cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 26-11-2017 01
Executado por Carlos Meneses (administrador) em MYJESUS (27-11-2017 06:49:14)
Executando a partir de C:\Users\Carlos Meneses\Downloads
Perfis Carregados: Carlos Meneses (Perfis Disponíveis: Carlos Meneses)
Platform: Windows 10 Home Single Language Versão 1703 15063.729 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Windows\SysWOW64\spdsvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe
(Yahoo Inc.) C:\Program Files (x86)\Yahoo!\yset\{E82E0E8C-F9D6-354A-99F3-F4E3E9952B55}\YSearchUtilSVC.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Pinger Company) C:\Users\Carlos Meneses\AppData\Local\Pinger.exe
(Intel® Corporation) C:\Program Files\Intel\ConnectCenter\bin\CCFManager.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8700.40675.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8700.40675.0_x64__8wekyb3d8bbwe\HxTsr.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Calculator.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [27024 2013-01-18] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3350760 2015-08-03] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IntelConnectCenter] => C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [90112 2015-03-16] (Intel® Corporation)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [1058864 2016-05-11] (GAS Tecnologia LTDA)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-12-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [644656 2013-08-17] (McAfee, Inc.)
HKLM-x32\...\Run: [ATLauncher] => C:\Program Files\McAfee\MSC\OOBE\ATLauncher.exe [487584 2012-08-02] (McAfee, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795672 2014-08-12] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe,
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2017-04-14] (Caixa Economica Federal)
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\WINDOWS\system32\eed_ec.dll,SpeedLauncher
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\Run: [Baixar Musicas Gratis] => C:\Program Files (x86)\Baixar Musicas Gratis\Baixar Musicas Gratis.exe [1381576 2015-06-16] (Baixar Musicas Gratis Company)
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\Run: [Baixar Musicas Gratis Service] => C:\Program Files (x86)\Baixar Musicas Gratis\Baixar Musicas GratisService.exe [128200 2015-06-16] ()
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\Run: [Pinger] => C:\Users\Carlos Meneses\AppData\Local\Pinger.exe [175104 2015-06-16] (Pinger Company)
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office\Office15\lync.exe [28164272 2017-10-17] (Microsoft Corporation)
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\...\Run: [PCLink] => C:\Program Files (x86)\ASUS\PC Link\PCLink.exe [640272 2015-10-29] (ASUSTek Computer Inc.)
HKU\S-1-5-18\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\WINDOWS\system32\eed_ec.dll,SpeedLauncher
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\PROGRAM FILES (X86)\GbPlugin\gbiehcef.dll [1903328 2017-04-14] (Caixa Economica Federal)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-08-17]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Restrição <==== ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{158bab61-f9f0-492f-b4a0-2ded6e228552}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{158bab61-f9f0-492f-b4a0-2ded6e228552}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{863d7a08-b5da-4b18-bced-c2901019e96f}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <==== ATENÇÃO
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=c8a269c9da6674841c23762f9ca0374a
HKU\S-1-5-21-211336474-3829928626-3676143547-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\S-1-5-21-211336474-3829928626-3676143547-1001 -> {7E0C37DB-E894-4D30-BE94-153730A1988F} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-211336474-3829928626-3676143547-1001 -> {F1BAD975-C1FD-47F1-BB3B-74DEC3004ECD} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-09-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20013\1.0.1221\1.0.1221\TmopIEPlg32.dll => Nenhum Arquivo
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-24] (Oracle Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehcef.dll [2017-04-14] (Caixa Economica Federal)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-24] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 81cf26ez.default
FF ProfilePath: C:\Users\Carlos Meneses\AppData\Roaming\Mozilla\Firefox\Profiles\81cf26ez.default [2017-11-25]
FF Homepage: Mozilla\Firefox\Profiles\81cf26ez.default -> hxxps://www.malwarebytes.org/restorebrowser//?tn=sdkw_inner_hp_09_hao123_br&guid=c8a269c9da6674841c23762f9ca0374a
FF Extension: (Disable Media WMF NV12 format) - C:\Users\Carlos Meneses\AppData\Roaming\Mozilla\Firefox\Profiles\81cf26ez.default\features\{c03d802d-4093-41e8-bcc6-71cdcb12ea4e}\disable-media-wmf-nv12@mozilla.org.xpi [2017-11-24] [Lagacy]
FF HKLM-x32\...\Firefox\Extensions: [{21541D23-FDA1-4bf3-8AF2-8F623BF70B07}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension => não encontrado (a)
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Nenhum Arquivo]
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-03] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-03] (Adobe Systems)
