Vírus no Windows 10

Question

Oi, pessoal, tudo bem?

Meu computador foi infectado, dei boot e gostaria de pedir encarecidamente para que voc&ecirc;s analisem meu log do HijackThis. Estou &agrave; disposi&ccedil;&atilde;o pra qualquer orienta&ccedil;&atilde;o que voc&ecirc;s me derem.

Muito, muito obrigada.

Rafaela - RJ

[SPOILER=log hijackthis]
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:43:14, on 14/05/2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files\Diebold\Warsaw\core.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32	askhostw.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Display
vtray.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Users\Rafaela Andrade\Downloads\HijackThis.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20022.11011.0_x86__8wekyb3d8bbwe\Video.UI.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera_crashreporter.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\conhost.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\360\Total Security\safemon\chrome\360webshield.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Windows\System32\smartscreen.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Users\Rafaela Andrade\Desktop\FRST.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\WINDOWS\system32\backgroundTaskHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Windows\System32\RuntimeBroker.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SecurityHealth] %ProgramFiles%\Windows Defender\MSASCuiL.exe
O4 - HKLM\..\Run: [jswtrayutil] C:\Program Files\INTELBRAS\WBN 240\WPS\jswtrayutil.exe
O4 - HKLM\..\Run: [NvBackend] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32undll32.exe C:\Windows\system32
vspcap.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QHSafeTray] C:\Program Files\360\Total Security\safemon\360Tray.exe /start
O4 - HKCU\..\Run: [Xvid] C:\Program Files\XviD\CheckUpdate.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe /MONITOR
O4 - HKCU\..\Run: [Spotify] C:\Users\Rafaela Andrade\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKCU\..\Run: [Opera Browser Assistant] C:\Program Files\Opera\assistant\browser_assistant.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'SERVI&Ccedil;O LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'SERVI&Ccedil;O LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'SERVI&Ccedil;O DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'SERVI&Ccedil;O DE REDE')
O4 - HKUS\S-1-5-18\..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe /MONITOR (User 'SISTEMA')
O4 - HKUS\.DEFAULT\..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe /MONITOR (User 'Default user')
O4 - Global Startup: Monitor.lnk = ?
O4 - Global Startup: PCTV Quick.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Anota&ccedil;&otilde;es Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anota&ccedil;&otilde;es Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: www.bancobrasil.com.br
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: aapj.bb.com.br
O15 - Trusted Zone: seg.bb.com.br
O15 - Trusted Zone: www.bb.com.br
O15 - Trusted Zone: cloud.gastecnologia.com.br
O15 - Trusted Zone: www.google.com.br
O15 - Trusted Zone: www.itau.b.br
O15 - Trusted Zone: *.itau.b.br
O15 - Trusted Zone: bankline.itau.com.br
O15 - Trusted Zone: banklineplus.itau.com.br
O15 - Trusted Zone: clickbanking.itau.com.br
O15 - Trusted Zone: guardiao.itau.com.br
O15 - Trusted Zone: www.itau.com.br
O15 - Trusted Zone: http://www.itau.com.br
O15 - Trusted Zone: *.itau.com.br
O15 - Trusted Zone: www.itaupersonnalite.com.br
O15 - Trusted Zone: http://www.itaupersonnalite.com.br
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32	bauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32	bauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~2\fastsys\fastsys.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\81.0.4044.138\elevation_service.exe
O23 - Service: Servi&ccedil;o do Google Update (gupdate) (gupdate) - Google LLC - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servi&ccedil;o do Google Update (gupdatem) (gupdatem) - Google LLC - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32
vvsvc.exe
O23 - Service: 360 Total Security (QHActiveDefense) - Qihoo 360 Technology Co. Ltd. - C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe
O23 - Service: QHProtected - Qihoo 360 Technology Co. Ltd. - C:\Program Files\360\Total Security\safemon\WscReg.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - Unknown owner - C:\Program Files\NVIDIA Corporation\3D Vision
vSCPAPISvr.exe (file missing)
O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe

--
End of file - 10021 bytes

[/SPOILER]

Answer

[QUOTE=raferreirand, post: 8327747, member: 1245867]Oi, pessoal, tudo bem?

Meu computador foi infectado, dei boot e gostaria de pedir encarecidamente para que voc&ecirc;s analisem meu log do HijackThis. Estou &agrave; disposi&ccedil;&atilde;o pra qualquer orienta&ccedil;&atilde;o que voc&ecirc;s me derem.

Muito, muito obrigada.

Rafaela - RJ

[SPOILER=log hijackthis]
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:43:14, on 14/05/2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files\Diebold\Warsaw\core.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32	askhostw.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Display
vtray.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Users\Rafaela Andrade\Downloads\HijackThis.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20022.11011.0_x86__8wekyb3d8bbwe\Video.UI.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera_crashreporter.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\conhost.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\360\Total Security\safemon\chrome\360webshield.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Windows\System32\smartscreen.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\Users\Rafaela Andrade\Desktop\FRST.exe
C:\Program Files\Opera\68.0.3618.104\opera.exe
C:\WINDOWS\system32\backgroundTaskHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Windows\System32\RuntimeBroker.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SecurityHealth] %ProgramFiles%\Windows Defender\MSASCuiL.exe
O4 - HKLM\..\Run: [jswtrayutil] C:\Program Files\INTELBRAS\WBN 240\WPS\jswtrayutil.exe
O4 - HKLM\..\Run: [NvBackend] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32undll32.exe C:\Windows\system32
vspcap.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QHSafeTray] C:\Program Files\360\Total Security\safemon\360Tray.exe /start
O4 - HKCU\..\Run: [Xvid] C:\Program Files\XviD\CheckUpdate.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe /MONITOR
O4 - HKCU\..\Run: [Spotify] C:\Users\Rafaela Andrade\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKCU\..\Run: [Opera Browser Assistant] C:\Program Files\Opera\assistant\browser_assistant.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'SERVI&Ccedil;O LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'SERVI&Ccedil;O LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'SERVI&Ccedil;O DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'SERVI&Ccedil;O DE REDE')
O4 - HKUS\S-1-5-18\..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe /MONITOR (User 'SISTEMA')
O4 - HKUS\.DEFAULT\..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe /MONITOR (User 'Default user')
O4 - Global Startup: Monitor.lnk = ?
O4 - Global Startup: PCTV Quick.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Anota&ccedil;&otilde;es Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anota&ccedil;&otilde;es Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: www.bancobrasil.com.br
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: aapj.bb.com.br
O15 - Trusted Zone: seg.bb.com.br
O15 - Trusted Zone: www.bb.com.br
O15 - Trusted Zone: cloud.gastecnologia.com.br
O15 - Trusted Zone: www.google.com.br
O15 - Trusted Zone: www.itau.b.br
O15 - Trusted Zone: *.itau.b.br
O15 - Trusted Zone: bankline.itau.com.br
O15 - Trusted Zone: banklineplus.itau.com.br
O15 - Trusted Zone: clickbanking.itau.com.br
O15 - Trusted Zone: guardiao.itau.com.br
O15 - Trusted Zone: www.itau.com.br
O15 - Trusted Zone: http://www.itau.com.br
O15 - Trusted Zone: *.itau.com.br
O15 - Trusted Zone: www.itaupersonnalite.com.br
O15 - Trusted Zone: http://www.itaupersonnalite.com.br
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32	bauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32	bauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~2\fastsys\fastsys.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\81.0.4044.138\elevation_service.exe
O23 - Service: Servi&ccedil;o do Google Update (gupdate) (gupdate) - Google LLC - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servi&ccedil;o do Google Update (gupdatem) (gupdatem) - Google LLC - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32
vvsvc.exe
O23 - Service: 360 Total Security (QHActiveDefense) - Qihoo 360 Technology Co. Ltd. - C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe
O23 - Service: QHProtected - Qihoo 360 Technology Co. Ltd. - C:\Program Files\360\Total Security\safemon\WscReg.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - Unknown owner - C:\Program Files\NVIDIA Corporation\3D Vision
vSCPAPISvr.exe (file missing)
O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe

--
End of file - 10021 bytes

[/SPOILER][/QUOTE]

Boa tarde!

Seja bem vinda ao f&oacute;rum! ;)

O que levou a achar que est&aacute; com v&iacute;rus no computador? Algum alerta do antiv&iacute;rus?

Por gentileza, siga o tutorial nesse outro t&oacute;pico para postar o log do FRST, pois o Hijackthis j&aacute; est&aacute; ultrapassado e incompleto principalmente para o Windows 10

[SIZE=4]Problemas com v&iacute;rus? Saiba como criar um t&oacute;pico para an&aacute;lise.[/SIZE]

Answer

[QUOTE=PH, post: 8327755, member: 1127]Boa tarde!

Seja bem vinda ao f&oacute;rum! ;)

O que levou a achar que est&aacute; com v&iacute;rus no computador? Algum alerta do antiv&iacute;rus?

Por gentileza, siga o tutorial nesse outro t&oacute;pico para postar o log do FRST, pois o Hijackthis j&aacute; est&aacute; ultrapassado.

[SIZE=4]Problemas com v&iacute;rus? Saiba como criar um t&oacute;pico para an&aacute;lise.[/SIZE][/QUOTE]

Muito obrigada pela resposta :)

Ap&oacute;s tentar baixar alguns torrents, meu navegador come&ccedil;ou a travar e todos os programas come&ccedil;aram a n&atilde;o responder. Em seguida, era como se a tecla Ctrl do teclado estivesse permanentemente clicada e n&atilde;o conseguia clicar em mais nada. Quando fui tentar escrever, n&atilde;o apareciam letras, mas s&iacute;mbolos. Fiquei assustada e imediatamente fiz o boot a partir de um pendrive.

Segue o log e Addition do FRST.

Muito obrigada,

Rafaela
[SPOILER=addition FRST]
Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Vers&atilde;o: 13-05-2020 01
Executado por Rafaela Andrade (14-05-2020 14:44:44)
Executando a partir de C:\Users\Rafaela Andrade\Desktop
Microsoft Windows 10 Home Vers&atilde;o 1803 17134.1246 (X86) (2018-05-26 22:13:30)
Modo da Inicializa&ccedil;&atilde;o: Normal
==========================================================

==================== Contas: =============================

Administrador (S-1-5-21-3389360482-2779716845-3774890508-500 - Administrator - Disabled)
Convidado (S-1-5-21-3389360482-2779716845-3774890508-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3389360482-2779716845-3774890508-503 - Limited - Disabled)
Rafaela Andrade (S-1-5-21-3389360482-2779716845-3774890508-1000 - Administrator - Enabled) => C:\Users\Rafaela Andrade
WDAGUtilityAccount (S-1-5-21-3389360482-2779716845-3774890508-504 - Limited - Disabled)

==================== Central de Seguran&ccedil;a ========================

(Se uma entrada for inclu&iacute;da na fixlist, ser&aacute; removida.)

AV: 360 Total Security (Enabled - Up to date) {2ACC6E6C-C52C-B3B4-DA13-A43E20B1E26D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 360 Total Security (Enabled - Up to date) {91AD8F88-E316-BC3A-E0A3-9F4C5B36A8D0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indica&ccedil;&atilde;o Oculto podem ser adicionados &agrave; fixlist para desocult&aacute;-los. Os programas adwares devem ser desinstalados manualmente.)

&micro;Torrent (HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\uTorrent) (Version: 3.5.5.45628 - BitTorrent Inc.)
360 Total Security (HKLM\...\360TotalSecurity) (Version: 10.6.0.1210 - 360 Security Center)
Adobe Acrobat Reader DC - Portugu&ecirc;s (HKLM\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 20.009.20063 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Any Video Converter 5.7.3 (HKLM\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Any Video Converter 6.2.0 (HKLM\...\Any Video Converter) (Version: 6.2.0 - Anvsoft)
Arquivo do WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
Ashampoo Burning Studio 2012 v10.0.15 (HKLM\...\Ashampoo Burning Studio 2012_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG)
Assistente de Atualiza&ccedil;&atilde;o do Windows 10 (HKLM\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
Assistente Wireless WPS Intelbras WBN 240 (HKLM\...\{153898EE-EECA-471E-8E33-C8485EA84C07}) (Version: 1.0.0.0 - INTELBRAS)
Atualiza&ccedil;&otilde;es da NVIDIA 17.12.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 17.12.8 - NVIDIA Corporation) Hidden
aTube Catcher (HKLM\...\aTube Catcher) (Version: 3.8.7955 - DsNET Corp)
Auto Gordian Knot 2.55 (HKLM\...\AutoGK) (Version: 2.55 - len0x)
AviSynth 2.5 (HKLM\...\AviSynth) (Version:  - )
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.72.1082 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dicion&aacute;rio de Sin&ocirc;nimos AOL (HKLM\...\Dicion&aacute;rio de Sin&ocirc;nimos AOL) (Version:  - )
Estudo de aprimoramento de produto para HP DeskJet 3630 series (HKLM\...\{97205C8F-5D38-43FA-B8B5-FA3BFBA8B44A}) (Version: 35.0.60.52855 - Hewlett-Packard Co.)
Faces 1.03.8 (HKLM\...\{A828537C-87AF-4E9D-9C54-11D34B8E2FBA}_is1) (Version:  - Positivo Inform&aacute;tica S.A.)
ffdshow [rev 2202] [2008-10-10] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
FormatFactory 3.3.5.0 (HKLM\...\FormatFactory) (Version: 3.3.5.0 - Format Factory)
Free Screen To Video V 2.0 (HKLM\...\Free Screen To Video_is1) (Version: 2.0.0.0 - Koyote Soft)
Freeware PDF Unlocker (HKLM\...\{010C0B4A-DC93-4BB4-893B-BDDE95355A3E}) (Version: 1.0.4 - SMTguru)
Google Chrome (HKLM\...\Google Chrome) (Version: 81.0.4044.138 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HP DeskJet 3630 series Ajuda (HKLM\...\{1E5389BF-2F21-4312-A603-09A5A75AAEF5}) (Version: 35.0.0 - Hewlett Packard)
HP DeskJet 3630 series Software b&aacute;sico do dispositivo (HKLM\...\{C1ED1E43-2515-49E4-AC86-DB5060B37DC0}) (Version: 35.0.60.52855 - Hewlett-Packard Co.)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
ImagXpress (HKLM\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
IRPF2017 (HKLM\...\IRPF2017) (Version: 1.1 - Receita Federal do Brasil)
IRPF2018 (HKLM\...\IRPF2018) (Version: 1.4 - Receita Federal do Brasil)
IRPF2020 (HKLM\...\IRPF2020) (Version: 1.5 - Receita Federal do Brasil)
Java 8 Update 241 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
K-Lite Mega Codec Pack 6.4.0 (HKLM\...\KLiteCodecPack_is1) (Version: 6.4.0 - )
Last.fm Scrobbler 2.1.37 (HKLM\...\LastFM_is1) (Version:  - Last.fm)
Legendas 2.0 (HKLM\...\{F68E5233-94EC-4ABB-B5DB-0262BBB69355}_is1) (Version: 2.0 - Legendasbrasil.com.br)
Legendas 2.1 (HKLM\...\{12FF7BE8-C75B-4B9B-8ADF-E51B8569E77F}_is1) (Version: 2.1 - Legendasbrasil.com.br)
Legendas 3.1 (HKLM\...\{461C0377-D2EC-4FB0-B038-847BC6455432}_is1) (Version: 3.1 - LegendasBrasil.com.br)
Lyrics Plugin for Windows Media Player (HKLM\...\{43002AE2-4093-49E0-A03D-990EE184C568}) (Version: 0.4 - Lyrics Plugin)
M799 PCIe Hybrid Analog/SBTD-T 1.3.0.76 (HKLM\...\AVerMedia M799 PCIe Hybrid Analog/SBTD-T) (Version: 1.3.0.76 - )
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-0081-0416-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (Portuguese (Brazil)) (HKLM\...\{95120000-00AF-0416-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM\...\{99BD04BB-275E-4792-BE39-420703BF8392}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Moo0 Voice Recorder 1.43 (HKLM\...\Moo0 VoiceRecorder) (Version:  - )
Movie Subtitles Searcher 1.0 (HKLM\...\{0428932D-FEAE-4FA2-953B-0437ABE9ADF3}_is1) (Version: 1.0 - OpenSubtitles.org)
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
NoMore Ads (HKLM\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version:  - NoMore Ads)  C:\Program Files\WindowsApps\A278AB0D.PaddingtonRun_1.3.6.0_x86__h6adky7gbf63m [2019-09-14] (Gameloft.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_110.1.728.0_x86__v10z8vjag6ke6 [2020-05-14] (HP Inc.)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.2.0_neutral__8xx8rvfyw5nnt [2020-03-23] (Instagram)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Not&iacute;cias -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.38.21323.0_x86__8wekyb3d8bbwe [2020-05-14] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x86__8wekyb3d8bbwe [2020-05-14] (Microsoft Studios) [MS Ad]
MSN Clima -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x86__8wekyb3d8bbwe [2020-05-14] (Microsoft Corporation) [MS Ad]
MSN Dinheiro -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x86__8wekyb3d8bbwe [2020-03-23] (Microsoft Corporation) [MS Ad]
MSN Esportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x86__8wekyb3d8bbwe [2020-05-14] (Microsoft Corporation) [MS Ad]
Sonic Dash -> C:\Program Files\WindowsApps\SegaNetworksInc.56538047DFC80_3.6.4.0_x86__as33fap47kd3c [2017-07-31] (SEGA Networks Inc)
Telefone Microsoft -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x86__8wekyb3d8bbwe [2018-09-11] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-11] (Twitter Inc.)

==================== Exame Personalizado CLSID (Whitelisted): ==============

(Se uma entrada for inclu&iacute;da na fixlist, ser&aacute; removida do Registro. O arquivo n&atilde;o ser&aacute; movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000_Classes\CLSID\{7D4733C0-C43B-4A81-AF43-F9B20D1F8348}\InprocServer32 -> C:\Users\Rafaela Andrade\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1702150-0-apoctoshape.dll (Octoshape -> Octoshape ApS)
CustomCLSID: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000_Classes\CLSID\{E7629152-0A34-4487-B787-5D1144304455}\localserver32 -> C:\Program Files\Opera\68.0.3618.104\notification_helper.exe (Opera Software AS -> The Chromium Authors)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Nenhum Arquivo
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll [2008-09-19] (Nero AG -> Nero AG)
ContextMenuHandlers1: [Explorer Context Menu] -> {82C63EC5-1B4C-43B7-7AC8-57148B696B95} => C:\Users\Rafaela Andrade\AppData\Roaming\Legendas-2.29\Application Files\Legendas-2.29\shellmenu.exe [2008-11-06] (Explorer Context Menu Systems, Inc.) [Arquivo n&atilde;o assinado]
ContextMenuHandlers1: [Legendas230] -> {08940faf-34c4-4e6e-8bd4-18c128696403} => C:\Program Files\Legendas-3.1\Legendas31_20.dll [2014-07-29] (LegendasBrasil.com.br) [Arquivo n&atilde;o assinado]
ContextMenuHandlers1: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files\360\Total Security\MenuEx.dll [2018-08-24] (QIHU 360 SOFTWARE CO. LIMITED -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [Arquivo n&atilde;o assinado]
ContextMenuHandlers2: [Explorer Context Menu] -> {82C63EC5-1B4C-43B7-7AC8-57148B696B95} => C:\Users\Rafaela Andrade\AppData\Roaming\Legendas-2.29\Application Files\Legendas-2.29\shellmenu.exe [2008-11-06] (Explorer Context Menu Systems, Inc.) [Arquivo n&atilde;o assinado]
ContextMenuHandlers4: [Explorer Context Menu] -> {82C63EC5-1B4C-43B7-7AC8-57148B696B95} => C:\Users\Rafaela Andrade\AppData\Roaming\Legendas-2.29\Application Files\Legendas-2.29\shellmenu.exe [2008-11-06] (Explorer Context Menu Systems, Inc.) [Arquivo n&atilde;o assinado]
ContextMenuHandlers4: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files\360\Total Security\MenuEx.dll [2018-08-24] (QIHU 360 SOFTWARE CO. LIMITED -> )
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [Arquivo n&atilde;o assinado]
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Nenhum Arquivo
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files\360\Total Security\MenuEx.dll [2018-08-24] (QIHU 360 SOFTWARE CO. LIMITED -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [Arquivo n&atilde;o assinado]

==================== Codecs (Whitelisted) ====================

(Se uma entrada for inclu&iacute;da na fixlist, o &iacute;tem no Registro ser&aacute; restaurado para o padr&atilde;o ou removido. O arquivo n&atilde;o ser&aacute; movido.)

HKLM\...\Drivers32: [vidc.i263] => C:\Windows\system32\i263_32.drv [391680 1997-04-07] (Intel Corporation) [Arquivo n&atilde;o assinado]
HKLM\...\Drivers32: [msacm.l3fhg] => C:\Windows\system32\mp3fhg.acm [232448 2006-10-18] (Fraunhofer Institut Integrierte Schaltungen IIS) [Arquivo n&atilde;o assinado]
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\system32\divxa32.acm [287744 2001-02-24] (Kristal StudioDFileDescription) [Arquivo n&atilde;o assinado]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw.dll [2931712 2010-09-04] () [Arquivo n&atilde;o assinado]
HKLM\...\Drivers32: [VIDC.VP60] => C:\Windows\system32\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [VIDC.VP61] => C:\Windows\system32\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [VIDC.VP62] => C:\Windows\system32\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [VIDC.VP70] => C:\Windows\system32\vp7vfw.dll [630784 2006-04-02] (On2.com) [Arquivo n&atilde;o assinado]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [240640 2011-05-30] () [Arquivo n&atilde;o assinado]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\system32\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [Arquivo n&atilde;o assinado]
HKLM\...\Drivers32: [VIDC.YV12] => C:\Windows\system32\yv12vfw.dll [217088 2004-01-25] (www.helixcommunity.org) [Arquivo n&atilde;o assinado]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [151552 2010-01-17] (fccHandler) [Arquivo n&atilde;o assinado]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\system32\lameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/) [Arquivo n&atilde;o assinado]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [7680 2008-10-10] () [Arquivo n&atilde;o assinado]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\system32\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Arquivo n&atilde;o assinado]
HKLM\...\Drivers32: [msacm.avis] => C:\Windows\system32\ff_acm.acm [6144 2008-10-10] () [Arquivo n&atilde;o assinado]

==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)

ShortcutWithArgument: C:\Users\Rafaela Andrade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&click_id=16c8321c5de2b180ce156822b4a334922457362c

==================== M&oacute;dulos Carregados (Whitelisted) =============

2010-09-06 20:16 - 2009-07-13 22:15 - 000071168 _____ (CANON INC.) [Arquivo n&atilde;o assinado] C:\WINDOWS\system32\spool\PRTPROCS\W32X86\CNBPP4.DLL

==================== Alternate Data Streams (Whitelisted) ========

(Se uma entrada for inclu&iacute;da na fixlist, somente o ADS ser&aacute; removido.)

AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2174]

==================== Modo de Seguran&ccedil;a (Whitelisted) ==================

(Se uma entrada for inclu&iacute;da na fixlist, ser&aacute; removida do Registro. O valor AlternateShell ser&aacute; restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\E6CA2E4C.sys => =Driver
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\E6CA2E4C.sys => =Driver

==================== Associa&ccedil;&atilde;o (Whitelisted) =================

==================== Internet Explorer confi&aacute;vel/restrito ==========

(Se uma entrada for inclu&iacute;da na fixlist, ser&aacute; removida do Registro.)

IE trusted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\bb.com.br -> aapj.bb.com.br
IE trusted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\gastecnologia.com.br -> cloud.gastecnologia.com.br
IE trusted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\google.com -> www.google.com
IE trusted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\google.com.br -> www.google.com.br
IE trusted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\itau.b.br -> www.itau.b.br
IE trusted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\123simsen.com -> www.123simsen.com

Existem ainda 7867 sites a mais.

==================== Hosts Conte&uacute;do: =========================

(Se necess&aacute;rio, a diretiva Hosts: pode ser inclu&iacute;da na fixlist para redefinir o Hosts.)

2009-07-13 23:04 - 2019-02-19 21:13 - 000450697 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com
127.0.0.1    www.100sexlinks.com
127.0.0.1    100sexlinks.com
127.0.0.1    10sek.com
127.0.0.1    www.10sek.com
127.0.0.1    www.1-2005-search.com
127.0.0.1    1-2005-search.com
127.0.0.1    123fporn.info
127.0.0.1    www.123fporn.info
127.0.0.1    123haustiereundmehr.com
127.0.0.1    www.123haustiereundmehr.com
127.0.0.1    123moviedownload.com
127.0.0.1    www.123moviedownload.com

Existem ainda 15463 mais linhas.

==================== Outras &Aacute;reas ===========================

(Atualmente n&atilde;o h&aacute; nenhuma corre&ccedil;&atilde;o autom&aacute;tica para esta se&ccedil;&atilde;o.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\Program Files\PC Connectivity Solution\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\VDownloader;C:\Program Files\Windows Live\Shared;C:\Program Files\Common Files\Teleca Shared;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\Control Panel\Desktop\Wallpaper -> C:\Users\Rafaela Andrade\Pictures\once_upon_a_time_in_hollywood_2019_5k.jpg
DNS Servers: 181.213.132.4 - 181.213.132.5
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Nenhum Arquivo)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Firewall do Windows est&aacute; habilitado.

Network Binding:
=============
Ethernet: Diebold Network Monitor -> nt_wsddntf (enabled) 
Ethernet: JumpStart Wireless Filter Driver -> MS_NdisLwf (enabled) 
Conex&atilde;o de Rede sem Fio: JumpStart Wireless Filter Driver -> MS_NdisLwf (enabled) 
Conex&atilde;o de Rede sem Fio: Diebold Network Monitor -> nt_wsddntf (enabled)

==================== MSCONFIG/TASK MANAGER &iacute;tens desabilitados ==

(Se uma entrada for inclu&iacute;da na fixlist, ser&aacute; removida.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AVerRemote => 2
MSCONFIG\Services: AVerScheduleService => 2
MSCONFIG\Services: GfExperienceService => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: jswpbapi => 2
MSCONFIG\Services: jswpsapi => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: QHActiveDefense => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\startupreg: ares => C:\Program Files\Ares\Ares.exe -h
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DAEMON Tools Lite => C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun
MSCONFIG\startupreg: EA Core => C:\Program Files\Electronic Arts\EADM\Core.exe -silent
MSCONFIG\startupreg: PATHPILOT => C:\Program Files\Kat MP3 Recorder\Kat MP3 Recorder.exe
MSCONFIG\startupreg: Spotify => C:\Users\Rafaela Andrade\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\Rafaela Andrade\AppData\Roaming\Spotify\SpotifyWebHelper.exe
MSCONFIG\startupreg: uTorrent => C:\Users\Rafaela Andrade\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED
MSCONFIG\startupreg: VivoAds => vivoads.exe
HKLM\...\StartupApproved\StartupFolder: => PCTV Quick.lnk
HKLM\...\StartupApproved\StartupFolder: => Monitor.lnk
HKLM\...\StartupApproved\Run: => jswtrayutil
HKLM\...\StartupApproved\Run: => NvBackend
HKLM\...\StartupApproved\Run: => ShadowPlay
HKLM\...\StartupApproved\Run: => HP Software Update
HKLM\...\StartupApproved\Run: => Diebold - Warsaw
HKLM\...\StartupApproved\Run: => QHSafeTray
HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\StartupApproved\Run: => Xvid
HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\StartupApproved\Run: => OneDrive
HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\StartupApproved\Run: => PC Suite Tray
HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\StartupApproved\Run: => Spotify Web Helper
HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\StartupApproved\Run: => CCleaner Monitoring
HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\StartupApproved\Run: => Spotify

==================== Regras do Firewall (Whitelisted) ================

(Se uma entrada for inclu&iacute;da na fixlist, ser&aacute; removida do Registro. O arquivo n&atilde;o ser&aacute; movido, a menos que seja colocado separadamente.)

FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{02846994-87AE-4BBB-B3A9-F7D6498A8686}C:\users\rafaela andrade\appdata\roaming\utorrent\updates\3.4.9_42606.exe] => (Allow) C:\users\rafaela andrade\appdata\roaming\utorrent\updates\3.4.9_42606.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{E44057E3-3AA1-4295-92B1-45C4821CCA72}C:\users\rafaela andrade\appdata\roaming\utorrent\updates\3.4.9_42606.exe] => (Allow) C:\users\rafaela andrade\appdata\roaming\utorrent\updates\3.4.9_42606.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{5ECDB1C5-5688-4A8D-BCBB-41F55B7EB28C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E5CC9904-9B2A-4FFC-9173-A6C4E11AA796}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BAD5DC69-1B32-416D-A3EA-EAA68DE0562F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A780FA2E-0146-434A-A762-F50535B9D187}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D9422396-C57F-4405-B8EA-FD6A80E56176}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BBD478B8-1CE2-41D2-938C-6BDD09268CD0}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{749D45A6-1723-4F28-8F7C-9229BE5334FA}C:\users\rafaela andrade\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rafaela andrade\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{32BC05CC-CABE-4AEF-8E84-117FD4CF183B}C:\users\rafaela andrade\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rafaela andrade\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5772D6A5-6970-4ACC-BB79-63A888F32E78}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.) [Arquivo n&atilde;o assinado]
FirewallRules: [{09F875E6-4997-432B-B394-86583D86591A}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.) [Arquivo n&atilde;o assinado]
FirewallRules: [{904BCA50-72D1-4153-8456-9CCA37E5173A}] => (Allow) C:\Users\Rafaela Andrade\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{BD261E61-551D-4F5C-8EB0-E080FE785C14}] => (Allow) C:\Users\Rafaela Andrade\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E1D6A158-A9DC-4CF7-BBB6-791DDA7F4D5C}] => (Allow) C:\Users\Rafaela Andrade\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6C9C84DC-FF7D-40D0-9701-881D449EE1A6}] => (Allow) C:\Users\Rafaela Andrade\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C59492BA-8AF7-4DB8-972B-83665FBEA72E}] => (Allow) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{3895F853-78D3-45ED-AE86-7CF9B17F851A}C:\program files\soulseekns\slsk.exe] => (Allow) C:\program files\soulseekns\slsk.exe () [Arquivo n&atilde;o assinado]
FirewallRules: [TCP Query User{C6D1B876-67D9-4860-98B4-AA4B06FC60A2}C:\program files\soulseekns\slsk.exe] => (Allow) C:\program files\soulseekns\slsk.exe () [Arquivo n&atilde;o assinado]
FirewallRules: [{5F2756BF-519E-463B-8FA8-4D249C094E50}] => (Allow) LPort=1900
FirewallRules: [{A2DB8B79-ED00-4DC8-B42A-F1D1EECE54C8}] => (Allow) LPort=2869
FirewallRules: [{FFDC9A97-0B0E-4CBC-BF75-18CD1EC561DC}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{57F212AF-1935-423D-89A2-8904F0630124}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{19F57FBC-CD1B-46D6-9D4D-DD73A35C36B0}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{2AC5CE98-A75E-42A8-B0BD-0BABCB236DC4}C:\users\rafaela andrade\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\rafaela andrade\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe (Octoshape -> Octoshape ApS)
FirewallRules: [TCP Query User{B305C3D8-70AD-4966-9051-5AAC901E5AC3}C:\users\rafaela andrade\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\rafaela andrade\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe (Octoshape -> Octoshape ApS)
FirewallRules: [UDP Query User{AEF75969-FCF9-4EB4-8C0A-01677090872A}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{BC0D581E-73A1-4432-A27C-09E8A44DF8C4}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{2BE8579E-603D-4163-B452-C32337A3E005}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{B7BFDB21-29F9-40D4-B96C-B9C62732BD48}C:\program files\microsoft office\office14\groove.exe] => (Block) C:\program files\microsoft office\office14\groove.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{884401D1-C212-4BB2-A0F8-BC7076F58423}C:\program files\microsoft office\office14\groove.exe] => (Block) C:\program files\microsoft office\office14\groove.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1AAF1771-6EC0-48FC-8A74-BB96B7540AB0}] => (Allow) C:\Program Files\HP\HP DeskJet 3630 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{58819E3F-3CF7-4689-906A-C6C92DA92EA8}] => (Allow) LPort=5357
FirewallRules: [{853FE41A-2C7E-41CB-9C81-EA7AA8856040}] => (Allow) C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{A85D7DDA-EA16-4563-AC3F-684C80EEBF35}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe (Gas Informatica Ltda -> GAS Tecnologia LTDA)
FirewallRules: [TCP Query User{19D80B9B-024E-48C9-B0B4-8AAD10D7D431}C:\users\rafaela andrade\appdata\roaming\utorrent\updates\3.5.3_44494.exe] => (Allow) C:\users\rafaela andrade\appdata\roaming\utorrent\updates\3.5.3_44494.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{218ED6FD-FD3A-456E-8685-9B93862376F9}C:\users\rafaela andrade\appdata\roaming\utorrent\updates\3.5.3_44494.exe] => (Allow) C:\users\rafaela andrade\appdata\roaming\utorrent\updates\3.5.3_44494.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{32299A33-5197-4043-AE8B-F760E5DAB45E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{1BC2F1A8-A3D0-4AF2-96A8-D427BB984788}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{BD0D3256-5667-4E49-BC4F-DAFE26D61F82}] => (Allow) C:\Program Files\360\Total Security\softmgr\360InstantSetup.exe (QIHU 360 SOFTWARE CO. LIMITED -> Qihoo 360 Technology Co. Ltd.)
FirewallRules: [{6520DA88-95C2-46AA-8A5C-48561BA3FD09}] => (Allow) C:\Program Files\360\Total Security\softmgr\360InstantSetup.exe (QIHU 360 SOFTWARE CO. LIMITED -> Qihoo 360 Technology Co. Ltd.)
FirewallRules: [{360BDDE5-51CA-44A3-A1D9-890B9E82BA92}] => (Allow) C:\Program Files\360\Total Security\safemon\QHSafeTray.exe (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
FirewallRules: [{43B4E75C-6937-4FE3-AD6D-47C2E2AAB0EF}] => (Allow) C:\Program Files\360\Total Security\safemon\QHSafeTray.exe (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
FirewallRules: [{24B67B1E-FCDA-46D6-ADFA-10F7D3A01532}] => (Allow) C:\Program Files\360\Total Security\LiveUpdate360.exe (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
FirewallRules: [{576B8BD6-EE08-459C-979C-075AB744C316}] => (Allow) C:\Program Files\360\Total Security\LiveUpdate360.exe (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
FirewallRules: [{C7ED1E55-AF32-439A-B225-4EBC7A10594B}] => (Allow) C:\Program Files\360\Total Security\LiveUpdate360.exe (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
FirewallRules: [{7D7BE5A1-7CCC-49F5-8C84-C783BC20406A}] => (Allow) C:\Program Files\360\Total Security\LiveUpdate360.exe (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
FirewallRules: [{A0F11DCD-465F-4877-A099-9EC6940D9658}] => (Allow) C:\Program Files\360\Total Security\softmgr\360InstantSetup.exe (QIHU 360 SOFTWARE CO. LIMITED -> Qihoo 360 Technology Co. Ltd.)
FirewallRules: [{749B9CAE-8477-403A-9BEE-11093F5BC03F}] => (Allow) C:\Program Files\360\Total Security\softmgr\360InstantSetup.exe (QIHU 360 SOFTWARE CO. LIMITED -> Qihoo 360 Technology Co. Ltd.)
FirewallRules: [{E6AC93AD-D5CE-4334-AA7D-2AD7234562BC}] => (Allow) C:\Program Files\360\Total Security\safemon\QHSafeTray.exe (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
FirewallRules: [{00E4A149-4DE2-4FCB-971F-59D4A33FD4D0}] => (Allow) C:\Program Files\360\Total Security\safemon\QHSafeTray.exe (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
FirewallRules: [TCP Query User{0B43EC36-CD52-4F6B-9D3C-309E58C258E4}C:\program files\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_241\bin\javaw.exe
FirewallRules: [UDP Query User{51B367A1-172C-46A2-B644-91BEA4BA4FC8}C:\program files\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_241\bin\javaw.exe
FirewallRules: [{E64783BB-D731-4400-BE3F-E668583726FB}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{21D2DDFC-F8C1-4849-B608-BD5525F4D5FD}C:\users\rafaela andrade\appdata\roaming\utorrent\updates\3.5.5_45628.exe] => (Block) C:\users\rafaela andrade\appdata\roaming\utorrent\updates\3.5.5_45628.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{F68FC1B6-0031-40EB-A58A-08FA5CA99CF6}C:\users\rafaela andrade\appdata\roaming\utorrent\updates\3.5.5_45628.exe] => (Block) C:\users\rafaela andrade\appdata\roaming\utorrent\updates\3.5.5_45628.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F4E3DE80-9785-4E28-BB46-70B8F6665D5A}] => (Allow) C:\Program Files\Opera\68.0.3618.104\opera.exe (Opera Software AS -> Opera Software)

==================== Pontos de Restaura&ccedil;&atilde;o =========================

19-12-2019 04:03:10 Ponto de Verifica&ccedil;&atilde;o Agendado
19-03-2020 13:05:10 posboot
14-05-2020 10:27:21 Windows Update

==================== Dispositivos Apresentando Falhas No Gerenciador ============

==================== Erros no Log de eventos: ========================

Erros em Aplicativos:
==================
Error: (05/14/2020 02:23:23 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativa&ccedil;&atilde;o de Licen&ccedil;a (slui.exe). C&oacute;digo de erro:
hr=0xC004F025
Argumento de linha de comando:
RuleId=3482d82e-ca2c-4e1f-8864-da0267b484b2;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (05/14/2020 02:06:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: SystemSettings.exe, vers&atilde;o: 10.0.17134.112, carimbo de data/hora: 0xcfcc0a2d
Nome do m&oacute;dulo com falha: msxml6.dll, vers&atilde;o: 6.30.17134.1067, carimbo de data/hora: 0x89da18ae
C&oacute;digo de exce&ccedil;&atilde;o: 0xc0000005
Deslocamento da falha: 0x000c41ee
ID do processo com falha: 0xfb0
Hora de in&iacute;cio do aplicativo com falha: 0x01d62a11dd963f24
Caminho do aplicativo com falha: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Caminho do m&oacute;dulo com falha: C:\Windows\System32\msxml6.dll
ID do Relat&oacute;rio: 84e135f3-4968-47e4-b3d7-646dedfb3902
Nome completo do pacote com falha: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
ID do aplicativo relativo ao pacote com falha: microsoft.windows.immersivecontrolpanel

Error: (05/14/2020 01:52:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa opera.exe vers&atilde;o 68.0.3618.104 parou de interagir com o Windows e foi fechado. Para ver se h&aacute; mais informa&ccedil;&otilde;es dispon&iacute;veis sobre o problema, verifique o hist&oacute;rico de problemas no painel de controle Seguran&ccedil;a e Manuten&ccedil;&atilde;o.

ID do Processo: 2b24

Hora de In&iacute;cio: 01d62a0f60f29aee

Hora de T&eacute;rmino: 31

Caminho do Aplicativo: C:\Program Files\Opera\68.0.3618.104\opera.exe

ID do Relat&oacute;rio: 7aa1bb8a-84ef-4d66-a0d2-bc8fac50d594

Nome completo do pacote com falha:

ID do aplicativo relativo ao pacote com falha:

Error: (05/14/2020 01:42:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: SystemSettings.exe, vers&atilde;o: 10.0.17134.112, carimbo de data/hora: 0xcfcc0a2d
Nome do m&oacute;dulo com falha: combase.dll, vers&atilde;o: 10.0.17134.1038, carimbo de data/hora: 0x00149608
C&oacute;digo de exce&ccedil;&atilde;o: 0xc0000409
Deslocamento da falha: 0x0011360f
ID do processo com falha: 0x14f4
Hora de in&iacute;cio do aplicativo com falha: 0x01d62a0ea779eda0
Caminho do aplicativo com falha: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Caminho do m&oacute;dulo com falha: C:\WINDOWS\System32\combase.dll
ID do Relat&oacute;rio: 49c4e545-6fde-4bee-80f8-efdd4f33deda
Nome completo do pacote com falha: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
ID do aplicativo relativo ao pacote com falha: microsoft.windows.immersivecontrolpanel

Error: (05/14/2020 01:42:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa opera.exe vers&atilde;o 67.0.3575.97 parou de interagir com o Windows e foi fechado. Para ver se h&aacute; mais informa&ccedil;&otilde;es dispon&iacute;veis sobre o problema, verifique o hist&oacute;rico de problemas no painel de controle Seguran&ccedil;a e Manuten&ccedil;&atilde;o.

ID do Processo: 350

Hora de In&iacute;cio: 01d62a0e1b888934

Hora de T&eacute;rmino: 7205

Caminho do Aplicativo: C:\Program Files\Opera\67.0.3575.97\opera.exe

ID do Relat&oacute;rio: d4f10f6b-79b1-4e0c-a101-3212d7776953

Nome completo do pacote com falha:

ID do aplicativo relativo ao pacote com falha:

Error: (05/14/2020 01:41:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: SystemSettings.exe, vers&atilde;o: 10.0.17134.112, carimbo de data/hora: 0xcfcc0a2d
Nome do m&oacute;dulo com falha: combase.dll, vers&atilde;o: 10.0.17134.1038, carimbo de data/hora: 0x00149608
C&oacute;digo de exce&ccedil;&atilde;o: 0xc0000409
Deslocamento da falha: 0x0011360f
ID do processo com falha: 0x270c
Hora de in&iacute;cio do aplicativo com falha: 0x01d62a0e7c25a5a5
Caminho do aplicativo com falha: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Caminho do m&oacute;dulo com falha: C:\WINDOWS\System32\combase.dll
ID do Relat&oacute;rio: c702d028-0fa1-4ea6-8c4d-30bf4d1f045d
Nome completo do pacote com falha: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
ID do aplicativo relativo ao pacote com falha: microsoft.windows.immersivecontrolpanel

Error: (05/14/2020 01:41:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: backgroundTaskHost.exe, vers&atilde;o: 10.0.17134.1, carimbo de data/hora: 0xb3ceae44
Nome do m&oacute;dulo com falha: combase.dll, vers&atilde;o: 10.0.17134.1038, carimbo de data/hora: 0x00149608
C&oacute;digo de exce&ccedil;&atilde;o: 0xc0000409
Deslocamento da falha: 0x0011360f
ID do processo com falha: 0x16f4
Hora de in&iacute;cio do aplicativo com falha: 0x01d62a0e738da2a4
Caminho do aplicativo com falha: C:\WINDOWS\system32\backgroundTaskHost.exe
Caminho do m&oacute;dulo com falha: C:\WINDOWS\System32\combase.dll
ID do Relat&oacute;rio: bda7f248-4620-4bfd-bc51-2763f727dd71
Nome completo do pacote com falha: Microsoft.OneConnect_5.2002.431.0_x86__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: App

Error: (05/14/2020 01:38:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa opera.exe vers&atilde;o 67.0.3575.97 parou de interagir com o Windows e foi fechado. Para ver se h&aacute; mais informa&ccedil;&otilde;es dispon&iacute;veis sobre o problema, verifique o hist&oacute;rico de problemas no painel de controle Seguran&ccedil;a e Manuten&ccedil;&atilde;o.

