\Users\Todos os Usuários\VideoFetcher
2016-05-19 23:21 - 2016-05-19 23:21 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-05-19 23:21 - 2016-05-19 23:21 - 00000000 ____D C:\ProgramData\VideoFetcher
2016-05-19 23:21 - 2016-05-19 23:21 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-05-19 23:16 - 2016-05-19 23:23 - 00000728 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-05-19 23:16 - 2016-05-19 23:23 - 00000728 __RSH C:\ProgramData\ntuser.pol
2016-05-19 23:16 - 2016-05-19 23:16 - 00008940 _____ C:\WINDOWS\System32\Tasks\Shefale Cloud
2016-05-19 23:15 - 2016-05-19 23:23 - 00000000 ____D C:\Program Files (x86)\Razoghchak
2016-05-19 23:15 - 2016-05-19 23:16 - 00000000 ____D C:\Program Files (x86)\Shefale
2016-05-19 23:15 - 2016-05-19 23:16 - 00000000 ____D C:\Program Files (x86)\Ghtegeghums
2016-05-19 23:15 - 2016-05-19 23:16 - 00000000 ____D C:\Program Files (x86)\GetGo Software
2016-05-19 23:15 - 2016-05-19 23:15 - 00000000 ____D C:\Users\Admin\AppData\Roaming\GetGo Software
2016-05-19 23:15 - 2016-05-19 23:15 - 00000000 ____D C:\Users\Admin\AppData\Local\GetGo
2016-05-19 23:15 - 2016-05-19 23:15 - 00000000 ____D C:\Users\Admin\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-05-19 23:14 - 2016-05-19 23:23 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Checkers
2016-05-19 20:46 - 2016-05-09 19:11 - 01070904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFDEF.tmp
2016-05-19 20:46 - 2016-05-09 19:11 - 00465792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFF5B.tmp
2016-05-19 20:46 - 2016-05-09 19:11 - 00287528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFF7C.tmp
2016-05-19 20:46 - 2016-05-09 19:11 - 00166432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw48.tmp
2016-05-19 20:46 - 2016-05-09 19:11 - 00107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFF2A.tmp
2016-05-19 20:46 - 2016-05-09 19:11 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFE6D.tmp
2016-05-19 20:46 - 2016-05-09 19:11 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFF3B.tmp
2016-05-19 20:46 - 2016-05-09 19:11 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFF0A.tmp
2016-05-19 20:46 - 2016-05-09 19:11 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFD81.tmp
2016-05-14 13:02 - 2016-05-17 21:48 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Kodi
2016-05-14 13:00 - 2016-05-14 13:00 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-05-14 13:00 - 2016-05-14 13:00 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-14 12:58 - 2016-05-14 12:58 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2016-05-14 12:57 - 2016-05-14 12:58 - 00000000 ____D C:\Program Files (x86)\Kodi
2016-05-13 23:10 - 2016-05-13 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-05-13 23:10 - 2016-05-13 23:10 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-05-12 21:04 - 2016-05-12 21:04 - 00000000 ____D C:\Users\Admin\AppData\Roaming\MAXON
2016-05-12 17:32 - 2016-05-12 17:32 - 05995712 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-05-11 14:26 - 2016-04-23 02:09 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-05-11 14:26 - 2016-04-23 01:30 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-05-11 14:26 - 2016-04-23 01:28 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-11 14:26 - 2016-04-23 01:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-05-11 14:26 - 2016-04-23 01:18 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-11 14:25 - 2016-05-06 01:53 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-05-11 14:25 - 2016-04-30 03:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-05-11 14:25 - 2016-04-30 03:31 - 03591168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-05-11 14:25 - 2016-04-23 03:12 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-05-11 14:25 - 2016-04-23 03:12 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-05-11 14:25 - 2016-04-23 03:12 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-11 14:25 - 2016-04-23 03:12 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-05-11 14:25 - 2016-04-23 03:12 - 00294592 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-05-11 14:25 - 2016-04-23 03:12 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-05-11 14:25 - 2016-04-23 03:12 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-11 14:25 - 2016-04-23 02:28 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-05-11 14:25 - 2016-04-23 02:28 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-05-11 14:25 - 2016-04-23 02:24 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-11 14:25 - 2016-04-23 02:24 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-11 14:25 - 2016-04-23 02:24 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-11 14:25 - 2016-04-23 02:24 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-05-11 14:25 - 2016-04-23 02:22 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-11 14:25 - 2016-04-23 02:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-05-11 14:25 - 2016-04-23 02:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-05-11 14:25 - 2016-04-23 02:12 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-05-11 14:25 - 2016-04-23 02:11 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-11 14:25 - 2016-04-23 02:11 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-11 14:25 - 2016-04-23 02:10 - 03673424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-11 14:25 - 2016-04-23 02:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-05-11 14:25 - 2016-04-23 02:10 - 00330072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-05-11 14:25 - 2016-04-23 02:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-05-11 14:25 - 2016-04-23 02:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-05-11 14:25 - 2016-04-23 02:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-05-11 14:25 - 2016-04-23 02:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-05-11 14:25 - 2016-04-23 02:09 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-05-11 14:25 - 2016-04-23 02:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-05-11 14:25 - 2016-04-23 02:08 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-05-11 14:25 - 2016-04-23 02:08 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-05-11 14:25 - 2016-04-23 02:08 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-11 14:25 - 2016-04-23 02:07 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-11 14:25 - 2016-04-23 02:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-05-11 14:25 - 2016-04-23 02:01 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-11 14:25 - 2016-04-23 02:01 - 00650304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-05-11 14:25 - 2016-04-23 02:01 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-11 14:25 - 2016-04-23 02:01 - 00577368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-05-11 14:25 - 2016-04-23 02:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-05-11 14:25 - 2016-04-23 02:01 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-11 14:25 - 2016-04-23 02:00 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-11 14:25 - 2016-04-23 02:00 - 01594920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-11 14:25 - 2016-04-23 02:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-05-11 14:25 - 2016-04-23 02:00 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-11 14:25 - 2016-04-23 02:00 - 01372304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-05-11 14:25 - 2016-04-23 01:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-05-11 14:25 - 2016-04-23 01:24 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-11 14:25 - 2016-04-23 01:23 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-05-11 14:25 - 2016-04-23 01:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-05-11 14:25 - 2016-04-23 01:22 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-05-11 14:25 - 2016-04-23 01:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-05-11 14:25 - 2016-04-23 01:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-05-11 14:25 - 2016-04-23 01:20 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-05-11 14:25 - 2016-04-23 01:20 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-11 14:25 - 2016-04-23 01:20 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-05-11 14:25 - 2016-04-23 01:19 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-05-11 14:25 - 2016-04-23 01:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-11 14:25 - 2016-04-23 01:19 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-05-11 14:25 - 2016-04-23 01:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-11 14:25 - 2016-04-23 01:18 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-05-11 14:25 - 2016-04-23 01:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-05-11 14:25 - 2016-04-23 01:18 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-05-11 14:25 - 2016-04-23 01:18 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-05-11 14:25 - 2016-04-23 01:18 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-05-11 14:25 - 2016-04-23 01:18 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-11 14:25 - 2016-04-23 01:18 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-05-11 14:25 - 2016-04-23 01:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-05-11 14:25 - 2016-04-23 01:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-05-11 14:25 - 2016-04-23 01:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-05-11 14:25 - 2016-04-23 01:16 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-11 14:25 - 2016-04-23 01:15 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-11 14:25 - 2016-04-23 01:15 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-11 14:25 - 2016-04-23 01:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-05-11 14:25 - 2016-04-23 01:14 - 13383168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-11 14:25 - 2016-04-23 01:14 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-05-11 14:25 - 2016-04-23 01:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-05-11 14:25 - 2016-04-23 01:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-05-11 14:25 - 2016-04-23 01:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-05-11 14:25 - 2016-04-23 01:13 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-05-11 14:25 - 2016-04-23 01:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-05-11 14:25 - 2016-04-23 01:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-05-11 14:25 - 2016-04-23 01:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-05-11 14:25 - 2016-04-23 01:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-05-11 14:25 - 2016-04-23 01:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-05-11 14:25 - 2016-04-23 01:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-05-11 14:25 - 2016-04-23 01:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-05-11 14:25 - 2016-04-23 01:09 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-11 14:25 - 2016-04-23 01:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-05-11 14:25 - 2016-04-23 01:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-05-11 14:25 - 2016-04-23 01:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-05-11 14:25 - 2016-04-23 01:07 - 02598912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-11 14:25 - 2016-04-23 01:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-05-11 14:25 - 2016-04-23 01:06 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-11 14:25 - 2016-04-23 01:05 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-11 14:25 - 2016-04-23 01:05 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-11 14:25 - 2016-04-23 01:05 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-11 14:25 - 2016-04-23 01:05 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-11 14:25 - 2016-04-23 01:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-11 14:25 - 2016-04-23 01:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-05-11 14:25 - 2016-04-23 01:04 - 01731072 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-11 14:25 - 2016-04-23 01:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-05-11 14:25 - 2016-04-23 01:03 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-11 14:25 - 2016-04-23 01:03 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-05-11 14:25 - 2016-04-23 01:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-05-11 14:25 - 2016-04-23 01:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-05-11 14:25 - 2016-04-23 01:02 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-05-11 14:25 - 2016-04-23 01:02 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-11 14:25 - 2016-04-23 01:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-11 14:25 - 2016-04-23 01:00 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-11 14:25 - 2016-04-22 23:10 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-11 14:24 - 2016-05-06 01:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-05-11 14:24 - 2016-05-06 01:03 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-11 14:24 - 2016-05-06 00:53 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-05-11 14:24 - 2016-05-06 00:49 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-11 14:24 - 2016-05-06 00:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-05-11 14:24 - 2016-05-06 00:43 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-05-11 14:24 - 2016-05-06 00:23 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-11 14:24 - 2016-04-23 03:12 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-05-11 14:24 - 2016-04-23 02:26 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-05-11 14:24 - 2016-04-23 02:24 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-05-11 14:24 - 2016-04-23 02:24 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-05-11 14:24 - 2016-04-23 02:24 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-11 14:24 - 2016-04-23 02:18 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-05-11 14:24 - 2016-04-23 02:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-05-11 14:24 - 2016-04-23 02:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-05-11 14:24 - 2016-04-23 02:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-05-11 14:24 - 2016-04-23 02:11 - 00696672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-11 14:24 - 2016-04-23 02:11 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-05-11 14:24 - 2016-04-23 02:11 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-05-11 14:24 - 2016-04-23 02:11 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-05-11 14:24 - 2016-04-23 02:09 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-11 14:24 - 2016-04-23 02:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-05-11 14:24 - 2016-04-23 02:07 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-11 14:24 - 2016-04-23 02:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-05-11 14:24 - 2016-04-23 02:06 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-11 14:24 - 2016-04-23 02:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-05-11 14:24 - 2016-04-23 02:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-05-11 14:24 - 2016-04-23 02:01 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-05-11 14:24 - 2016-04-23 02:00 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-05-11 14:24 - 2016-04-23 02:00 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-05-11 14:24 - 2016-04-23 02:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-05-11 14:24 - 2016-04-23 02:00 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-05-11 14:24 - 2016-04-23 01:56 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-11 14:24 - 2016-04-23 01:39 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-05-11 14:24 - 2016-04-23 01:35 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-05-11 14:24 - 2016-04-23 01:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-05-11 14:24 - 2016-04-23 01:34 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-05-11 14:24 - 2016-04-23 01:34 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-11 14:24 - 2016-04-23 01:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-11 14:24 - 2016-04-23 01:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-05-11 14:24 - 2016-04-23 01:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-05-11 14:24 - 2016-04-23 01:33 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-11 14:24 - 2016-04-23 01:32 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-05-11 14:24 - 2016-04-23 01:32 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-11 14:24 - 2016-04-23 01:32 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-11 14:24 - 2016-04-23 01:31 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-05-11 14:24 - 2016-04-23 01:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-11 14:24 - 2016-04-23 01:30 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-05-11 14:24 - 2016-04-23 01:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-05-11 14:24 - 2016-04-23 01:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-05-11 14:24 - 2016-04-23 01:29 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-11 14:24 - 2016-04-23 01:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-05-11 14:24 - 2016-04-23 01:29 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-11 14:24 - 2016-04-23 01:29 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-05-11 14:24 - 2016-04-23 01:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2016-05-11 14:24 - 2016-04-23 01:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-05-11 14:24 - 2016-04-23 01:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-05-11 14:24 - 2016-04-23 01:28 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-11 14:24 - 2016-04-23 01:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-11 14:24 - 2016-04-23 01:28 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-05-11 14:24 - 2016-04-23 01:28 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-05-11 14:24 - 2016-04-23 01:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-05-11 14:24 - 2016-04-23 01:27 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-05-11 14:24 - 2016-04-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-05-11 14:24 - 2016-04-23 01:26 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-05-11 14:24 - 2016-04-23 01:26 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-05-11 14:24 - 2016-04-23 01:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-05-11 14:24 - 2016-04-23 01:25 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-05-11 14:24 - 2016-04-23 01:25 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-05-11 14:24 - 2016-04-23 01:25 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-05-11 14:24 - 2016-04-23 01:25 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-11 14:24 - 2016-04-23 01:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-05-11 14:24 - 2016-04-23 01:24 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-05-11 14:24 - 2016-04-23 01:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-05-11 14:24 - 2016-04-23 01:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-05-11 14:24 - 2016-04-23 01:24 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-05-11 14:24 - 2016-04-23 01:24 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-11 14:24 - 2016-04-23 01:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-05-11 14:24 - 2016-04-23 01:23 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-05-11 14:24 - 2016-04-23 01:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-05-11 14:24 - 2016-04-23 01:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-11 14:24 - 2016-04-23 01:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-05-11 14:24 - 2016-04-23 01:22 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-11 14:24 - 2016-04-23 01:21 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-11 14:24 - 2016-04-23 01:21 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-11 14:24 - 2016-04-23 01:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-05-11 14:24 - 2016-04-23 01:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-05-11 14:24 - 2016-04-23 01:19 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-05-11 14:24 - 2016-04-23 01:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2016-05-11 14:24 - 2016-04-23 01:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-05-11 14:24 - 2016-04-23 01:18 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-11 14:24 - 2016-04-23 01:18 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-11 14:24 - 2016-04-23 01:18 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-11 14:24 - 2016-04-23 01:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-05-11 14:24 - 2016-04-23 01:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-05-11 14:24 - 2016-04-23 01:18 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-05-11 14:24 - 2016-04-23 01:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-05-11 14:24 - 2016-04-23 01:17 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-05-11 14:24 - 2016-04-23 01:16 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-11 14:24 - 2016-04-23 01:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-05-11 14:24 - 2016-04-23 01:15 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-05-11 14:24 - 2016-04-23 01:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-05-11 14:24 - 2016-04-23 01:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-05-11 14:24 - 2016-04-23 01:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-05-11 14:24 - 2016-04-23 01:14 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-11 14:24 - 2016-04-23 01:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-05-11 14:24 - 2016-04-23 01:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-05-11 14:24 - 2016-04-23 01:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-05-11 14:24 - 2016-04-23 01:07 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-11 14:24 - 2016-04-23 01:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-05-11 14:24 - 2016-04-23 01:05 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-05-11 14:24 - 2016-04-23 01:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-05-11 14:24 - 2016-04-23 01:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-05-11 14:24 - 2016-04-23 01:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-05-11 14:24 - 2016-04-23 01:01 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-11 14:24 - 2016-04-23 00:45 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-05-11 14:24 - 2016-04-22 23:10 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-05-11 14:24 - 2016-04-18 19:30 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2016-05-11 13:38 - 2016-05-19 23:32 - 00000902 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-11 13:38 - 2016-05-12 17:33 - 00003888 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-05-11 13:35 - 2016-05-11 13:42 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2016-05-09 19:11 - 2016-05-09 19:11 - 00052184 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-05-09 00:24 - 2016-05-09 00:24 - 00001076 _____ C:\Users\Public\Desktop\EagleGet.lnk
2016-05-09 00:24 - 2016-05-09 00:24 - 00000000 ____D C:\Users\Todos os Usuários\EagleGet
2016-05-09 00:24 - 2016-05-09 00:24 - 00000000 ____D C:\Users\Admin\AppData\Roaming\EagleGet
2016-05-09 00:24 - 2016-05-09 00:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EagleGet
2016-05-09 00:24 - 2016-05-09 00:24 - 00000000 ____D C:\ProgramData\EagleGet
2016-05-09 00:24 - 2016-05-09 00:24 - 00000000 ____D C:\Program Files (x86)\EagleGet
2016-05-09 00:24 - 2016-04-10 16:04 - 00086840 _____ (eagleGet) C:\WINDOWS\system32\Drivers\eagleGet.update
2016-05-09 00:24 - 2016-04-10 16:04 - 00086840 _____ (eagleGet) C:\WINDOWS\system32\Drivers\eagleGet.sys
2016-05-08 23:43 - 2016-05-16 17:43 - 00000000 ____D C:\Users\Admin\AppData\Local\Deployment
2016-05-08 01:49 - 2016-05-19 22:56 - 00000000 ____D C:\Users\Admin\AppData\Roaming\TS3Client
2016-05-08 01:49 - 2016-05-13 10:35 - 00001280 _____ C:\Users\Admin\Desktop\TeamSpeak 3 Client.lnk
2016-05-08 01:49 - 2016-05-08 01:49 - 00001238 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2016-05-08 01:49 - 2016-05-08 01:49 - 00000000 ____D C:\Users\Admin\AppData\Local\TeamSpeak 3 Client
2016-05-06 19:42 - 2016-05-06 19:42 - 00000017 _____ C:\Users\Admin\Desktop\extreme hills e pantano.txt
2016-04-24 13:08 - 2016-04-24 13:08 - 00281344 _____ C:\Users\Admin\Desktop\Prev100527181931.pdf
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-05-19 23:28 - 2016-03-06 02:28 - 00000324 _____ C:\WINDOWS\Tasks\Price Fountain.job
2016-05-19 23:24 - 2015-10-30 04:21 - 00000000 ____D C:\WINDOWS\INF
2016-05-19 23:23 - 2016-04-15 16:50 - 00002184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-05-19 23:23 - 2016-04-15 16:50 - 00001930 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-05-19 23:23 - 2016-01-13 17:36 - 00002465 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-19 23:23 - 2016-01-13 17:36 - 00002417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-19 23:16 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-05-19 23:16 - 2015-07-10 08:04 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-05-19 22:13 - 2016-02-01 03:28 - 00000000 ____D C:\Users\Admin\AppData\Local\PointBlank
2016-05-19 22:11 - 2016-02-01 03:24 - 00036904 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2016-05-19 21:02 - 2016-01-04 16:04 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2016-05-19 20:49 - 2016-01-13 17:25 - 00001108 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-19 20:46 - 2016-03-07 14:53 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2016-05-19 20:46 - 2016-03-07 14:53 - 00000000 ____D C:\ProgramData\AVAST Software
2016-05-19 20:45 - 2016-01-04 15:39 - 00000000 ____D C:\Users\Admin\AppData\Local\SkypePlugin
2016-05-19 19:49 - 2016-01-13 17:25 - 00001104 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-19 17:49 - 2015-12-31 17:14 - 00004180 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C5CDDE82-2AC9-4096-BA80-93B8A065A5A0}
2016-05-19 17:48 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-19 17:45 - 2015-12-20 22:01 - 00000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2016-05-19 09:06 - 2015-10-30 04:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-18 23:02 - 2016-03-06 23:02 - 00000316 _____ C:\WINDOWS\Tasks\MAXDriverUpdater_UPDATES.job
2016-05-17 22:40 - 2016-01-04 16:44 - 00000000 ____D C:\Users\Admin\AppData\Local\LogMeIn Hamachi
2016-05-17 12:35 - 2016-02-01 03:24 - 00019176 _____ C:\WINDOWS\xspirit.sys
2016-05-17 08:43 - 2016-03-26 23:53 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-17 08:42 - 2015-10-30 03:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-05-16 23:37 - 2016-02-25 17:32 - 00000000 ____D C:\Users\Admin\.aria2
2016-05-16 18:09 - 2016-01-31 23:54 - 00000000 ____D C:\Users\Admin\AppData\Roaming\.minecraft
2016-05-14 13:38 - 2015-10-30 04:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-13 23:06 - 2016-03-26 23:35 - 00000000 ____D C:\Users\Admin
2016-05-13 13:52 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\rescache
2016-05-13 10:35 - 2015-12-22 21:07 - 00001545 _____ C:\Users\Admin\Desktop\mpc-hc64.lnk
2016-05-13 08:25 - 2015-12-20 20:51 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-13 02:30 - 2015-10-30 16:14 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-13 02:30 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-13 02:30 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-13 02:30 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-13 02:30 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-11 21:04 - 2015-10-30 04:24 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-11 21:01 - 2015-12-22 20:53 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-05-11 20:59 - 2015-12-22 19:57 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-11 20:40 - 2015-12-22 19:57 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-11 16:57 - 2015-10-30 04:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-05-11 16:57 - 2015-10-30 04:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-11 13:43 - 2016-03-03 22:22 - 00000000 ____D C:\Users\Admin\AppData\Local\Macromedia
2016-05-10 19:44 - 2016-01-13 17:25 - 00004166 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-10 19:44 - 2016-01-13 17:25 - 00003934 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-08 23:46 - 2016-02-25 14:56 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level Up
2016-05-08 13:07 - 2016-03-08 12:43 - 00000438 _____ C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job
2016-05-07 17:39 - 2016-01-04 17:01 - 00000000 ____D C:\Users\Admin\AppData\Local\ElevatedDiagnostics
2016-05-06 14:09 - 2016-01-04 16:04 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-03 21:25 - 2016-03-09 15:06 - 00000000 ____D C:\Users\Admin\Desktop\minhas coisas
2016-05-03 11:15 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-05-02 16:03 - 2015-12-20 20:51 - 00000000 ____D C:\Users\Admin\AppData\Local\Packages
2016-04-27 12:26 - 2015-12-20 20:51 - 01819274 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-27 12:26 - 2015-10-30 16:11 - 00785460 _____ C:\WINDOWS\system32\prfh0416.dat
2016-04-27 12:26 - 2015-10-30 16:11 - 00154246 _____ C:\WINDOWS\system32\prfc0416.dat
2016-04-21 11:31 - 2016-01-01 19:04 - 00000000 ____D C:\Users\Admin\Desktop\Ereny
2016-04-20 21:28 - 2016-01-04 16:53 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2016-04-20 21:28 - 2016-01-04 16:53 - 00000000 ____D C:\ProgramData\Oracle
2016-04-20 20:53 - 2016-03-14 16:10 - 00000000 ____D C:\Program Files (x86)\Java
2016-04-20 20:53 - 2016-03-14 00:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-20 15:18 - 2016-03-14 16:11 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-04-20 14:53 - 2016-03-07 14:55 - 00000000 ____D C:\Program Files\AVAST Software
2016-04-19 15:32 - 2016-03-26 23:27 - 00350120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-19 15:29 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-19 15:29 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
==================== Arquivos na raiz de alguns diretórios =======
2007-10-04 12:00 - 2007-10-04 12:00 - 0003134 __RSH () C:\Program Files (x86)\Common Files\Logo.ico
2016-03-03 21:51 - 2016-01-31 23:55 - 5126360 _____ () C:\Users\Admin\AppData\Roaming\1.7.2M.rar
2016-03-03 21:51 - 2016-02-04 17:31 - 56786528 _____ (Oracle Corporation) C:\Users\Admin\AppData\Roaming\jre-8u71-windows-x64.exe
2016-03-03 22:19 - 2016-03-03 22:22 - 54079312 _____ () C:\Users\Admin\AppData\Roaming\MacromediaFlash8Portable.exe
2016-03-03 21:51 - 2016-02-01 00:06 - 45860789 _____ () C:\Users\Admin\AppData\Roaming\Mod Das Sombras 1.7.rar
2016-03-03 21:51 - 2016-02-04 13:15 - 0956887 _____ () C:\Users\Admin\AppData\Roaming\OptiFine_1.8.4_HD_U_D4.jar
2016-03-17 17:05 - 2016-03-16 22:33 - 156990650 _____ () C:\Users\Admin\AppData\Roaming\Pixelmon Uan Region [1.7.10] v1.2.rar
2016-03-17 17:05 - 2016-03-17 14:57 - 45218400 _____ () C:\Users\Admin\AppData\Roaming\Uan Pixelmon Custom NPC Resource Pack.zip
2016-03-26 23:31 - 2016-03-26 23:31 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Arquivos para serem movidos ou deletados:
====================
C:\Users\Admin\AppData\Local\Temp\00027809\casrss.exe
Alguns arquivos em TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\287c499808bcff52a39d16f78044882a.dll
C:\Users\Admin\AppData\Local\Temp\99baf9ae966501afe52dab6269c14b76.dll
C:\Users\Admin\AppData\Local\Temp\Crashday Game.exe
C:\Users\Admin\AppData\Local\Temp\poiskovikis.ru_BR.exe
C:\Users\Admin\AppData\Local\Temp\pps-qq-19.exe
C:\Users\Admin\AppData\Local\Temp\setup.exe
C:\Users\Admin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Admin\AppData\Local\Temp\ttwifi.exe
C:\Users\Admin\AppData\Local\Temp\VideoBox.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-05-16 15:59
==================== Fim de FRST.txt ============================