FF Plugin HKU\S-1-5-21-211336474-3829928626-3676143547-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Carlos Meneses\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2017-05-30] (Citrix Online)
FF Plugin HKU\S-1-5-21-211336474-3829928626-3676143547-1001: gastecnologia.com.br/sf/cef -> C:\Users\Carlos Meneses\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2015-01-23] (GAS Tecnologia)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=c8a269c9da6674841c23762f9ca0374a","hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&utm_campaign=c8a269c9da6674841c23762f9ca0374a"
CHR Profile: C:\Users\Carlos Meneses\AppData\Local\Google\Chrome\User Data\Default [2017-11-27]
CHR Extension: (Apresentações) - C:\Users\Carlos Meneses\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17]
CHR Extension: (Radio Do Brasil) - C:\Users\Carlos Meneses\AppData\Local\Google\Chrome\User Data\Default\Extensions\agljkoinmcdnopnlbhhjibjiablccgoh [2017-09-12]
CHR Extension: (Documentos) - C:\Users\Carlos Meneses\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Google Drive) - C:\Users\Carlos Meneses\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (TV) - C:\Users\Carlos Meneses\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2017-09-12]
CHR Extension: (YouTube) - C:\Users\Carlos Meneses\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-01]
CHR Extension: (Google Search) - C:\Users\Carlos Meneses\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-17]
CHR Extension: (Desafio de Golfe WGT) - C:\Users\Carlos Meneses\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg [2017-09-12]
CHR Extension: (Superinteressante) - C:\Users\Carlos Meneses\AppData\Local\Google\Chrome\User Data\Default\Extensions\degpihaammlmlmgcddhlnfebfcjlbjnk [2017-09-12]
CHR Extension: (Adobe Acrobat) - C:\Users\Carlos Meneses\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
CHR Extension: (Planilhas) - C:\Users\Carlos Meneses\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (globo.com) - C:\Users\Carlos Meneses\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjhhhkkndgijmpklfpibokdckbbmidoj [2017-09-12]
CHR Extension: (Full Screen Weather) - C:\Users\Carlos Meneses\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2017-09-12]
CHR Extension: (Documentos Google off-line) - C:\Users\Carlos Meneses\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Climatempo) - C:\Users\Carlos Meneses\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdpadclmjnppejbenfgklgaganbefgad [2017-09-12]
CHR Extension: (Pixlr Editor) - C:\Users\Carlos Meneses\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2017-09-12]
CHR Extension: (Dropbox) - C:\Users\Carlos Meneses\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-07-02]
CHR Extension: (ESPN Alertas) - C:\Users\Carlos Meneses\AppData\Local\Google\Chrome\User Data\Default\Extensions\kehfgmehejnhincbhnnkmiamegdhfcid [2015-04-15]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Carlos Meneses\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-28]
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\Carlos Meneses\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi [2014-12-15]
CHR Extension: (Xadrez) - C:\Users\Carlos Meneses\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgkjpihgghgbekgicphkebogelkkpghe [2014-11-26]
CHR Extension: (Gmail) - C:\Users\Carlos Meneses\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Carlos Meneses\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-15]
CHR Profile: C:\Users\Carlos Meneses\AppData\Local\Google\Chrome\User Data\Guest Profile [2015-01-13]
CHR Profile: C:\Users\Carlos Meneses\AppData\Local\Google\Chrome\User Data\System Profile [2017-09-12]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [31632 2013-01-18] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe [33168 2013-01-18] (Intel Corporation)
R2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [39824 2013-01-18] (Intel Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [147688 2015-08-03] (ELAN Microelectronics Corp.)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [631520 2017-04-14] (GAS Tecnologia)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-04] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 McAWFwk; C:\Program Files\McAfee\MSC\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe [327944 2016-07-19] (McAfee, Inc.)
S2 McOobeSv2; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 McSchedulerSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 Samsung Printer Dianostics Service; C:\WINDOWS\SysWOW64\\spdsvc.exe [499000 2016-07-17] ()
S2 STCServ; C:\Program Files\Intel\STCServ\STCServ.exe [8095456 2015-03-16] (Intel Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
R2 WakeupService; C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe [45488 2012-12-20] (ASUSTek Computer Inc.)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [1058864 2016-05-11] (GAS Tecnologia LTDA)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-10] (Microsoft Corporation)
R2 YSearchUtilSvc; C:\Program Files (x86)\Yahoo!\yset\{E82E0E8C-F9D6-354A-99F3-F4E3E9952B55}\YSearchUtilSvc.exe [160536 2016-01-11] (Yahoo Inc.)