ID do Processo: 2f04

Hora de In&iacute;cio: 01d62a0dbb50683e

Hora de T&eacute;rmino: 31730

Caminho do Aplicativo: C:\Program Files\Opera\67.0.3575.97\opera.exe

ID do Relat&oacute;rio: 5a648a59-3188-43d0-bba5-0da44f43f41f

Nome completo do pacote com falha:

ID do aplicativo relativo ao pacote com falha:

Erros de Sistema:
=============
Error: (05/14/2020 02:42:01 PM) (Source: DCOM) (EventID: 10000) (User: CHRYSALIS)
Description: N&atilde;o &eacute; poss&iacute;vel iniciar o servidor DCOM: {71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}. O erro:
193
Aconteceu ao iniciar este comando:
C:\Users\Rafaela Andrade\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\FileCoAuth.exe -Embedding

Error: (05/14/2020 02:40:54 PM) (Source: DCOM) (EventID: 10000) (User: CHRYSALIS)
Description: N&atilde;o &eacute; poss&iacute;vel iniciar o servidor DCOM: {71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}. O erro:
193
Aconteceu ao iniciar este comando:
C:\Users\Rafaela Andrade\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\FileCoAuth.exe -Embedding

Error: (05/14/2020 02:32:02 PM) (Source: DCOM) (EventID: 10000) (User: CHRYSALIS)
Description: N&atilde;o &eacute; poss&iacute;vel iniciar o servidor DCOM: {71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}. O erro:
193
Aconteceu ao iniciar este comando:
C:\Users\Rafaela Andrade\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\FileCoAuth.exe -Embedding

Error: (05/14/2020 02:26:08 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configura&ccedil;&otilde;es de permiss&atilde;o espec&iacute;fico do aplicativo n&atilde;o concedem permiss&atilde;o Local Iniciar para o aplicativo de Servidor COM com CLSID 
Windows.SecurityCenter.WscBrokerManager
 e APPID 
N&atilde;o Dispon&iacute;vel
 ao usu&aacute;rio AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endere&ccedil;o LocalHost (Usando LRPC) que est&aacute; sendo executado no cont&ecirc;iner de aplicativos N&atilde;o Dispon&iacute;vel SID (N&atilde;o Dispon&iacute;vel). Essa permiss&atilde;o de seguran&ccedil;a pode ser modificada com a ferramenta administrativa Servi&ccedil;os de Componentes.

Error: (05/14/2020 02:25:18 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configura&ccedil;&otilde;es de permiss&atilde;o espec&iacute;fico do aplicativo n&atilde;o concedem permiss&atilde;o Local Ativa&ccedil;&atilde;o para o aplicativo de Servidor COM com CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 e APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 ao usu&aacute;rio AUTORIDADE NT\SERVI&Ccedil;O LOCAL SID (S-1-5-19) do endere&ccedil;o LocalHost (Usando LRPC) que est&aacute; sendo executado no cont&ecirc;iner de aplicativos N&atilde;o Dispon&iacute;vel SID (N&atilde;o Dispon&iacute;vel). Essa permiss&atilde;o de seguran&ccedil;a pode ser modificada com a ferramenta administrativa Servi&ccedil;os de Componentes.

Error: (05/14/2020 02:25:03 PM) (Source: DCOM) (EventID: 10000) (User: CHRYSALIS)
Description: N&atilde;o &eacute; poss&iacute;vel iniciar o servidor DCOM: {71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}. O erro:
193
Aconteceu ao iniciar este comando:
C:\Users\Rafaela Andrade\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\FileCoAuth.exe -Embedding

Windows Defender:
===================================
Date: 2020-05-14 10:19:03.265
Description: 
O exame do Windows Defender Antivirus foi interrompido antes da conclus&atilde;o.
ID do Exame: {6FB9674F-D0FE-4D76-AC55-47735A94AFFF}
Tipo de Exame: Antimalware
Par&acirc;metros do Exame: Verifica&ccedil;&atilde;o R&aacute;pida
Usu&aacute;rio: AUTORIDADE NT\SERVI&Ccedil;O DE REDE

Date: 2020-03-19 13:28:04.042
Description: 
O exame do Windows Defender Antivirus foi interrompido antes da conclus&atilde;o.
ID do Exame: {41D7F331-4762-4946-B29E-AD73114260FA}
Tipo de Exame: Antimalware
Par&acirc;metros do Exame: Verifica&ccedil;&atilde;o R&aacute;pida
Usu&aacute;rio: AUTORIDADE NT\SISTEMA

Date: 2019-12-19 03:18:10.145
Description: 
O exame do Windows Defender Antivirus foi interrompido antes da conclus&atilde;o.
ID do Exame: {DB53CE33-B24A-4865-9FE2-178908DBF2F6}
Tipo de Exame: Antimalware
Par&acirc;metros do Exame: Verifica&ccedil;&atilde;o R&aacute;pida
Usu&aacute;rio: AUTORIDADE NT\SISTEMA

Date: 2019-12-02 23:27:05.889
Description: 
O exame do Windows Defender Antivirus foi interrompido antes da conclus&atilde;o.
ID do Exame: {EC633D1A-0F8A-4168-B2D1-69A13FD680DA}
Tipo de Exame: Antimalware
Par&acirc;metros do Exame: Verifica&ccedil;&atilde;o R&aacute;pida
Usu&aacute;rio: AUTORIDADE NT\SISTEMA

Date: 2019-10-19 14:23:09.974
Description: 
O exame do Windows Defender Antivirus foi interrompido antes da conclus&atilde;o.
ID do Exame: {093F09C6-561D-484A-98BB-B73F348AAF7E}
Tipo de Exame: Antimalware
Par&acirc;metros do Exame: Verifica&ccedil;&atilde;o R&aacute;pida
Usu&aacute;rio: AUTORIDADE NT\SISTEMA

Date: 2020-05-14 10:30:56.157
Description: 
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Vers&atilde;o da Nova Assinatura: 
Vers&atilde;o da Assinatura Anterior: 1.315.639.0
Origem da Atualiza&ccedil;&atilde;o: Servidor do Microsoft Update
Tipo de Assinatura: Antiv&iacute;rus
Tipo de Atualiza&ccedil;&atilde;o: Completa
Usu&aacute;rio: AUTORIDADE NT\SISTEMA
Vers&atilde;o do Mecanismo Atual: 
Vers&atilde;o do Mecanismo Anterior: 1.1.17000.7
C&oacute;digo de erro: 0x80240016
Descri&ccedil;&atilde;o do erro: Erro inesperado ao verificar atualiza&ccedil;&otilde;es. Para obter informa&ccedil;&otilde;es sobre como instalar ou solucionar problemas de atualiza&ccedil;&otilde;es, consulte Ajuda e Suporte.

Date: 2020-05-14 10:19:11.192
Description: 
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Vers&atilde;o da Nova Assinatura: 1.315.639.0
Vers&atilde;o da Assinatura Anterior: 1.311.1827.0
Origem da Atualiza&ccedil;&atilde;o: Usu&aacute;rio
Tipo de Assinatura: Anti-spyware
Tipo de Atualiza&ccedil;&atilde;o: Completa
Usu&aacute;rio: AUTORIDADE NT\SERVI&Ccedil;O DE REDE
Vers&atilde;o do Mecanismo Atual: 1.1.17000.7
Vers&atilde;o do Mecanismo Anterior: 1.1.17000.7
C&oacute;digo de erro: 0x80509004
Descri&ccedil;&atilde;o do erro: Problema inesperado. Instale todas as atualiza&ccedil;&otilde;es dispon&iacute;veis e tente iniciar o programa novamente. Para obter informa&ccedil;&otilde;es sobre como instalar atualiza&ccedil;&otilde;es, consulte Ajuda e Suporte.

Date: 2020-05-14 10:19:11.187
Description: 
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Vers&atilde;o da Nova Assinatura: 1.315.639.0
Vers&atilde;o da Assinatura Anterior: 1.311.1827.0
Origem da Atualiza&ccedil;&atilde;o: Usu&aacute;rio
Tipo de Assinatura: Antiv&iacute;rus
Tipo de Atualiza&ccedil;&atilde;o: Completa
Usu&aacute;rio: AUTORIDADE NT\SERVI&Ccedil;O DE REDE
Vers&atilde;o do Mecanismo Atual: 1.1.17000.7
Vers&atilde;o do Mecanismo Anterior: 1.1.17000.7
C&oacute;digo de erro: 0x80509004
Descri&ccedil;&atilde;o do erro: Problema inesperado. Instale todas as atualiza&ccedil;&otilde;es dispon&iacute;veis e tente iniciar o programa novamente. Para obter informa&ccedil;&otilde;es sobre como instalar atualiza&ccedil;&otilde;es, consulte Ajuda e Suporte.

Date: 2020-05-14 09:53:17.023
Description: 
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Vers&atilde;o da Nova Assinatura: 
Vers&atilde;o da Assinatura Anterior: 1.311.1827.0
Origem da Atualiza&ccedil;&atilde;o: Centro de Prote&ccedil;&atilde;o contra Malware da Microsoft
Tipo de Assinatura: Antiv&iacute;rus
Tipo de Atualiza&ccedil;&atilde;o: Completa
Usu&aacute;rio: AUTORIDADE NT\SERVI&Ccedil;O DE REDE
Vers&atilde;o do Mecanismo Atual: 
Vers&atilde;o do Mecanismo Anterior: 1.1.17000.7
C&oacute;digo de erro: 0x80070102
Descri&ccedil;&atilde;o do erro: O tempo limite de espera foi atingido.

Date: 2020-03-23 19:41:53.685
Description: 
O recurso de Prote&ccedil;&atilde;o em Tempo Real do Windows Defender Antivirus encontrou um erro e falhou.
Recurso: Monitoramento do Comportamento
C&oacute;digo do Erro: 0x80508023
Descri&ccedil;&atilde;o do erro: O programa n&atilde;o encontrou malware e outros softwares potencialmente indesejados neste dispositivo. 
Motivo: A prote&ccedil;&atilde;o antimalware parou de funcionar por um motivo desconhecido. Em alguns casos, reiniciar o servi&ccedil;o pode resolver o problema.

CodeIntegrity:
===================================

Date: 2020-03-23 20:55:17.829
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-23 20:55:17.663
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-23 20:55:17.543
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-23 20:55:17.231
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-23 20:55:17.184
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-23 20:55:17.105
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-23 20:55:13.470
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-23 20:55:12.551
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

==================== Informa&ccedil;&otilde;es da Mem&oacute;ria ===========================

BIOS: Desenvolvida para Positivo Informatica SA V1.2B9 08/29/2008
placa-m&atilde;e: Positivo Informatica SA POS-MIG31AE
Processador: Intel(R) Pentium(R) Dual CPU E2200 @ 2.20GHz
Percentagem de mem&oacute;ria em uso: 70%
RAM f&iacute;sica total: 3327.24 MB
RAM f&iacute;sica dispon&iacute;vel: 989.16 MB
Virtual Total: 7327.24 MB
Virtual dispon&iacute;vel: 4240.68 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:921.75 GB) (Free:141.39 GB) NTFS ==>[sistema com componentes de inicializa&ccedil;&atilde;o (obtido atrav&eacute;s de drive)]

\?\Volume{7ab66c01-4478-11df-88cc-806e6f6e6963}\ () (Fixed) (Total:9.77 GB) (Free:4.52 GB) NTFS

==================== MBR & Tabela de Parti&ccedil;&otilde;es ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0A227772)
Partition 1: (Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Not Active) - (Size=921.7 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt =======================
[/SPOILER][SPOILER=log FRST]
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Vers&atilde;o: 13-05-2020 01
Executado por Rafaela Andrade (administrador) em CHRYSALIS (Desenvolvida para Positivo Informatica SA POS-MIG31AE) (14-05-2020 14:38:56)
Executando a partir de C:\Users\Rafaela Andrade\Desktop
Perfis Carregados: Rafaela Andrade
Platform: Microsoft Windows 10 Home Vers&atilde;o 1803 17134.1246 (X86) Idioma: Portugu&ecirc;s (Brasil)
Navegador padr&atilde;o: Opera
Modo da Inicializa&ccedil;&atilde;o: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for inclu&iacute;da na fixlist, o processo ser&aacute; fechado. O arquivo n&atilde;o ser&aacute; movido.)

(Adobe Inc. -> Adobe Systems) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe
(Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\Program Files\360\Total Security\safemon\QHWatchdog.exe
(Gas Informatica Ltda -> GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe 
(Microsoft Corporation -> Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\CompatTelRunner.exe 
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe 
(Opera Software AS -> Opera Software) C:\Program Files\Opera\68.0.3618.104\opera.exe 
(Opera Software AS -> Opera Software) C:\Program Files\Opera\68.0.3618.104\opera_crashreporter.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe 
(QIHU 360 SOFTWARE CO. LIMITED -> Qihu 360 Software Co., Ltd.) C:\Program Files\360\Total Security\safemon\chrome\360webshield.exe
(Trend Micro Inc.) [Arquivo n&atilde;o assinado] C:\Users\Rafaela Andrade\Downloads\HijackThis.exe

==================== Registro (Whitelisted) ===================

(Se uma entrada for inclu&iacute;da na fixlist, o &iacute;tem no Registro ser&aacute; restaurado para o padr&atilde;o ou removido. O arquivo n&atilde;o ser&aacute; movido.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [486816 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [jswtrayutil] => C:\Program Files\INTELBRAS\WBN 240\WPS\jswtrayutil.exe [32859 2010-04-05] (Intelbras SA) [Arquivo n&atilde;o assinado]
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-06-29] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap.dll [1278920 2015-06-29] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Arquivo n&atilde;o assinado]
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Run: [QHSafeTray] => C:\Program Files\360\Total Security\safemon\360Tray.exe [413000 2019-07-10] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\Run: [Xvid] => C:\Program Files\XviD\CheckUpdate.exe [8192 2011-01-17] () [Arquivo n&atilde;o assinado]
HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [13594584 2018-06-24] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\Run: [Spotify] => C:\Users\Rafaela Andrade\AppData\Roaming\Spotify\Spotify.exe [22151072 2019-12-18] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [3004440 2020-05-13] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [13594584 2018-06-24] (Piriform Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-14] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
AppInit_DLLs: c:\progra~2\fastsys\fastsys.dll => Nenhum Arquivo
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Monitor.lnk [2010-04-09]
ShortcutTarget: Monitor.lnk -> C:\Program Files\Positivo Inform&aacute;tica\SW_Cadastro\Monitor.exe (Positivo Inform&aacute;tica ) [Arquivo n&atilde;o assinado]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PCTV Quick.lnk [2010-04-09]
ShortcutTarget: PCTV Quick.lnk -> C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.) [Arquivo n&atilde;o assinado]
CHR HKLM\SOFTWARE\Policies\Google: Restri&ccedil;&atilde;o  {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {26DB0125-04D5-4298-B16E-41036C7F4987} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
Task: {2932A3B6-C7F5-470E-933B-EBF36744D8A5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [155432 2019-10-26] (Google Inc -> Google LLC)
Task: {2A42E1F6-5104-4269-8002-6FFF6B661858} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo  C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1441928 2020-03-19] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {39736567-3DA6-4CF6-AF0B-9E61349D3B8B} - System32\Tasks\HPCustParticipation HP DeskJet 3630 series => C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPCustPartic.exe [4140552 2014-12-16] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {3BEA6019-A3C6-4FDF-A6FF-16A532CF8BA1} - System32\Tasks\{FE863ED5-77CC-4E44-BBC8-6B2B160508D3} => C:\WINDOWS\system32\pcalua.exe -a C:\ProgramData\Installations\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}\Nokia_PC_Suite_ALL.exe
Task: {3EDB5124-8120-4D24-8487-E0571DAD7E76} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {435F1D57-1856-4467-9992-3178AFB9A74C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo  Nenhum Arquivo  C:\ProgramData\Avg_Update_1215av\1215av_AVG-Secure-Search-Update.exe [2784656 2015-11-22] (AVG Technologies CZ, s.r.o. -> )
Task: {5309C5CA-D179-40F0-BD7A-F03EB3AC10F1} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Nenhum Arquivo  Nenhum Arquivo  Nenhum Arquivo  C:\Windows\system32\pcalua.exe -a C:\Users\Rafaela Andrade\Downloads\APLICATIVOS\WeatherBar2\WeatherBar2.exe -d C:\Users\Rafaela Andrade\Downloads\APLICATIVOS\WeatherBar2
Task: {65C0A36F-F52D-4074-B5B7-7B13E70C8BBF} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [179584 2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {65ECFACB-3BC4-446F-8256-3C471E15F8AB} - System32\Tasks\{4D54B4FF-3963-4B6E-9347-ECFF47B10714} => C:\Windows\system32\pcalua.exe -a C:\Users\Rafaela Andrade\Downloads\APLICATIVOS\Chocolatier 3 - Decadence\Uninstall.exe -d C:\Users\Rafaela Andrade\Downloads\APLICATIVOS\Chocolatier 3 - Decadence
Task: {714EA2EB-039D-4DAF-B53E-4C1BF93DA1EA} - \Microsoft\Windows\UNP\RunCampaignManager -> Nenhum Arquivo  C:\Windows\system32\pcalua.exe -a C:\Users\Rafaela Andrade\AppData\Local\Temp\FooPlugin0.9.4Setup_2.3.1.2.exe -d C:\Program Files\Last.fm -c /SILENT /DIR=C:\PROGRA~1\FOOBAR~1\COMPON~1\  C:\Windows\system32\pcalua.exe -a C:\Users\Rafaela Andrade\Downloads\APLICATIVOS\Chocolatier 3 - Decadence\Chocolatier 3 - Decadence by Design\Uninstall.exe -d C:\Users\Rafaela Andrade\Downloads\APLICATIVOS\Chocolatier 3 - Decadence\Chocolatier 3 - Decadence by Design
Task: {7F72E354-2062-4C4B-9E5C-6A060342B070} - System32\Tasks\RunAsStdUser Task => C:\Program Files\Moo0\VoiceRecorder 1.43\VoiceRecorder.exe [2674688 2013-10-19] (Moo0) [Arquivo n&atilde;o assinado]
Task: {9072BACB-28D9-4107-BB34-F153033E57A4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-10-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {92B3E1FD-9A75-4198-8BB5-EAE3325141F1} - System32\Tasks\{998A7754-2DC4-4C99-97C9-F6133526EF49} => C:\Windows\system32\pcalua.exe -a C:\Users\Rafaela Andrade\Downloads\HijackThis.exe -d C:\Users\Rafaela Andrade\Downloads
Task: {968FD0EC-7CC4-4C69-869C-1C27D1AC7DCE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo  C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2018-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {9E5B4F52-ACBB-4232-B9B7-CFB38A5C7453} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13594584 2018-06-24] (Piriform Ltd -> Piriform Ltd)
Task: {A9F28C9B-6CA9-4C33-BC61-D33ED05010A0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {AC1748CE-FF34-42CF-9C5C-78EFABB9DA1F} - System32\Tasks\Opera scheduled assistant Autoupdate 1589475919 => C:\Program Files\Opera\launcher.exe [1333784 2020-05-13] (Opera Software AS -> Opera Software)
Task: {B962100A-AFEC-4F48-8038-274C1CD58410} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo  C:\Program Files\Opera\launcher.exe [1333784 2020-05-13] (Opera Software AS -> Opera Software)
Task: {C6926A8E-72F7-433B-BE15-EEA9E2EC5244} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo  Nenhum Arquivo  C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [1332736 2018-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {D18919A0-D08C-4F3C-9FFC-32924AE882D2} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> Nenhum Arquivo  C:\Windows\system32\pcalua.exe -a C:\Program Files\Nokia\Nokia PC Suite 7\ApplicationInstaller.exe -d C:\Users\Rafaela Andrade\Downloads\APLICATIVOS -c C:\Users\Rafaela Andrade\Downloads\APLICATIVOS\gravity 6757.ALL.sisx
Task: {D96A3B0C-61DD-47B1-A533-1D70BE96C433} - System32\Tasks\Microsoft\Office Genuine Advantage\OGALogon => C:\Windows\system32\OGAExec.exe
Task: {DBCA01B1-7E58-4E4D-8C5C-87998B695172} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo  C:\Program Files\Google\Update\GoogleUpdate.exe [155432 2019-10-26] (Google Inc -> Google LLC)
Task: {DF3B5BF0-0B8E-4705-BF01-4F49D331C7F5} - System32\Tasks\Programa de atualiza&ccedil;&atilde;o online Adobe => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {E6025C84-9795-4F0B-B697-9E89E7B350AA} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> Nenhum Arquivo  {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {EB5A9F88-E5EE-49F9-9396-93AAEC4C17E3} - System32\Tasks\{845D889A-B594-4340-AAED-CB7EAB139117} => C:\Program Files\Skype\Phone\Skype.exe
Task: {F3585B17-D751-40BF-8569-81DB5FEAA435} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo  C:\Windows\system32\pcalua.exe -a C:\Users\Rafaela Andrade\Downloads\mortal_kombat\mortal kombat\setup.exe -d C:\Users\Rafaela Andrade\Downloads\mortal_kombat\mortal kombat
Task: {FD343C3A-E61F-4296-91C8-A542931C2860} - System32\Tasks\{6B913705-9A68-42B3-A6A1-EA28AFED50CB} => C:\Windows\system32\pcalua.exe -a C:\Users\Rafaela Andrade\AppData\Local\Temp\WmpPluginSetup_2.1.0.6.exe -d C:\Program Files\Last.fm -c /SILENT /DIR=C:\PROGRA~1\WI54FB~1\Plugins\  Nenhum Arquivo  C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(Se um &iacute;tem for inclu&iacute;do na fixlist, sendo um &iacute;tem do Registro, ser&aacute; removido ou restaurado para o padr&atilde;o.)

Hosts: H&aacute; mais de uma entrada no Hosts. Veja a se&ccedil;&atilde;o Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 181.213.132.4 181.213.132.5
Tcpip\..\Interfaces\{72bed299-b5d2-46fe-a94f-af825117032e}: [DhcpNameServer] 181.213.132.4 181.213.132.5
Tcpip\..\Interfaces\{e377087f-706d-49db-91ed-33a77182d4d5}: [DhcpNameServer] 181.213.132.4 181.213.132.5
Tcpip\..\Interfaces\{edfc4b6f-4a6a-4077-86b1-5aa20dd2663f}: [DhcpNameServer] 181.213.132.3 181.213.132.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
DownloadDir: C:\Users\Rafaela Andrade\Downloads\FILMES
SearchScopes: HKLM -> DefaultScope {B61D60A5-6348-4B1E-B91A-0DBF582585A3} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}&rlz=1I7VASJ_pt-BRBR510
SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM -> {A6F5DBED-FBDB-419C-89DF-0454617C216A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=POSTDF&pc=MAPT&src=IE-SearchBox
SearchScopes: HKLM -> {B61D60A5-6348-4B1E-B91A-0DBF582585A3} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}&rlz=1I7VASJ_pt-BRBR510
SearchScopes: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000 -> DefaultScope {B61D60A5-6348-4B1E-B91A-0DBF582585A3} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}&rlz=1I7VASJ_pt-BRBR510
SearchScopes: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000 -> {69ABAE4C-47BC-4EAD-A2B3-ED08ED617830} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=ct3135048
SearchScopes: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={3CD1749B-7F7F-4967-B2FC-2275E3EA4373}&mid=d350524e8d6e47cc9aa641affc47d788-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=0916tb&pr=fr&d=2016-06-10 07:56:17&v=4.3.5.160&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000 -> {A6F5DBED-FBDB-419C-89DF-0454617C216A} URL = 
SearchScopes: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000 -> {B61D60A5-6348-4B1E-B91A-0DBF582585A3} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}&rlz=1I7VASJ_pt-BRBR510
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-03-21] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-03-21] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000 -> Sem Nome - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  Nenhum Arquivo
Toolbar: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000 -> Sem Nome - {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} -  Nenhum Arquivo
Toolbar: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000 -> Sem Nome - {F999A48B-1950-4D81-9971-79018F807B4B} -  Nenhum Arquivo
Toolbar: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000 -> Sem Nome - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Nenhum Arquivo
Toolbar: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000 -> Sem Nome - {4D594333-2D56-3700-76A7-7A786E7484D7} -  Nenhum Arquivo
Toolbar: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000 -> Sem Nome - {41545534-2D56-3700-76A7-7A786E7484D7} -  Nenhum Arquivo
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02] (Skype Technologies SA -> Skype Technologies S.A.)

Edge: 
======
Edge Notifications: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000 -> hxxps://www.facebook.com; hxxps://web.whatsapp.com

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-09] (Adobe Systems Incorporated -> )
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Nenhum Arquivo]
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Nenhum Arquivo]
FF Plugin: [USER=636732]@google.com[/USER]/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc -> Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-03-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-03-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [Nenhum Arquivo]
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [Nenhum Arquivo]
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3389360482-2779716845-3774890508-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Rafaela Andrade\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1702150-0-npoctoshape.dll [2017-02-15] (Octoshape -> Octoshape ApS)
FF Plugin HKU\S-1-5-21-3389360482-2779716845-3774890508-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Rafaela Andrade\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-05-07] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\Rafaela Andrade\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2014-08-14]
FF ExtraCheck: C:\Program Files\mozilla firefox\warsaw.cfg [2019-02-18]  est&aacute; habilitado.
OPR Extension: (360 Internet Protection) - C:\Users\Rafaela Andrade\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnpeghmjdfdmneiljeibjnemfdkojdhl [2019-03-02]
OPR Extension: (Bookmarks Import & Export) - C:\Users\Rafaela Andrade\AppData\Roaming\Opera Software\Opera Stable\Extensions\omhcddilnfoiiplehpjihipcocdplljn [2016-10-29]

==================== Servi&ccedil;os (Whitelisted) ===================

(Se uma entrada for inclu&iacute;da na fixlist, ser&aacute; removida do Registro. O arquivo n&atilde;o ser&aacute; movido, a menos que seja colocado separadamente.)

R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [88648 2020-02-25] (Adobe Inc. -> Adobe Systems)
S4 AVerRemote; C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [348160 2009-10-30] (AVerMedia) [Arquivo n&atilde;o assinado]
S4 AVerScheduleService; C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [397312 2009-12-06] () [Arquivo n&atilde;o assinado]
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915600 2015-06-29] (NVIDIA Corporation -> NVIDIA Corporation)
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Arquivo n&atilde;o assinado]
S4 jswpbapi; C:\Program Files\INTELBRAS\WBN 240\WPS\jswpbapi.exe [188416 2010-04-05] (Wireless) [Arquivo n&atilde;o assinado]
S4 jswpsapi; C:\Program Files\INTELBRAS\WBN 240\WPS\jswpsapi.exe [954368 2010-04-05] (Wireless) [Arquivo n&atilde;o assinado]
S4 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-06-29] (NVIDIA Corporation -> NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19775632 2015-06-29] (NVIDIA Corporation -> NVIDIA Corporation)
R2 QHActiveDefense; C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe [961888 2019-09-20] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
S3 QHProtected; C:\Program Files\360\Total Security\safemon\WscReg.exe [3147048 2019-02-27] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [883544 2018-10-18] (Gas Informatica Ltda -> GAS Tecnologia LTDA)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [2303144 2020-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [85760 2020-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Stereo Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [X]

===================== Drivers (Whitelisted) ===================

(Se uma entrada for inclu&iacute;da na fixlist, ser&aacute; removida do Registro. O arquivo n&atilde;o ser&aacute; movido, a menos que seja colocado separadamente.)

R1 360AntiHacker; C:\WINDOWS\System32\Drivers\360AntiHacker.sys [173400 2019-06-12] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
S3 360AvFlt; C:\WINDOWS\System32\DRIVERS\360AvFlt.sys [83456 2019-02-28] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R1 360Box; C:\WINDOWS\System32\DRIVERS\360Box.sys [224816 2019-06-27] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
R1 360Camera; C:\WINDOWS\System32\Drivers\360Camera.sys [52216 2019-02-28] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
S0 360elam; C:\WINDOWS\System32\DRIVERS\360elam.sys [16680 2019-02-28] (Microsoft Windows Early Launch Anti-malware Publisher -> 360.cn)
R1 360FileOem; C:\Windows\system32\drivers\360FileOem.sys [146304 2012-05-31] (360.cn) [Arquivo n&atilde;o assinado]
R1 360netmon; C:\WINDOWS\System32\DRIVERS\360netmon.sys [88744 2019-02-28] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R1 360SelfProtection; C:\WINDOWS\System32\drivers\360SelfProtection.sys [210200 2019-02-28] (Qihoo 360 Software (Beijing) Company Limited -> 360安全中心)
S3 AtcL001; C:\WINDOWS\System32\drivers\l160x86.sys [46592 2008-11-12] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 athur; C:\WINDOWS\System32\drivers\athur.sys [1500160 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 AVerBDA6x; C:\WINDOWS\system32\DRIVERS\AVerBDA716x.sys [1151104 2009-06-05] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
R1 BAPIDRV; C:\WINDOWS\System32\DRIVERS\BAPIDRV.sys [206688 2019-06-05] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [26168 2017-10-15] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [40504 2017-10-15] (Disc Soft Ltd -> Disc Soft Ltd)
R1 EfiMon; C:\WINDOWS\System32\Drivers\Efimon.sys [41056 2019-06-05] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
R0 HookPort; C:\WINDOWS\System32\Drivers\Hookport.sys [83688 2019-02-28] (Beijing Qihu Technology Co., Ltd. -> 360安全中心)
R1 jswpslwf; C:\WINDOWS\system32\DRIVERS\jswpslwf.sys [20384 2010-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 ManyCam; C:\WINDOWS\System32\DRIVERS\mcvidrv.sys [34432 2012-10-11] (Microsoft Windows Hardware Compatibility Publisher -> ManyCam LLC)
S3 mcaudrv_simple; C:\WINDOWS\System32\drivers\mcaudrv.sys [22656 2013-01-31] (Microsoft Windows Hardware Compatibility Publisher -> ManyCam LLC)
R2 mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [12672 2006-06-19] (Conexant) [Arquivo n&atilde;o assinado]
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [50704 2010-01-26] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2015-06-29] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [32912 2015-06-29] (NVIDIA Corporation -> NVIDIA Corporation)
R1 qutmdserv; C:\WINDOWS\System32\DRIVERS\qutmdrv.sys [368864 2019-06-10] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
R1 qutmipc; C:\WINDOWS\system32\drivers\qutmipc.sys [75000 2019-02-28] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [504832 2018-04-11] (Microsoft Windows -> Realtek )
S3 UrsSynopsys; C:\WINDOWS\System32\drivers\urssynopsys.sys [21920 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [31232 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [37984 2020-05-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [305592 2020-05-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [46000 2020-05-14] (Microsoft Windows -> Microsoft Corporation)
S3 WsAudio_DeviceS(1); C:\WINDOWS\System32\drivers\WsAudio_DeviceS(1).sys [25704 2010-04-13] (Wondershare Software Co., Ltd.  -> Wondershare)
S3 WsAudio_DeviceS(2); C:\WINDOWS\System32\drivers\WsAudio_DeviceS(2).sys [25704 2010-04-13] (Wondershare Software Co., Ltd.  -> Wondershare)
S3 WsAudio_DeviceS(3); C:\WINDOWS\System32\drivers\WsAudio_DeviceS(3).sys [25704 2010-04-13] (Wondershare Software Co., Ltd.  -> Wondershare)
S3 WsAudio_DeviceS(4); C:\WINDOWS\System32\drivers\WsAudio_DeviceS(4).sys [25704 2010-04-13] (Wondershare Software Co., Ltd.  -> Wondershare)
S3 WsAudio_DeviceS(5); C:\WINDOWS\System32\drivers\WsAudio_DeviceS(5).sys [25704 2010-04-13] (Wondershare Software Co., Ltd.  -> Wondershare)
S1 wsddfac; C:\WINDOWS\System32\drivers\wsddfac.sys [22744 2019-08-01] (GAS INFORMATICA LTDA -> GAS Tecnologia)
R1 wsddntf; C:\WINDOWS\system32\DRIVERS\wsddntf.sys [51680 2019-01-02] (Gas Informatica Ltda -> GAS Tecnologia)
S1 wsddpp; C:\WINDOWS\system32\drivers\wsddpp.sys [42576 2017-11-29] (Gas Informatica Ltda -> GAS Tecnologia)
S3 wsddprm; C:\WINDOWS\system32\drivers\wsddprm.sys [41000 2018-01-09] (Gas Informatica Ltda -> GAS Tecnologia)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [189952 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; n&atilde;o ImagePath

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for inclu&iacute;da na fixlist, ser&aacute; removida do Registro. O arquivo n&atilde;o ser&aacute; movido, a menos que seja colocado separadamente.)

==================== Tr&ecirc;s meses (criados) ===================

(Se uma entrada for inclu&iacute;da na fixlist, o arquivo/pasta ser&aacute; movido.)

2020-05-14 14:38 - 2020-05-14 14:41 - 000036139 _____ C:\Users\Rafaela Andrade\Desktop\FRST.txt
2020-05-14 14:36 - 2020-05-14 14:40 - 000000000 ____D C:\FRST
2020-05-14 14:36 - 2020-05-14 14:36 - 002012160 _____ (Farbar) C:\Users\Rafaela Andrade\Desktop\FRST.exe
2020-05-14 14:27 - 2020-05-14 14:27 - 000000000 ____D C:\Users\Rafaela Andrade\Downloads\opera autoupdate
2020-05-14 14:05 - 2020-05-14 14:05 - 000004404 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1589475919
2020-05-14 14:05 - 2020-05-14 14:05 - 000004198 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1589475907
2020-05-14 14:05 - 2020-05-14 14:05 - 000001195 _____ C:\Users\Rafaela Andrade\Desktop\Navegador Opera.lnk
2020-05-14 14:05 - 2020-05-14 14:05 - 000001195 _____ C:\Users\Rafaela Andrade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2020-05-14 14:02 - 2020-05-14 14:02 - 002464856 _____ (Opera Software) C:\Users\Rafaela Andrade\Downloads\OperaSetup.exe
2020-05-14 13:08 - 2020-05-14 13:08 - 088787562 _____ C:\Users\Rafaela Andrade\Downloads\1903d89c-e505-425d-bfce-18000dfacef6.tmp
2020-03-23 23:28 - 2020-03-23 23:28 - 000000000 ____D C:\Users\Rafaela Andrade\Desktop\S12E04 - UNTUCKED - The Ball Ball
2020-03-23 23:27 - 2020-03-23 23:28 - 000000000 ____D C:\Users\Rafaela Andrade\Desktop\S12E04 - The Ball Ball
2020-03-21 21:13 - 2020-03-21 21:13 - 000035946 _____ C:\Users\Rafaela Andrade\Documents\Recibo Imposto de Renda 2020.pdf
2020-03-21 20:25 - 2020-03-21 20:25 - 000000000 ____D C:\Users\Rafaela Andrade\.irpf
2020-03-21 20:22 - 2020-03-21 20:22 - 000001765 _____ C:\Users\Todos os Usu&aacute;rios\Desktop\IRPF2020 - Declara&ccedil;&atilde;o de Ajuste Anual, Final de Esp&oacute;lio e Sa&iacute;da Definitiva do Pa&iacute;s.lnk
2020-03-21 20:22 - 2020-03-21 20:22 - 000001765 _____ C:\Users\Public\Desktop\IRPF2020 - Declara&ccedil;&atilde;o de Ajuste Anual, Final de Esp&oacute;lio e Sa&iacute;da Definitiva do Pa&iacute;s.lnk
2020-03-21 20:22 - 2020-03-21 20:22 - 000001765 _____ C:\ProgramData\Desktop\IRPF2020 - Declara&ccedil;&atilde;o de Ajuste Anual, Final de Esp&oacute;lio e Sa&iacute;da Definitiva do Pa&iacute;s.lnk
2020-03-21 20:21 - 2020-03-21 20:21 - 000000000 ____D C:\Users\Rafaela Andrade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2020
2020-03-21 20:21 - 2020-03-21 20:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB2020
2020-03-21 20:16 - 2020-03-21 20:12 - 000112696 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2020-03-21 20:14 - 2020-03-21 20:14 - 000000000 ____D C:\Program Files\Common Files\Java
2020-03-21 20:13 - 2020-03-21 20:13 - 000000000 ____D C:\Users\Rafaela Andrade\AppData\Roaming\Sun
2020-03-21 20:12 - 2020-03-21 20:12 - 000000000 ____D C:\Program Files\Common Files\Oracle
2020-03-21 20:04 - 2019-03-28 06:11 - 000029232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2020-03-21 20:04 - 2019-03-28 03:35 - 000083768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140_clr0400.dll
2020-03-21 20:03 - 2019-03-28 06:11 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2020-03-21 20:03 - 2019-03-28 03:35 - 000702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_clr0400.dll
2020-03-21 20:03 - 2019-03-28 03:35 - 000433448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_clr0400.dll
2020-03-21 19:56 - 2020-03-21 19:56 - 002066976 ____N (Oracle Corporation) C:\Users\Rafaela Andrade\Desktop\JavaSetup8u241.exe
2020-03-21 19:52 - 2020-03-21 19:55 - 048191480 _____ (Receita Federal do Brasil) C:\Users\Rafaela Andrade\Desktop\IRPF2020Win32v1.5.exe
2020-03-20 16:59 - 2020-03-20 16:59 - 000106705 _____ C:\Users\Rafaela Andrade\Documents\J-0087-19 Casa Firjan &ndash; Aquários Março - 24 Stories Instagram 1080x1920.pdf
2020-03-20 16:54 - 2020-03-20 16:54 - 000009556 _____ C:\Users\Rafaela Andrade\Documents\J-0087-19 Casa Firjan &ndash; Aquários Março - 24 Email.html
2020-03-20 00:54 - 2020-03-20 00:54 - 000066413 _____ C:\Users\Rafaela Andrade\Documents\Anderson Castro.jpeg
2020-03-20 00:54 - 2020-03-20 00:54 - 000041675 _____ C:\Users\Rafaela Andrade\Documents\Marcelo Mello.jpeg
2020-03-20 00:54 - 2020-03-20 00:54 - 000011518 _____ C:\Users\Rafaela Andrade\Documents\Ivani Silveira.jpeg
2020-03-20 00:53 - 2020-03-20 00:53 - 000056268 _____ C:\Users\Rafaela Andrade\Documents\Daniele Salom&atilde;o.jpeg
2020-03-19 18:18 - 2020-03-19 18:18 - 000001348 _____ C:\Users\Rafaela Andrade\Documents\Compradores 0704.csv
2020-03-19 18:18 - 2020-03-19 18:18 - 000001080 _____ C:\Users\Rafaela Andrade\Documents\Compradores 1404.csv
2020-03-19 18:17 - 2020-03-19 18:17 - 000001290 _____ C:\Users\Rafaela Andrade\Documents\Compradores 3103.csv
2020-03-19 16:02 - 2020-03-19 16:02 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 003397120 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-03-19 16:02 - 2020-03-19 16:02 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 001559272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 001380312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 001020280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 000913408 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 000521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2PGraph.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-03-19 16:02 - 2020-03-19 16:02 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\system32\gnsdk_fp.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2pnetsh.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2020-03-19 16:02 - 2020-03-19 16:02 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2020-03-19 16:02 - 2020-03-19 16:02 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2020-03-19 16:02 - 2020-03-19 16:02 - 000074120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2020-03-19 16:02 - 2020-03-19 16:02 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 022016000 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 020402960 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 019386368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 012036096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 007991808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 006682936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 006566448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 005769728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 005662720 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 004939424 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 004517376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 004175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 003885568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 003751824 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 003687424 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 003257856 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 003253760 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 002899456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 002813952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 002796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 002711864 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 002478152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 002406912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 002367488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 002356224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 002260928 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 002206424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-03-19 16:01 - 2020-03-19 16:01 - 002201088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 002142520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 002094080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 002031416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 002017280 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2020-03-19 16:01 - 2020-03-19 16:01 - 001987464 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001923896 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001757696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001665536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001659944 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001634304 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001617160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001586688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001544704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001531408 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001530880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001474064 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001472000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001463760 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001414144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001362440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001347584 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001320640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjet40.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001300480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001191016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-03-19 16:01 - 2020-03-19 16:01 - 001184768 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001171568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001167872 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001132544 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001094672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001051248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001026280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 001015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000998400 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000994272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000979456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000973824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000970480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000964096 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000949856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-03-19 16:01 - 2020-03-19 16:01 - 000917816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000890880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000887808 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000882176 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000879104 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000857088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2020-03-19 16:01 - 2020-03-19 16:01 - 000855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000835872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000832016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000816232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000812440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000806712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000806328 _____ C:\WINDOWS\system32\locale.nls
2020-03-19 16:01 - 2020-03-19 16:01 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000700928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000686592 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-03-19 16:01 - 2020-03-19 16:01 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000665432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000665400 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000662840 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000659456 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000645632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000636904 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000627000 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000625248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000622592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000607544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000607248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000603792 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000576528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000573808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000548664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000540456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000526512 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000525496 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000519544 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000512312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000504072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxbde40.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000470512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000465832 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000450872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpx.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000449336 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000447288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000437048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000435216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-03-19 16:01 - 2020-03-19 16:01 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000412696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000391480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000386048 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000385272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000379432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspbde40.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000374584 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000372024 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000372024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000358712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000358128 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000357336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd3x40.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msexcl40.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000328696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000322360 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd2x40.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000303120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000297688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000287032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000286280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000276792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000265528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msltus40.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3gpui.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000222736 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000221016 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000196920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000196624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000192608 _____ (Microsoft Corporation) C:\WINDOWS\system32\xmllite.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000191800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-03-19 16:01 - 2020-03-19 16:01 - 000175928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000161080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000146920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000142136 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000141448 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000141112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000138552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000129360 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000119328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000108560 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000108088 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000106560 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000103736 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000098616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000098312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000090360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000085008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetDriverInstall.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000081040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\usp10.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000074552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000071752 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000064824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000061456 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000058882 _____ C:\WINDOWS\system32\srms.dat
2020-03-19 16:01 - 2020-03-19 16:01 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000056288 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\compact.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000040248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\werkernel.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000038912 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000033080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000031248 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-03-19 16:01 - 2020-03-19 16:01 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2020-03-19 16:01 - 2020-03-19 16:01 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys
2020-03-19 16:01 - 2020-03-19 16:01 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 013878784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 006053808 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 005821448 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 004173256 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 003554304 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 003330880 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 002893312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 002603008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 002419200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 002417744 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 002344976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-03-19 16:00 - 2020-03-19 16:00 - 002281984 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 001990056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 001844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2020-03-19 16:00 - 2020-03-19 16:00 - 001805872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 001720320 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-03-19 16:00 - 2020-03-19 16:00 - 001692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 001651040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 001588736 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 001585304 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 001462192 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 001418752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 001388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 001299472 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 001254712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 001224192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 001082880 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 001076224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 001050624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 001020088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-03-19 16:00 - 2020-03-19 16:00 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-03-19 16:00 - 2020-03-19 16:00 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000829752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2020-03-19 16:00 - 2020-03-19 16:00 - 000782136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2020-03-19 16:00 - 2020-03-19 16:00 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000746504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2020-03-19 16:00 - 2020-03-19 16:00 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000734408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000700928 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000632848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-03-19 16:00 - 2020-03-19 16:00 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2020-03-19 16:00 - 2020-03-19 16:00 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000550512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000538912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000535864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2020-03-19 16:00 - 2020-03-19 16:00 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000502616 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-03-19 16:00 - 2020-03-19 16:00 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000480272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2020-03-19 16:00 - 2020-03-19 16:00 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000424208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000419840 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2020-03-19 16:00 - 2020-03-19 16:00 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000377344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-03-19 16:00 - 2020-03-19 16:00 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-03-19 16:00 - 2020-03-19 16:00 - 000343056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-03-19 16:00 - 2020-03-19 16:00 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-03-19 16:00 - 2020-03-19 16:00 - 000317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
2020-03-19 16:00 - 2020-03-19 16:00 - 000317112 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-03-19 16:00 - 2020-03-19 16:00 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000307000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2020-03-19 16:00 - 2020-03-19 16:00 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2020-03-19 16:00 - 2020-03-19 16:00 - 000289800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-03-19 16:00 - 2020-03-19 16:00 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000286616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000261864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000259088 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000241160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2020-03-19 16:00 - 2020-03-19 16:00 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2020-03-19 16:00 - 2020-03-19 16:00 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000226104 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000187432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-03-19 16:00 - 2020-03-19 16:00 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-03-19 16:00 - 2020-03-19 16:00 - 000170952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-03-19 16:00 - 2020-03-19 16:00 - 000159208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2020-03-19 16:00 - 2020-03-19 16:00 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-03-19 16:00 - 2020-03-19 16:00 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-03-19 16:00 - 2020-03-19 16:00 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\viac7.sys
2020-03-19 16:00 - 2020-03-19 16:00 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-03-19 16:00 - 2020-03-19 16:00 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000140832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2020-03-19 16:00 - 2020-03-19 16:00 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000125504 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000101400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000089400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2020-03-19 16:00 - 2020-03-19 16:00 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000082232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-03-19 16:00 - 2020-03-19 16:00 - 000078648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2020-03-19 16:00 - 2020-03-19 16:00 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2020-03-19 16:00 - 2020-03-19 16:00 - 000026640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2020-03-19 16:00 - 2020-03-19 16:00 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2020-03-19 16:00 - 2020-03-19 16:00 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-03-19 14:25 - 2020-03-19 14:26 - 000140683 _____ C:\Users\Rafaela Andrade\Documents\[HASHTAG]#Aqu&aacute;rio[/HASHTAG] Controle Geral.xlsx

==================== Tr&ecirc;s meses (modificados) ==================

(Se uma entrada for inclu&iacute;da na fixlist, o arquivo/pasta ser&aacute; movido.)

2020-05-14 14:42 - 2018-04-11 17:36 - 000000000 ____D C:\Users\Todos os Usu&aacute;rios\regid.1991-06.com.microsoft
2020-05-14 14:42 - 2018-04-11 17:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-14 14:28 - 2018-05-26 18:26 - 001965150 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-14 14:28 - 2018-04-12 02:19 - 000836684 _____ C:\WINDOWS\system32\prfh0416.dat
2020-05-14 14:28 - 2018-04-12 02:19 - 000179966 _____ C:\WINDOWS\system32\prfc0416.dat
2020-05-14 14:28 - 2018-04-11 17:31 - 000000000 ____D C:\WINDOWS\INF
2020-05-14 14:23 - 2018-04-11 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-05-14 14:21 - 2018-05-26 19:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-14 14:21 - 2018-05-23 15:19 - 000000000 ___DC C:\WINDOWS\Panther
2020-05-14 14:10 - 2018-04-11 09:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-05-14 14:06 - 2010-09-05 23:30 - 000000000 ____D C:\Users\Rafaela Andrade\AppData\Local\CrashDumps
2020-05-14 14:06 - 2010-09-04 00:56 - 000000000 ____D C:\Users\Rafaela Andrade\AppData\Local\Last.fm
2020-05-14 14:05 - 2014-07-06 00:13 - 000001451 _____ C:\Users\Rafaela Andrade\Desktop\HijackThis.lnk
2020-05-14 14:05 - 2010-09-04 03:48 - 000000000 ____D C:\Program Files\Opera
2020-05-14 13:35 - 2010-09-04 18:32 - 000000000 ____D C:\Users\Rafaela Andrade\AppData\Roaming\uTorrent
2020-05-14 13:26 - 2014-01-31 00:39 - 000000286 __RSH C:\Users\Todos os Usu&aacute;rios\ntuser.pol
2020-05-14 13:26 - 2014-01-31 00:39 - 000000286 __RSH C:\ProgramData\ntuser.pol
2020-05-14 13:24 - 2019-03-02 15:18 - 000000000 ____D C:\Users\Rafaela Andrade\AppData\LocalLow\360WD
2020-05-14 13:22 - 2019-09-30 21:25 - 000000000 ____D C:\Users\Rafaela Andrade\AppData\Local\Spotify
2020-05-14 13:21 - 2019-09-30 21:21 - 000000000 ____D C:\Users\Rafaela Andrade\AppData\Roaming\Spotify
2020-05-14 13:09 - 2012-02-28 15:33 - 000000000 ____D C:\Users\Rafaela Andrade\Downloads\FILMES
2020-05-14 13:04 - 2017-05-14 02:22 - 000000000 ____D C:\Users\Rafaela Andrade\AppData\LocalLow\uTorrent
2020-05-14 12:47 - 2019-09-14 18:13 - 000000000 ____D C:\Users\Rafaela Andrade\AppData\Local\BitTorrentHelper
2020-05-14 12:06 - 2019-10-26 22:16 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-14 12:06 - 2019-10-26 22:16 - 000002204 _____ C:\Users\Todos os Usu&aacute;rios\Desktop\Google Chrome.lnk
2020-05-14 12:06 - 2019-10-26 22:16 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-05-14 12:06 - 2019-10-26 22:16 - 000002204 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-05-14 11:34 - 2018-04-11 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-14 11:20 - 2014-05-02 00:13 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-05-14 11:13 - 2017-12-12 23:56 - 000000000 ____D C:\Users\Rafaela Andrade\AppData\Local\Packages
2020-05-14 10:35 - 2018-04-11 17:25 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-05-14 10:35 - 2010-09-16 01:34 - 117472672 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-05-14 10:19 - 2018-05-26 19:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-05-14 09:32 - 2015-09-24 16:18 - 000002106 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-05-14 09:26 - 2010-11-28 19:34 - 000609128 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-05-14 09:21 - 2018-05-26 19:12 - 000004192 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F2622469-7474-42F4-BAFB-99DDBC0C3E4F}

==================== Arquivos na raiz de alguns diret&oacute;rios ========

2011-03-02 04:17 - 2011-03-02 04:17 - 000000005 _____ () C:\Program Files\thumb_files80.dat
2014-09-07 01:34 - 2014-09-17 21:01 - 000000004 _____ () C:\Users\Rafaela Andrade\AppData\Roaming\appdataFr2.bin
2013-01-26 20:14 - 2015-09-26 01:13 - 000000612 _____ () C:\Users\Rafaela Andrade\AppData\Roaming\AutoGK.ini
2010-09-07 01:53 - 2011-11-06 10:33 - 000000640 _____ () C:\Users\Rafaela Andrade\AppData\Roaming\burnaware.ini
2011-06-30 17:21 - 2012-11-16 16:21 - 000000212 _____ () C:\Users\Rafaela Andrade\AppData\Roaming\default.rss
2015-09-26 01:09 - 2015-09-26 01:09 - 000087608 _____ () C:\Users\Rafaela Andrade\AppData\Roaming\inst.exe
2015-09-26 01:09 - 2015-09-26 01:09 - 000007887 _____ () C:\Users\Rafaela Andrade\AppData\Roaming\pcouffin.cat
2015-09-26 01:09 - 2015-09-26 01:09 - 000001144 _____ () C:\Users\Rafaela Andrade\AppData\Roaming\pcouffin.inf
2015-09-26 01:09 - 2015-09-26 01:09 - 000000055 _____ () C:\Users\Rafaela Andrade\AppData\Roaming\pcouffin.log
2015-09-26 01:09 - 2015-09-26 01:09 - 000047360 _____ (VSO Software) C:\Users\Rafaela Andrade\AppData\Roaming\pcouffin.sys
2010-10-25 20:56 - 2010-10-25 20:56 - 000027337 _____ () C:\Users\Rafaela Andrade\AppData\Roaming\UserTile.png
2011-06-21 17:15 - 2013-11-22 17:59 - 000001181 _____ () C:\Users\Rafaela Andrade\AppData\Roaming\vso_ts_preview.xml
2010-12-03 14:17 - 2017-12-18 23:17 - 000008236 _____ () C:\Users\Rafaela Andrade\AppData\Roaming\wklnhst.dat
2011-01-14 02:04 - 2015-11-17 00:50 - 000125440 _____ () C:\Users\Rafaela Andrade\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-06 03:22 - 2016-02-06 03:22 - 000000017 _____ () C:\Users\Rafaela Andrade\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(N&atilde;o h&aacute; corre&ccedil;&atilde;o autom&aacute;tica para arquivos que n&atilde;o passaram na verifica&ccedil;&atilde;o.)

==================== Fim de FRST.txt ========================
[/SPOILER]

Answer

Reconhece esses links abaixo:

[SPOILER=Links supeitos]IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\123simsen.com -> www.123simsen.com[/SPOILER]

Voc&ecirc; que instalou esse Qihoo 360 Total Security?

Seu Windows Defender est&aacute; parado e &eacute; poss&iacute;vel que esse programa de prote&ccedil;&atilde;o tenha tomado o lugar dele.

O exame do Windows Defender Antivirus foi interrompido antes da conclus&atilde;o.
ID do Exame: {41D7F331-4762-4946-B29E-AD73114260FA}
Tipo de Exame: Antimalware
Par&acirc;metros do Exame: Verifica&ccedil;&atilde;o R&aacute;pida
Usu&aacute;rio: AUTORIDADE NT\SISTEMA

Fa&ccedil;a o seguinte:

Fa&ccedil;a o Download do Malwarebytes Adware Cleaner ele n&atilde;o precisa instalar, &eacute; executado direto. Fa&ccedil;a a varredura e poste aqui o resultado.

Fa&ccedil;a download do Kaspersky Virus Removal Tool, &eacute; um antiv&iacute;rus on-line, ou seja, n&atilde;o precisa instalar.

Neste link a seguir, tem um pequeno tutorial de como usar o Kaspersky: https://www.hardware.com.br/comunidade/v-t/1510949/#post8249043

Se por acaso n&atilde;o conseguir fazer o download das ferramentes informe, pois o v&iacute;rus pode est&aacute; barrando.

Estou continuando a analisar os logs, pois s&atilde;o grandes, mas j&aacute; pode ir executando as ferramentas. Execute uma e avisa, a segunda s&oacute; depois do resultado da primeira.

Answer

[QUOTE=PH, post: 8327765, member: 1127]Reconhece esses links abaixo:

[SPOILER=Links supeitos]IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3389360482-2779716845-3774890508-1000\...\123simsen.com -> www.123simsen.com[/SPOILER]

Voc&ecirc; que instalou esse Qihoo 360 Total Security?

Seu Windows Defender est&aacute; parado e &eacute; poss&iacute;vel que esse programa de prote&ccedil;&atilde;o tenha tomado o lugar dele.

Fa&ccedil;a o seguinte:

Fa&ccedil;a o Download do Malwarebytes Adware Cleaner ele n&atilde;o precisa instalar, &eacute; executado direto. Fa&ccedil;a a varredura e poste aqui o resultado.

Fa&ccedil;a download do Kaspersky Virus Removal Tool, &eacute; um antiv&iacute;rus on-line, ou seja, n&atilde;o precisa instalar.

Neste link a seguir, tem um pequeno tutorial de como usar o Kaspersky: https://www.hardware.com.br/comunidade/v-t/1510949/#post8249043

Se por acaso n&atilde;o conseguir fazer o download das ferramentes informe, pois o v&iacute;rus pode est&aacute; barrando.

Estou continuando a analisar os logs, pois s&atilde;o grandes, mas j&aacute; pode ir executando as ferramentas. Execute uma e avisa, a segunda s&oacute; depois do resultado da primeira.[/QUOTE]

Muito obrigada!

N&atilde;o reconhe&ccedil;o nenhum desses links!

Fui eu quem instalei o 360 sim, tive um problema com o Avast em uma &eacute;poca e instalei esse 360 aconselhada por um amigo.

Fiz a varredura com o Adware cleaner:
[SPOILER=log adw cleaner]
# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-05-13.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    05-14-2020
# Duration: 00:05:39
# OS:       Windows 10 Home
# Scanned:  31864
# Detected: 66

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Adware.Heuristic            C:\ProgramData\66D93FC0870989E5
PUP.Adware.Heuristic            C:\ProgramData\AVG_UPDATE_1215AV
PUP.Optional.DeleteAd           C:\ProgramData\DeleteAd
PUP.Optional.Legacy             C:\Program Files\avg web tuneup
PUP.Optional.Legacy             C:\ProgramData\FastSys
PUP.Optional.Legacy             C:\ProgramData\House Of Soft
PUP.Optional.Legacy             C:\ProgramData\NoMore Ads
PUP.Optional.Legacy             C:\ProgramData\Yellow AdBlocker
PUP.Optional.Legacy             C:\Users\Public\Documents\Guid
PUP.Optional.MultiPlug          C:\Program Files\TAKETHECOUPPON
PUP.Optional.MultiPlug          C:\ProgramData\ALLSAVER
PUP.Optional.MultiPlug          C:\ProgramData\BESTSAVEFORYOU
PUP.Optional.MultiPlug          C:\ProgramData\DEALEXIPRESS
PUP.Optional.MultiPlug          C:\ProgramData\MINIIMUMPRICE
PUP.Optional.MultiPlug          C:\ProgramData\TAKETHECOUPPON
PUP.Optional.SpyHunter          C:\Program Files\Enigma Software Group
PUP.Optional.WeatherTool        C:\Program Files\WeatherTool
PUP.Optional.WeatherTool        C:\Users\Rafaela Andrade\AppData\Roaming\WeatherTool
PUP.Optional.WeatherTool        C:\Windows\System32\config\systemprofile\AppData\Roaming\WeatherTool

***** [ Files ] *****

PUP.Optional.Legacy             C:\Users\Rafaela Andrade\AppData\Roaming\appdataFr2.bin

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Adware.Heuristic            C:\Windows\System32\Tasks\1215avUpdateInfo
PUP.Adware.Heuristic            C:\Windows\System32\Tasks_Migrated\1215AVUPDATEINFO
PUP.Optional.Legacy             C:\Windows\System32\Tasks_Migrated\EXPRESS FILES UPDATER

***** [ Registry ] *****

Adware.pokki                    HKCU\Software\Classes\pokki
PUP.Adware.Heuristic            HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51204563-234D-4F0E-99B9-F735D6CF539C} 
PUP.Adware.Heuristic            HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51204563-234D-4F0E-99B9-F735D6CF539C} 
PUP.Adware.Heuristic            HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1215avUpdateInfo
PUP.Optional.Conduit            HKCU\Software\Conduit
PUP.Optional.Conduit            HKLM\Software\Conduit
PUP.Optional.EoRezo             HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
PUP.Optional.Iminent            HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
PUP.Optional.InstallCore        HKCU\Software\csastats
PUP.Optional.Legacy             HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{69ABAE4C-47BC-4EAD-A2B3-ED08ED617830}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{21FA44EF-376D-4D53-9B0F-8A89D3229068}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{F999A48B-1950-4D81-9971-79018F807B4B}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate
PUP.Optional.Legacy             HKLM\Software\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{58124A0B-DC32-4180-9BFF-E0E21AE34026}
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
PUP.Optional.Legacy             HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
PUP.Optional.Legacy             HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
PUP.Optional.Legacy             HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
PUP.Optional.Legacy             HKU\S-1-5-18\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
PUP.Optional.ProductSetup.A     HKCU\Software\PRODUCTSETUP
PUP.Optional.SofTonicAssistant  HKCU\Software\Softonic
PUP.Optional.SpyHunter          HKLM\Software\EnigmaSoftwareGroup
PUP.Optional.WeatherTool        HKCU\Software\WeatherTool
PUP.Optional.WeatherTool        HKLM\Software\DtsEncodeTools
PUP.Optional.WeatherTool        HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WeatherTool
PUP.Optional.WeatherTool        HKLM\Software\WeatherTool

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

[/SPOILER]

Answer

[QUOTE=raferreirand, post: 8327775, member: 1245867]Muito obrigada!

N&atilde;o reconhe&ccedil;o nenhum desses links!

Fui eu quem instalei o 360 sim, tive um problema com o Avast em uma &eacute;poca e instalei esse 360 aconselhada por um amigo.

Fiz a varredura com o Adware cleaner:
[SPOILER=log adw cleaner]
# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-05-13.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    05-14-2020
# Duration: 00:05:39
# OS:       Windows 10 Home
# Scanned:  31864
# Detected: 66

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Adware.Heuristic            C:\ProgramData\66D93FC0870989E5
PUP.Adware.Heuristic            C:\ProgramData\AVG_UPDATE_1215AV
PUP.Optional.DeleteAd           C:\ProgramData\DeleteAd
PUP.Optional.Legacy             C:\Program Files\avg web tuneup
PUP.Optional.Legacy             C:\ProgramData\FastSys
PUP.Optional.Legacy             C:\ProgramData\House Of Soft
PUP.Optional.Legacy             C:\ProgramData\NoMore Ads
PUP.Optional.Legacy             C:\ProgramData\Yellow AdBlocker
PUP.Optional.Legacy             C:\Users\Public\Documents\Guid
PUP.Optional.MultiPlug          C:\Program Files\TAKETHECOUPPON
PUP.Optional.MultiPlug          C:\ProgramData\ALLSAVER
PUP.Optional.MultiPlug          C:\ProgramData\BESTSAVEFORYOU
PUP.Optional.MultiPlug          C:\ProgramData\DEALEXIPRESS
PUP.Optional.MultiPlug          C:\ProgramData\MINIIMUMPRICE
PUP.Optional.MultiPlug          C:\ProgramData\TAKETHECOUPPON
PUP.Optional.SpyHunter          C:\Program Files\Enigma Software Group
PUP.Optional.WeatherTool        C:\Program Files\WeatherTool
PUP.Optional.WeatherTool        C:\Users\Rafaela Andrade\AppData\Roaming\WeatherTool
PUP.Optional.WeatherTool        C:\Windows\System32\config\systemprofile\AppData\Roaming\WeatherTool

***** [ Files ] *****

PUP.Optional.Legacy             C:\Users\Rafaela Andrade\AppData\Roaming\appdataFr2.bin

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Adware.Heuristic            C:\Windows\System32\Tasks\1215avUpdateInfo
PUP.Adware.Heuristic            C:\Windows\System32\Tasks_Migrated\1215AVUPDATEINFO
PUP.Optional.Legacy             C:\Windows\System32\Tasks_Migrated\EXPRESS FILES UPDATER

***** [ Registry ] *****

Adware.pokki                    HKCU\Software\Classes\pokki
PUP.Adware.Heuristic            HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51204563-234D-4F0E-99B9-F735D6CF539C}
PUP.Adware.Heuristic            HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51204563-234D-4F0E-99B9-F735D6CF539C}
PUP.Adware.Heuristic            HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1215avUpdateInfo
PUP.Optional.Conduit            HKCU\Software\Conduit
PUP.Optional.Conduit            HKLM\Software\Conduit
PUP.Optional.EoRezo             HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
PUP.Optional.Iminent            HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
PUP.Optional.InstallCore        HKCU\Software\csastats
PUP.Optional.Legacy             HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{69ABAE4C-47BC-4EAD-A2B3-ED08ED617830}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{21FA44EF-376D-4D53-9B0F-8A89D3229068}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{F999A48B-1950-4D81-9971-79018F807B4B}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate
PUP.Optional.Legacy             HKLM\Software\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{58124A0B-DC32-4180-9BFF-E0E21AE34026}
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
PUP.Optional.Legacy             HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
PUP.Optional.Legacy             HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
PUP.Optional.Legacy             HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
PUP.Optional.Legacy             HKU\S-1-5-18\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
PUP.Optional.ProductSetup.A     HKCU\Software\PRODUCTSETUP
PUP.Optional.SofTonicAssistant  HKCU\Software\Softonic
PUP.Optional.SpyHunter          HKLM\Software\EnigmaSoftwareGroup
PUP.Optional.WeatherTool        HKCU\Software\WeatherTool
PUP.Optional.WeatherTool        HKLM\Software\DtsEncodeTools
PUP.Optional.WeatherTool        HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WeatherTool
PUP.Optional.WeatherTool        HKLM\Software\WeatherTool

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

[/SPOILER][/QUOTE]

Bom, pelo visto ele n&atilde;o deu conta do recado. De qualquer forma, voc&ecirc; pode ter o melhor programa de prote&ccedil;&atilde;o contra pragas, mas nada adianta se voc&ecirc; coloca e executa a praga.

Voc&ecirc; chegou a baixar esses torrents? Que tipo de torrents eram?

Fa&ccedil;a a limpeza com AdwCleaner e veja melhorou alguma coisa. Ap&oacute;s a limpeza, execute o KVRT, esse pode ser bem demorado, pois faz uma varredura profunda.

Poste aqui os resultados da varredura.

Answer

[QUOTE=PH, post: 8327793, member: 1127]Bom, pelo visto ele n&atilde;o deu conta do recado. De qualquer forma, voc&ecirc; pode ter o melhor programa de prote&ccedil;&atilde;o contra pragas, mas nada adianta se voc&ecirc; coloca e executa a praga.

Voc&ecirc; chegou a baixar esses torrents? Que tipo de torrents eram?

Fa&ccedil;a a limpeza com AdwCleaner e veja melhorou alguma coisa. Ap&oacute;s a limpeza, execute o KVRT, esse pode ser bem demorado, pois faz uma varredura profunda.

Poste aqui os resultados da varredura.[/QUOTE]

Muito obrigada pela ajuda, PH!

Eram torrents de uma temporada de Family Guy baixados via site de torrent (esses viatorrents, simplestorrents, nem lembro qual foi, pra ser sincera). Ap&oacute;s isso, eu ainda baixei mais um epis&oacute;dio via baixarseriesmp4.org (pelo mega). Para todos, eu passei por aquelas in&uacute;meras etapas de propaganda, adlink, tive de conceder permiss&atilde;o no navegador Opera. Assim que o epis&oacute;dio via Mega baixou, meu navegador parou de funcionar e aconteceu aquele processo. Apaguei absolutamente todos os arquivos.

Vou proceder como voc&ecirc; disse e posto os resultados.

Answer

[QUOTE=raferreirand, post: 8327795, member: 1245867]Muito obrigada pela ajuda, PH!

Eram torrents de uma temporada de Family Guy baixados via site de torrent (esses viatorrents, simplestorrents, nem lembro qual foi, pra ser sincera). Ap&oacute;s isso, eu ainda baixei mais um epis&oacute;dio via baixarseriesmp4.org (pelo mega). Para todos, eu passei por aquelas in&uacute;meras etapas de propaganda, adlink, tive de conceder permiss&atilde;o no navegador Opera. Assim que o epis&oacute;dio via Mega baixou, meu navegador parou de funcionar e aconteceu aquele processo. Apaguei absolutamente todos os arquivos.

Vou proceder como voc&ecirc; disse e posto os resultados.[/QUOTE]
Isso &eacute; uma armadilha, voc&ecirc; foi obrigada a conceder permiss&atilde;o (ai liberou a infec&ccedil;&atilde;o)! Eles sabem que voc&ecirc; quer por que quer aquilo, ent&atilde;o acaba fazendo o que eles pedem achando que assim vai conseguir o que quer. Esses downloads s&atilde;o ilegais se n&atilde;o encontra no site oficial, dessa forma, parte para site ilegais que criam armadilhas para que consiga baixar o que quer ai pronto, j&aacute; era, a praga (disfar&ccedil;ada de aviso para liberar o torrent), infecta o computador com sua autoriza&ccedil;&atilde;o.

Mas vamos dar continuidade, j&aacute; fez a varredura com o KVRT?

Answer

[QUOTE=PH, post: 8327825, member: 1127]Isso &eacute; uma armadilha, voc&ecirc; foi obrigada a conceder permiss&atilde;o (ai liberou a infec&ccedil;&atilde;o)! Eles sabem que voc&ecirc; quer por que quer aquilo, ent&atilde;o acaba fazendo o que eles pedem achando que assim vai conseguir o que quer. Esses downloads s&atilde;o ilegais se n&atilde;o encontra no site oficial, dessa forma, parte para site ilegais que criam armadilhas para que consiga baixar o que quer ai pronto, j&aacute; era, a praga (disfar&ccedil;ada de aviso para liberar o torrent), infecta o computador com sua autoriza&ccedil;&atilde;o.

Mas vamos dar continuidade, j&aacute; fez a varredura com o KVRT?[/QUOTE]

Claro, nunca mais fa&ccedil;o isso :(

Sobre a varredura, est&aacute; quase no final, assim que terminar posto aqui.

Muito obrigada pela ajuda!

Voc&ecirc; recomenda um bom antiv&iacute;rus gratuito?

Answer

[QUOTE=raferreirand, post: 8327827, member: 1245867]Claro, nunca mais fa&ccedil;o isso :(

Sobre a varredura, est&aacute; quase no final, assim que terminar posto aqui.

Muito obrigada pela ajuda!

Voc&ecirc; recomenda um bom antiv&iacute;rus gratuito?[/QUOTE]
Sem problemas, vou te ajudar no que eu puder para resolver esse problema, eu e outros colegas estamos aqui para isso!

Answer

Meu Deus, foram 4h39 minutos de varredura no KVRT e n&atilde;o consegui extrair o relat&oacute;rio, mas deletei tudo o que foi encontrado. Posto o print abaixo. Os 37 objetos encontrados sinalizavam como not-a-virus, mas eram muitos advertising. Acabo de fazer uma varredura com o Malwarebytes e gra&ccedil;as a Deus e a voc&ecirc;, no items were detected. Vou baixar um bom antiv&iacute;rus e me certificar que o Windows Defender esteja funcional.

Algum aconselhamento? O que acha?

Muito obrigada, n&atilde;o tenho palavras pra agradecer.

[SPOILER=novo log adwcleaner]
# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-05-13.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    05-14-2020
# Duration: 00:02:32
# OS:       Windows 10 Home
# Scanned:  31864
# Detected: 0

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.
[/SPOILER]

[ATTACH=full]115337[/ATTACH]

Answer

[QUOTE=raferreirand, post: 8327911, member: 1245867]Meu Deus, foram 4h39 minutos de varredura no KVRT e n&atilde;o consegui extrair o relat&oacute;rio, mas deletei tudo o que foi encontrado. Posto o print abaixo. Os 37 objetos encontrados sinalizavam como not-a-virus, mas eram muitos advertising. Acabo de fazer uma varredura com o Malwarebytes e gra&ccedil;as a Deus e a voc&ecirc;, no items were detected. Vou baixar um bom antiv&iacute;rus e me certificar que o Windows Defender esteja funcional.

Algum aconselhamento? O que acha?

Muito obrigada, n&atilde;o tenho palavras pra agradecer.

[SPOILER=novo log adwcleaner]
# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-05-13.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    05-14-2020
# Duration: 00:02:32
# OS:       Windows 10 Home
# Scanned:  31864
# Detected: 0

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.
[/SPOILER]

[ATTACH=full]115337[/ATTACH][/QUOTE]

Bom dia!

Veja se encontra o relat&oacute;rio em Report, basta abrir o KVRT novamente.

Como est&aacute; o seu PC depois da limpeza, tudo que informou acabou ou ainda continua?

Answer

[QUOTE=PH, post: 8328103, member: 1127]Bom dia!

Veja se encontra o relat&oacute;rio em Report, basta abrir o KVRT novamente.

Como est&aacute; o seu PC depois da limpeza, tudo que informou acabou ou ainda continua?[/QUOTE]

Bom dia, PH!

N&atilde;o consigo salvar o Report, apenas clico em Scan e aparece o que foi deletado.

Computador rodando normal, deixei o KVRT rodando quando fui dormir e ao acordar, nada foi detectado.

No entanto, surgiu a seguinte mensagem:

O Windows detectou um conflito de endere&ccedil;o IP

Outro computador desta rede tem o mesmo endere&ccedil;o IP deste computador. Contate o administrador de rede para obter ajuda e resolver o problema.

Aqui tenho um notebook em que trabalho, mas est&aacute; desligado pois estou de f&eacute;rias. E meus celulares que se conectam via wi-fi. O que acha que pode ser? Estou com o novo antiv&iacute;rus Avira rodando e o Windows Defender tamb&eacute;m est&aacute; ligado.

Por precau&ccedil;&atilde;o, acabo de trocar o nome da rede e senha.

Do log do Windows:
O computador detectou que o endere&ccedil;o IP ___________ da Placa de Rede com o endere&ccedil;o de rede ____________ j&aacute; est&aacute; sendo usado na rede. O computador tentar&aacute; obter automaticamente um endere&ccedil;o diferente.

Edit: com medo de ter tido o IP clonado, resetei meu roteador e troquei a senha de f&aacute;brica do admin. Acha que alguma outra a&ccedil;&atilde;o &eacute; necess&aacute;ria?

Answer

[QUOTE=raferreirand, post: 8328187, member: 1245867]
Edit: com medo de ter tido o IP clonado, resetei meu roteador e troquei a senha de f&aacute;brica do admin. Acha que alguma outra a&ccedil;&atilde;o &eacute; necess&aacute;ria?[/QUOTE]

Verifique se h&aacute; firmware atualizado para o roteador.

[]s.

Answer

[QUOTE=Komm, post: 8328303, member: 32096]Verifique se h&aacute; firmware atualizado para o roteador.

[]s.[/QUOTE]

Muito obrigada, Komm! Vou verificar! &Eacute; um Humax da NET e creio que vou precisar entrar em contato com eles para essa verifica&ccedil;&atilde;o, pois n&atilde;o encontrei nada no site.

Ferramentas

Mover Tópico