cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 30-11-2016
Executado por Eduardo (administrador) em EDUARDO-PC (02-12-2016 01:05:24)
Executando a partir de C:\Users\Eduardo\Downloads
Perfis Carregados: Eduardo (Perfis Disponíveis: Eduardo & DefaultAppPool)
Platform: Windows 10 Pro Versão 1607 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\ProgramData\Windows Security\winsecurity.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Users\Eduardo\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe


==================== Registro (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-817903823-2548756495-701763174-1000\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2023712 2016-07-27] (IObit)
HKU\S-1-5-21-817903823-2548756495-701763174-1000\...\RunOnce: [Uninstall C:\Users\Eduardo\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Eduardo\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-817903823-2548756495-701763174-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
IFEO\MRT.exe: [Debugger] C:\Program Files (x86)\Ckercydhicult\_ALLOWDEL_cef8\Gubed.exe -Yrrehs
ShellExecuteHooks: - {8DD9A140-A736-11E6-B2C0-64006A5CFC23} - C:\Users\Eduardo\AppData\Roaming\Gofuied\Gherja.dll Nenhum Arquivo [ ]
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399014} - C:\Program Files (x86)\GbPlugin\gbiehbnb.dll [1869168 2015-08-28] (Banco do Nordeste do Brasil S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-12-06]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

ProxyEnable: [S-1-5-21-817903823-2548756495-701763174-1000] => Proxy está habilitado.
ProxyServer: [S-1-5-21-817903823-2548756495-701763174-1000] => http=127.0.0.1:8080;https=127.0.0.1:8080
Hosts: 0x2320636F707972696768742028632920313939332D32303039206D6963726F736F667420636F72702E0D0A230D0A23207468697320697320612073616D706C6520686F7374732066696C652075736564206279206D6963726F736F6674207463702F697020666F722077696E646F77732E0D0A230D0A2320746869732066696C6520636F6E7461696E7320746865206D617070696E6773206F662069702061646472657373657320746F20686F7374206E616D65732E20656163680D0A2320656E7472792073686F756C64206265206B657074206F6E20616E20696E646976696475616C206C696E652E2074686520697020616464726573732073686F756C640D0A2320626520706C6163656420696E2074686520666972737420636F6C756D6E20666F6C6C6F7765642062792074686520636F72726573706F6E64696E6720686F7374206E616D652E0D0A2320746865206970206164647265737320616E642074686520686F7374206E616D652073686F756C6420626520736570617261746564206279206174206C65617374206F6E650D0A232073706163652E0D0A230D0A23206164646974696F6E616C6C792C20636F6D6D656E747320287375636820617320746865736529206D617920626520696E736572746564206F6E20696E646976696475616C0D0A23206C696E6573206F7220666F6C6C6F77696E6720746865206D616368696E65206E616D652064656E6F7465642062792061202723272073796D626F6C2E0D0A230D0A2320666F72206578616D706C653A0D0A230D0A232020202020203130322E35342E39342E393720202020207268696E6F2E61636D652E636F6D202020202020202020202320736F75726365207365727665720D0A232020202020202033382E32352E36332E31302020202020782E61636D652E636F6D202020202020202020202020202023207820636C69656E7420686F73740D0A0D0A23206C6F63616C686F7374206E616D65207265736F6C7574696F6E2069732068616E646C65642077697468696E20646E7320697473656C662E0D0A23093132372E302E302E31202020202020206C6F63616C686F73740D0A23093A3A31202020202020202020202020206C6F63616C686F73740D0A3132372E302E302E3120687474703A2F2F7777772E6472697665722D736F66742E636F6D0D0A3132372E302E302E31207777772E6472697665722D736F66742E636F6D0D0A0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000D0A3132372E302E302E3120202020202020202020202020202020202020737973747765616B2E636F6D0D0A3132372E302E302E312020202020202020202020202020202020202075706461746573657276696365312E737973747765616B2E636F6D0D0A3132372E302E302E31202020202020202020202020202020202020207777772E737973747765616B2E636F6D0D0A3132372E302E302E312020202020202020202020202020202020202073797374656D737065656475702E737973747765616B2E636F6D0D0A3132372E302E302E3120202020202020202020202020202020202020737973747765616B2E636F6D2F5354436865636B47656E75696E656E6573730D0A
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e600990e-a082-486d-8c46-20b518c0f678}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{e600990e-a082-486d-8c46-20b518c0f678}: [DhcpNameServer] 192.168.1.1
ManualProxies: 1http=127.0.0.1:8080;https=127.0.0.1:8080

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_26¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0A0CtBtBtD0B0B0CtAzy0A0B0FzytC0EtN0D0Tzu0StCyCyEtAtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBtC0AtDtC0EtB0CtGtAyC0E0EtGtD0FyCzztGyE0E0EtBtGtC0B0EtAtC0F0E0CtC0ByByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtBzytCyDtDyEyBtG0AyEtBtCtGyEtDzz0AtG0ByB0ByEtG0CyC0BtAyEtBtA0E0EyDzyyB2QtN0A0LzuyE%26cr%3D342240747%26a%3Dwbf_fs_16_26%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
HKU\S-1-5-21-817903823-2548756495-701763174-1000\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com.br
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_26¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0A0CtBtBtD0B0B0CtAzy0A0B0FzytC0EtN0D0Tzu0StCyCyEtAtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBtC0AtDtC0EtB0CtGtAyC0E0EtGtD0FyCzztGyE0E0EtBtGtC0B0EtAtC0F0E0CtC0ByByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtBzytCyDtDyEyBtG0AyEtBtCtGyEtDzz0AtG0ByB0ByEtG0CyC0BtAyEtBtA0E0EyDzyyB2QtN0A0LzuyE%26cr%3D342240747%26a%3Dwbf_fs_16_26%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_26¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0A0CtBtBtD0B0B0CtAzy0A0B0FzytC0EtN0D0Tzu0StCyCyEtAtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBtC0AtDtC0EtB0CtGtAyC0E0EtGtD0FyCzztGyE0E0EtBtGtC0B0EtAtC0F0E0CtC0ByByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtBzytCyDtDyEyBtG0AyEtBtCtGyEtDzz0AtG0ByB0ByEtG0CyC0BtAyEtBtA0E0EyDzyyB2QtN0A0LzuyE%26cr%3D342240747%26a%3Dwbf_fs_16_26%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dnldastr_16_04¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0A0CtBtBtD0B0B0CtAzy0A0B0FzytC0EtN0D0Tzu0StCyEzytDtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyDtD0Azy0EyCtCtAtGyEtB0EtAtGyCyB0AzztGyD0CtC0EtG0Dzz0ByCtAyCtCyE0DzyzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtBzytCyDtDyEyBtG0AyEtBtCtGyEtDzz0AtG0ByB0ByEtG0CyC0BtAyEtBtA0E0EyDzyyB2QtN0A0LzuyE%26cr%3D1446543175%26a%3Dwbf_dnldastr_16_04%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_26¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0A0CtBtBtD0B0B0CtAzy0A0B0FzytC0EtN0D0Tzu0StCyCyEtAtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBtC0AtDtC0EtB0CtGtAyC0E0EtGtD0FyCzztGyE0E0EtBtGtC0B0EtAtC0F0E0CtC0ByByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtBzytCyDtDyEyBtG0AyEtBtCtGyEtDzz0AtG0ByB0ByEtG0CyC0BtAyEtBtA0E0EyDzyyB2QtN0A0LzuyE%26cr%3D342240747%26a%3Dwbf_fs_16_26%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_26¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0A0CtBtBtD0B0B0CtAzy0A0B0FzytC0EtN0D0Tzu0StCyCyEtAtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBtC0AtDtC0EtB0CtGtAyC0E0EtGtD0FyCzztGyE0E0EtBtGtC0B0EtAtC0F0E0CtC0ByByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtBzytCyDtDyEyBtG0AyEtBtCtGyEtDzz0AtG0ByB0ByEtG0CyC0BtAyEtBtA0E0EyDzyyB2QtN0A0LzuyE%26cr%3D342240747%26a%3Dwbf_fs_16_26%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-817903823-2548756495-701763174-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_26¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0A0CtBtBtD0B0B0CtAzy0A0B0FzytC0EtN0D0Tzu0StCyCyEtAtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBtC0AtDtC0EtB0CtGtAyC0E0EtGtD0FyCzztGyE0E0EtBtGtC0B0EtAtC0F0E0CtC0ByByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtBzytCyDtDyEyBtG0AyEtBtCtGyEtDzz0AtG0ByB0ByEtG0CyC0BtAyEtBtA0E0EyDzyyB2QtN0A0LzuyE%26cr%3D342240747%26a%3Dwbf_fs_16_26%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKU\S-1-5-21-817903823-2548756495-701763174-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_26¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0A0CtBtBtD0B0B0CtAzy0A0B0FzytC0EtN0D0Tzu0StCyCyEtAtN1L2XzutAtFtBtAtFtCtFtAtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBtC0AtDtC0EtB0CtGtAyC0E0EtGtD0FyCzztGyE0E0EtBtGtC0B0EtAtC0F0E0CtC0ByByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtBzytCyDtDyEyBtG0AyEtBtCtGyEtDzz0AtG0ByB0ByEtG0CyC0BtAyEtBtA0E0EyDzyyB2QtN0A0LzuyE%26cr%3D342240747%26a%3Dwbf_fs_16_26%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKU\S-1-5-21-817903823-2548756495-701763174-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dnldastr_16_04¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0A0CtBtBtD0B0B0CtAzy0A0B0FzytC0EtN0D0Tzu0StCyEzytDtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyDtD0Azy0EyCtCtAtGyEtB0EtAtGyCyB0AzztGyD0CtC0EtG0Dzz0ByCtAyCtCyE0DzyzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtBzytCyDtDyEyBtG0AyEtBtCtGyEtDzz0AtG0ByB0ByEtG0CyC0BtAyEtBtA0E0EyDzyyB2QtN0A0LzuyE%26cr%3D1446543175%26a%3Dwbf_dnldastr_16_04%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Youtube AdBlock -> {95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} -> C:\Program Files (x86)\Youtube AdBlock\IEEF\pla5Awa.dll [2016-11-27] ()
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Youtube AdBlock -> {95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} -> C:\Program Files (x86)\Youtube AdBlock\IEEF\XBGDO0FJ.dll [2016-11-27] ()
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-07-09] (IObit)

FireFox:
========
FF DefaultProfile: ohzys7ia.default
FF ProfilePath: C:\Users\Eduardo\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\ohzys7ia.default\Profiles\ohzys7ia.default [não encontrado (a)]
FF ProfilePath: C:\Users\Eduardo\AppData\Roaming\Mozilla\Firefox\Profiles\ohzys7ia.default [2016-12-02]
FF user.js: detected! => C:\Users\Eduardo\AppData\Roaming\Mozilla\Firefox\Profiles\ohzys7ia.default\user.js [2016-11-27]
FF Homepage: Mozilla\Firefox\Profiles\ohzys7ia.default -> www.google.com.br
FF SearchPlugin: C:\Users\Eduardo\AppData\Roaming\Mozilla\Firefox\Profiles\ohzys7ia.default\searchplugins\yahoo! powered.xml [2016-07-01]
FF Extension: (Adblocker para o Youtube™) - C:\Program Files (x86)\Mozilla Firefox\browser\features\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} [2016-11-27] [não assinado]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-11] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://www.google.com.br/
CHR StartupUrls: ChromeDefaultData -> "hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dnldastr_16_04¶m1=1¶m2=f%3D7%26b%3DChrome%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0A0CtBtBtD0B0B0CtAzy0A0B0FzytC0EtN0D0Tzu0StCyEzytDtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyDtD0Azy0EyCtCtAtGyEtB0EtAtGyCyB0AzztGyD0CtC0EtG0Dzz0ByCtAyCtCyE0DzyzyyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtBzytCyDtDyEyBtG0AyEtBtCtGyEtDzz0AtG0ByB0ByEtG0CyC0BtAyEtBtA0E0EyDzyyB2QtN0A0LzuyE%26cr%3D1446543175%26a%3Dwbf_dnldastr_16_04%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro","hxxp://www.google.com.br/"
CHR Profile: C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-12-02] <==== ATENÇÃO
CHR Extension: (Google Docs) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-27]
CHR Extension: (Google Drive) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-27]
CHR Extension: (YouTube) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-27]
CHR Extension: (Adblock Plus) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-11-27]
CHR Extension: (Adblock para o Youtube™) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2016-11-27]
CHR Extension: (Documentos Google off-line) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-27]
CHR Extension: (AdBlock) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-11-27]
CHR Extension: (NetCupom - Combustível para suas compras) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\jkelihdcdchlaelgjoppmaljdlgcbcdh [2016-11-27]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-27]
CHR Extension: (Ultimos Torrents) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\onidcjfimideopiecibkenlependfjhf [2016-11-27]
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi [2016-11-27]
CHR Extension: (Gmail) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-27]
CHR Extension: (Chrome Media Router) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-27]
CHR Profile: C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default [2016-12-01]
CHR Extension: (Google Slides) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-28]
CHR Extension: (Google Docs) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-28]
CHR Extension: (Google Drive) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-28]
CHR Extension: (YouTube) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-28]
CHR Extension: (Google Search) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-28]
CHR Extension: (Sem Nome) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eojeoeddgeaeahpmfabdfpfialkoplcb [2016-11-27]
CHR Extension: (Google Sheets) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-28]
CHR Extension: (Google Docs Offline) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (The Pirate Filmes) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\iafflopplefimmfnpldjhfjfjadlndno [2016-02-20]
CHR Extension: (NetCupom - Combustível para suas compras) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkelihdcdchlaelgjoppmaljdlgcbcdh [2016-02-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Ultimos Torrents) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\onidcjfimideopiecibkenlependfjhf [2015-11-28]
CHR Extension: (Gmail) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-28]
CHR Extension: (Chrome Media Router) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-01]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-817903823-2548756495-701763174-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [452384 2016-07-25] (IObit)
R2 Archer; C:\Program Files (x86)\WinArcher\Archer.dll [420352 2016-11-28] (QingYeKeJi) [Arquivo não assinado]
S3 Droid4XService; C:\Program Files (x86)\Droid4X\Droid4XService.exe [269312 2016-01-06] () [Arquivo não assinado]
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [587576 2015-08-13] (GAS Tecnologia)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [Arquivo não assinado]
S4 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S4 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Arquivo não assinado]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2015-11-20] (Microsoft Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Arquivo não assinado]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
S2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2015-11-30] () [Arquivo não assinado]
R2 Laqersh; C:\Program Files (x86)\Ckercydhicult\nbrdbg.dll [276480 2016-11-27] () [Arquivo não assinado]
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-07-20] (IObit)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Arquivo não assinado]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Arquivo não assinado]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)
S3 TheDesktopWeatherService; C:\Program Files (x86)\WeatherTool\2.0.1.11170\WeatherService.exe [142280 2015-12-14] ()
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [1058864 2016-05-11] (GAS Tecnologia LTDA)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 WindowsSecurity; C:\ProgramData\Windows Security\winsecurity.exe [1265664 2016-10-26] (Microsoft Corporation) [Arquivo não assinado] <==== ATENÇÃO
R2 WinSAPSvc; C:\ProgramData\WinSAPSvc\WinSAP.dll [189440 2016-11-28] () [Arquivo não assinado]
R2 WMPNetworkAcSvc; C:\Users\Eduardo\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe [5091840 2016-11-10] () [Arquivo não assinado] <==== ATENÇÃO

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 gbpddfac; C:\WINDOWS\System32\drivers\gbpddfac64.sys [28888 2016-12-01] (GAS Tecnologia)
S3 monectdevices; C:\WINDOWS\System32\drivers\monectdevices.sys [15768 2013-12-03] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-09-08] (GAS Tecnologia LTDA)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 wsddfac; C:\WINDOWS\System32\drivers\wsddfac.sys [101080 2016-12-01] (GAS Tecnologia)
R1 wsddpp; C:\WINDOWS\system32\drivers\wsddpp.sys [103640 2015-03-18] (GAS Tecnologia)
U3 idsvc; não ImagePath

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-12-02 01:02 - 2016-12-02 01:03 - 00053896 _____ C:\Users\Eduardo\Downloads\Addition.txt
2016-12-02 01:01 - 2016-12-02 01:05 - 00031784 _____ C:\Users\Eduardo\Downloads\FRST.txt
2016-12-02 01:00 - 2016-12-02 01:05 - 00000000 ____D C:\FRST
2016-12-02 00:59 - 2016-12-02 00:59 - 02411520 _____ (Farbar) C:\Users\Eduardo\Downloads\FRST64.exe
2016-12-02 00:58 - 2016-12-02 00:59 - 01761280 _____ (Farbar) C:\Users\Eduardo\Downloads\FRST.exe
2016-12-01 17:17 - 2016-12-01 17:17 - 00002498 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Eduardo
2016-12-01 17:17 - 2016-12-01 17:17 - 00000304 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Eduardo.job
2016-12-01 17:07 - 2016-12-01 17:10 - 00000140 _____ C:\WINDOWS\Reimage.ini
2016-12-01 17:07 - 2016-12-01 17:07 - 00604928 _____ (Reimage) C:\Users\Eduardo\Downloads\ReimageRepair.exe
2016-11-29 13:45 - 2016-11-29 13:45 - 00002344 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-29 13:45 - 2016-11-29 13:45 - 00002332 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-29 13:43 - 2016-11-29 13:43 - 00001347 _____ C:\Users\Eduardo\Desktop\Configurações.lnk
2016-11-29 13:36 - 2016-11-30 12:10 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-29 13:36 - 2016-11-30 12:10 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-29 13:36 - 2016-11-29 13:36 - 01065376 _____ (Google Inc.) C:\Users\Eduardo\Downloads\ChromeSetup.exe
2016-11-29 13:36 - 2016-11-29 13:36 - 00004150 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-11-29 13:36 - 2016-11-29 13:36 - 00003918 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-11-28 09:33 - 2016-11-28 09:33 - 00000000 ____D C:\Users\Todos os Usuários\WinSAPSvc
2016-11-28 09:33 - 2016-11-28 09:33 - 00000000 ____D C:\ProgramData\WinSAPSvc
2016-11-28 09:33 - 2016-11-28 09:33 - 00000000 ____D C:\Program Files (x86)\zvx578vx
2016-11-28 09:33 - 2016-11-28 09:33 - 00000000 ____D C:\Program Files (x86)\WinArcher
2016-11-28 08:35 - 2016-11-28 08:35 - 00000286 __RSH C:\Users\Eduardo\ntuser.pol
2016-11-28 08:34 - 2016-11-28 08:34 - 112881664 _____ C:\WINDOWS\system32\config\SOFTWARE.iodefrag.bak
2016-11-28 08:34 - 2016-11-28 08:34 - 00499712 _____ C:\WINDOWS\system32\config\DEFAULT.iodefrag.bak
2016-11-28 08:34 - 2016-11-28 08:34 - 00073728 _____ C:\WINDOWS\system32\config\SAM.iodefrag.bak
2016-11-28 08:34 - 2016-11-28 08:34 - 00028672 _____ C:\WINDOWS\system32\config\SECURITY.iodefrag.bak
2016-11-28 08:34 - 2016-11-28 08:34 - 00000000 ____H C:\asc_rdflag
2016-11-27 20:56 - 2016-11-28 08:35 - 00000360 _____ C:\WINDOWS\Tasks\Update Service for Youtube AdBlock2.job
2016-11-27 20:56 - 2016-11-27 20:56 - 00003068 _____ C:\WINDOWS\System32\Tasks\Update Service for Youtube AdBlock2
2016-11-27 20:56 - 2016-11-27 20:56 - 00000000 ____D C:\Users\Todos os Usuários\Avira
2016-11-27 20:56 - 2016-11-27 20:56 - 00000000 ____D C:\Users\Todos os Usuários\Avg
2016-11-27 20:56 - 2016-11-27 20:56 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2016-11-27 20:56 - 2016-11-27 20:56 - 00000000 ____D C:\ProgramData\Avira
2016-11-27 20:56 - 2016-11-27 20:56 - 00000000 ____D C:\ProgramData\Avg
2016-11-27 20:56 - 2016-11-27 20:56 - 00000000 ____D C:\ProgramData\AVAST Software
2016-11-27 20:55 - 2016-12-01 18:48 - 00000000 ____D C:\Users\Eduardo\AppData\Roaming\WMPNetworkAcSvc
2016-11-27 20:55 - 2016-11-28 08:35 - 00000360 _____ C:\WINDOWS\Tasks\Update Service for Youtube AdBlock.job
2016-11-27 20:55 - 2016-11-27 20:56 - 00000000 ____D C:\Program Files (x86)\Youtube AdBlock
2016-11-27 20:55 - 2016-11-27 20:55 - 00002764 _____ C:\WINDOWS\System32\Tasks\Update Service for Youtube AdBlock
2016-11-27 20:55 - 2016-11-27 20:55 - 00002430 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-11-27 20:55 - 2016-11-27 20:55 - 00002430 __RSH C:\ProgramData\ntuser.pol
2016-11-27 20:55 - 2016-11-27 20:55 - 00000000 ____D C:\Program Files (x86)\OtherSearch
2016-11-27 20:54 - 2016-11-27 20:54 - 00006100 _____ C:\WINDOWS\System32\Tasks\Predingghuvuied Manager
2016-11-27 20:54 - 2016-11-27 20:54 - 00000000 ____D C:\Users\Todos os Usuários\Windows Security
2016-11-27 20:54 - 2016-11-27 20:54 - 00000000 ____D C:\ProgramData\Windows Security
2016-11-27 20:53 - 2016-11-29 13:41 - 00000000 ____D C:\WINDOWS\system32\SSL
2016-11-27 20:53 - 2016-11-28 12:34 - 00000000 ____D C:\Program Files (x86)\Ckercydhicult
2016-11-27 20:53 - 2016-11-28 08:35 - 00000000 ____D C:\Users\Eduardo\AppData\Roaming\Gofuied
2016-11-27 20:53 - 2016-11-27 20:56 - 00000000 ____D C:\Users\Eduardo\AppData\Local\Dkidomarecisy
2016-11-27 20:51 - 2016-11-27 20:51 - 03951944 _____ (Imagine company) C:\Users\Eduardo\Downloads\legenda.exe
2016-11-27 20:50 - 2016-11-27 20:51 - 03952014 _____ C:\Users\Eduardo\Downloads\legenda.rar
2016-11-27 19:52 - 2016-11-27 19:52 - 00000000 ____D C:\Users\Eduardo\Downloads\Under The Shadow 2016 Bluray 720p Legendado - TPF
2016-11-27 13:52 - 2016-11-27 13:52 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2016-11-27 13:51 - 2016-11-29 13:45 - 00000000 ____D C:\Users\Eduardo\AppData\Local\Samsung
2016-11-27 13:51 - 2016-11-27 13:51 - 00000000 ____D C:\Users\Eduardo\Documents\samsung
2016-11-27 13:50 - 2016-11-29 13:45 - 00000000 ____D C:\Users\Eduardo\AppData\Roaming\Samsung
2016-11-27 13:49 - 2016-07-22 04:21 - 00164992 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\SETDA8B.tmp
2016-11-27 13:49 - 2016-07-22 04:21 - 00130688 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\SETB8BB.tmp
2016-11-27 13:48 - 2016-11-29 13:45 - 00000000 ____D C:\Users\Todos os Usuários\Samsung
2016-11-27 13:48 - 2016-11-29 13:45 - 00000000 ____D C:\ProgramData\Samsung
2016-11-27 13:48 - 2016-11-29 13:45 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-11-27 13:48 - 2016-05-18 14:49 - 04659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll
2016-11-27 13:48 - 2016-05-18 14:49 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll
2016-11-27 13:46 - 2016-11-27 13:46 - 00000000 ____D C:\Users\Eduardo\AppData\Local\Downloaded Installations
2016-11-27 13:36 - 2016-11-27 13:46 - 71734912 _____ (Samsung Electronics Co., Ltd.) C:\Users\Eduardo\Downloads\KiesSetup.exe
2016-11-27 13:19 - 2016-11-27 13:19 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-11-27 11:26 - 2016-11-27 11:26 - 00000000 ____D C:\Users\Eduardo\AppData\Roaming\Apple Computer
2016-11-27 11:13 - 2014-10-16 10:27 - 00027424 _____ (IObit) C:\WINDOWS\system32\RegistryDefragBootTime.exe
2016-11-27 11:02 - 2016-11-27 11:02 - 111869952 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit
2016-11-27 11:02 - 2016-11-27 11:02 - 00499712 _____ C:\WINDOWS\system32\config\DEFAULT.iobit
2016-11-27 11:02 - 2016-11-27 11:02 - 00073728 _____ C:\WINDOWS\system32\config\SAM.iobit
2016-11-27 11:02 - 2016-11-27 11:02 - 00028672 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2016-11-27 10:50 - 2016-11-27 12:20 - 00000000 ____D C:\Users\Eduardo\Downloads\Charlie Brown Jr
2016-11-27 10:49 - 2016-11-27 10:49 - 00000000 ____D C:\Users\Eduardo\Downloads\Meu Amigo o Dragão 2016 Bluray 1080p Dublado - TPF
2016-11-27 10:49 - 2016-11-27 10:49 - 00000000 ____D C:\Users\Eduardo\Downloads\Jovens, Loucos e Mais Rebeldes 2016 Bluray 1080p Dublado - TPF
2016-11-27 10:48 - 2016-11-27 10:48 - 00000000 ____D C:\Users\Eduardo\Downloads\Ouija Origin of Evil 2016 WEBRip 720p Legendado - TPF
2016-11-27 10:48 - 2016-11-27 10:48 - 00000000 ____D C:\Users\Eduardo\Downloads\1 Contra Todos O Filme 2016 Bluray 1080p Nacional - TPF
2016-11-26 21:54 - 2016-11-26 21:54 - 00003364 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-11-24 17:24 - 2016-11-24 17:24 - 01897142 _____ C:\WINDOWS\7eb630ce0eadf14989afd6b2eb48743e.exe
2016-11-15 09:48 - 2016-11-27 20:55 - 00000000 ____D C:\Users\Eduardo\Downloads\Esquadrão Suicida (2016) Dual Áudio 1080p 5.1 CH [WEB-DL] By-LuanHarper
2016-11-12 19:35 - 2016-10-28 20:56 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-11-12 19:35 - 2016-10-28 20:56 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-09 23:52 - 2016-11-02 09:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-11-09 23:52 - 2016-11-02 09:01 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-11-09 23:52 - 2016-11-02 08:22 - 01570672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-11-09 23:52 - 2016-11-02 08:22 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-11-09 23:52 - 2016-11-02 08:20 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-11-09 23:52 - 2016-11-02 08:13 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-11-09 23:52 - 2016-11-02 08:13 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-11-09 23:52 - 2016-11-02 08:12 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-11-09 23:52 - 2016-11-02 08:12 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-11-09 23:52 - 2016-11-02 08:12 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-11-09 23:52 - 2016-11-02 08:10 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-11-09 23:52 - 2016-11-02 08:09 - 02257104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-11-09 23:52 - 2016-11-02 08:08 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-11-09 23:52 - 2016-11-02 08:08 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-11-09 23:52 - 2016-11-02 08:05 - 06657176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-09 23:52 - 2016-11-02 08:05 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-11-09 23:52 - 2016-11-02 08:05 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-11-09 23:52 - 2016-11-02 08:05 - 00951904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-11-09 23:52 - 2016-11-02 08:05 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-11-09 23:52 - 2016-11-02 08:04 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-11-09 23:52 - 2016-11-02 08:03 - 02750936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-11-09 23:52 - 2016-11-02 08:03 - 00714592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-11-09 23:52 - 2016-11-02 08:02 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-11-09 23:52 - 2016-11-02 08:02 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-11-09 23:52 - 2016-11-02 08:01 - 01425000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-11-09 23:52 - 2016-11-02 08:01 - 01415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-11-09 23:52 - 2016-11-02 08:01 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-11-09 23:52 - 2016-11-02 08:01 - 00545936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-11-09 23:52 - 2016-11-02 08:00 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-11-09 23:52 - 2016-11-02 08:00 - 08156080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-11-09 23:52 - 2016-11-02 08:00 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-11-09 23:52 - 2016-11-02 08:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-11-09 23:52 - 2016-11-02 07:59 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-11-09 23:52 - 2016-11-02 07:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-11-09 23:52 - 2016-11-02 07:49 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-11-09 23:52 - 2016-11-02 07:49 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARP12Debug.dll
2016-11-09 23:52 - 2016-11-02 07:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-11-09 23:52 - 2016-11-02 07:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-11-09 23:52 - 2016-11-02 07:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-09 23:52 - 2016-11-02 07:46 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-11-09 23:52 - 2016-11-02 07:46 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARPDebug.dll
2016-11-09 23:52 - 2016-11-02 07:44 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-11-09 23:52 - 2016-11-02 07:44 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthExt.dll
2016-11-09 23:52 - 2016-11-02 07:43 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-11-09 23:52 - 2016-11-02 07:42 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-11-09 23:52 - 2016-11-02 07:42 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-11-09 23:52 - 2016-11-02 07:42 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-11-09 23:52 - 2016-11-02 07:42 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-11-09 23:52 - 2016-11-02 07:42 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-11-09 23:52 - 2016-11-02 07:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-11-09 23:52 - 2016-11-02 07:40 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-11-09 23:52 - 2016-11-02 07:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-11-09 23:52 - 2016-11-02 07:39 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-11-09 23:52 - 2016-11-02 07:38 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-11-09 23:52 - 2016-11-02 07:37 - 19415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-11-09 23:52 - 2016-11-02 07:37 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2016-11-09 23:52 - 2016-11-02 07:36 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-11-09 23:52 - 2016-11-02 07:36 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-11-09 23:52 - 2016-11-02 07:36 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2016-11-09 23:52 - 2016-11-02 07:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-09 23:52 - 2016-11-02 07:33 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-11-09 23:52 - 2016-11-02 07:33 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-11-09 23:52 - 2016-11-02 07:33 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARP12Debug.dll
2016-11-09 23:52 - 2016-11-02 07:32 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-11-09 23:52 - 2016-11-02 07:31 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-11-09 23:52 - 2016-11-02 07:31 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-11-09 23:52 - 2016-11-02 07:31 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2016-11-09 23:52 - 2016-11-02 07:31 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-09 23:52 - 2016-11-02 07:31 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2016-11-09 23:52 - 2016-11-02 07:31 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-11-09 23:52 - 2016-11-02 07:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-11-09 23:52 - 2016-11-02 07:30 - 12175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-11-09 23:52 - 2016-11-02 07:30 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-11-09 23:52 - 2016-11-02 07:30 - 04977664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12warp.dll
2016-11-09 23:52 - 2016-11-02 07:30 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-11-09 23:52 - 2016-11-02 07:30 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-09 23:52 - 2016-11-02 07:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2016-11-09 23:52 - 2016-11-02 07:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARPDebug.dll
2016-11-09 23:52 - 2016-11-02 07:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-09 23:52 - 2016-11-02 07:29 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-11-09 23:52 - 2016-11-02 07:29 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-11-09 23:52 - 2016-11-02 07:29 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-11-09 23:52 - 2016-11-02 07:29 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-11-09 23:52 - 2016-11-02 07:29 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-09 23:52 - 2016-11-02 07:29 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-11-09 23:52 - 2016-11-02 07:29 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-09 23:52 - 2016-11-02 07:29 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2016-11-09 23:52 - 2016-11-02 07:28 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-11-09 23:52 - 2016-11-02 07:28 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-11-09 23:52 - 2016-11-02 07:28 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-11-09 23:52 - 2016-11-02 07:28 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-09 23:52 - 2016-11-02 07:28 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-11-09 23:52 - 2016-11-02 07:28 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2016-11-09 23:52 - 2016-11-02 07:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-09 23:52 - 2016-11-02 07:28 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-11-09 23:52 - 2016-11-02 07:28 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-11-09 23:52 - 2016-11-02 07:28 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-09 23:52 - 2016-11-02 07:28 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-11-09 23:52 - 2016-11-02 07:28 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-11-09 23:52 - 2016-11-02 07:28 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-11-09 23:52 - 2016-11-02 07:28 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-11-09 23:52 - 2016-11-02 07:27 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-11-09 23:52 - 2016-11-02 07:27 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-11-09 23:52 - 2016-11-02 07:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-09 23:52 - 2016-11-02 07:27 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-09 23:52 - 2016-11-02 07:27 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-11-09 23:52 - 2016-11-02 07:27 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2016-11-09 23:52 - 2016-11-02 07:27 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-09 23:52 - 2016-11-02 07:27 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-11-09 23:52 - 2016-11-02 07:27 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-11-09 23:52 - 2016-11-02 07:26 - 02747392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-11-09 23:52 - 2016-11-02 07:26 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-11-09 23:52 - 2016-11-02 07:26 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-11-09 23:52 - 2016-11-02 07:26 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-11-09 23:52 - 2016-11-02 07:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-11-09 23:52 - 2016-11-02 07:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2016-11-09 23:52 - 2016-11-02 07:26 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-11-09 23:52 - 2016-11-02 07:26 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-11-09 23:52 - 2016-11-02 07:26 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-11-09 23:52 - 2016-11-02 07:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-09 23:52 - 2016-11-02 07:25 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-11-09 23:52 - 2016-11-02 07:25 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-11-09 23:52 - 2016-11-02 07:25 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-11-09 23:52 - 2016-11-02 07:25 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-09 23:52 - 2016-11-02 07:24 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-11-09 23:52 - 2016-11-02 07:23 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-11-09 23:52 - 2016-11-02 07:23 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-11-09 23:52 - 2016-11-02 07:23 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2016-11-09 23:52 - 2016-11-02 07:22 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-11-09 23:52 - 2016-11-02 07:22 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-11-09 23:52 - 2016-11-02 07:22 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-09 23:52 - 2016-11-02 07:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-09 23:52 - 2016-11-02 07:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-11-09 23:52 - 2016-11-02 07:19 - 08127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-11-09 23:52 - 2016-11-02 07:19 - 06582784 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12warp.dll
2016-11-09 23:52 - 2016-11-02 07:19 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-09 23:52 - 2016-11-02 07:19 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-11-09 23:52 - 2016-11-02 07:19 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2016-11-09 23:52 - 2016-11-02 07:19 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-11-09 23:52 - 2016-11-02 07:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-11-09 23:52 - 2016-11-02 07:18 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-11-09 23:52 - 2016-11-02 07:18 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-09 23:52 - 2016-11-02 07:18 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-11-09 23:52 - 2016-11-02 07:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-11-09 23:52 - 2016-11-02 07:17 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-11-09 23:52 - 2016-11-02 07:17 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-11-09 23:52 - 2016-11-02 07:17 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-09 23:52 - 2016-11-02 07:17 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-11-09 23:52 - 2016-11-02 07:17 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-11-09 23:52 - 2016-11-02 07:16 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-11-09 23:52 - 2016-11-02 07:16 - 03133440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-11-09 23:52 - 2016-11-02 07:16 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-09 23:52 - 2016-11-02 07:16 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-11-09 23:52 - 2016-11-02 07:16 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-11-09 23:52 - 2016-11-02 07:16 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 23:52 - 2016-11-02 07:16 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-11-09 23:52 - 2016-11-02 07:16 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-11-09 23:52 - 2016-11-02 07:16 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-11-09 23:52 - 2016-11-02 07:16 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-11-09 23:52 - 2016-11-02 07:16 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2016-11-09 23:52 - 2016-11-02 07:15 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-09 23:52 - 2016-11-02 07:15 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-11-09 23:52 - 2016-11-02 07:15 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-11-09 23:52 - 2016-11-02 07:15 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-11-09 23:52 - 2016-11-02 07:15 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-11-09 23:52 - 2016-11-02 07:14 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-09 23:52 - 2016-11-02 07:13 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 23:52 - 2016-11-02 05:20 - 00446896 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-11-09 23:51 - 2016-11-02 08:20 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-11-09 23:51 - 2016-11-02 08:15 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-11-09 23:51 - 2016-11-02 08:15 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-11-09 23:51 - 2016-11-02 08:14 - 07816544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-11-09 23:51 - 2016-11-02 08:13 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-11-09 23:51 - 2016-11-02 08:13 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-11-09 23:51 - 2016-11-02 08:13 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-11-09 23:51 - 2016-11-02 08:08 - 00602464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-11-09 23:51 - 2016-11-02 08:08 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-11-09 23:51 - 2016-11-02 08:05 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-11-09 23:51 - 2016-11-02 08:04 - 02678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-11-09 23:51 - 2016-11-02 08:04 - 00596832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2016-11-09 23:51 - 2016-11-02 08:02 - 00848736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-09 23:51 - 2016-11-02 08:02 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-11-09 23:51 - 2016-11-02 08:01 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2016-11-09 23:51 - 2016-11-02 08:01 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-11-09 23:51 - 2016-11-02 08:00 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-11-09 23:51 - 2016-11-02 08:00 - 01061968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-11-09 23:51 - 2016-11-02 07:56 - 01609920 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-11-09 23:51 - 2016-11-02 07:56 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-11-09 23:51 - 2016-11-02 07:56 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-11-09 23:51 - 2016-11-02 07:56 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-11-09 23:51 - 2016-11-02 07:56 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2016-11-09 23:51 - 2016-11-02 07:55 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2016-11-09 23:51 - 2016-11-02 07:48 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2016-11-09 23:51 - 2016-11-02 07:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-11-09 23:51 - 2016-11-02 07:47 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-11-09 23:51 - 2016-11-02 07:47 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-11-09 23:51 - 2016-11-02 07:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-11-09 23:51 - 2016-11-02 07:45 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-11-09 23:51 - 2016-11-02 07:45 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-11-09 23:51 - 2016-11-02 07:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-11-09 23:51 - 2016-11-02 07:44 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-09 23:51 - 2016-11-02 07:43 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll
2016-11-09 23:51 - 2016-11-02 07:43 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-11-09 23:51 - 2016-11-02 07:43 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-11-09 23:51 - 2016-11-02 07:43 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-11-09 23:51 - 2016-11-02 07:42 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-11-09 23:51 - 2016-11-02 07:42 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 23:51 - 2016-11-02 07:41 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-11-09 23:51 - 2016-11-02 07:40 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2016-11-09 23:51 - 2016-11-02 07:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2016-11-09 23:51 - 2016-11-02 07:38 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-11-09 23:51 - 2016-11-02 07:36 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll
2016-11-09 23:51 - 2016-11-02 07:35 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-11-09 23:51 - 2016-11-02 07:34 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 23:51 - 2016-11-02 07:33 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-11-09 23:51 - 2016-11-02 07:32 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-11-09 23:51 - 2016-11-02 07:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-09 23:51 - 2016-11-02 07:31 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-11-09 23:51 - 2016-11-02 07:31 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-11-09 23:51 - 2016-11-02 07:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-11-09 23:51 - 2016-11-02 07:30 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-09 23:51 - 2016-11-02 07:30 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2016-11-09 23:51 - 2016-11-02 07:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-09 23:51 - 2016-11-02 07:29 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-11-09 23:51 - 2016-11-02 07:29 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-11-09 23:51 - 2016-11-02 07:29 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-11-09 23:51 - 2016-11-02 07:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-09 23:51 - 2016-11-02 07:28 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-11-09 23:51 - 2016-11-02 07:28 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-09 23:51 - 2016-11-02 07:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 23:51 - 2016-11-02 07:28 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-09 23:51 - 2016-11-02 07:27 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-11-09 23:51 - 2016-11-02 07:26 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-11-09 23:51 - 2016-11-02 07:26 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-11-09 23:51 - 2016-11-02 07:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-11-09 23:51 - 2016-11-02 07:26 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 23:51 - 2016-11-02 07:25 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-11-09 23:51 - 2016-11-02 07:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-09 23:51 - 2016-11-02 07:25 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-11-09 23:51 - 2016-11-02 07:25 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-11-09 23:51 - 2016-11-02 07:24 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-09 23:51 - 2016-11-02 07:23 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-11-09 23:51 - 2016-11-02 07:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-11-09 23:51 - 2016-11-02 07:23 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-09 23:51 - 2016-11-02 07:22 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-11-09 23:51 - 2016-11-02 07:21 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-11-09 23:51 - 2016-11-02 07:20 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-09 23:51 - 2016-11-02 07:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-11-09 23:51 - 2016-11-02 07:19 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-11-09 23:51 - 2016-11-02 07:19 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-09 23:51 - 2016-11-02 07:18 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-09 23:51 - 2016-11-02 07:17 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-11-09 23:51 - 2016-11-02 07:16 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-11-09 23:51 - 2016-11-02 07:16 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-11-09 23:51 - 2016-11-02 07:16 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-11-09 23:51 - 2016-11-02 07:16 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-11-09 23:51 - 2016-11-02 07:16 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-09 23:51 - 2016-11-02 07:15 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-11-09 23:51 - 2016-11-02 07:15 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-09 23:51 - 2016-11-02 07:13 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-11-09 23:51 - 2016-11-02 07:13 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-09 23:51 - 2016-11-02 06:11 - 00788624 _____ C:\WINDOWS\SysWOW64\locale.nls
2016-11-09 23:51 - 2016-11-02 06:11 - 00788624 _____ C:\WINDOWS\system32\locale.nls
2016-11-09 23:51 - 2016-08-02 01:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-11-07 21:55 - 2016-11-27 11:38 - 00000000 ____D C:\Users\Eduardo\Desktop\2016-11 (nov)

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-12-01 23:26 - 2015-11-28 18:35 - 00000000 __SHD C:\Users\Eduardo\IntelGraphicsProfiles
2016-12-01 21:19 - 2016-09-26 19:52 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-01 18:48 - 2016-09-26 19:58 - 03039914 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-01 18:48 - 2016-07-16 20:10 - 00846556 _____ C:\WINDOWS\system32\prfh0416.dat
2016-12-01 18:48 - 2016-07-16 20:10 - 00436976 _____ C:\WINDOWS\system32\prfc0416.dat
2016-12-01 18:43 - 2016-09-26 20:17 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-01 18:43 - 2016-09-26 19:59 - 00000000 ____D C:\Users\DefaultAppPool
2016-12-01 18:43 - 2016-08-02 19:36 - 00101080 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys
2016-12-01 18:43 - 2016-08-02 19:31 - 00028888 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\gbpddfac64.sys
2016-12-01 18:43 - 2016-08-02 19:31 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-12-01 18:25 - 2016-09-26 19:59 - 00000000 ____D C:\Users\Eduardo
2016-12-01 17:42 - 2016-07-16 08:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-01 17:22 - 2016-09-17 11:41 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2016-12-01 17:22 - 2016-09-17 11:41 - 00000000 ____D C:\ProgramData\ProductData
2016-12-01 17:20 - 2016-09-17 11:39 - 00000000 ____D C:\Program Files (x86)\IObit
2016-11-30 13:03 - 2015-12-08 21:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-29 14:20 - 2016-03-05 16:27 - 00000000 ____D C:\Users\Eduardo\AppData\Local\Droid4X
2016-11-29 13:47 - 2016-03-05 16:26 - 00000000 ____D C:\Program Files (x86)\Droid4X
2016-11-29 13:45 - 2015-11-28 18:00 - 00000000 ____D C:\Program Files (x86)\Google
2016-11-29 13:45 - 2015-11-28 16:30 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-11-29 13:44 - 2016-03-05 16:27 - 00000000 ____D C:\Users\Eduardo\.VirtualBox
2016-11-29 13:44 - 2016-03-05 16:26 - 00000000 _____ C:\hsrv.txt
2016-11-29 13:43 - 2016-09-17 11:39 - 00000000 ____D C:\Users\Todos os Usuários\IObit
2016-11-29 13:43 - 2016-09-17 11:39 - 00000000 ____D C:\ProgramData\IObit
2016-11-29 12:57 - 2016-09-17 11:40 - 00002238 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk
2016-11-28 01:12 - 2016-07-16 03:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2016-11-27 20:56 - 2016-09-26 19:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-11-27 20:56 - 2015-12-09 10:44 - 00000000 ____D C:\ffb1330a380885a0290b46c1a2adac9f
2016-11-27 20:56 - 2015-12-03 19:51 - 00000000 ____D C:\Program Files (x86)\DsNET Corp
2016-11-27 20:56 - 2015-11-30 02:27 - 00000000 ____D C:\ESD
2016-11-27 20:56 - 2015-11-28 19:05 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2016-11-27 20:55 - 2016-10-12 09:17 - 00000000 ____D C:\Program Files (x86)\Dll-Files.com Fixer
2016-11-27 20:55 - 2016-09-26 19:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-11-27 20:55 - 2016-08-02 19:35 - 00000000 ___HD C:\Program Files (x86)\GAS Tecnologia
2016-11-27 20:55 - 2016-08-02 19:35 - 00000000 ___HD C:\Program Files (x86)\Diebold
2016-11-27 20:55 - 2016-07-16 08:47 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-11-27 20:55 - 2016-07-16 08:47 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-11-27 20:55 - 2016-07-16 08:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-11-27 20:55 - 2016-07-16 08:47 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-11-27 20:55 - 2016-07-16 08:47 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-11-27 20:55 - 2016-07-01 21:24 - 00000000 ____D C:\Program Files (x86)\FreeTime
2016-11-27 20:55 - 2016-04-15 11:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2016-11-27 20:55 - 2016-04-15 11:22 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-11-27 20:55 - 2016-04-15 11:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2016-11-27 20:55 - 2016-04-15 11:02 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2016-11-27 20:55 - 2016-04-07 21:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Care Suite
2016-11-27 20:55 - 2016-04-07 21:46 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2016-11-27 20:55 - 2016-04-07 13:31 - 00000000 ____D C:\Program Files (x86)\VSO
2016-11-27 20:55 - 2016-03-05 15:46 - 00000000 ____D C:\Program Files (x86)\PC Remote Receiver
2016-11-27 20:55 - 2016-01-30 19:18 - 00000000 ____D C:\Program Files (x86)\WeatherTool
2016-11-27 20:55 - 2015-12-09 11:27 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-11-27 20:55 - 2015-12-06 22:41 - 00000000 ____D C:\Program Files (x86)\HP
2016-11-27 20:55 - 2015-12-06 22:22 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-11-27 20:55 - 2015-12-06 19:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2016-11-27 20:55 - 2015-12-06 19:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2016-11-27 20:55 - 2015-12-06 19:12 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-11-27 20:55 - 2015-12-06 19:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2016-11-27 20:55 - 2015-12-06 19:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-11-27 20:55 - 2015-12-06 19:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-11-27 20:55 - 2015-11-28 19:12 - 00000000 ____D C:\Program Files (x86)\VIA
2016-11-27 20:55 - 2015-11-28 19:10 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-11-27 20:55 - 2015-11-28 19:07 - 00000000 ____D C:\Program Files (x86)\PhotoScape
2016-11-27 20:55 - 2015-11-28 18:59 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2016-11-27 20:55 - 2015-11-28 18:33 - 00000000 ____D C:\Program Files (x86)\Intel
2016-11-27 20:55 - 2015-11-28 17:34 - 00000000 ____D C:\Program Files (x86)\Driver-Soft
2016-11-27 20:55 - 2015-11-28 16:30 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-11-27 20:54 - 2015-11-30 17:36 - 00000000 ____D C:\Users\Todos os Usuários\Intel
2016-11-27 20:54 - 2015-11-30 17:36 - 00000000 ____D C:\ProgramData\Intel
2016-11-27 20:54 - 2009-07-14 00:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-11-27 20:49 - 2015-11-28 17:46 - 00000000 ____D C:\Users\Eduardo\AppData\Roaming\uTorrent
2016-11-27 13:53 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-11-27 11:46 - 2015-11-28 19:43 - 00000000 ____D C:\Users\Eduardo\AppData\Roaming\MPC-HC
2016-11-27 11:26 - 2016-09-17 11:41 - 00000000 ____D C:\Users\Eduardo\AppData\LocalLow\IObit
2016-11-26 22:05 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-26 21:48 - 2015-11-30 03:34 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-11-23 23:59 - 2016-07-16 08:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-15 11:03 - 2015-11-27 15:06 - 00000000 ____D C:\FFOutput
2016-11-15 10:43 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\rescache
2016-11-12 21:43 - 2016-09-26 19:52 - 00346040 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-12 20:21 - 2016-07-16 08:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-11-12 20:21 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-11-12 20:21 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-11-12 20:21 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-11-12 20:21 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-11-12 20:21 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-11-12 19:42 - 2016-07-16 08:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-12 19:36 - 2015-12-06 19:08 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-11-12 19:35 - 2015-11-29 22:35 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-12 19:30 - 2015-11-29 22:35 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Arquivos na raiz de alguns diretórios =======

2016-03-05 15:05 - 2016-03-05 16:27 - 0002709 _____ () C:\Users\Eduardo\AppData\Roaming\droid4xinstaller.log
2016-04-07 13:31 - 2016-04-07 13:31 - 0099384 _____ () C:\Users\Eduardo\AppData\Roaming\inst.exe
2016-04-07 13:31 - 2016-04-07 13:31 - 0007859 _____ () C:\Users\Eduardo\AppData\Roaming\pcouffin.cat
2016-04-07 13:31 - 2016-04-07 13:31 - 0001167 _____ () C:\Users\Eduardo\AppData\Roaming\pcouffin.inf
2016-04-07 13:31 - 2016-04-07 13:31 - 0000055 _____ () C:\Users\Eduardo\AppData\Roaming\pcouffin.log
2016-04-07 13:31 - 2016-04-07 13:31 - 0082816 _____ (VSO Software) C:\Users\Eduardo\AppData\Roaming\pcouffin.sys
2016-01-30 20:19 - 2016-07-01 22:40 - 0000107 _____ () C:\Users\Eduardo\AppData\Roaming\WB.CFG
2015-12-06 22:40 - 2016-08-29 14:51 - 0002945 _____ () C:\ProgramData\hpzinstall.log

Alguns arquivos em TEMP:
====================
C:\Users\Eduardo\AppData\Local\Temp\ReimagePackage.exe


==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-11-27 10:55

==================== Fim de FRST.txt ============================

Publicité

Signaler le contenu de ce document

Publicité