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUS Corporation)
R3 DptfDevDram; C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys [107920 2013-01-18] (Intel Corporation)
R3 DptfDevFan; C:\WINDOWS\system32\DRIVERS\DptfDevFan.sys [43408 2013-01-18] (Intel Corporation)
R3 DptfDevGen; C:\WINDOWS\system32\DRIVERS\DptfDevGen.sys [65424 2013-01-18] (Intel Corporation)
R3 DptfDevPch; C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys [97680 2013-01-18] (Intel Corporation)
R3 DptfDevProc; C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys [229776 2013-01-18] (Intel Corporation)
R3 DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [363920 2013-01-18] (Intel Corporation)
R1 gbpddfac; C:\WINDOWS\System32\drivers\gbpddfac64.sys [28888 2017-11-26] (GAS Tecnologia)
R0 gbpddreg; C:\WINDOWS\System32\drivers\gbpddreg64.sys [29816 2017-11-23] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-12-08] (GAS Tecnologia)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R1 MpKsladee43e9; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B7551B27-FAF8-4F93-9113-CA6300189107}\MpKsladee43e9.sys [58120 2017-11-26] (Microsoft Corporation)
R1 MpKslbb6ed0c2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AA2F8DA9-1223-4BAA-8798-490E978159C4}\MpKslbb6ed0c2.sys [58120 2017-11-26] (Microsoft Corporation)
R0 PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2014-11-03] (GAS Tecnologia LTDA)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-07-07] (Basil)
R1 wsddfac; C:\WINDOWS\System32\drivers\wsddfac.sys [101080 2017-11-27] (GAS Tecnologia)
R1 wsddpp; C:\WINDOWS\system32\drivers\wsddpp.sys [103640 2015-03-18] (GAS Tecnologia)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-08-12] (CyberLink Corp.)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-11-27 06:48 - 2017-11-27 06:48 - 000060369 ____C C:\Users\Carlos Meneses\Downloads\fixlist.txt
2017-11-27 06:34 - 2017-11-27 06:38 - 000060370 ____C C:\Users\Carlos Meneses\Downloads\Addition.txt
2017-11-27 06:32 - 2017-11-27 06:49 - 000028642 ____C C:\Users\Carlos Meneses\Downloads\FRST.txt
2017-11-27 06:32 - 2017-11-27 06:49 - 000000000 ___DC C:\FRST
2017-11-27 06:29 - 2017-11-27 06:29 - 002391552 ____C (Farbar) C:\Users\Carlos Meneses\Downloads\FRST64.exe
2017-11-27 06:28 - 2017-11-27 06:29 - 001752064 ____C (Farbar) C:\Users\Carlos Meneses\Downloads\FRST (1).exe
2017-11-24 07:00 - 2017-11-24 07:01 - 001852992 ____C (Oracle Corporation) C:\Users\Carlos Meneses\Downloads\JavaSetup8u151.exe
2017-11-24 06:54 - 2017-11-24 19:11 - 000000000 ____D C:\Users\Carlos Meneses\.junique
2017-11-24 06:48 - 2017-11-24 06:48 - 000001432 ____C C:\Users\Carlos Meneses\Desktop\Tryd.lnk
2017-11-24 06:48 - 2017-11-24 06:48 - 000000000 ____D C:\Users\Carlos Meneses\AppData\Roaming\Microsoft\Windows\Start Menu\Tryd
2017-11-24 06:47 - 2017-11-24 12:53 - 000000000 ___DC C:\Tryd5
2017-11-24 06:42 - 2017-11-24 06:43 - 154583739 ____C C:\Users\Carlos Meneses\Downloads\instalador_tryd_modal.exe
2017-11-23 09:07 - 2017-11-17 07:31 - 000223640 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-11-23 09:07 - 2017-11-17 07:11 - 023680000 ____C (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-23 09:07 - 2017-11-17 07:00 - 002953216 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-23 09:07 - 2017-11-17 06:56 - 000757248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-11-23 09:07 - 2017-11-17 06:54 - 023684096 ____C (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-23 09:07 - 2017-11-17 06:52 - 006254080 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-23 09:07 - 2017-11-17 06:51 - 008197120 ____C (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-23 09:06 - 2017-11-17 07:46 - 002032536 ____C (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-11-23 09:06 - 2017-11-17 07:46 - 001578904 ____C (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-11-23 09:06 - 2017-11-17 07:46 - 001015704 ____C (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-11-23 09:06 - 2017-11-17 07:46 - 000821656 ____C (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-11-23 09:06 - 2017-11-17 07:46 - 000678808 ____C (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-11-23 09:06 - 2017-11-17 07:46 - 000613784 ____C (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-23 09:06 - 2017-11-17 07:46 - 000612248 ____C (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-23 09:06 - 2017-11-17 07:46 - 000484248 ____C (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-11-23 09:06 - 2017-11-17 07:46 - 000379288 ____C (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-11-23 09:06 - 2017-11-17 07:46 - 000259992 ____C (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-11-23 09:06 - 2017-11-17 07:46 - 000190360 ____C (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-11-23 09:06 - 2017-11-17 07:46 - 000136088 ____C (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-11-23 09:06 - 2017-11-17 07:46 - 000067992 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2017-11-23 09:06 - 2017-11-17 07:46 - 000034712 ____C (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-11-23 09:06 - 2017-11-17 07:41 - 000503704 ____C (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2017-11-23 09:06 - 2017-11-17 07:39 - 005477088 ____C (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-11-23 09:06 - 2017-11-17 07:39 - 001144728 ____C (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-11-23 09:06 - 2017-11-17 07:39 - 000643200 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-11-23 09:06 - 2017-11-17 07:37 - 021353200 ____C (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-11-23 09:06 - 2017-11-17 07:36 - 008319384 ____C (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-23 09:06 - 2017-11-17 07:03 - 003668992 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-23 09:06 - 2017-11-17 06:59 - 000064512 ____C (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-11-19 17:59 - 2017-11-19 17:59 - 000000000 ___DC C:\Users\Carlos Meneses\Downloads\[ Newytstorrent.com] Thor Ragnarok 2017 720p HDTS x264 AAC
2017-11-17 04:03 - 2017-11-17 04:03 - 000001809 ____C C:\Users\Carlos Meneses\Desktop\LOBOMAL.txt
2017-11-15 02:38 - 2017-11-02 03:16 - 002398696 ____C (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-11-15 02:38 - 2017-11-02 03:16 - 002327448 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-15 02:38 - 2017-11-02 03:15 - 001239448 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-11-15 02:38 - 2017-11-02 03:13 - 000546712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-15 02:38 - 2017-11-02 03:13 - 000212888 ____C (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-11-15 02:38 - 2017-11-02 03:13 - 000095640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-11-15 02:38 - 2017-11-02 03:12 - 000727336 ____C (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-11-15 02:38 - 2017-11-02 03:12 - 000654976 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-11-15 02:38 - 2017-11-02 03:12 - 000430848 ____C (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-11-15 02:38 - 2017-11-02 03:12 - 000412752 ____C (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-11-15 02:38 - 2017-11-02 03:12 - 000319384 ____C (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-11-15 02:38 - 2017-11-02 03:12 - 000144248 ____C (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-11-15 02:38 - 2017-11-02 03:10 - 006557520 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-15 02:38 - 2017-11-02 03:05 - 000187800 ____C (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-11-15 02:38 - 2017-11-02 03:04 - 001292360 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-15 02:38 - 2017-11-02 02:49 - 001838848 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-11-15 02:38 - 2017-11-02 02:45 - 000703056 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-11-15 02:38 - 2017-11-02 02:45 - 000613136 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-11-15 02:38 - 2017-11-02 02:45 - 000362144 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-11-15 02:38 - 2017-11-02 02:45 - 000354360 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-11-15 02:38 - 2017-11-02 02:45 - 000283544 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-11-15 02:38 - 2017-11-02 02:45 - 000172952 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-11-15 02:38 - 2017-11-02 02:45 - 000133896 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-11-15 02:38 - 2017-11-02 02:44 - 005808640 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-15 02:38 - 2017-11-02 02:44 - 000519680 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-11-15 02:38 - 2017-11-02 02:43 - 020372896 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-11-15 02:38 - 2017-11-02 02:36 - 000099328 ____C (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-11-15 02:38 - 2017-11-02 02:35 - 000228352 ____C (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-11-15 02:38 - 2017-11-02 02:35 - 000128512 ____C (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-11-15 02:38 - 2017-11-02 02:34 - 012803072 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-11-15 02:38 - 2017-11-02 02:34 - 000306176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-11-15 02:38 - 2017-11-02 02:34 - 000168448 ____C (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-11-15 02:38 - 2017-11-02 02:34 - 000110592 ____C (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-15 02:38 - 2017-11-02 02:34 - 000095232 ____C (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-11-15 02:38 - 2017-11-02 02:34 - 000033792 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-11-15 02:38 - 2017-11-02 02:32 - 008213504 ____C (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-11-15 02:38 - 2017-11-02 02:31 - 020512256 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-15 02:38 - 2017-11-02 02:30 - 013381120 ____C (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-15 02:38 - 2017-11-02 02:30 - 000719872 ____C (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-11-15 02:38 - 2017-11-02 02:30 - 000407040 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-11-15 02:38 - 2017-11-02 02:30 - 000388096 ____C (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-11-15 02:38 - 2017-11-02 02:30 - 000225792 ____C (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-11-15 02:38 - 2017-11-02 02:30 - 000165888 ____C (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-11-15 02:38 - 2017-11-02 02:30 - 000155136 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-11-15 02:38 - 2017-11-02 02:29 - 019338240 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-15 02:38 - 2017-11-02 02:29 - 000805888 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-11-15 02:38 - 2017-11-02 02:29 - 000752640 ____C (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-11-15 02:38 - 2017-11-02 02:29 - 000588800 ____C (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-15 02:38 - 2017-11-02 02:28 - 000939008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-11-15 02:38 - 2017-11-02 02:28 - 000002560 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-15 02:38 - 2017-11-02 02:27 - 002078720 ____C (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-11-15 02:38 - 2017-11-02 02:27 - 000179712 ____C (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-11-15 02:38 - 2017-11-02 02:27 - 000080896 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-15 02:38 - 2017-11-02 02:27 - 000079872 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-11-15 02:38 - 2017-11-02 02:27 - 000049152 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPKICmdlet.dll
2017-11-15 02:38 - 2017-11-02 02:26 - 005963776 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-11-15 02:38 - 2017-11-02 02:26 - 002671616 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-11-15 02:38 - 2017-11-02 02:26 - 001937408 ____C (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2017-11-15 02:38 - 2017-11-02 02:26 - 000755712 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-15 02:38 - 2017-11-02 02:26 - 000371712 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-11-15 02:38 - 2017-11-02 02:26 - 000068608 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2017-11-15 02:38 - 2017-11-02 02:25 - 012227072 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-15 02:38 - 2017-11-02 02:25 - 011888128 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-11-15 02:38 - 2017-11-02 02:25 - 004727808 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-15 02:38 - 2017-11-02 02:25 - 003377664 ____C (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-11-15 02:38 - 2017-11-02 02:25 - 000370688 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-11-15 02:38 - 2017-11-02 02:25 - 000364544 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-11-15 02:38 - 2017-11-02 02:25 - 000339968 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-11-15 02:38 - 2017-11-02 02:24 - 007598080 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-11-15 02:38 - 2017-11-02 02:24 - 000506368 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-15 02:38 - 2017-11-02 02:24 - 000463872 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-11-15 02:38 - 2017-11-02 02:24 - 000444928 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-11-15 02:38 - 2017-11-02 02:24 - 000358400 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-11-15 02:38 - 2017-11-02 02:23 - 002516480 ____C (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-15 02:38 - 2017-11-02 02:23 - 000680960 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-11-15 02:38 - 2017-11-02 02:23 - 000664576 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-11-15 02:38 - 2017-11-02 02:23 - 000590336 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-15 02:38 - 2017-11-02 02:23 - 000476160 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-11-15 02:38 - 2017-11-02 02:22 - 002859520 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-11-15 02:38 - 2017-11-02 02:22 - 002009600 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-11-15 02:38 - 2017-11-02 02:22 - 001884160 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2017-11-15 02:38 - 2017-11-02 02:22 - 001494528 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-11-15 02:38 - 2017-11-02 02:21 - 004417024 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-11-15 02:38 - 2017-11-02 02:21 - 003653120 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-15 02:38 - 2017-11-02 02:21 - 000787456 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-11-15 02:38 - 2017-11-02 02:21 - 000658432 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-15 02:38 - 2017-10-25 05:40 - 000339968 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-15 02:38 - 2017-10-15 13:09 - 002259760 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-11-15 02:38 - 2017-10-15 13:03 - 006765728 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-11-15 02:38 - 2017-10-15 13:01 - 000583160 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-11-15 02:38 - 2017-10-15 12:53 - 002969880 ____C (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-11-15 02:38 - 2017-10-15 12:53 - 000387928 ____C (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-11-15 02:38 - 2017-10-15 12:49 - 000094616 ____C (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-11-15 02:38 - 2017-10-15 12:49 - 000025088 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-11-15 02:38 - 2017-10-15 12:45 - 001292288 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-11-15 02:38 - 2017-10-15 12:45 - 001248768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-11-15 02:38 - 2017-10-15 12:44 - 000636416 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-11-15 02:38 - 2017-10-15 12:44 - 000050176 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-11-15 02:38 - 2017-10-15 12:42 - 005225984 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-11-15 02:38 - 2017-10-15 12:42 - 003667456 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-11-15 02:38 - 2017-10-15 12:41 - 004559360 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-11-15 02:38 - 2017-10-15 12:41 - 001019904 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-11-15 02:38 - 2017-10-15 12:38 - 000089088 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-11-15 02:38 - 2017-10-15 12:14 - 000037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-11-15 02:38 - 2017-10-15 12:13 - 000029696 ____C (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-11-15 02:38 - 2017-10-15 12:10 - 001303040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-11-15 02:38 - 2017-10-15 12:05 - 004396032 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-11-15 02:38 - 2017-10-15 12:04 - 005557760 ____C (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-11-15 02:37 - 2017-11-02 03:20 - 000965016 ____C (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-11-15 02:37 - 2017-11-02 03:20 - 000543640 ____C (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-11-15 02:37 - 2017-11-02 03:20 - 000469568 ____C (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-15 02:37 - 2017-11-02 03:14 - 000667040 ____C (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-15 02:37 - 2017-11-02 03:13 - 002443672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-15 02:37 - 2017-11-02 03:13 - 001345600 ____C (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-15 02:37 - 2017-11-02 03:12 - 000714648 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-11-15 02:37 - 2017-11-02 03:12 - 000038808 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2017-11-15 02:37 - 2017-11-02 03:12 - 000026472 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-11-15 02:37 - 2017-11-02 03:05 - 000871408 ____C (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-11-15 02:37 - 2017-11-02 02:37 - 001278976 ____C (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-11-15 02:37 - 2017-11-02 02:37 - 000465920 ____C (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-11-15 02:37 - 2017-11-02 02:37 - 000184320 ____C (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-11-15 02:37 - 2017-11-02 02:37 - 000077824 ____C (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-11-15 02:37 - 2017-11-02 02:36 - 000098816 ____C (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-11-15 02:37 - 2017-11-02 02:35 - 000064000 ____C (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-11-15 02:37 - 2017-11-02 02:35 - 000025600 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2017-11-15 02:37 - 2017-11-02 02:35 - 000002560 ____C (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-15 02:37 - 2017-11-02 02:34 - 000438784 ____C (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2017-11-15 02:37 - 2017-11-02 02:34 - 000138240 ____C (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2017-11-15 02:37 - 2017-11-02 02:34 - 000113152 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-11-15 02:37 - 2017-11-02 02:33 - 000529408 ____C (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-11-15 02:37 - 2017-11-02 02:33 - 000324608 ____C (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2017-11-15 02:37 - 2017-11-02 02:33 - 000090112 ____C (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2017-11-15 02:37 - 2017-11-02 02:33 - 000061440 ____C (Microsoft Corporation) C:\WINDOWS\system32\CertPKICmdlet.dll
2017-11-15 02:37 - 2017-11-02 02:32 - 000255488 ____C (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-11-15 02:37 - 2017-11-02 02:32 - 000125952 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2017-11-15 02:37 - 2017-11-02 02:31 - 000434176 ____C (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-11-15 02:37 - 2017-11-02 02:31 - 000411648 ____C (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-11-15 02:37 - 2017-11-02 02:31 - 000153088 ____C (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2017-11-15 02:37 - 2017-11-02 02:30 - 007339008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-11-15 02:37 - 2017-11-02 02:30 - 000635392 ____C (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-11-15 02:37 - 2017-11-02 02:30 - 000601088 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-11-15 02:37 - 2017-11-02 02:30 - 000229888 ____C (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-11-15 02:37 - 2017-11-02 02:29 - 000415232 ____C (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-11-15 02:37 - 2017-11-02 02:28 - 001468416 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-11-15 02:37 - 2017-11-02 02:28 - 000799744 ____C (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-11-15 02:37 - 2017-11-02 02:28 - 000772096 ____C (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-15 02:37 - 2017-11-02 02:27 - 000565248 ____C (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-11-15 02:37 - 2017-11-02 02:27 - 000537600 ____C (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-11-15 02:37 - 2017-11-02 02:26 - 004445696 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-11-15 02:37 - 2017-11-02 02:26 - 003060224 ____C (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-11-15 02:37 - 2017-11-02 02:26 - 002809344 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-11-15 02:37 - 2017-11-02 02:26 - 000986624 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-11-15 02:37 - 2017-11-02 02:25 - 003307008 ____C (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-11-15 02:37 - 2017-11-02 02:25 - 002052608 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-15 02:37 - 2017-11-02 02:25 - 001886208 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-11-15 02:37 - 2017-11-02 02:25 - 001713664 ____C (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-11-15 02:37 - 2017-11-02 02:25 - 000972288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-11-15 02:37 - 2017-11-02 02:25 - 000877568 ____C (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-11-15 02:37 - 2017-11-02 02:25 - 000684544 ____C (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-11-15 02:37 - 2017-11-02 02:24 - 004707840 ____C (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-11-15 02:37 - 2017-11-02 02:23 - 002449408 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-15 02:37 - 2017-11-02 02:23 - 000407040 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-15 02:37 - 2017-11-02 02:19 - 000124928 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-15 02:37 - 2017-10-15 12:59 - 000923040 ____C (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-11-15 02:37 - 2017-10-15 12:57 - 000712600 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-11-15 02:37 - 2017-10-15 12:57 - 000409496 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-11-15 02:37 - 2017-10-15 12:56 - 000872464 ____C (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-11-15 02:37 - 2017-10-15 12:55 - 007910960 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-11-15 02:37 - 2017-10-15 12:51 - 000584192 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-11-15 02:37 - 2017-10-15 12:15 - 000584192 ____C (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-11-15 02:37 - 2017-10-15 12:09 - 001878016 ____C (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-11-15 02:37 - 2017-10-15 12:09 - 000527360 ____C (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-11-15 02:37 - 2017-10-15 12:08 - 001260544 ____C (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-11-15 02:37 - 2017-10-15 12:08 - 000056832 ____C (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-11-15 02:37 - 2017-10-15 12:07 - 000925696 ____C (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-11-15 02:37 - 2017-10-15 12:05 - 001293824 ____C (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-11-15 02:37 - 2017-10-15 12:02 - 000079360 ____C (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-11-15 02:37 - 2017-10-15 12:00 - 000061952 ____C (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-11-15 00:50 - 2017-11-15 00:50 - 000821525 ____C C:\Users\Carlos Meneses\Downloads\Press_Release_3T17_VFinal.pdf
2017-11-14 05:10 - 2017-11-14 05:10 - 001715674 ____C C:\Users\Carlos Meneses\Downloads\CTAX_DF_2T17_v2.pdf
2017-11-13 14:34 - 2017-11-13 14:34 - 000000000 ____C C:\Users\Carlos Meneses\Desktop\modei.pdf
2017-11-10 12:11 - 2017-11-10 12:11 - 000673422 ____C C:\Users\Carlos Meneses\Downloads\-75 RUE LABROUSTE[6965].pdf
2017-11-10 09:37 - 2017-11-10 09:37 - 009088048 ____C (Banco do Brasil SA) C:\Users\Carlos Meneses\Downloads\DiagnosticoBB.exe
2017-11-09 03:22 - 2017-11-09 03:22 - 000087190 ____C C:\Users\Carlos Meneses\Downloads\fatura (8).pdf
2017-11-08 20:05 - 2017-11-08 20:05 - 000000000 ____D C:\Users\Carlos Meneses\AppData\Local\Windows Live
2017-10-31 01:39 - 2017-10-31 01:39 - 000501862 ____C C:\Users\Carlos Meneses\Downloads\legendas_tv_20171012104504000000.rar
2017-10-31 01:39 - 2017-10-31 01:39 - 000000000 ___DC C:\Users\Carlos Meneses\Downloads\legendas_tv_20171012104504000000
2017-10-31 01:38 - 2017-10-31 01:38 - 000886115 ____C C:\Users\Carlos Meneses\Downloads\legendas_tv_20171003210322000000.rar
2017-10-30 17:09 - 2017-10-30 17:10 - 001729447 ____C C:\Users\Carlos Meneses\Downloads\resdeclaraorubensvaldasilvatorres.zip

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-11-27 06:16 - 2017-08-01 00:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-27 05:34 - 2016-08-12 17:27 - 000101080 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys
2017-11-26 18:58 - 2015-05-15 01:15 - 000000062 ____C C:\Users\Carlos Meneses\AppData\Roaming\sp_data.sys
2017-11-26 18:56 - 2017-08-01 01:10 - 000003808 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-11-26 18:56 - 2017-04-12 10:49 - 000000000 ____D C:\Users\Todos os Usuários\ASUS Smart Gesture
2017-11-26 18:56 - 2017-04-12 10:49 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2017-11-26 18:56 - 2015-07-30 20:28 - 000000000 __SHD C:\Users\Carlos Meneses\IntelGraphicsProfiles
2017-11-26 18:56 - 2015-02-18 20:06 - 000000000 ___DC C:\Users\Todos os Usuários\GbPlugin
2017-11-26 18:56 - 2015-02-18 20:06 - 000000000 ___DC C:\ProgramData\GbPlugin
2017-11-26 18:46 - 2017-08-01 01:09 - 002483884 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-26 18:46 - 2017-03-20 02:00 - 000993788 _____ C:\WINDOWS\system32\prfh0416.dat
2017-11-26 18:46 - 2017-03-20 02:00 - 000277572 _____ C:\WINDOWS\system32\prfc0416.dat
2017-11-26 18:43 - 2015-08-28 23:35 - 000028888 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\gbpddfac64.sys
2017-11-26 18:43 - 2015-02-18 20:06 - 000000000 ___DC C:\Program Files (x86)\GbPlugin
2017-11-26 18:42 - 2017-08-01 01:10 - 000000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2017-11-26 18:42 - 2017-08-01 00:46 - 000000000 ____D C:\Users\Carlos Meneses
2017-11-26 12:00 - 2017-08-01 01:10 - 000003544 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2017-11-26 12:00 - 2017-08-01 01:10 - 000003534 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2017-11-25 03:07 - 2016-12-15 03:18 - 000000000 ___DC C:\Users\Carlos Meneses\AppData\LocalLow\Mozilla
2017-11-24 09:06 - 2017-07-08 18:10 - 000000000 ____D C:\Users\Carlos Meneses\AppData\Local\GoToMeeting
2017-11-24 07:12 - 2015-05-02 19:33 - 000000000 ___DC C:\Program Files (x86)\Java
2017-11-24 07:12 - 2014-10-05 14:41 - 000000000 ___DC C:\Users\Todos os Usuários\Oracle
2017-11-24 07:12 - 2014-10-05 14:41 - 000000000 ___DC C:\ProgramData\Oracle
2017-11-24 07:11 - 2014-10-21 01:24 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-11-24 07:10 - 2017-03-18 19:01 - 000000000 ____D C:\WINDOWS\INF
2017-11-24 07:10 - 2016-01-26 18:28 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-11-24 06:40 - 2017-03-18 19:03 - 000000000 ____D C:\WINDOWS\rescache
2017-11-24 05:26 - 2017-03-18 19:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-24 05:25 - 2014-03-19 06:39 - 000000000 _RHDC C:\Users\Public\AccountPictures
2017-11-23 20:22 - 2017-08-01 00:40 - 004972472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-23 20:21 - 2016-08-12 17:24 - 000029816 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\gbpddreg64.sys
2017-11-23 20:20 - 2017-03-18 09:40 - 003145728 _____ C:\WINDOWS\system32\config\BBI
2017-11-23 12:31 - 2017-03-18 19:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-23 09:14 - 2017-03-18 18:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-23 06:04 - 2017-06-21 16:52 - 000000000 ___DC C:\Program Files (x86)\Mozilla Firefox
2017-11-23 06:04 - 2017-05-30 16:57 - 000000700 ____C C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-211336474-3829928626-3676143547-1001.job
2017-11-23 06:04 - 2017-05-30 16:57 - 000000604 ____C C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-211336474-3829928626-3676143547-1001.job
2017-11-23 06:04 - 2015-04-30 22:47 - 000000000 ___DC C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-21 17:15 - 2017-03-18 19:03 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-11-21 10:30 - 2014-08-09 20:59 - 000000000 ___DC C:\Users\Carlos Meneses\AppData\Roaming\uTorrent
2017-11-21 04:40 - 2014-08-09 22:30 - 000000000 ___DC C:\WINDOWS\system32\MRT
2017-11-21 04:30 - 2017-10-10 20:50 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-21 04:29 - 2014-08-09 22:30 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-11-21 01:29 - 2015-08-02 17:57 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-11-19 21:02 - 2014-08-21 01:58 - 000000000 ___DC C:\Users\Carlos Meneses\AppData\Roaming\vlc
2017-11-18 11:31 - 2017-08-01 01:10 - 000003870 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-211336474-3829928626-3676143547-1001
2017-11-18 11:31 - 2017-08-01 01:10 - 000003774 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-211336474-3829928626-3676143547-1001
2017-11-17 04:09 - 2015-04-30 22:47 - 000001173 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-11-17 04:09 - 2015-04-30 22:47 - 000000000 ___DC C:\Users\Carlos Meneses\AppData\Roaming\Mozilla
2017-11-16 05:24 - 2017-08-01 01:10 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-11-16 05:23 - 2015-07-14 19:39 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-15 18:38 - 2017-07-31 18:45 - 000000000 ___DC C:\WINDOWS\Panther
2017-11-15 18:29 - 2017-03-18 19:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-15 18:29 - 2017-03-18 19:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-11-15 18:29 - 2017-03-18 19:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-11-15 18:29 - 2017-03-18 19:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-11-15 18:29 - 2017-03-18 19:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-11-15 02:44 - 2014-08-14 01:49 - 000000000 __RDC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-11-15 02:44 - 2014-08-10 07:01 - 000000000 ___DC C:\Users\Todos os Usuários\Microsoft Help
2017-11-14 21:41 - 2012-07-26 03:26 - 000000167 ____C C:\WINDOWS\win.ini
2017-11-14 20:48 - 2017-08-01 01:10 - 000003586 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-14 20:48 - 2017-08-01 01:10 - 000003462 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-14 11:49 - 2017-03-18 19:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-11-14 11:49 - 2017-03-18 19:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-11-13 17:40 - 2014-11-22 14:12 - 000002270 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-10 09:38 - 2014-08-28 05:05 - 000000000 ___DC C:\Users\Todos os Usuários\Temp
2017-11-10 09:38 - 2014-08-28 05:05 - 000000000 ___DC C:\ProgramData\Temp
2017-11-08 20:03 - 2017-09-22 14:23 - 000001271 ____C C:\Users\Carlos Meneses\Desktop\modaltrader.lnk
2017-11-06 20:05 - 2017-08-01 11:55 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-211336474-3829928626-3676143547-1001
2017-11-06 20:05 - 2015-07-30 20:57 - 000002437 _____ C:\Users\Carlos Meneses\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-06 20:05 - 2014-08-10 15:00 - 000000000 _RDOC C:\Users\Carlos Meneses\OneDrive
2017-11-04 23:40 - 2017-03-18 19:06 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-11-04 23:40 - 2017-03-18 19:06 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Arquivos na raiz de alguns diretórios =======

2015-05-15 01:15 - 2017-11-26 18:58 - 000000062 ____C () C:\Users\Carlos Meneses\AppData\Roaming\sp_data.sys
2014-12-02 04:02 - 2014-12-02 04:02 - 000015700 ____C () C:\Users\Carlos Meneses\AppData\Roaming\unins000.dat
2014-12-02 04:02 - 2014-12-02 04:02 - 000730322 ____C () C:\Users\Carlos Meneses\AppData\Roaming\unins000.exe
2017-09-22 14:24 - 2017-09-22 14:24 - 000000000 ____H () C:\Users\Carlos Meneses\AppData\Local\AppUpdate.log
2015-06-23 18:16 - 2015-06-27 01:11 - 000000054 ____C () C:\Users\Carlos Meneses\AppData\Local\ca
2015-06-23 18:16 - 2015-06-27 01:11 - 000059324 ____C () C:\Users\Carlos Meneses\AppData\Local\gn
2014-09-05 03:45 - 2013-03-18 19:45 - 001122304 ____C (The OpenSSL Project, http://www.openssl.org/) C:\Users\Carlos Meneses\AppData\Local\libeay32.dll
2014-09-05 03:48 - 2015-06-27 01:11 - 000653822 ____C () C:\Users\Carlos Meneses\AppData\Local\log.txt
2014-09-05 03:46 - 2011-06-11 02:58 - 000421200 ____C (Microsoft Corporation) C:\Users\Carlos Meneses\AppData\Local\msvcp100.dll
2014-09-05 03:46 - 2011-06-11 02:58 - 000773968 ____C (Microsoft Corporation) C:\Users\Carlos Meneses\AppData\Local\msvcr100.dll
2015-06-23 18:16 - 2015-06-27 01:02 - 000093558 ____C () C:\Users\Carlos Meneses\AppData\Local\pi
2015-06-23 18:15 - 2015-06-16 13:40 - 000175104 ____C (Pinger Company) C:\Users\Carlos Meneses\AppData\Local\Pinger.exe
2014-09-05 03:46 - 2014-07-07 12:54 - 002599936 ____C (Digia Plc and/or its subsidiary(-ies)) C:\Users\Carlos Meneses\AppData\Local\QtCore4.dll
2014-09-05 03:46 - 2014-04-20 04:43 - 008587264 ____C (Digia Plc and/or its subsidiary(-ies)) C:\Users\Carlos Meneses\AppData\Local\QtGui4.dll
2014-09-05 03:46 - 2014-04-20 04:38 - 001053184 ____C (Digia Plc and/or its subsidiary(-ies)) C:\Users\Carlos Meneses\AppData\Local\QtNetwork4.dll
2014-09-05 03:46 - 2014-04-20 06:40 - 013108224 ____C (Digia Plc and/or its subsidiary(-ies)) C:\Users\Carlos Meneses\AppData\Local\QtWebKit4.dll
2015-06-23 18:16 - 2015-06-24 18:17 - 000073368 ____C () C:\Users\Carlos Meneses\AppData\Local\sind
2014-09-12 00:31 - 2014-11-13 03:17 - 000030107 ____C () C:\Users\Carlos Meneses\AppData\Local\sinder.txt
2014-09-05 03:45 - 2013-03-18 19:45 - 000274432 ____C (The OpenSSL Project, http://www.openssl.org/) C:\Users\Carlos Meneses\AppData\Local\ssleay32.dll
2015-06-23 18:16 - 2015-06-27 01:11 - 000061804 ____C () C:\Users\Carlos Meneses\AppData\Local\view
2014-09-05 03:46 - 2014-11-13 03:17 - 000053950 ____C () C:\Users\Carlos Meneses\AppData\Local\viewer.txt

==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

LastRegBack: 2017-11-25 04:06

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité