cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 10-07-2016 01
Executado por LeonardoAmadeu (administrador) em MONSTRO (11-07-2016 19:47:33)
Executando a partir de C:\Users\LeonardoAmadeu\Desktop
Perfis Carregados: LeonardoAmadeu (Perfis Disponíveis: LeonardoAmadeu)
Platform: Windows 10 Pro Versão 1511 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
(Mega Limited) C:\Users\LeonardoAmadeu\AppData\Local\MEGAsync\MEGAsync.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1605.1582.0_x64__8wekyb3d8bbwe\Calculator.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.7070.58021.0_x64__8wekyb3d8bbwe\onenoteim.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [1058864 2016-05-11] (GAS Tecnologia LTDA)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8822016 2016-06-02] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-01] (Avast Software s.r.o.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24204648 2016-07-05] (Dropbox, Inc.)
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2016-06-24] (Banco do Brasil)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal)
HKU\S-1-5-21-1629971873-2629050017-3027128225-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53736048 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-1629971873-2629050017-3027128225-1001\...\Run: [HP Deskjet 3510 series (NET)] => C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1629971873-2629050017-3027128225-1001\...\RunOnce: [Uninstall C:\Users\LeonardoAmadeu\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\LeonardoAmadeu\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-1629971873-2629050017-3027128225-1001\...\RunOnce: [Uninstall C:\Users\LeonardoAmadeu\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\LeonardoAmadeu\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1"
HKU\S-1-5-21-1629971873-2629050017-3027128225-1001\...\RunOnce: [Uninstall C:\Users\LeonardoAmadeu\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\LeonardoAmadeu\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
HKU\S-1-5-21-1629971873-2629050017-3027128225-1001\...\RunOnce: [Uninstall C:\Users\LeonardoAmadeu\AppData\Local\Microsoft\OneDrive\17.3.6281.1202] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\LeonardoAmadeu\AppData\Local\Microsoft\OneDrive\17.3.6281.1202"
HKU\S-1-5-21-1629971873-2629050017-3027128225-1001\...\RunOnce: [Uninstall C:\Users\LeonardoAmadeu\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\LeonardoAmadeu\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
HKU\S-1-5-21-1629971873-2629050017-3027128225-1001\...\RunOnce: [Uninstall C:\Users\LeonardoAmadeu\AppData\Local\Microsoft\OneDrive\17.3.6301.0127] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\LeonardoAmadeu\AppData\Local\Microsoft\OneDrive\17.3.6301.0127"
HKU\S-1-5-21-1629971873-2629050017-3027128225-1001\...\RunOnce: [Uninstall C:\Users\LeonardoAmadeu\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\LeonardoAmadeu\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-1629971873-2629050017-3027128225-1001\...\RunOnce: [Uninstall C:\Users\LeonardoAmadeu\AppData\Local\Microsoft\OneDrive\17.3.6302.0225] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\LeonardoAmadeu\AppData\Local\Microsoft\OneDrive\17.3.6302.0225"
HKU\S-1-5-21-1629971873-2629050017-3027128225-1001\...\RunOnce: [Uninstall C:\Users\LeonardoAmadeu\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\LeonardoAmadeu\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-1629971873-2629050017-3027128225-1001\...\RunOnce: [Uninstall C:\Users\LeonardoAmadeu\AppData\Local\Microsoft\OneDrive\17.3.6386.0412] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\LeonardoAmadeu\AppData\Local\Microsoft\OneDrive\17.3.6386.0412"
HKU\S-1-5-21-1629971873-2629050017-3027128225-1001\...\MountPoints2: {1cc24e46-08a0-11e5-824b-806e6f6e6963} - "E:\PLAY.EXE" "playlist.m3u"
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1947872 2016-06-24] (Banco do Brasil)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1888480 2015-09-22] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\LeonardoAmadeu\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\LeonardoAmadeu\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\LeonardoAmadeu\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-01] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\LeonardoAmadeu\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\LeonardoAmadeu\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\LeonardoAmadeu\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
Startup: C:\Users\LeonardoAmadeu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2015-09-21]
ShortcutTarget: MEGAsync.lnk -> C:\Users\LeonardoAmadeu\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 187.65.0.46 187.65.0.41
Tcpip\..\Interfaces\{4b4e3cac-146a-4d38-a270-45a1b2dc4630}: [DhcpNameServer] 187.65.0.46 187.65.0.41

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-05-27] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-07-13] (DVDVideoSoft Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-07-28] (Oracle Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll [2016-06-24] (Banco do Brasil)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2015-09-22] (Caixa Economica Federal)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-07-28] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-07-13] (DVDVideoSoft Ltd.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\LeonardoAmadeu\AppData\Roaming\Mozilla\Firefox\Profiles\7adddo4l.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-16] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-16] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-07-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-07-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1629971873-2629050017-3027128225-1001: gastecnologia.com.br/sf/cef -> C:\Users\LeonardoAmadeu\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-12-09] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-1629971873-2629050017-3027128225-1001: gastecnologia.com.br/sf/cef64 -> C:\Users\LeonardoAmadeu\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll [2014-12-09] (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Extension: EPUBReader - C:\Users\LeonardoAmadeu\AppData\Roaming\Mozilla\Firefox\Profiles\7adddo4l.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2016-06-21]
FF Extension: MEGA - C:\Users\LeonardoAmadeu\AppData\Roaming\Mozilla\Firefox\Profiles\7adddo4l.default\Extensions\firefox@mega.co.nz.xpi [2016-07-08]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\LeonardoAmadeu\AppData\Roaming\Mozilla\Firefox\Profiles\7adddo4l.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-07-13] [não assinado]
FF Extension: Adblock Plus - C:\Users\LeonardoAmadeu\AppData\Roaming\Mozilla\Firefox\Profiles\7adddo4l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-11]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKU\S-1-5-21-1629971873-2629050017-3027128225-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\LeonardoAmadeu\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF Extension: GBBD Caixa Economica Federal - C:\Users\LeonardoAmadeu\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2016-01-04] [não assinado]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-06-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-01]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Arquivo não assinado]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-01] (Avast Software s.r.o.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-22] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-22] (Dropbox, Inc.)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [631520 2016-06-24] (GAS Tecnologia)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [1058864 2016-05-11] (GAS Tecnologia LTDA)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-07-11] (AVAST Software)
S1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-07-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-07-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-07-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-07-11] (AVAST Software)
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-07-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-07-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-07-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [290088 2016-07-11] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2016-07-11] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-08-26] (GAS Tecnologia)
S3 GunBod; C:\Windows\system32\gunbod64.sys [86352 2015-08-05] ()
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-01] (Malwarebytes)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 ssudobex; C:\Windows\system32\DRIVERS\ssudobex.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [Arquivo não assinado]
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-04-29] (GAS Tecnologia LTDA)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-07-07] (Basil)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2016-07-07] (GAS Tecnologia)
R1 wsddpp; C:\WINDOWS\system32\drivers\wsddpp.sys [103640 2015-03-18] (GAS Tecnologia)
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-11 19:47 - 2016-07-11 19:48 - 00023249 _____ C:\Users\LeonardoAmadeu\Desktop\FRST.txt
2016-07-11 19:46 - 2016-07-11 19:47 - 00000000 ____D C:\FRST
2016-07-11 19:46 - 2016-07-11 19:46 - 02390528 _____ (Farbar) C:\Users\LeonardoAmadeu\Desktop\FRST64.exe
2016-07-11 17:49 - 2016-07-11 17:49 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-07-11 17:48 - 2016-07-11 17:48 - 00390984 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-07-11 17:48 - 2016-07-11 17:47 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-07-11 17:48 - 2015-06-26 11:13 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\asw4D42.tmp
2016-07-11 17:48 - 2015-06-01 19:14 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\asw4B0A.tmp
2016-07-11 17:48 - 2015-06-01 19:14 - 00272248 _____ C:\WINDOWS\system32\Drivers\asw4D72.tmp
2016-07-11 17:48 - 2015-06-01 19:14 - 00137288 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\asw4DB1.tmp
2016-07-11 17:48 - 2015-06-01 19:14 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\asw4BA7.tmp
2016-07-11 17:48 - 2015-06-01 19:14 - 00089944 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\asw4CC3.tmp
2016-07-11 17:48 - 2015-06-01 19:14 - 00065736 _____ C:\WINDOWS\system32\Drivers\asw4D02.tmp
2016-07-11 17:48 - 2015-06-01 19:14 - 00029168 _____ C:\WINDOWS\system32\Drivers\asw4C25.tmp
2016-07-11 17:47 - 2016-07-11 17:47 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-07-11 13:11 - 2016-07-11 13:11 - 05655712 _____ C:\Users\LeonardoAmadeu\Downloads\Tibia_Setup.exe
2016-07-11 13:11 - 2016-07-11 13:11 - 00000000 ____D C:\Users\LeonardoAmadeu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tibia
2016-07-11 13:11 - 2016-07-11 13:11 - 00000000 ____D C:\Users\LeonardoAmadeu\AppData\Local\Tibia
2016-07-08 17:19 - 2016-07-08 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-07-07 19:39 - 2016-07-07 19:40 - 71429341 _____ C:\Users\LeonardoAmadeu\Downloads\Derecho_Penal_Parte_General_-_TOMO_I_-__Claus_Roxin.pdf
2016-07-06 16:01 - 2016-07-08 15:56 - 00067584 ____H C:\Users\LeonardoAmadeu\Desktop\~WRL0003.tmp
2016-07-05 09:34 - 2016-07-05 09:34 - 20302290 _____ C:\Users\LeonardoAmadeu\Downloads\NOVO_CPC_ANOTADO.pdf
2016-07-04 09:17 - 2016-07-04 09:17 - 00003772 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - bd7cced457bf4f8abf71c317c0901bd77df0791d235149eeb7e6e021187b3ffc
2016-07-02 11:19 - 2016-07-09 11:35 - 00003312 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForLeonardoAmadeu
2016-07-02 11:19 - 2016-07-09 11:35 - 00000384 _____ C:\WINDOWS\Tasks\HPCeeScheduleForLeonardoAmadeu.job
2016-06-30 15:18 - 2016-07-03 22:27 - 00000000 ____D C:\Users\LeonardoAmadeu\Desktop\Paredão
2016-06-27 06:06 - 2016-06-27 06:06 - 00000000 ____D C:\Users\LeonardoAmadeu\Documents\Modelos Personalizados do Office
2016-06-26 11:36 - 2016-06-26 11:36 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Local\Microsoft Help
2016-06-26 11:36 - 2016-06-26 11:36 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-06-26 11:36 - 2016-06-26 11:36 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-06-26 08:20 - 2016-06-26 08:20 - 00005280 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for MONSTRO-LeonardoAmadeu Monstro
2016-06-25 11:20 - 2016-06-25 11:20 - 00000000 ____D C:\Program Files\TAP-Windows
2016-06-25 11:17 - 2016-06-25 11:17 - 00004608 _____ C:\WINDOWS\SECOH-QAD.exe
2016-06-25 11:17 - 2016-06-25 11:17 - 00003584 _____ C:\WINDOWS\SECOH-QAD.dll
2016-06-25 11:16 - 2016-07-11 19:45 - 00000000 ____D C:\Program Files\KMSpico
2016-06-25 11:16 - 2016-06-25 11:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2016-06-25 10:57 - 2016-06-26 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-06-25 10:56 - 2016-06-25 10:56 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-06-25 10:56 - 2016-06-25 10:56 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-06-25 10:55 - 2016-06-25 10:56 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-06-25 10:55 - 2016-06-25 10:55 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-06-25 10:49 - 2016-06-25 10:49 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2016-06-25 10:49 - 2016-06-25 10:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-06-25 10:48 - 2016-07-06 15:59 - 00000000 ____D C:\Users\LeonardoAmadeu\AppData\Local\Microsoft Help
2016-06-25 10:48 - 2016-06-27 18:54 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-06-25 10:48 - 2016-06-25 10:55 - 00000000 ____D C:\Program Files\Microsoft Office
2016-06-25 10:48 - 2016-06-25 10:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-25 10:45 - 2016-06-25 10:45 - 00000000 __RHD C:\MSOCache
2016-06-23 10:39 - 2016-06-23 10:39 - 00428724 _____ C:\Users\LeonardoAmadeu\Downloads\504-1510-1-PB(1).pdf
2016-06-23 03:17 - 2016-06-23 03:17 - 02630409 _____ C:\Users\LeonardoAmadeu\Downloads\FERNANDO CAPEZ - CURSO DE PROCESSO PENAL - 18ª edição.pdf
2016-06-23 02:46 - 2016-06-23 02:46 - 00428724 _____ C:\Users\LeonardoAmadeu\Downloads\504-1510-1-PB.pdf
2016-06-22 20:26 - 2016-06-22 20:27 - 00424158 _____ C:\Users\LeonardoAmadeu\Downloads\Fatura.pdf
2016-06-21 16:08 - 2016-06-21 16:08 - 12679792 _____ C:\Users\LeonardoAmadeu\Downloads\nucci.pdf
2016-06-21 07:59 - 2016-06-21 07:59 - 02199861 _____ C:\Users\LeonardoAmadeu\Downloads\foucault_vigiar_punir(1).pdf
2016-06-21 07:20 - 2016-06-21 07:20 - 02199861 _____ C:\Users\LeonardoAmadeu\Downloads\foucault_vigiar_punir.pdf
2016-06-16 14:49 - 2016-06-16 14:49 - 09717952 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-06-15 07:41 - 2016-07-08 17:20 - 00000000 ___RD C:\Users\LeonardoAmadeu\Dropbox
2016-06-15 07:41 - 2016-06-15 07:41 - 00001303 _____ C:\Users\LeonardoAmadeu\Desktop\Dropbox.lnk
2016-06-14 19:07 - 2016-05-28 03:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-14 19:07 - 2016-05-28 03:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-14 19:07 - 2016-05-28 02:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-14 19:07 - 2016-05-28 02:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-14 19:07 - 2016-05-28 01:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-14 19:07 - 2016-05-28 01:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-14 19:07 - 2016-05-28 01:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-14 19:07 - 2016-05-28 01:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-14 19:07 - 2016-05-28 01:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-14 19:07 - 2016-05-28 01:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-14 19:07 - 2016-05-28 01:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-14 19:07 - 2016-05-28 01:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-14 19:07 - 2016-05-28 01:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-14 19:07 - 2016-05-28 01:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-14 19:07 - 2016-05-28 01:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-14 19:07 - 2016-05-28 01:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-14 19:07 - 2016-05-28 01:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-14 19:07 - 2016-05-28 01:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-14 19:07 - 2016-05-28 01:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-14 19:07 - 2016-05-28 01:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-14 19:07 - 2016-05-28 01:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-14 19:07 - 2016-05-28 01:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-14 19:07 - 2016-05-28 01:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-14 19:07 - 2016-05-28 01:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-14 19:07 - 2016-05-28 01:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-14 19:07 - 2016-05-28 01:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-14 19:07 - 2016-05-28 01:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-14 19:07 - 2016-05-28 01:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-14 19:07 - 2016-05-28 01:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-14 19:07 - 2016-05-28 01:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-14 19:07 - 2016-05-28 01:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-14 19:07 - 2016-05-28 01:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-14 19:07 - 2016-05-28 01:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-14 19:07 - 2016-05-28 01:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-14 19:07 - 2016-05-28 01:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-14 19:07 - 2016-05-28 01:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-14 19:07 - 2016-05-28 01:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-14 19:07 - 2016-05-28 01:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-14 19:07 - 2016-05-28 01:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-14 19:07 - 2016-05-28 01:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-14 19:07 - 2016-05-28 01:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-14 19:07 - 2016-05-28 01:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-14 19:07 - 2016-05-28 01:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-14 19:07 - 2016-05-28 01:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-14 19:07 - 2016-05-28 01:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-14 19:07 - 2016-05-28 01:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-14 19:07 - 2016-05-28 01:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-14 19:07 - 2016-05-28 01:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-14 19:07 - 2016-05-28 00:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-14 19:07 - 2016-05-28 00:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-14 19:06 - 2016-05-28 03:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-14 19:06 - 2016-05-28 03:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-14 19:06 - 2016-05-28 03:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-14 19:06 - 2016-05-28 03:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-14 19:06 - 2016-05-28 02:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-14 19:06 - 2016-05-28 02:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-14 19:06 - 2016-05-28 02:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-14 19:06 - 2016-05-28 02:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-14 19:06 - 2016-05-28 02:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-14 19:06 - 2016-05-28 02:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-14 19:06 - 2016-05-28 02:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-14 19:06 - 2016-05-28 02:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-14 19:06 - 2016-05-28 02:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-14 19:06 - 2016-05-28 02:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-14 19:06 - 2016-05-28 02:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-14 19:06 - 2016-05-28 02:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-14 19:06 - 2016-05-28 02:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-14 19:06 - 2016-05-28 02:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-14 19:06 - 2016-05-28 02:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-14 19:06 - 2016-05-28 02:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-14 19:06 - 2016-05-28 02:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-14 19:06 - 2016-05-28 02:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-14 19:06 - 2016-05-28 02:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-14 19:06 - 2016-05-28 02:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-14 19:06 - 2016-05-28 02:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-14 19:06 - 2016-05-28 02:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-14 19:06 - 2016-05-28 02:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-14 19:06 - 2016-05-28 02:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-14 19:06 - 2016-05-28 02:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-14 19:06 - 2016-05-28 02:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-14 19:06 - 2016-05-28 02:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-14 19:06 - 2016-05-28 02:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-14 19:06 - 2016-05-28 02:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-14 19:06 - 2016-05-28 02:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-14 19:06 - 2016-05-28 02:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-14 19:06 - 2016-05-28 02:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-14 19:06 - 2016-05-28 02:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-14 19:06 - 2016-05-28 02:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-14 19:06 - 2016-05-28 02:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-14 19:06 - 2016-05-28 01:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-14 19:06 - 2016-05-28 01:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-14 19:06 - 2016-05-28 01:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-14 19:06 - 2016-05-28 01:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-14 19:06 - 2016-05-28 01:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-14 19:06 - 2016-05-28 01:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-14 19:06 - 2016-05-28 01:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-14 19:06 - 2016-05-28 01:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-14 19:06 - 2016-05-28 01:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-14 19:06 - 2016-05-28 01:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-14 19:06 - 2016-05-28 01:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-14 19:06 - 2016-05-28 01:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-14 19:06 - 2016-05-28 01:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-14 19:06 - 2016-05-28 01:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-14 19:06 - 2016-05-28 01:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-14 19:06 - 2016-05-28 01:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-14 19:06 - 2016-05-28 01:25 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll
2016-06-14 19:06 - 2016-05-28 01:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-14 19:06 - 2016-05-28 01:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-14 19:06 - 2016-05-28 01:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-14 19:06 - 2016-05-28 01:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-14 19:06 - 2016-05-28 01:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-14 19:06 - 2016-05-28 01:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-14 19:06 - 2016-05-28 01:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-14 19:06 - 2016-05-28 01:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-14 19:06 - 2016-05-28 01:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-14 19:06 - 2016-05-28 01:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-14 19:06 - 2016-05-28 01:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-14 19:06 - 2016-05-28 01:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-14 19:06 - 2016-05-28 01:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-14 19:06 - 2016-05-28 01:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-14 19:06 - 2016-05-28 01:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-14 19:06 - 2016-05-28 01:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-14 19:06 - 2016-05-28 01:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-14 19:06 - 2016-05-28 01:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-14 19:06 - 2016-05-28 01:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-14 19:06 - 2016-05-28 01:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-14 19:06 - 2016-05-28 01:21 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.dll
2016-06-14 19:06 - 2016-05-28 01:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-14 19:06 - 2016-05-28 01:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-14 19:06 - 2016-05-28 01:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-14 19:06 - 2016-05-28 01:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-14 19:06 - 2016-05-28 01:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-14 19:06 - 2016-05-28 01:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-14 19:06 - 2016-05-28 01:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-14 19:06 - 2016-05-28 01:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-14 19:06 - 2016-05-28 01:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-14 19:06 - 2016-05-28 01:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-14 19:06 - 2016-05-28 01:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-14 19:06 - 2016-05-28 01:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-14 19:06 - 2016-05-28 01:18 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2016-06-14 19:06 - 2016-05-28 01:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-14 19:06 - 2016-05-28 01:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-14 19:06 - 2016-05-28 01:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-14 19:06 - 2016-05-28 01:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-14 19:06 - 2016-05-28 01:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-14 19:06 - 2016-05-28 01:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-14 19:06 - 2016-05-28 01:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-14 19:06 - 2016-05-28 01:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-14 19:06 - 2016-05-28 01:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-14 19:06 - 2016-05-28 01:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-14 19:06 - 2016-05-28 01:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-14 19:06 - 2016-05-28 01:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-14 19:06 - 2016-05-28 01:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-14 19:06 - 2016-05-28 01:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-14 19:06 - 2016-05-28 01:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-14 19:06 - 2016-05-28 01:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-14 19:06 - 2016-05-28 01:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-14 19:06 - 2016-05-28 01:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-14 19:06 - 2016-05-28 01:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-14 19:06 - 2016-05-28 01:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-14 19:06 - 2016-05-28 01:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-14 19:06 - 2016-05-28 01:15 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2016-06-14 19:06 - 2016-05-28 01:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-14 19:06 - 2016-05-28 01:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-14 19:06 - 2016-05-28 01:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-14 19:06 - 2016-05-28 01:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-14 19:06 - 2016-05-28 01:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-14 19:06 - 2016-05-28 01:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-14 19:06 - 2016-05-28 01:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-14 19:06 - 2016-05-28 01:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-14 19:06 - 2016-05-28 01:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-14 19:06 - 2016-05-28 01:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-14 19:06 - 2016-05-28 01:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-14 19:06 - 2016-05-28 01:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-14 19:06 - 2016-05-28 01:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-14 19:06 - 2016-05-28 01:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-14 19:06 - 2016-05-28 01:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-14 19:06 - 2016-05-28 01:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-14 19:06 - 2016-05-28 01:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-14 19:06 - 2016-05-28 01:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-14 19:06 - 2016-05-28 01:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-14 19:06 - 2016-05-28 01:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-14 19:06 - 2016-05-28 01:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-14 19:06 - 2016-05-28 01:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-14 19:06 - 2016-05-28 01:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-14 19:06 - 2016-05-28 01:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-14 19:06 - 2016-05-28 01:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-14 19:06 - 2016-05-28 01:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-14 19:06 - 2016-05-28 01:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-14 19:06 - 2016-05-28 01:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-14 19:06 - 2016-05-28 01:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-14 19:06 - 2016-05-28 01:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-14 19:06 - 2016-05-28 01:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-14 19:06 - 2016-05-28 01:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-14 19:06 - 2016-05-28 01:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-14 19:06 - 2016-05-28 01:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-14 19:06 - 2016-05-28 01:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-14 19:06 - 2016-05-28 01:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-14 19:06 - 2016-05-28 01:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-14 19:06 - 2016-05-28 01:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-14 19:06 - 2016-05-28 01:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-14 19:06 - 2016-05-28 01:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-14 19:06 - 2016-05-28 01:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-14 19:06 - 2016-05-28 01:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-14 19:06 - 2016-05-28 01:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-14 19:06 - 2016-05-28 01:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-14 19:06 - 2016-05-28 01:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-14 19:06 - 2016-05-28 01:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-14 19:06 - 2016-05-28 01:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-14 19:06 - 2016-05-28 01:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-14 19:06 - 2016-05-28 01:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-14 19:06 - 2016-05-28 01:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-14 19:06 - 2016-05-28 00:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-14 19:06 - 2016-05-28 00:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-14 19:06 - 2016-05-28 00:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-14 19:06 - 2016-05-28 00:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-14 19:06 - 2016-05-28 00:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-14 19:06 - 2016-05-28 00:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-14 19:06 - 2016-05-28 00:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-14 18:44 - 2016-06-14 18:44 - 00000000 ____H C:\Users\Todos os Usuários\DP45977C.lfl
2016-06-14 18:44 - 2016-06-14 18:44 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-06-14 18:44 - 2016-06-14 18:44 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-06-14 18:44 - 2016-06-14 18:44 - 00000000 ____D C:\WINDOWS\system32\DAX2
2016-06-14 18:44 - 2016-06-14 18:44 - 00000000 ____D C:\Program Files\Realtek
2016-06-14 17:31 - 2016-06-14 17:31 - 00220706 _____ C:\Users\LeonardoAmadeu\Downloads\Curriculum Vitae 2016 - Paula.pdf
2016-06-12 12:26 - 2015-08-02 20:56 - 09106155 _____ C:\Users\LeonardoAmadeu\Desktop\Manual de Medicina Legal.pdf

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-11 19:48 - 2015-08-10 23:06 - 00028888 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\gbpddfac64.sys
2016-07-11 19:17 - 2016-02-22 18:12 - 00001052 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-07-11 18:49 - 2015-08-05 20:03 - 00000902 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-07-11 18:17 - 2016-02-22 18:12 - 00001048 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-07-11 17:49 - 2015-06-01 19:14 - 00473592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-07-11 17:48 - 2015-10-30 04:21 - 00000000 ____D C:\WINDOWS\INF
2016-07-11 17:48 - 2015-06-01 19:14 - 00473592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.146827014289002
2016-07-11 17:48 - 2015-06-01 19:14 - 00290088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-07-11 17:48 - 2015-06-01 19:14 - 00162904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-07-11 17:48 - 2015-06-01 19:14 - 00108304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-07-11 17:48 - 2015-06-01 19:14 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-07-11 17:48 - 2015-06-01 19:14 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-07-11 17:48 - 2015-06-01 19:14 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-07-11 17:48 - 2015-06-01 19:14 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-07-11 17:48 - 2015-06-01 19:11 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2016-07-11 17:48 - 2015-06-01 19:11 - 00000000 ____D C:\ProgramData\AVAST Software
2016-07-11 17:47 - 2015-06-01 19:14 - 01070904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-07-11 17:47 - 2015-06-01 19:12 - 00000000 ____D C:\Program Files\AVAST Software
2016-07-11 15:31 - 2015-06-01 18:17 - 00004186 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{177D02C2-7DD3-4594-9FFA-45D0DDA0CD5A}
2016-07-11 06:05 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-10 08:55 - 2015-10-30 04:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-08 17:20 - 2016-02-22 18:12 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-07-07 14:18 - 2016-01-31 15:10 - 00000000 ____D C:\Users\LeonardoAmadeu\AppData\LocalLow\Temp
2016-07-07 11:31 - 2015-07-27 21:10 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-07-07 11:31 - 2015-07-27 21:10 - 00000000 ____D C:\ProgramData\GbPlugin
2016-07-07 07:21 - 2015-07-23 19:07 - 00000000 ____D C:\Users\LeonardoAmadeu\AppData\Roaming\Skype
2016-07-07 05:32 - 2015-07-27 21:10 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-07-07 05:31 - 2016-05-30 22:25 - 00101080 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys
2016-07-07 05:31 - 2015-12-02 03:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-07 05:31 - 2015-12-02 03:06 - 00000000 ____D C:\Users\LeonardoAmadeu
2016-07-06 21:39 - 2015-06-21 03:54 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-07-06 18:43 - 2015-10-30 16:11 - 00785262 _____ C:\WINDOWS\system32\prfh0416.dat
2016-07-06 18:43 - 2015-10-30 16:11 - 00154048 _____ C:\WINDOWS\system32\prfc0416.dat
2016-07-06 18:43 - 2015-10-15 22:54 - 01819274 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-06 14:53 - 2016-02-22 18:12 - 00000000 ____D C:\Users\LeonardoAmadeu\AppData\Local\Dropbox
2016-07-06 11:26 - 2015-06-01 18:05 - 00000000 ____D C:\Users\LeonardoAmadeu\AppData\Local\Packages
2016-07-03 22:11 - 2015-06-03 19:46 - 00000000 ____D C:\Users\LeonardoAmadeu\AppData\Local\HP
2016-06-30 17:01 - 2015-10-30 03:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-06-30 17:01 - 2015-10-15 22:45 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-06-26 22:33 - 2016-02-04 09:26 - 00000000 ____D C:\Users\LeonardoAmadeu\Desktop\Artigos - TCC
2016-06-26 20:16 - 2016-06-09 21:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-26 15:46 - 2015-12-02 02:57 - 00359368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-26 15:46 - 2015-06-27 23:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-26 15:46 - 2015-06-27 23:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-26 15:14 - 2016-06-02 19:14 - 00000000 ____D C:\Users\LeonardoAmadeu\Desktop\Pen Drive Flávio
2016-06-26 12:44 - 2015-10-30 04:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-06-25 10:56 - 2015-10-30 16:14 - 00000000 ____D C:\WINDOWS\ShellNew
2016-06-25 10:55 - 2015-10-30 04:24 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2016-06-25 10:55 - 2015-10-30 04:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-23 11:07 - 2015-06-27 23:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-22 12:24 - 2015-09-29 00:33 - 00000000 ____D C:\Users\LeonardoAmadeu\Documents\ML
2016-06-17 08:29 - 2015-10-30 04:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-17 07:38 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\rescache
2016-06-15 07:40 - 2016-02-22 18:18 - 00000000 ___RD C:\Users\LeonardoAmadeu\Dropbox (Versão anterior)
2016-06-15 06:45 - 2015-09-10 02:48 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-15 03:21 - 2015-06-01 18:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-15 03:17 - 2015-10-30 04:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-15 03:17 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-15 03:17 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-14 20:26 - 2015-09-21 18:21 - 00000000 ____D C:\Users\LeonardoAmadeu\AppData\Local\MEGAsync
2016-06-14 19:12 - 2015-06-15 02:36 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-14 19:09 - 2015-06-15 02:36 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-14 15:33 - 2015-10-30 04:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 15:33 - 2015-10-30 04:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-14 08:27 - 2016-04-30 12:38 - 00000000 ____D C:\Program Files (x86)\Tibia
2016-06-14 01:20 - 2016-04-27 21:44 - 00000000 ____D C:\Users\LeonardoAmadeu\AppData\Roaming\Tibia

==================== Arquivos na raiz de alguns diretórios =======

2016-01-04 15:29 - 2016-01-04 15:29 - 0018176 _____ () C:\Users\LeonardoAmadeu\AppData\Roaming\unins000.dat
2016-01-04 15:29 - 2016-01-04 15:29 - 0730322 _____ () C:\Users\LeonardoAmadeu\AppData\Roaming\unins000.exe
2015-06-03 19:47 - 2015-06-03 19:47 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-06-14 18:44 - 2016-06-14 18:44 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Alguns arquivos em TEMP:
====================
C:\Users\LeonardoAmadeu\AppData\Local\Temp\HD-ShortcutHandler.dll
C:\Users\LeonardoAmadeu\AppData\Local\Temp\uninstall.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-07-09 07:11

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité