cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 03/01/2017 08:23:47 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Guerreiro\Desktop
Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.14393.0)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

2,46 Gb Total Physical Memory | 0,75 Gb Available Physical Memory | 30,50% Memory free
7,00 Gb Paging File | 4,64 Gb Available in Paging File | 66,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 194,87 Gb Total Space | 47,34 Gb Free Space | 24,29% Space Free | Partition Type: NTFS
Drive D: | 270,44 Gb Total Space | 27,53 Gb Free Space | 10,18% Space Free | Partition Type: NTFS

Computer Name: GUERREIRO-PC | User Name: Guerreiro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2017/01/03 08:21:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Guerreiro\Desktop\OTL.exe
PRC - [2016/12/09 15:48:30 | 001,921,448 | ---- | M] (QIHU 360 SOFTWARE CO. LIMITED) -- C:\Arquivos de Programas\360\Total Security\safemon\QHSafeTray.exe
PRC - [2016/11/25 09:35:55 | 006,067,624 | ---- | M] (QIHU 360 SOFTWARE CO. LIMITED) -- C:\Arquivos de Programas\360\Total Security\QHSafeMain.exe
PRC - [2016/11/25 09:35:55 | 001,501,096 | ---- | M] () -- C:\Arquivos de Programas\360\Total Security\PromoUtil.exe
PRC - [2016/11/25 09:35:55 | 000,928,168 | ---- | M] (QIHU 360 SOFTWARE CO. LIMITED) -- C:\Arquivos de Programas\360\Total Security\safemon\QHActiveDefense.exe
PRC - [2016/11/25 09:35:55 | 000,124,536 | ---- | M] (QIHU 360 SOFTWARE CO. LIMITED) -- C:\Arquivos de Programas\360\Total Security\safemon\QHWatchdog.exe
PRC - [2016/11/11 04:42:44 | 000,313,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2016/11/11 04:41:45 | 004,311,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2016/11/08 17:29:28 | 000,921,192 | ---- | M] (Google Inc.) -- C:\Arquivos de Programas\Google\Chrome\Application\chrome.exe
PRC - [2016/11/02 08:29:48 | 000,947,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
PRC - [2016/11/02 08:11:10 | 007,104,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
PRC - [2016/10/26 00:02:56 | 000,458,264 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2016/10/26 00:02:56 | 000,271,376 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2016/10/05 06:09:52 | 001,700,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smartscreen.exe
PRC - [2016/09/16 14:38:30 | 007,175,560 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Arquivos de Programas\AMD\CNext\CNext\RadeonSettings.exe
PRC - [2016/09/16 14:37:58 | 000,137,608 | ---- | M] () -- C:\Arquivos de Programas\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
PRC - [2016/09/10 15:33:55 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetsrv\w3wp.exe
PRC - [2016/08/06 01:02:35 | 000,082,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\ImmersiveControlPanel\SystemSettings.exe
PRC - [2016/08/06 00:47:34 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dasHost.exe
PRC - [2016/07/16 05:25:58 | 000,042,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ApplicationFrameHost.exe
PRC - [2016/07/16 05:25:55 | 000,072,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhostw.exe
PRC - [2016/07/16 05:25:15 | 001,543,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
PRC - [2016/07/16 05:25:07 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sihost.exe
PRC - [2016/07/16 05:25:03 | 000,029,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RuntimeBroker.exe
PRC - [2016/06/02 14:20:56 | 096,452,608 | ---- | M] () -- C:\Users\Guerreiro\AppData\Roaming\Java\SYSGUERREIRO-PC.exe
PRC - [2016/04/12 05:41:18 | 001,125,568 | ---- | M] (Disc Soft Ltd) -- C:\Arquivos de Programas\DAEMON Tools Lite\DiscSoftBusService.exe
PRC - [2013/11/01 11:34:48 | 000,389,120 | ---- | M] (AMD) -- C:\Arquivos de Programas\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2012/02/27 07:02:02 | 000,249,440 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_TATII4E.EXE
PRC - [2012/02/27 07:01:02 | 000,142,432 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Arquivos de Programas\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE
PRC - [2011/12/12 00:00:00 | 000,122,000 | ---- | M] (Seiko Epson Corporation) -- C:\Windows\System32\escsvc.exe
PRC - [2011/07/20 12:05:20 | 000,614,400 | ---- | M] () -- C:\Arquivos de Programas\OI\Programmer\OiVeloxCheck.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2016/12/31 17:02:00 | 001,244,376 | ---- | M] () -- C:\Users\Guerreiro\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
MOD - [2016/12/09 07:11:15 | 002,048,496 | ---- | M] () -- C:\Windows\System32\CoreUIComponents.dll
MOD - [2016/12/09 06:36:56 | 000,321,536 | ---- | M] () -- C:\Windows\ShellExperiences\QuickActions.dll
MOD - [2016/11/25 09:35:55 | 001,501,096 | ---- | M] () -- C:\Arquivos de Programas\360\Total Security\PromoUtil.exe
MOD - [2016/11/25 09:35:55 | 000,584,616 | ---- | M] () -- C:\Arquivos de Programas\360\Total Security\safemon\wdui2.dll
MOD - [2016/11/25 09:35:55 | 000,099,240 | ---- | M] () -- C:\Arquivos de Programas\360\Total Security\deepscan\qutmload.dll
MOD - [2016/11/02 07:31:05 | 006,726,656 | ---- | M] () -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
MOD - [2016/11/02 07:26:50 | 003,158,528 | ---- | M] () -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
MOD - [2016/11/02 07:24:54 | 001,724,928 | ---- | M] () -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
MOD - [2016/11/02 07:24:43 | 000,779,776 | ---- | M] () -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
MOD - [2016/11/02 07:24:25 | 001,150,464 | ---- | M] () -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
MOD - [2016/09/13 01:00:38 | 000,057,856 | ---- | M] () -- C:\Arquivos de Programas\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
MOD - [2016/09/13 01:00:38 | 000,012,288 | ---- | M] () -- C:\Arquivos de Programas\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
MOD - [2016/09/13 01:00:36 | 000,690,176 | ---- | M] () -- C:\Arquivos de Programas\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
MOD - [2016/09/13 01:00:34 | 000,012,288 | ---- | M] () -- C:\Arquivos de Programas\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
MOD - [2016/09/13 01:00:04 | 001,601,536 | ---- | M] () -- C:\Arquivos de Programas\AMD\CNext\CNext\libGLESV2.dll
MOD - [2016/09/13 01:00:04 | 000,010,240 | ---- | M] () -- C:\Arquivos de Programas\AMD\CNext\CNext\libEGL.dll
MOD - [2016/08/06 00:21:51 | 000,526,848 | ---- | M] () -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
MOD - [2016/07/16 05:25:47 | 000,108,032 | ---- | M] () -- C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
MOD - [2016/06/02 14:20:56 | 096,452,608 | ---- | M] () -- C:\Users\Guerreiro\AppData\Roaming\Java\SYSGUERREIRO-PC.exe
MOD - [2013/11/01 11:34:28 | 000,094,208 | ---- | M] () -- C:\Arquivos de Programas\ATI Technologies\HydraVision\hydraptb.dll
MOD - [2011/07/20 12:05:20 | 000,614,400 | ---- | M] () -- C:\Arquivos de Programas\OI\Programmer\OiVeloxCheck.exe
MOD - [2008/05/07 21:33:46 | 000,417,792 | ---- | M] () -- C:\Arquivos de Programas\Adobe\Reader 9.0\Reader\AdobeXMP.dll
MOD - [2007/11/16 16:02:18 | 000,479,232 | R--- | M] () -- C:\Arquivos de Programas\Adobe\Reader 9.0\Reader\ccme_base.dll
MOD - [2007/11/16 16:02:18 | 000,401,408 | R--- | M] () -- C:\Arquivos de Programas\Adobe\Reader 9.0\Reader\cryptocme2.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - [2016/12/09 07:10:54 | 000,583,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2016/11/25 09:35:55 | 000,928,168 | ---- | M] (QIHU 360 SOFTWARE CO. LIMITED) [Auto | Running] -- C:\Arquivos de Programas\360\Total Security\safemon\QHActiveDefense.exe -- (QHActiveDefense)
SRV - [2016/11/11 04:24:07 | 000,064,000 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\moshost.dll -- (MapsBroker)
SRV - [2016/11/11 04:23:13 | 000,254,976 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\System32\cdpusersvc.dll -- (CDPUserSvc)
SRV - [2016/11/11 04:21:08 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV - [2016/11/11 04:19:35 | 000,298,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2016/11/11 04:18:41 | 000,294,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cdpsvc.dll -- (CDPSvc)
SRV - [2016/11/11 04:15:02 | 000,441,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AppReadiness.dll -- (AppReadiness)
SRV - [2016/11/11 04:14:59 | 000,473,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\RDXService.dll -- (RetailDemo)
SRV - [2016/11/11 04:12:55 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlidsvc.dll -- (wlidsvc)
SRV - [2016/11/11 04:11:36 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2016/11/11 04:07:17 | 001,948,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AppXDeploymentServer.dll -- (AppXSvc)
SRV - [2016/11/11 04:05:12 | 003,370,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\Windows.StateRepository.dll -- (StateRepository)
SRV - [2016/11/11 04:04:50 | 000,920,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\dosvc.dll -- (DoSvc)
SRV - [2016/11/11 04:02:40 | 000,612,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsm.dll -- (LSM)
SRV - [2016/11/02 07:41:20 | 000,517,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FlightSettings.dll -- (wisvc)
SRV - [2016/11/02 07:38:56 | 000,623,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\bisrv.dll -- (BrokerInfrastructure)
SRV - [2016/11/02 07:29:05 | 000,503,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FrameServer.dll -- (FrameServer)
SRV - [2016/11/02 07:26:13 | 000,182,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NetSetupSvc.dll -- (NetSetupSvc)
SRV - [2016/10/26 00:02:56 | 000,271,376 | ---- | M] (AMD) [On_Demand | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2016/10/15 00:50:40 | 000,416,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\usocore.dll -- (UsoSvc)
SRV - [2016/10/15 00:37:47 | 001,485,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2016/10/05 06:10:25 | 000,754,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ngcsvc.dll -- (NgcSvc)
SRV - [2016/09/16 14:37:58 | 000,137,608 | ---- | M] () [Auto | Running] -- C:\Arquivos de Programas\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe -- (AdaptiveSleepService)
SRV - [2016/09/15 14:42:48 | 000,614,752 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\AppVClient.exe -- (AppVClient)
SRV - [2016/09/15 14:17:14 | 001,887,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Windows Defender Advanced Threat Protection\MsSense.exe -- (Sense)
SRV - [2016/09/15 13:56:50 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\RMapi.dll -- (RmSvc)
SRV - [2016/09/15 13:56:09 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SensorService.dll -- (SensorService)
SRV - [2016/09/15 13:56:06 | 000,576,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\XblAuthManager.dll -- (XblAuthManager)
SRV - [2016/09/15 13:55:03 | 000,277,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvcext.dll -- (vmicvss)
SRV - [2016/09/15 13:55:03 | 000,277,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvcext.dll -- (vmicrdv)
SRV - [2016/09/15 13:54:28 | 000,228,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicvmsession)
SRV - [2016/09/15 13:54:28 | 000,228,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmictimesync)
SRV - [2016/09/15 13:54:28 | 000,228,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicshutdown)
SRV - [2016/09/15 13:54:28 | 000,228,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmickvpexchange)
SRV - [2016/09/15 13:54:28 | 000,228,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicheartbeat)
SRV - [2016/09/15 13:54:28 | 000,228,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicguestinterface)
SRV - [2016/09/15 13:52:48 | 000,822,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\usermgr.dll -- (UserManager)
SRV - [2016/09/10 15:33:57 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV - [2016/09/10 15:33:55 | 000,057,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2016/09/10 15:33:50 | 000,507,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2016/09/10 15:33:50 | 000,507,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2016/09/07 01:54:53 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\tzautoupdate.dll -- (tzautoupdate)
SRV - [2016/09/07 01:50:07 | 000,636,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PhoneService.dll -- (PhoneSvc)
SRV - [2016/09/07 01:44:33 | 000,894,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SensorDataService.exe -- (SensorDataService)
SRV - [2016/09/07 01:40:23 | 000,300,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV - [2016/09/07 01:32:03 | 000,960,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2016/08/20 02:11:31 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\LicenseManagerSvc.dll -- (LicenseManager)
SRV - [2016/08/06 00:37:40 | 000,366,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\das.dll -- (DeviceAssociationService)
SRV - [2016/08/06 00:33:24 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\smphost.dll -- (smphost)
SRV - [2016/07/16 14:34:37 | 001,591,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2016/07/16 14:34:33 | 000,154,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2016/07/16 14:34:29 | 000,858,624 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\AgentService.exe -- (UevAgentService)
SRV - [2016/07/16 05:26:42 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wiarpc.dll -- (WiaRpc)
SRV - [2016/07/16 05:26:40 | 000,373,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WalletService.dll -- (WalletService)
SRV - [2016/07/16 05:26:15 | 000,144,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NcaSvc.dll -- (NcaSvc)
SRV - [2016/07/16 05:26:05 | 001,381,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\workfolderssvc.dll -- (workfolderssvc)
SRV - [2016/07/16 05:26:02 | 000,271,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV - [2016/07/16 05:26:02 | 000,084,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2016/07/16 05:25:58 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2016/07/16 05:25:57 | 000,120,320 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV - [2016/07/16 05:25:57 | 000,047,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dmwappushsvc.dll -- (dmwappushservice)
SRV - [2016/07/16 05:25:56 | 000,828,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV - [2016/07/16 05:25:56 | 000,567,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wcmsvc.dll -- (Wcmsvc)
SRV - [2016/07/16 05:25:56 | 000,036,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\efssvc.dll -- (EFS)
SRV - [2016/07/16 05:25:55 | 000,155,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dcpsvc.dll -- (DcpSvc)
SRV - [2016/07/16 05:25:39 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\keyiso.dll -- (KeyIso)
SRV - [2016/07/16 05:25:39 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV - [2016/07/16 05:25:31 | 000,330,240 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\System32\APHostService.dll -- (OneSyncSvc)
SRV - [2016/07/16 05:25:24 | 000,137,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV - [2016/07/16 05:25:23 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wephostsvc.dll -- (WEPHOSTSVC)
SRV - [2016/07/16 05:25:21 | 000,253,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\TieringEngineService.exe -- (TieringEngineService)
SRV - [2016/07/16 05:25:21 | 000,104,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\fhsvc.dll -- (fhsvc)
SRV - [2016/07/16 05:25:21 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\svsvc.dll -- (svsvc)
SRV - [2016/07/16 05:25:10 | 000,413,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SmsRouterSvc.dll -- (SmsRouter)
SRV - [2016/07/16 05:25:09 | 000,432,640 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofmsvc.dll -- (netprofm)
SRV - [2016/07/16 05:25:08 | 000,046,080 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\System32\MessagingService.dll -- (MessagingService)
SRV - [2016/07/16 05:25:07 | 001,252,352 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\System32\UserDataService.dll -- (UserDataSvc)
SRV - [2016/07/16 05:25:07 | 000,968,704 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\System32\Unistore.dll -- (UnistoreSvc)
SRV - [2016/07/16 05:25:07 | 000,446,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\tileobjserver.dll -- (tiledatamodelsvc)
SRV - [2016/07/16 05:25:07 | 000,294,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ncbservice.dll -- (NcbService)
SRV - [2016/07/16 05:25:07 | 000,280,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV - [2016/07/16 05:25:07 | 000,259,072 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\vaultsvc.dll -- (VaultSvc)
SRV - [2016/07/16 05:25:07 | 000,239,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV - [2016/07/16 05:25:07 | 000,195,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wpnservice.dll -- (WpnService)
SRV - [2016/07/16 05:25:07 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\System32\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV - [2016/07/16 05:25:07 | 000,167,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\tetheringservice.dll -- (icssvc)
SRV - [2016/07/16 05:25:07 | 000,129,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV - [2016/07/16 05:25:07 | 000,058,368 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\System32\WpnUserService.dll -- (WpnUserService)
SRV - [2016/07/16 05:25:07 | 000,030,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lfsvc.dll -- (lfsvc)
SRV - [2016/07/16 05:25:07 | 000,024,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DevQueryBroker.dll -- (DevQueryBroker)
SRV - [2016/07/16 05:25:05 | 000,704,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\XblGameSave.dll -- (XblGameSave)
SRV - [2016/07/16 05:25:04 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AJRouter.dll -- (AJRouter)
SRV - [2016/07/16 05:25:03 | 000,591,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ClipSVC.dll -- (ClipSVC)
SRV - [2016/07/16 05:25:03 | 000,159,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DeviceSetupManager.dll -- (DsmSvc)
SRV - [2016/07/16 05:25:03 | 000,121,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\dssvc.dll -- (DsSvc)
SRV - [2016/07/16 05:25:03 | 000,101,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\embeddedmodesvc.dll -- (embeddedmode)
SRV - [2016/07/16 05:24:52 | 002,716,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\spool\drivers\w32x86\3\PrintConfig.dll -- (PrintNotify)
SRV - [2016/07/16 05:24:52 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\BthHFSrv.dll -- (BthHFSrv)
SRV - [2016/04/12 05:41:18 | 001,125,568 | ---- | M] (Disc Soft Ltd) [On_Demand | Running] -- C:\Arquivos de Programas\DAEMON Tools Lite\DiscSoftBusService.exe -- (Disc Soft Lite Bus Service)
SRV - [2014/01/23 15:54:32 | 000,150,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2012/10/01 20:30:02 | 004,846,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2012/02/27 07:01:02 | 000,142,432 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Arquivos de Programas\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE -- (EPSON_PM_RPCV4_05)
SRV - [2011/12/12 00:00:00 | 000,122,000 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Windows\System32\escsvc.exe -- (EpsonScanSvc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2016/12/09 07:12:28 | 000,276,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\clfs.sys -- (CLFS)
DRV - [2016/11/25 09:35:55 | 000,221,696 | ---- | M] (360.cn) [File_System | System | Running] -- C:\Windows\System32\drivers\360Box.sys -- (360Box)
DRV - [2016/11/25 09:35:55 | 000,083,456 | ---- | M] (360.cn) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\360AvFlt.sys -- (360AvFlt)
DRV - [2016/11/11 04:45:26 | 000,175,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2016/11/11 04:26:19 | 000,216,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xboxgip.sys -- (xboxgip)
DRV - [2016/11/02 08:00:03 | 000,042,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\iorate.sys -- (iorate)
DRV - [2016/10/26 00:03:00 | 024,400,024 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\DriverStore\FileRepository\ct307259.inf_x86_5817e51a35dcdf20\atikmdag.sys -- (amdkmdag)
DRV - [2016/10/26 00:02:56 | 000,420,880 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\DriverStore\FileRepository\ct307259.inf_x86_5817e51a35dcdf20\atikmpag.sys -- (amdkmdap)
DRV - [2016/10/24 00:09:41 | 000,195,712 | ---- | M] (360‰[hQ-NÃ_) [Kernel | System | Running] -- C:\Windows\System32\drivers\360SelfProtection.sys -- (360SelfProtection)
DRV - [2016/10/24 00:09:41 | 000,144,384 | ---- | M] (360.cn) [Kernel | System | Running] -- C:\Windows\System32\drivers\360AntiHacker.sys -- (360AntiHacker)
DRV - [2016/10/24 00:09:41 | 000,078,208 | ---- | M] (360‰[hQ-NÃ_) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hookport.sys -- (HookPort)
DRV - [2016/10/24 00:09:41 | 000,074,496 | ---- | M] (360.cn) [Kernel | System | Running] -- C:\Windows\System32\drivers\qutmipc.sys -- (qutmipc)
DRV - [2016/10/24 00:09:41 | 000,052,224 | ---- | M] (360.cn) [Kernel | System | Running] -- C:\Windows\System32\drivers\360Camera.sys -- (360Camera)
DRV - [2016/10/24 00:09:40 | 000,322,688 | ---- | M] (360.cn) [Kernel | System | Running] -- C:\Windows\System32\drivers\qutmdrv.sys -- (qutmdserv)
DRV - [2016/10/24 00:09:40 | 000,195,584 | ---- | M] (360.cn) [Kernel | System | Running] -- C:\Windows\System32\drivers\BAPIDRV.sys -- (BAPIDRV)
DRV - [2016/10/15 01:26:27 | 000,055,136 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\dam.sys -- (dam)
DRV - [2016/10/15 01:18:44 | 000,458,592 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\spaceport.sys -- (spaceport)
DRV - [2016/10/15 00:46:06 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\capimg.sys -- (CapImg)
DRV - [2016/10/15 00:33:33 | 000,188,928 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\ahcache.sys -- (ahcache)
DRV - [2016/10/05 06:46:02 | 000,056,672 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\MegaSas2i.sys -- (megasas2i)
DRV - [2016/09/15 14:42:58 | 000,094,560 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\AppVStrm.sys -- (AppvStrm)
DRV - [2016/09/15 14:22:19 | 000,111,968 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\storahci.sys -- (storahci)
DRV - [2016/09/15 14:20:51 | 000,095,072 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\System32\drivers\wcifs.sys -- (wcifs)
DRV - [2016/09/15 13:55:12 | 000,518,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WdiWiFi.sys -- (wdiwifi)
DRV - [2016/09/10 15:33:48 | 000,130,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mqac.sys -- (MQAC)
DRV - [2016/09/07 02:13:09 | 000,101,216 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV - [2016/09/05 05:47:46 | 000,147,072 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2016/09/05 05:47:38 | 000,147,072 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2016/09/05 05:47:32 | 000,109,184 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2016/08/20 02:49:08 | 000,092,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pdc.sys -- (pdc)
DRV - [2016/08/20 02:15:11 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xinputhid.sys -- (xinputhid)
DRV - [2016/08/06 01:22:32 | 000,173,408 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\wof.sys -- (Wof)
DRV - [2016/07/16 14:34:41 | 000,091,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2016/07/16 14:34:41 | 000,023,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2016/07/16 14:34:40 | 000,118,112 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\AppvVemgr.sys -- (AppvVemgr)
DRV - [2016/07/16 14:34:40 | 000,111,456 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\AppvVfs.sys -- (AppvVfs)
DRV - [2016/07/16 14:34:35 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2016/07/16 14:34:32 | 000,159,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mssecflt.sys -- (MsSecFlt)
DRV - [2016/07/16 14:34:29 | 000,036,192 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\UevAgentDriver.sys -- (UevAgentDriver)
DRV - [2016/07/16 05:26:51 | 000,024,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV - [2016/07/16 05:26:02 | 000,244,576 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WdFilter.sys -- (WdFilter)
DRV - [2016/07/16 05:26:02 | 000,100,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV - [2016/07/16 05:26:02 | 000,037,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WdBoot.sys -- (WdBoot)
DRV - [2016/07/16 05:25:56 | 000,106,496 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\Ndu.sys -- (Ndu)
DRV - [2016/07/16 05:25:55 | 000,109,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV - [2016/07/16 05:25:55 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mslldp.sys -- (MsLldp)
DRV - [2016/07/16 05:25:51 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\applockerfltr.sys -- (applockerfltr)
DRV - [2016/07/16 05:25:41 | 000,205,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ufx01000.sys -- (Ufx01000)
DRV - [2016/07/16 05:25:41 | 000,117,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SerCx2.sys -- (SerCx2)
DRV - [2016/07/16 05:25:41 | 000,086,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV - [2016/07/16 05:25:41 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV - [2016/07/16 05:25:41 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UcmCx.sys -- (UcmCx0101)
DRV - [2016/07/16 05:25:41 | 000,060,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SpbCx.sys -- (SpbCx)
DRV - [2016/07/16 05:25:41 | 000,059,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SerCx.sys -- (SerCx)
DRV - [2016/07/16 05:25:41 | 000,042,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\urscx01000.sys -- (UrsCx01000)
DRV - [2016/07/16 05:25:41 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV - [2016/07/16 05:25:41 | 000,009,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidumdf.sys -- (mshidumdf)
DRV - [2016/07/16 05:25:41 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV - [2016/07/16 05:25:40 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VerifierExt.sys -- (VerifierExt)
DRV - [2016/07/16 05:25:40 | 000,062,976 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\System32\drivers\storqosflt.sys -- (storqosflt)
DRV - [2016/07/16 05:25:40 | 000,042,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\condrv.sys -- (condrv)
DRV - [2016/07/16 05:25:31 | 000,033,120 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\cnghwassist.sys -- (cnghwassist)
DRV - [2016/07/16 05:25:30 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mmcss.sys -- (MMCSS)
DRV - [2016/07/16 05:25:22 | 000,075,104 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\EhStorClass.sys -- (EhStorClass)
DRV - [2016/07/16 05:25:08 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV - [2016/07/16 05:25:07 | 000,135,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV - [2016/07/16 05:25:07 | 000,088,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\wfplwfs.sys -- (WFPLWFS)
DRV - [2016/07/16 05:25:07 | 000,058,368 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\registry.sys -- (clreg)
DRV - [2016/07/16 05:25:07 | 000,052,736 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\System32\drivers\wcnfs.sys -- (wcnfs)
DRV - [2016/07/16 05:25:01 | 000,173,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Ucx01000.sys -- (Ucx01000)
DRV - [2016/07/16 05:25:01 | 000,091,488 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\acpiex.sys -- (acpiex)
DRV - [2016/07/16 05:25:01 | 000,077,312 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\filecrypt.sys -- (FileCrypt)
DRV - [2016/07/16 05:25:01 | 000,062,976 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV - [2016/07/16 05:25:01 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2016/07/16 05:25:01 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Udecx.sys -- (UdeCx)
DRV - [2016/07/16 05:25:01 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vhf.sys -- (vhf)
DRV - [2016/07/16 05:24:57 | 000,430,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBHUB3.SYS -- (USBHUB3)
DRV - [2016/07/16 05:24:57 | 000,289,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBXHCI.SYS -- (USBXHCI)
DRV - [2016/07/16 05:24:57 | 000,107,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV - [2016/07/16 05:24:57 | 000,076,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sdstor.sys -- (sdstor)
DRV - [2016/07/16 05:24:57 | 000,075,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV - [2016/07/16 05:24:57 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2016/07/16 05:24:57 | 000,066,560 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iai2c.sys -- (iai2c)
DRV - [2016/07/16 05:24:57 | 000,039,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV - [2016/07/16 05:24:57 | 000,038,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV - [2016/07/16 05:24:57 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hidi2c.sys -- (hidi2c)
DRV - [2016/07/16 05:24:57 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV - [2016/07/16 05:24:57 | 000,027,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\buttonconverter.sys -- (buttonconverter)
DRV - [2016/07/16 05:24:57 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2016/07/16 05:24:57 | 000,025,600 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iagpio.sys -- (iagpio)
DRV - [2016/07/16 05:24:57 | 000,022,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\urschipidea.sys -- (UrsChipidea)
DRV - [2016/07/16 05:24:57 | 000,021,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV - [2016/07/16 05:24:57 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\npsvctrig.sys -- (npsvctrig)
DRV - [2016/07/16 05:24:57 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\genericusbfn.sys -- (genericusbfn)
DRV - [2016/07/16 05:24:57 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kdnic.sys -- (kdnic)
DRV - [2016/07/16 05:24:57 | 000,015,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV - [2016/07/16 05:24:55 | 000,494,080 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rt640x86.sys -- (rt640x86)
DRV - [2016/07/16 05:24:55 | 000,276,832 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV - [2016/07/16 05:24:55 | 000,066,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\stornvme.sys -- (stornvme)
DRV - [2016/07/16 05:24:55 | 000,059,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\uaspstor.sys -- (UASPStor)
DRV - [2016/07/16 05:24:55 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV - [2016/07/16 05:24:55 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\BasicRender.sys -- (BasicRender)
DRV - [2016/07/16 05:24:55 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\storufs.sys -- (storufs)
DRV - [2016/07/16 05:24:55 | 000,023,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\uefi.sys -- (UEFI)
DRV - [2016/07/16 05:24:55 | 000,022,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iaiogpio.sys -- (GPIO)
DRV - [2016/07/16 05:24:55 | 000,014,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volume.sys -- (volume)
DRV - [2016/07/16 05:24:55 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\acpitime.sys -- (acpitime)
DRV - [2016/07/16 05:24:55 | 000,009,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\acpipagr.sys -- (acpipagr)
DRV - [2016/07/16 05:24:54 | 001,038,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\adp80xx.sys -- (ADP80XX)
DRV - [2016/07/16 05:24:54 | 000,524,640 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\iaStorAV.sys -- (iaStorAV)
DRV - [2016/07/16 05:24:54 | 000,089,952 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV - [2016/07/16 05:24:54 | 000,085,856 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\3ware.sys -- (3ware)
DRV - [2016/07/16 05:24:54 | 000,085,856 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV - [2016/07/16 05:24:54 | 000,069,472 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\lsi_sss.sys -- (LSI_SSS)
DRV - [2016/07/16 05:24:54 | 000,061,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iaioi2c.sys -- (iaioi2c)
DRV - [2016/07/16 05:24:54 | 000,058,208 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\mvumis.sys -- (mvumis)
DRV - [2016/07/16 05:24:54 | 000,054,624 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\percsas3i.sys -- (percsas3i)
DRV - [2016/07/16 05:24:54 | 000,051,552 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\percsas2i.sys -- (percsas2i)
DRV - [2016/07/16 05:24:54 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AcpiDev.sys -- (AcpiDev)
DRV - [2016/07/16 05:24:54 | 000,008,192 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcmfn2.sys -- (bcmfn2)
DRV - [2016/07/16 05:24:54 | 000,008,192 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcmfn.sys -- (bcmfn)
DRV - [2016/07/16 05:24:53 | 000,042,520 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\intelpep.sys -- (intelpep)
DRV - [2016/07/16 05:24:52 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bthhfenum.sys -- (BthHFEnum)
DRV - [2016/07/16 05:24:52 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV - [2016/07/16 05:24:52 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_x86_ed148199964e21c5\CompositeBus.sys -- (CompositeBus)
DRV - [2016/07/16 05:24:52 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthhfHid.sys -- (bthhfhid)
DRV - [2016/07/16 05:24:51 | 000,083,296 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2016/07/16 05:24:51 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2016/07/16 05:24:51 | 000,039,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2016/07/16 05:24:51 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2016/07/16 05:24:51 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2016/07/16 05:24:51 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2016/07/16 05:24:51 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hyperkbd.sys -- (hyperkbd)
DRV - [2016/07/16 05:24:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmgencounter.sys -- (gencounter)
DRV - [2016/07/16 05:24:51 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmgid.sys -- (vmgid)
DRV - [2016/07/16 05:24:51 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2016/06/21 01:02:52 | 000,023,248 | ---- | M] (360.cn) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\efimon.sys -- (EfiMon)
DRV - [2016/05/24 14:19:44 | 000,040,504 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dtliteusbbus.sys -- (dtliteusbbus)
DRV - [2016/05/24 14:18:55 | 000,026,168 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV - [2015/05/28 07:00:44 | 000,082,432 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdWT3.sys -- (AtiHDAudioService)
DRV - [2015/03/05 10:15:36 | 000,017,160 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\pwdrvio.sys -- (pwdrvio)
DRV - [2015/03/05 10:15:10 | 000,013,064 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\pwdspio.sys -- (pwdspio)
DRV - [2013/11/26 15:34:38 | 000,700,120 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt630x86.sys -- (RTL8168)
DRV - [2010/03/04 11:14:22 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010/03/04 11:14:22 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [String data over 1000 bytes]
IE - HKLM\..\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-21-2062713700-329253385-3137101945-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://login.latinamweb.com/
IE - HKU\S-1-5-21-2062713700-329253385-3137101945-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-BR
IE - HKU\S-1-5-21-2062713700-329253385-3137101945-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AD 99 7C BD E4 C4 D1 01 [binary data]
IE - HKU\S-1-5-21-2062713700-329253385-3137101945-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 09 42 6C 9A 71 46 D2 01 [binary data]
IE - HKU\S-1-5-21-2062713700-329253385-3137101945-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-2062713700-329253385-3137101945-1000\..\SearchScopes,DefaultScope = {2f23ab71-4ac6-41f2-a955-ea576e553146}
IE - HKU\S-1-5-21-2062713700-329253385-3137101945-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [String data over 1000 bytes]
IE - HKU\S-1-5-21-2062713700-329253385-3137101945-1000\..\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE15
IE - HKU\S-1-5-21-2062713700-329253385-3137101945-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-2062713700-329253385-3137101945-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

IE - HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.111.2: C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.111.2: C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\Guerreiro\AppData\Local\Roblox\Versions\version-53267bd4c3d04796\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher64: C:\Users\Guerreiro\AppData\Local\Roblox\Versions\version-53267bd4c3d04796\\NPRobloxProxy64.dll ()


[2016/06/02 14:29:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Guerreiro\AppData\Roaming\mozilla\Firefox\extensions
[2016/06/02 14:29:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Guerreiro\AppData\Roaming\mozilla\Firefox\extensions\staged
[2016/07/19 19:47:12 | 000,043,424 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\Guerreiro\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh\2.1.3_0\
CHR - Extension: No name found = C:\Users\Guerreiro\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmgebopaejnjlncllgmcenbbflikfjd\1.1.7.102_0\
CHR - Extension: No name found = C:\Users\Guerreiro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\Guerreiro\AppData\Local\Google\Chrome\User Data\Default\Extensions\npflpmeannakjekldamofnldpiefjmmi\1.0_0\
CHR - Extension: No name found = C:\Users\Guerreiro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\
CHR - Extension: No name found = C:\Users\Guerreiro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\

O1 HOSTS File: ([2016/05/24 12:55:39 | 000,000,864 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 validation.sls.microsoft.com
O2 - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Arquivos de Programas\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Arquivos de Programas\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de Programas\Java\jre1.8.0_111\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de Programas\Java\jre1.8.0_111\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [Java7 Update] C:\Users\Guerreiro\AppData\Roaming\Java\SYSGUERREIRO-PC.exe ()
O4 - HKLM..\Run: [OiVelox] C:\Arquivos de Programas\OI\Programmer\OiVeloxCheck.exe ()
O4 - HKLM..\Run: [QHSafeTray] C:\Program Files\360\Total Security\safemon\360Tray.exe (QIHU 360 SOFTWARE CO. LIMITED)
O4 - HKLM..\Run: [StartCN] C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\WINDOWS\System32\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\WINDOWS\System32\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2062713700-329253385-3137101945-1000..\Run: [DAEMON Tools Lite Automount] C:\Program Files\DAEMON Tools Lite\DTAgent.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-2062713700-329253385-3137101945-1000..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_TATII4E.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-2062713700-329253385-3137101945-1000..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415..\Run: [OneDriveSetup] C:\WINDOWS\System32\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415..\RunOnce: [WAB Migrate] C:\Program Files\Windows Mail\wab.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O7 - HKU\S-1-5-21-2062713700-329253385-3137101945-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Arquivos de Programas\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Arquivos de Programas\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{d3c17d0f-610d-4ae8-8ffd-93b26e6e7f5a}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{d3c17d0f-610d-4ae8-8ffd-93b26e6e7f5a}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de Programas\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Arquivos de Programas\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Arquivos de Programas\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Arquivos de Programas\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 18:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 18:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.tmp -- [ NTFS ]
O33 - MountPoints2\{890c0efa-9482-11e6-adc8-d050995b5c7a}\Shell - "" = AutoRun
O33 - MountPoints2\{890c0efa-9482-11e6-adc8-d050995b5c7a}\Shell\AutoRun\command - "" = "F:\AutoRun.exe"
O33 - MountPoints2\{90f58f01-b26a-11e6-add7-d050995b5c7a}\Shell - "" = AutoRun
O33 - MountPoints2\{90f58f01-b26a-11e6-add7-d050995b5c7a}\Shell\AutoRun\command - "" = "F:\AutoRun.exe"
O33 - MountPoints2\{90f58fdc-b26a-11e6-add7-d050995b5c7a}\Shell - "" = AutoRun
O33 - MountPoints2\{90f58fdc-b26a-11e6-add7-d050995b5c7a}\Shell\AutoRun\command - "" = "F:\AutoRun.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2017/01/03 08:21:12 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Guerreiro\Desktop\OTL.exe
[2017/01/03 07:24:46 | 000,000,000 | ---D | C] -- C:\Users\Guerreiro\Desktop\Rogerio
[2017/01/02 19:39:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2017/01/02 19:39:37 | 000,000,000 | ---D | C] -- C:\Users\Guerreiro\AppData\Roaming\Sun
[2017/01/02 19:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2017/01/02 19:38:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2017/01/02 19:38:27 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2017/01/02 19:34:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Caphyon
[2017/01/02 19:34:21 | 000,000,000 | ---D | C] -- C:\Users\Guerreiro\AppData\Roaming\.minecraft
[2017/01/02 19:33:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
[2017/01/02 19:32:44 | 000,000,000 | ---D | C] -- C:\Users\Guerreiro\AppData\Roaming\Mojang (installer by OfficialHawk)
[2016/12/15 05:37:09 | 006,668,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll
[2016/12/15 05:37:07 | 006,474,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2016/12/15 05:37:03 | 000,952,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfsvr.dll
[2016/12/15 05:37:02 | 000,861,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\LicenseManager.dll
[2016/12/15 05:37:01 | 007,626,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\twinui.dll
[2016/12/15 05:36:59 | 003,776,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\SettingsHandlers_nt.dll
[2016/12/15 05:36:58 | 000,115,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acmigration.dll
[2016/12/15 05:36:57 | 004,612,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.Media.dll
[2016/12/15 05:36:57 | 001,415,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\appraiser.dll
[2016/12/15 05:36:56 | 003,198,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdp.dll
[2016/12/15 05:36:52 | 000,551,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxgmms2.sys
[2016/12/15 05:36:52 | 000,342,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxgmms1.sys
[2016/12/15 05:36:51 | 001,235,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32kbase.sys
[2016/12/15 05:36:50 | 001,384,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sppobjs.dll
[2016/12/15 05:36:50 | 000,920,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dosvc.dll
[2016/12/15 05:36:28 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VPNv2CSP.dll
[2016/12/15 05:36:20 | 003,370,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.StateRepository.dll
[2016/12/15 05:36:20 | 000,263,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.Storage.ApplicationData.dll
[2016/12/15 05:36:20 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.StateRepositoryClient.dll
[2016/12/15 05:36:19 | 001,584,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlidsvc.dll
[2016/12/15 05:36:07 | 001,969,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hevcdecoder.dll
[2016/12/15 05:35:43 | 001,556,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.UI.Immersive.dll
[2016/12/15 05:35:43 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ReAgentc.exe
[2016/12/15 05:35:42 | 002,998,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32kfull.sys
[2016/12/15 05:35:42 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2016/12/15 05:35:37 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuuhext.dll
[2016/12/15 05:35:36 | 000,557,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\StoreAgent.dll
[2016/12/15 05:35:36 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\InstallAgentUserBroker.exe
[2016/12/15 05:35:36 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\InstallAgent.exe
[2016/12/15 05:35:36 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VEStoreEventHandlers.dll
[2016/12/15 05:35:36 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WSManHTTPConfig.exe
[2016/12/15 05:35:35 | 001,357,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\UIAutomationCore.dll
[2016/12/15 05:35:35 | 001,228,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usercpl.dll
[2016/12/15 05:35:34 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\umpoext.dll
[2016/12/15 05:35:30 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\LaunchWinApp.exe
[2016/12/15 05:35:28 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lsm.dll
[2016/12/15 05:35:27 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.ApplicationModel.Store.TestingFramework.dll
[2016/12/15 05:35:26 | 001,722,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\SRHInproc.dll
[2016/12/15 05:35:26 | 001,430,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.ApplicationModel.Store.dll
[2016/12/15 05:35:26 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\StorSvc.dll
[2016/12/15 05:35:21 | 000,167,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscapi.dll
[2016/12/15 05:35:20 | 000,802,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\EditionUpgradeManagerObj.dll
[2016/12/15 05:35:20 | 000,519,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ngccredprov.dll
[2016/12/15 05:35:20 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\NgcCtnr.dll
[2016/12/15 05:35:20 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\EditionUpgradeHelper.dll
[2016/12/15 05:35:20 | 000,081,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\DeviceReactivation.dll
[2016/12/15 05:35:19 | 000,886,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aadtb.dll
[2016/12/15 05:35:19 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fveapi.dll
[2016/12/15 05:35:18 | 003,666,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jscript9.dll
[2016/12/15 05:35:18 | 000,822,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Chakradiag.dll
[2016/12/15 05:35:18 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jscript9diag.dll
[2016/12/15 05:35:17 | 006,044,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Chakra.dll
[2016/12/15 05:35:17 | 000,330,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aadcloudap.dll
[2016/12/15 05:35:16 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\DataSenseHandlers.dll
[2016/12/15 05:35:10 | 001,336,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wsecedit.dll
[2016/12/15 05:35:09 | 000,447,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\SettingsHandlers_StorageSense.dll
[2016/12/15 05:35:09 | 000,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\efswrt.dll
[2016/12/15 05:35:03 | 001,196,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscui.cpl
[2016/12/15 05:35:02 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscinterop.dll
[2016/12/15 05:34:59 | 000,675,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sppwinob.dll
[2016/12/15 05:34:58 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\RDXTaskFactory.dll
[2016/12/15 05:34:58 | 000,152,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\RTWorkQ.dll
[2016/12/15 05:34:58 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\RjvMDMConfig.dll
[2016/12/15 05:34:57 | 000,298,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rascustom.dll
[2016/12/15 05:34:56 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vpnike.dll
[2016/12/15 05:34:56 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\RDXService.dll
[2016/12/15 05:34:56 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ProvSysprep.dll
[2016/12/15 05:34:55 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PlayToManager.dll
[2016/12/15 05:34:55 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sppnp.dll
[2016/12/15 05:34:51 | 001,136,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wpncore.dll
[2016/12/15 05:34:51 | 000,529,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wpnprv.dll
[2016/12/15 05:34:49 | 006,019,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2016/12/15 05:34:42 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\NetSetupShim.dll
[2016/12/15 05:34:42 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
[2016/12/15 05:34:42 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\NetCfgNotifyObjectHost.exe
[2016/12/15 05:34:41 | 002,206,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msmpeg2vdec.dll
[2016/12/15 05:34:39 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\modernexecserver.dll
[2016/12/15 05:34:37 | 001,123,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfplat.dll
[2016/12/15 05:34:36 | 001,852,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfmp4srcsnk.dll
[2016/12/15 05:34:35 | 003,892,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfcore.dll
[2016/12/15 05:34:35 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfmkvsrcsnk.dll
[2016/12/15 05:34:35 | 000,091,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfaudiocnv.dll
[2016/12/15 05:34:34 | 000,760,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\NMAA.dll
[2016/12/15 05:34:34 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdmregistration.dll
[2016/12/15 05:34:34 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MosStorage.dll
[2016/12/15 05:34:33 | 000,240,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\moshostcore.dll
[2016/12/15 05:34:33 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\moshost.dll
[2016/12/15 05:34:32 | 006,109,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mos.dll
[2016/12/15 05:34:32 | 000,706,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MapsStore.dll
[2016/12/15 05:34:31 | 002,362,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MapRouter.dll
[2016/12/15 05:34:31 | 002,109,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MapGeocoder.dll
[2016/12/15 05:34:31 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\JpMapControl.dll
[2016/12/15 05:34:31 | 000,715,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MapControlCore.dll
[2016/12/15 05:34:31 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MapConfiguration.dll
[2016/12/15 05:34:31 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MapsBtSvc.dll
[2016/12/15 05:34:30 | 005,380,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\BingMaps.dll
[2016/12/15 05:34:27 | 000,122,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\migisol.dll
[2016/12/15 05:34:26 | 005,722,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windows.storage.dll
[2016/12/15 05:34:24 | 003,306,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFMediaEngine.dll
[2016/12/15 05:34:13 | 000,499,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\LogonController.dll
[2016/12/15 05:34:13 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdd.dll
[2016/12/15 05:34:13 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lpremove.exe
[2016/12/15 05:34:08 | 002,138,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\InputService.dll
[2016/12/15 05:34:08 | 000,353,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TextInputFramework.dll
[2016/12/15 05:34:08 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.UI.Core.TextInput.dll
[2016/12/15 05:34:08 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WordBreakers.dll
[2016/12/15 05:34:07 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\InputLocaleManager.dll
[2016/12/15 05:34:07 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\EditBufferTestHook.dll
[2016/12/15 05:34:02 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieproxy.dll
[2016/12/15 05:34:01 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\indexeddbserver.dll
[2016/12/15 05:34:00 | 019,413,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\edgehtml.dll
[2016/12/15 05:33:36 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\HttpsDataSource.dll
[2016/12/15 05:33:36 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\EAMProgressHandler.dll
[2016/12/15 05:33:35 | 001,413,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gdi32full.dll
[2016/12/15 05:33:34 | 002,484,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gameux.dll
[2016/12/15 05:33:32 | 004,423,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ExplorerFrame.dll
[2016/12/15 05:33:32 | 004,311,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2016/12/15 05:33:32 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmenrollengine.dll
[2016/12/15 05:33:30 | 000,298,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.Internal.Management.dll
[2016/12/15 05:33:30 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\EnterpriseAppMgmtSvc.dll
[2016/12/15 05:33:29 | 002,323,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d10warp.dll
[2016/12/15 05:33:29 | 000,527,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxgi.dll
[2016/12/15 05:33:29 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpapisrv.dll
[2016/12/15 05:33:29 | 000,138,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\DisplayManager.dll
[2016/12/15 05:33:28 | 002,277,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d11.dll
[2016/12/15 05:33:28 | 001,631,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.UI.Xaml.Resources.dll
[2016/12/15 05:33:26 | 013,868,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.UI.Xaml.dll
[2016/12/15 05:33:26 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dialserver.dll
[2016/12/15 05:33:25 | 001,992,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dwmcore.dll
[2016/12/15 05:33:25 | 001,755,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\DeviceFlows.DataModel.dll
[2016/12/15 05:33:25 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\DevicePairing.dll
[2016/12/15 05:33:25 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\DeviceEnroller.exe
[2016/12/15 05:33:25 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupugc.exe
[2016/12/15 05:33:24 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\domgmt.dll
[2016/12/15 05:33:23 | 000,725,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\enterprisecsps.dll
[2016/12/15 05:33:22 | 000,248,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\policymanager.dll
[2016/12/15 05:33:22 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ReportingCSP.dll
[2016/12/15 05:33:20 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmcertinst.exe
[2016/12/15 05:33:19 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\clfs.sys
[2016/12/15 05:33:16 | 001,284,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2016/12/15 05:33:16 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2016/12/15 05:33:15 | 000,846,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WinTypes.dll
[2016/12/15 05:33:15 | 000,746,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2016/12/15 05:33:15 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wincorlib.dll
[2016/12/15 05:33:15 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2016/12/15 05:33:14 | 002,166,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\combase.dll
[2016/12/15 05:33:14 | 000,294,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdpsvc.dll
[2016/12/15 05:33:14 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdpusersvc.dll
[2016/12/15 05:33:14 | 000,198,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CloudExperienceHost.dll
[2016/12/15 05:33:13 | 000,869,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MrmCoreR.dll
[2016/12/15 05:33:13 | 000,448,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ContentDeliveryManager.Utilities.dll
[2016/12/15 05:33:12 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CbtBackgroundManagerPolicy.dll
[2016/12/15 05:33:09 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserbroker.dll
[2016/12/15 05:33:08 | 000,784,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winresume.exe
[2016/12/15 05:33:08 | 000,117,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bcrypt.dll
[2016/12/15 05:33:07 | 000,890,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winresume.efi
[2016/12/15 05:32:59 | 000,484,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\AudioSes.dll
[2016/12/15 05:32:58 | 001,948,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\AppXDeploymentServer.dll
[2016/12/15 05:32:58 | 001,377,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\AppXDeploymentExtensions.onecore.dll
[2016/12/15 05:32:58 | 000,790,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\AppXDeploymentExtensions.desktop.dll
[2016/12/15 05:32:58 | 000,382,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\AUDIOKSE.dll
[2016/12/15 05:32:58 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\AppXDeploymentClient.dll
[2016/12/15 05:32:58 | 000,313,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\audiodg.exe
[2016/12/15 05:32:58 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\AppXApplicabilityBlob.dll
[2016/12/15 05:32:57 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ActivationManager.dll
[2016/12/15 05:32:57 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\apprepsync.dll
[2016/12/15 05:32:57 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ACPBackgroundManagerPolicy.dll
[2016/12/15 05:32:57 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\apprepapi.dll
[2016/12/15 05:32:49 | 001,602,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aitstatic.exe
[2016/12/15 05:32:49 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\facecredentialprovider.dll
[2016/12/15 05:32:48 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.ApplicationModel.LockScreen.dll
[2016/12/15 05:32:48 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\EnterpriseModernAppMgmtCSP.dll
[2016/12/15 05:32:42 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ShareHost.dll
[2016/12/15 05:32:42 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\AppReadiness.dll
[2016/12/15 05:32:41 | 000,583,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CoreMessaging.dll
[2016/12/15 05:32:41 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bcastdvr.exe
[2016/12/15 05:32:41 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\BcastDVRHelper.dll
[2016/12/15 05:32:41 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\AppCapture.dll
[2016/12/15 05:32:41 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\EDPCleanup.exe
[2016/12/15 05:32:27 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\xboxgip.sys
[2016/12/15 05:32:27 | 000,175,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tpm.sys
[2016/12/14 14:08:02 | 005,739,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prm0009.dll
[2016/12/14 14:08:00 | 002,629,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\NlsLexicons0009.dll
[2016/12/14 14:07:59 | 005,489,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\NlsData0009.dll
[2016/12/08 13:15:59 | 000,000,000 | ---D | C] -- C:\Users\Guerreiro\Documents\ROBLOX
[2016/12/08 13:03:27 | 000,000,000 | ---D | C] -- C:\Users\Guerreiro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
[2016/12/08 13:03:18 | 000,000,000 | ---D | C] -- C:\Users\Guerreiro\AppData\Local\Roblox
[8 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[5 C:\*.tmp files -> C:\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2017/01/03 08:21:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Guerreiro\Desktop\OTL.exe
[2017/01/03 07:42:01 | 000,076,888 | ---- | M] () -- C:\Users\Guerreiro\Desktop\brasao-familia-moraes-5.jpg
[2017/01/03 07:22:50 | 000,000,514 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2017/01/03 07:06:04 | 1977,827,328 | -HS- | M] () -- C:\hiberfil.sys
[2017/01/03 07:06:03 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2017/01/02 19:34:40 | 000,001,569 | ---- | M] () -- C:\Users\Public\Desktop\Play Minecraft!.lnk
[2017/01/02 14:09:02 | 000,000,502 | RHS- | M] () -- C:\Users\Guerreiro\ntuser.pol
[2016/12/31 08:27:53 | 000,239,651 | ---- | M] () -- C:\Users\Guerreiro\Documents\fatura claro tv jan 2017.pdf
[2016/12/31 08:06:43 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2016/12/29 07:56:55 | 000,089,009 | ---- | M] () -- C:\Users\Guerreiro\Documents\SuaContaClaro_Jan-17.pdf
[2016/12/18 17:25:28 | 000,919,464 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2016/12/18 17:25:28 | 000,590,586 | ---- | M] () -- C:\WINDOWS\System32\prfh0416.dat
[2016/12/18 17:25:28 | 000,267,764 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2016/12/18 17:25:28 | 000,196,468 | ---- | M] () -- C:\WINDOWS\System32\prfc0416.dat
[2016/12/17 17:08:25 | 000,065,536 | ---- | M] () -- C:\WINDOWS\System32\spu_storage.bin
[2016/12/13 13:32:22 | 000,001,499 | ---- | M] () -- C:\Users\Guerreiro\Desktop\ROBLOX Studio.lnk
[2016/12/09 11:52:42 | 000,389,408 | RHS- | M] () -- C:\bootmgr
[2016/12/09 07:54:31 | 001,415,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\appraiser.dll
[2016/12/09 07:54:30 | 000,115,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\acmigration.dll
[2016/12/09 07:16:36 | 000,784,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winresume.exe
[2016/12/09 07:16:33 | 000,890,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winresume.efi
[2016/12/09 07:14:37 | 006,019,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2016/12/09 07:12:28 | 000,276,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\clfs.sys
[2016/12/09 07:11:15 | 002,048,496 | ---- | M] () -- C:\WINDOWS\System32\CoreUIComponents.dll
[2016/12/09 07:10:54 | 000,583,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CoreMessaging.dll
[2016/12/09 07:01:59 | 002,323,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d10warp.dll
[2016/12/09 07:01:59 | 000,551,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxgmms2.sys
[2016/12/09 07:01:49 | 000,342,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxgmms1.sys
[2016/12/09 07:00:53 | 000,117,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\bcrypt.dll
[2016/12/09 06:57:01 | 001,852,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfmp4srcsnk.dll
[2016/12/09 06:57:00 | 006,668,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll
[2016/12/09 06:55:47 | 000,198,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CloudExperienceHost.dll
[2016/12/09 06:52:23 | 001,413,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\gdi32full.dll
[2016/12/09 06:41:06 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WordBreakers.dll
[2016/12/09 06:40:38 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2016/12/09 06:37:10 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cdd.dll
[2016/12/09 06:37:07 | 000,330,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\aadcloudap.dll
[2016/12/09 06:36:05 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.ApplicationModel.LockScreen.dll
[2016/12/09 06:35:32 | 000,359,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\facecredentialprovider.dll
[2016/12/09 06:34:52 | 000,822,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Chakradiag.dll
[2016/12/09 06:32:18 | 000,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jscript9diag.dll
[2016/12/09 06:31:20 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\indexeddbserver.dll
[2016/12/09 06:31:11 | 000,313,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\AppXDeploymentClient.dll
[2016/12/09 06:30:32 | 019,413,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\edgehtml.dll
[2016/12/09 06:30:31 | 004,612,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.Media.dll
[2016/12/09 06:28:30 | 001,284,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2016/12/09 06:22:58 | 003,776,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\SettingsHandlers_nt.dll
[2016/12/09 06:20:35 | 003,198,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cdp.dll
[2016/12/09 06:20:33 | 006,044,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Chakra.dll
[2016/12/09 06:18:38 | 003,666,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jscript9.dll
[2016/12/09 06:18:36 | 002,138,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\InputService.dll
[2016/12/09 06:18:23 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mdmregistration.dll
[2016/12/09 06:18:00 | 001,235,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32kbase.sys
[2016/12/09 06:17:55 | 000,886,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\aadtb.dll
[2016/12/09 06:17:08 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ShareHost.dll
[2016/12/09 06:16:59 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fveapi.dll
[2016/12/09 06:16:56 | 002,998,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32kfull.sys
[2016/12/09 06:16:03 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\TextInputFramework.dll
[2016/12/09 06:15:59 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.UI.Core.TextInput.dll
[2016/12/09 06:15:51 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\EditBufferTestHook.dll
[2016/12/09 06:15:49 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\InputLocaleManager.dll
[2016/12/09 06:01:06 | 000,296,825 | ---- | M] () -- C:\Users\Guerreiro\Documents\Minha_Fatura_MASTERCARD_19-12-2016.pdf
[2016/12/08 17:54:10 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf
[2016/12/06 19:47:12 | 000,255,642 | ---- | M] () -- C:\Users\Guerreiro\Documents\Minha_Fatura_VISA_15-12-2016.pdf
[2016/12/05 18:33:45 | 000,001,192 | ---- | M] () -- C:\Users\Public\Desktop\360 Total Security.lnk
[8 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[5 C:\*.tmp files -> C:\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2017/01/03 07:41:54 | 000,076,888 | ---- | C] () -- C:\Users\Guerreiro\Desktop\brasao-familia-moraes-5.jpg
[2017/01/02 19:34:40 | 000,001,569 | ---- | C] () -- C:\Users\Public\Desktop\Play Minecraft!.lnk
[2017/01/02 14:09:02 | 000,000,502 | RHS- | C] () -- C:\Users\Guerreiro\ntuser.pol
[2016/12/31 08:27:51 | 000,239,651 | ---- | C] () -- C:\Users\Guerreiro\Documents\fatura claro tv jan 2017.pdf
[2016/12/29 07:56:49 | 000,089,009 | ---- | C] () -- C:\Users\Guerreiro\Documents\SuaContaClaro_Jan-17.pdf
[2016/12/15 05:33:19 | 002,048,496 | ---- | C] () -- C:\WINDOWS\System32\CoreUIComponents.dll
[2016/12/09 06:01:05 | 000,296,825 | ---- | C] () -- C:\Users\Guerreiro\Documents\Minha_Fatura_MASTERCARD_19-12-2016.pdf
[2016/12/08 17:54:10 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf
[2016/12/08 13:03:27 | 000,001,499 | ---- | C] () -- C:\Users\Guerreiro\Desktop\ROBLOX Studio.lnk
[2016/12/06 19:47:11 | 000,255,642 | ---- | C] () -- C:\Users\Guerreiro\Documents\Minha_Fatura_VISA_15-12-2016.pdf
[2016/10/02 10:14:24 | 000,265,728 | ---- | C] () -- C:\WINDOWS\System32\Windows.Perception.Stub.dll
[2016/09/10 15:46:01 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2016/09/10 15:45:12 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\spu_storage.bin
[2016/09/10 15:44:50 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2016/09/09 20:06:56 | 000,039,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\staport.sys.147346241615602
[2016/08/30 20:01:07 | 000,039,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\staport.sys
[2016/08/12 00:58:22 | 000,403,112 | ---- | C] () -- C:\WINDOWS\System32\amdmiracast.dll
[2016/08/12 00:58:14 | 000,277,008 | ---- | C] () -- C:\WINDOWS\System32\dgtrayicon.exe
[2016/08/12 00:58:14 | 000,258,064 | ---- | C] () -- C:\WINDOWS\System32\GameManager32.dll
[2016/08/12 00:58:14 | 000,251,408 | ---- | C] () -- C:\WINDOWS\System32\hsa-thunk.dll
[2016/08/12 00:58:14 | 000,239,128 | ---- | C] () -- C:\WINDOWS\System32\amdgfxinfo32.dll
[2016/08/12 00:58:14 | 000,226,320 | ---- | C] () -- C:\WINDOWS\System32\atieah32.exe
[2016/07/25 14:03:14 | 002,895,360 | ---- | C] () -- C:\WINDOWS\System32\pwNative.exe
[2016/07/25 14:03:14 | 000,017,160 | ---- | C] () -- C:\WINDOWS\System32\pwdrvio.sys
[2016/07/25 14:03:14 | 000,013,064 | ---- | C] () -- C:\WINDOWS\System32\pwdspio.sys
[2016/07/16 14:32:04 | 000,590,586 | ---- | C] () -- C:\WINDOWS\System32\prfh0416.dat
[2016/07/16 14:32:04 | 000,328,278 | ---- | C] () -- C:\WINDOWS\System32\prfi0416.dat
[2016/07/16 14:32:04 | 000,196,468 | ---- | C] () -- C:\WINDOWS\System32\prfc0416.dat
[2016/07/16 14:32:04 | 000,040,752 | ---- | C] () -- C:\WINDOWS\System32\prfd0416.dat
[2016/07/16 05:31:24 | 000,296,742 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2016/07/16 05:31:24 | 000,033,362 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2016/07/16 05:31:21 | 000,919,464 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2016/07/16 05:31:21 | 000,267,764 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2016/07/16 05:30:03 | 000,215,943 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2016/07/16 05:30:03 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2016/07/16 05:26:16 | 000,000,191 | ---- | C] () -- C:\WINDOWS\System32\AppVStreamingUX.exe.config
[2016/07/16 05:26:16 | 000,000,146 | ---- | C] () -- C:\WINDOWS\System32\UevAppMonitor.exe.config
[2016/07/16 05:26:15 | 000,090,624 | ---- | C] () -- C:\WINDOWS\System32\RDVGHelper.exe
[2016/07/16 05:25:59 | 000,055,296 | ---- | C] () -- C:\WINDOWS\System32\BWContextHandler.dll
[2016/07/16 05:25:51 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\GamePanelExternalHook.dll
[2016/07/16 05:25:50 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\IHDS.dll
[2016/07/16 05:25:49 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\settings.dat
[2016/07/16 05:25:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2016/07/16 05:25:30 | 004,227,116 | ---- | C] () -- C:\WINDOWS\System32\DefaultHrtfs.bin
[2016/07/16 05:25:30 | 000,304,640 | ---- | C] () -- C:\WINDOWS\System32\HrtfApo.dll
[2016/07/16 05:25:30 | 000,149,044 | ---- | C] () -- C:\WINDOWS\System32\LargeRoom.bin
[2016/07/16 05:25:30 | 000,110,024 | ---- | C] () -- C:\WINDOWS\System32\MediumRoom.bin
[2016/07/16 05:25:30 | 000,069,776 | ---- | C] () -- C:\WINDOWS\System32\SmallRoom.bin
[2016/07/16 05:25:30 | 000,046,908 | ---- | C] () -- C:\WINDOWS\System32\OutdoorAudioEnvironment.bin
[2016/07/16 05:25:21 | 000,056,119 | ---- | C] () -- C:\WINDOWS\System32\srms.dat
[2016/07/16 05:25:08 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\BthpanContextHandler.dll
[2016/07/16 05:25:08 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2016/07/16 05:25:08 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\VpnSohDesktop.dll
[2016/07/16 05:25:08 | 000,002,307 | ---- | C] () -- C:\WINDOWS\System32\WimBootCompress.ini
[2016/07/16 05:25:07 | 000,190,976 | ---- | C] () -- C:\WINDOWS\System32\ism32k.dll
[2016/07/16 05:25:07 | 000,167,640 | ---- | C] () -- C:\WINDOWS\System32\chs_singlechar_pinyin.dat
[2016/07/16 05:25:01 | 000,062,976 | ---- | C] () -- C:\WINDOWS\System32\drivers\NetAdapterCx.sys
[2016/06/24 16:27:30 | 000,204,952 | ---- | C] () -- C:\WINDOWS\System32\ativvsvl.dat
[2016/06/24 16:27:30 | 000,157,144 | ---- | C] () -- C:\WINDOWS\System32\ativvsva.dat
[2016/06/23 05:37:20 | 000,882,174 | ---- | C] () -- C:\WINDOWS\System32\amdicdxx.dat
[2016/06/17 18:50:52 | 000,270,912 | ---- | C] () -- C:\WINDOWS\System32\ativvaxy_stn_nd.dat
[2016/06/17 18:45:12 | 000,368,672 | ---- | C] () -- C:\WINDOWS\System32\ativvaxy_el_nd.dat
[2016/06/16 18:09:38 | 000,260,720 | ---- | C] () -- C:\WINDOWS\System32\ativvaxy_FJ_nd.dat
[2016/06/13 22:34:14 | 000,021,628 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2016/06/13 22:11:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2016/06/06 20:52:00 | 000,260,980 | ---- | C] () -- C:\WINDOWS\System32\ativvaxy_FJ.dat
[2016/06/06 20:47:58 | 000,266,816 | ---- | C] () -- C:\WINDOWS\System32\ativvaxy_cz_nd.dat
[2016/05/24 14:19:21 | 000,000,514 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2016/05/24 13:30:14 | 005,681,192 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtvienna.dat
[2016/05/24 13:30:14 | 000,685,309 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2016/05/24 13:30:10 | 000,502,584 | ---- | C] () -- C:\WINDOWS\System32\audioLibVc.dll
[2016/05/24 13:30:10 | 000,188,696 | ---- | C] () -- C:\WINDOWS\System32\AcpiServiceVnA.dll
[2016/05/17 21:05:16 | 000,322,736 | ---- | C] () -- C:\WINDOWS\System32\ativvaxy_vi_nd.dat
[2016/05/17 20:25:46 | 000,234,032 | ---- | C] () -- C:\WINDOWS\System32\ativvaxy_cik_nd.dat
[2016/04/24 04:59:02 | 000,212,464 | ---- | C] () -- C:\WINDOWS\System32\clinfo.exe
[2016/04/21 14:45:24 | 000,166,624 | ---- | C] () -- C:\WINDOWS\System32\amde34b.dat
[2016/04/21 14:45:16 | 000,166,624 | ---- | C] () -- C:\WINDOWS\System32\amde34a.dat
[2016/04/21 14:44:18 | 000,175,584 | ---- | C] () -- C:\WINDOWS\System32\amde31a.dat
[2016/04/21 14:44:10 | 000,177,280 | ---- | C] () -- C:\WINDOWS\System32\ativce03.dat
[2016/04/21 14:41:46 | 000,100,816 | ---- | C] () -- C:\WINDOWS\System32\ativce02.dat
[2016/04/13 19:58:06 | 000,234,292 | ---- | C] () -- C:\WINDOWS\System32\ativvaxy_cik.dat
[2016/03/29 22:09:04 | 000,322,996 | ---- | C] () -- C:\WINDOWS\System32\ativvaxy_vi.dat
[2015/09/22 19:21:42 | 000,323,588 | ---- | C] () -- C:\WINDOWS\System32\ativvaxy_el.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2016/11/11 04:47:14 | 005,722,832 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2016/07/16 05:25:47 | 000,779,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2016/07/16 05:25:47 | 000,404,480 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections >[/color]
"Oi 3G" = 46 00 00 00 02 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [binary data]
"SavedLegacySettings" = 46 00 00 00 2B 7F 00 00 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 80 46 73 63 89 BA D1 01 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 02 00 00 00 0A 00 00 66 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes]
"DefaultConnectionSettings" = 46 00 00 00 AA 23 00 00 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 80 46 73 63 89 BA D1 01 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 02 00 00 00 0A 00 00 66 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes]

< End of report >

Publicité

Signaler le contenu de ce document

Publicité