Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:14-05-2016
Executado por Victor (administrador) em DESKTOP-QGC4E84 (15-05-2016 23:07:36)
Executando a partir de C:\Users\Victor\Desktop
Perfis Carregados: Victor (Perfis Disponíveis: Victor & Administrador)
Platform: Windows 10 Pro Versão 1511 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Spotify Ltd) C:\Users\Victor\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6868.40731.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6868.40731.0_x64__8wekyb3d8bbwe\HxTsr.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Microsoft Corporation) C:\Windows\System32\wuapihost.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files\WindowsApps\Facebook.Facebook_4.453.58926.0_x86__8xx8rvfyw5nnt\WinUAPEntry.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [5006536 2016-04-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23745808 2016-05-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
Winlogon\Notify\ GbPluginUni: C:\Program Files (x86)\GbPlugin\gbiehUni.dll [2015-09-04] (Banco Itaú Unibanco)
HKU\S-1-5-21-2658076088-2665001163-1618427135-1001\...\Run: [Steam] => F:\Jogos\Steam\steam.exe [3077712 2016-04-29] (Valve Corporation)
HKU\S-1-5-21-2658076088-2665001163-1618427135-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23484296 2016-04-25] (Google)
HKU\S-1-5-21-2658076088-2665001163-1618427135-1001\...\Run: [EADM] => F:\Jogos\Origin\Origin.exe [3639280 2016-04-27] (Electronic Arts)
HKU\S-1-5-21-2658076088-2665001163-1618427135-1001\...\Run: [FlickrUploadr] => "C:\Users\Victor\AppData\Local\FlickrUploadrWindows\Update.exe" --processStart Flickr.exe
HKU\S-1-5-21-2658076088-2665001163-1618427135-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [465920 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-2658076088-2665001163-1618427135-1001\...\Run: [Spotify Web Helper] => C:\Users\Victor\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-28] (Spotify Ltd)
HKU\S-1-5-21-2658076088-2665001163-1618427135-1001\...\Run: [Spotify] => C:\Users\Victor\AppData\Roaming\Spotify\Spotify.exe [6890608 2016-04-28] (Spotify Ltd)
HKU\S-1-5-18\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll [1896696 2015-09-04] (Banco Itaú Unibanco)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => Nenhum Arquivo
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => Nenhum Arquivo
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => Nenhum Arquivo
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
Startup: C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2016-05-12]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{16550dc3-b90a-4c3c-9e7d-26806f07d082}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{d07f08cf-4606-449a-ad9a-5a0a6f7b52d9}: [DhcpNameServer] 10.0.0.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
BHO: Sem Nome -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> Nenhum Arquivo
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-02-09] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-28] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2016-03-25] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files (x86)\GbPlugin\gbiehuni.dll [2015-09-04] (Banco Itaú Unibanco)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-04-12] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-28] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Victor\AppData\Roaming\Mozilla\Firefox\Profiles\9ki5ru7b.default
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser/
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [Nenhum Arquivo]
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [Nenhum Arquivo]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-2658076088-2665001163-1618427135-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml [2015-07-01]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml [2015-07-01]
FF Extension: DownThemAll! - C:\Users\Victor\AppData\Roaming\Mozilla\Firefox\Profiles\9ki5ru7b.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-07-30]
Chrome:
=======
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-10]
CHR Extension: (Google Drive) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-10]
CHR Extension: (YouTube) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-10]
CHR Extension: (Adblock Plus) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-05-10]
CHR Extension: (Estadão) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cgellgdbeldoenodfccpcnklegfclikd [2016-05-10]
CHR Extension: (Wikiwand: Wikipedia Modernized) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\emffkefkbkpkgpdeeooapgaicgmcbolj [2016-05-10]
CHR Extension: (EBook Offline Reader) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fkidldjfpemdgkehdhkoehplkbkcadfa [2016-05-10]
CHR Extension: (Documentos Google off-line) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-10]
CHR Extension: (MagicScroll eBook Reader) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble [2016-05-10]
CHR Extension: (TweetDeck by Twitter) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2016-05-10]
CHR Extension: (GBBD Guardião - Itaú 30 horas) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kgmpojlddncminmkddkpoegdjhojjipg [2016-05-10]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-05-10]
CHR Extension: (Extensão do Google Keep para o Chrome) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2016-05-10]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-10]
CHR Extension: (Gmail) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-10]
CHR HKU\S-1-5-21-2658076088-2665001163-1618427135-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Victor\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-05-10]
CHR HKU\S-1-5-21-2658076088-2665001163-1618427135-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-07-30] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-07-30] (Dropbox, Inc.)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [587576 2015-08-12] (GAS Tecnologia)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 Origin Client Service; F:\Jogos\Origin\OriginClientService.exe [2120712 2016-04-27] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-10-27] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-07-30] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [730304 2016-01-11] (Wacom Technology, Corp.)
S2 Cowpacsuijutyl Updater; C:\Program Files\Cowpacsuijutyl\Wusjul.exe [X]
S2 Rhhambih; "C:\Users\Victor\AppData\Roaming\TaukiMak\Vocexar.exe" -cms [X]
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [23240 2016-03-21] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [111120 2016-03-01] (Advanced Micro Devices)
S3 dc1-controller; C:\Windows\System32\drivers\dc1-controller.sys [57344 2015-10-30] (Microsoft Corp.)
R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2016-05-15] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-09-04] (GAS Tecnologia)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R3 RTL8023x64; C:\Windows\System32\drivers\Rtnic64.sys [51712 2015-10-30] (Realtek Semiconductor Corporation )
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Arquivo não assinado]
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-09-04] (GAS Tecnologia LTDA)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S1 actgpaho; \??\C:\WINDOWS\system32\drivers\actgpaho.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-05-15 21:17 - 2016-05-15 21:18 - 19837512 _____ C:\Users\Victor\Desktop\fasfasft.exe
2016-05-15 20:11 - 2016-05-15 20:11 - 00001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-05-15 20:11 - 2016-05-15 20:11 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2016-05-15 20:11 - 2016-05-15 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-05-15 20:11 - 2016-05-15 20:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-15 20:11 - 2016-05-15 20:11 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-05-15 20:11 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-05-15 20:11 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-05-15 20:11 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-05-15 20:08 - 2016-05-15 20:08 - 22851472 _____ (Malwarebytes ) C:\Users\Victor\Desktop\mbam-setup-2.2.1.1043 (1).exe
2016-05-15 19:54 - 2016-05-15 19:54 - 00334792 _____ (Malwarebytes Corporation) C:\Users\Victor\Desktop\mbam-clean-2.2.2.7.exe
2016-05-15 19:45 - 2016-05-15 19:45 - 00020960 _____ C:\Users\Victor\Desktop\eset.txt
2016-05-14 18:34 - 2016-05-14 18:34 - 00000000 ____D C:\Program Files (x86)\ESET
2016-05-14 18:33 - 2016-05-14 18:33 - 02870984 _____ (ESET) C:\Users\Victor\Desktop\esetsmartinstaller_enu.exe
2016-05-14 17:58 - 2016-05-14 18:00 - 00003616 _____ C:\Users\Victor\Desktop\Fixlog.txt
2016-05-14 16:17 - 2016-05-14 16:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-05-14 15:39 - 2016-05-14 15:39 - 00000919 _____ C:\Users\Victor\Desktop\JRT.txt
2016-05-14 15:37 - 2016-05-14 15:37 - 00009309 _____ C:\Users\Victor\Desktop\AdwCleaner[C3].txt
2016-05-14 15:17 - 2016-05-14 15:17 - 22851472 _____ (Malwarebytes ) C:\Users\Victor\Desktop\mbam-setup-2.2.1.1043.exe
2016-05-14 15:17 - 2016-05-14 15:17 - 01610816 _____ (Malwarebytes) C:\Users\Victor\Desktop\JRT.exe
2016-05-14 14:21 - 2016-05-14 14:21 - 00006272 _____ C:\Users\Victor\Desktop\Rkill.txt
2016-05-14 13:41 - 2016-05-14 13:41 - 00000000 ____D C:\Users\Victor\AppData\Local\VS Revo Group
2016-05-14 13:41 - 2016-05-14 13:41 - 00000000 ____D C:\Users\Todos os Usuários\VS Revo Group
2016-05-14 13:41 - 2016-05-14 13:41 - 00000000 ____D C:\ProgramData\VS Revo Group
2016-05-14 13:41 - 2016-05-14 13:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2016-05-14 13:41 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2016-05-14 13:40 - 2016-05-14 13:40 - 11374528 _____ (VS Revo Group ) C:\Users\Victor\Downloads\RevoUninProSetup.exe
2016-05-14 13:40 - 2016-05-14 13:40 - 00000000 ____D C:\Program Files\VS Revo Group
2016-05-14 11:13 - 2016-05-14 14:25 - 00000471 _____ C:\Users\Victor\Downloads\ckfiles.txt
2016-05-14 11:11 - 2016-05-14 11:11 - 00468480 _____ () C:\Users\Victor\Downloads\CKScanner.exe
2016-05-12 22:07 - 2016-05-12 22:07 - 00000512 _____ C:\Users\Victor\Desktop\MBR.dat
2016-05-12 21:56 - 2016-05-15 23:07 - 00023324 _____ C:\Users\Victor\Desktop\FRST.txt
2016-05-12 21:56 - 2016-05-12 21:56 - 00074987 _____ C:\Users\Victor\Desktop\Addition.txt
2016-05-12 21:55 - 2016-05-14 16:19 - 00062800 _____ C:\Users\Victor\Downloads\Addition.txt
2016-05-12 21:54 - 2016-05-14 16:19 - 00078517 _____ C:\Users\Victor\Downloads\FRST.txt
2016-05-12 21:53 - 2016-05-15 23:07 - 00000000 ____D C:\FRST
2016-05-12 21:53 - 2016-05-12 22:07 - 00003630 _____ C:\Users\Victor\Desktop\aswMBR.txt
2016-05-12 21:52 - 2016-05-14 16:15 - 02382336 _____ (Farbar) C:\Users\Victor\Desktop\FRST64.exe
2016-05-12 21:50 - 2016-05-12 21:50 - 05198336 _____ (AVAST Software) C:\Users\Victor\Downloads\aswMBR.exe
2016-05-12 20:54 - 2016-05-12 20:57 - 04621304 _____ (Google) C:\Users\Administrador\Downloads\chrome_cleanup_tool.exe
2016-05-12 20:16 - 2016-05-12 20:16 - 00143992 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernelEx64.sys
2016-05-12 20:16 - 2016-05-12 20:16 - 00000000 ____D C:\Users\Administrador\AppData\Roaming\library_dir
2016-05-12 20:16 - 2016-05-12 20:16 - 00000000 ____D C:\Users\Administrador\AppData\Local\PeerDistRepub
2016-05-12 20:15 - 2016-05-12 20:17 - 00000000 ____D C:\Users\Administrador\AppData\Roaming\PlaysTV
2016-05-11 14:59 - 2016-05-11 14:59 - 00000000 _____ C:\Users\Victor\pslog.txt
2016-05-10 20:19 - 2016-05-15 19:54 - 00000000 ____D C:\Users\Victor\AppData\Roaming\WhatsApp
2016-05-10 20:19 - 2016-05-10 20:19 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2016-05-10 20:19 - 2016-05-10 20:19 - 00000000 ____D C:\Users\Victor\AppData\Local\WhatsApp
2016-05-10 19:49 - 2016-05-10 19:49 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome
2016-05-10 19:45 - 2016-05-12 21:17 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-10 19:45 - 2016-05-12 21:17 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-10 19:39 - 2016-05-10 19:39 - 00000000 ____D C:\Users\Victor\AppData\Local\Deployment
2016-05-10 19:39 - 2016-05-10 19:39 - 00000000 ____D C:\Users\Victor\AppData\Local\Apps\2.0
2016-05-10 19:25 - 2016-05-06 01:53 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-05-10 19:25 - 2016-05-06 01:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-05-10 19:25 - 2016-05-06 01:03 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-10 19:25 - 2016-05-06 00:53 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-05-10 19:25 - 2016-05-06 00:49 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-10 19:25 - 2016-05-06 00:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-05-10 19:25 - 2016-05-06 00:43 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-05-10 19:25 - 2016-05-06 00:23 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-10 19:25 - 2016-04-30 03:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-05-10 19:25 - 2016-04-30 03:31 - 03591168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-05-10 19:25 - 2016-04-23 03:12 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-05-10 19:25 - 2016-04-23 03:12 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-05-10 19:25 - 2016-04-23 03:12 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-10 19:25 - 2016-04-23 03:12 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-05-10 19:25 - 2016-04-23 03:12 - 00294592 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-05-10 19:25 - 2016-04-23 03:12 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-05-10 19:25 - 2016-04-23 03:12 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-05-10 19:25 - 2016-04-23 03:12 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-10 19:25 - 2016-04-23 02:28 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-05-10 19:25 - 2016-04-23 02:28 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-05-10 19:25 - 2016-04-23 02:26 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-05-10 19:25 - 2016-04-23 02:24 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-10 19:25 - 2016-04-23 02:24 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-10 19:25 - 2016-04-23 02:24 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-10 19:25 - 2016-04-23 02:24 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-05-10 19:25 - 2016-04-23 02:24 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-05-10 19:25 - 2016-04-23 02:24 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-05-10 19:25 - 2016-04-23 02:24 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-10 19:25 - 2016-04-23 02:22 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-10 19:25 - 2016-04-23 02:18 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-05-10 19:25 - 2016-04-23 02:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-05-10 19:25 - 2016-04-23 02:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-05-10 19:25 - 2016-04-23 02:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-05-10 19:25 - 2016-04-23 02:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-05-10 19:25 - 2016-04-23 02:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-05-10 19:25 - 2016-04-23 02:12 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-05-10 19:25 - 2016-04-23 02:11 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-10 19:25 - 2016-04-23 02:11 - 00696672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-10 19:25 - 2016-04-23 02:11 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-10 19:25 - 2016-04-23 02:11 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-05-10 19:25 - 2016-04-23 02:11 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-05-10 19:25 - 2016-04-23 02:11 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-05-10 19:25 - 2016-04-23 02:10 - 03673424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-10 19:25 - 2016-04-23 02:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-05-10 19:25 - 2016-04-23 02:10 - 00330072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-05-10 19:25 - 2016-04-23 02:09 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-05-10 19:25 - 2016-04-23 02:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-05-10 19:25 - 2016-04-23 02:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-05-10 19:25 - 2016-04-23 02:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-05-10 19:25 - 2016-04-23 02:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-05-10 19:25 - 2016-04-23 02:09 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-10 19:25 - 2016-04-23 02:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-05-10 19:25 - 2016-04-23 02:09 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-05-10 19:25 - 2016-04-23 02:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-05-10 19:25 - 2016-04-23 02:08 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-05-10 19:25 - 2016-04-23 02:08 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-05-10 19:25 - 2016-04-23 02:08 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-10 19:25 - 2016-04-23 02:07 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-10 19:25 - 2016-04-23 02:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-05-10 19:25 - 2016-04-23 02:07 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-10 19:25 - 2016-04-23 02:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-05-10 19:25 - 2016-04-23 02:06 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-10 19:25 - 2016-04-23 02:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-05-10 19:25 - 2016-04-23 02:01 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-10 19:25 - 2016-04-23 02:01 - 00650304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-05-10 19:25 - 2016-04-23 02:01 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-10 19:25 - 2016-04-23 02:01 - 00577368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-05-10 19:25 - 2016-04-23 02:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-05-10 19:25 - 2016-04-23 02:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-05-10 19:25 - 2016-04-23 02:01 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-05-10 19:25 - 2016-04-23 02:01 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-10 19:25 - 2016-04-23 02:00 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-10 19:25 - 2016-04-23 02:00 - 01594920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-10 19:25 - 2016-04-23 02:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-05-10 19:25 - 2016-04-23 02:00 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-10 19:25 - 2016-04-23 02:00 - 01372304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-05-10 19:25 - 2016-04-23 02:00 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-05-10 19:25 - 2016-04-23 02:00 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-05-10 19:25 - 2016-04-23 02:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-05-10 19:25 - 2016-04-23 02:00 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-05-10 19:25 - 2016-04-23 01:56 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-10 19:25 - 2016-04-23 01:39 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-05-10 19:25 - 2016-04-23 01:35 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-05-10 19:25 - 2016-04-23 01:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-05-10 19:25 - 2016-04-23 01:34 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-05-10 19:25 - 2016-04-23 01:34 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-10 19:25 - 2016-04-23 01:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-10 19:25 - 2016-04-23 01:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-05-10 19:25 - 2016-04-23 01:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-05-10 19:25 - 2016-04-23 01:33 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-10 19:25 - 2016-04-23 01:32 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-05-10 19:25 - 2016-04-23 01:32 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-10 19:25 - 2016-04-23 01:32 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-10 19:25 - 2016-04-23 01:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-05-10 19:25 - 2016-04-23 01:31 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-05-10 19:25 - 2016-04-23 01:30 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-05-10 19:25 - 2016-04-23 01:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-10 19:25 - 2016-04-23 01:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-05-10 19:25 - 2016-04-23 01:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-05-10 19:25 - 2016-04-23 01:29 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-10 19:25 - 2016-04-23 01:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-05-10 19:25 - 2016-04-23 01:29 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-10 19:25 - 2016-04-23 01:29 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-05-10 19:25 - 2016-04-23 01:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2016-05-10 19:25 - 2016-04-23 01:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-05-10 19:25 - 2016-04-23 01:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-05-10 19:25 - 2016-04-23 01:28 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-10 19:25 - 2016-04-23 01:28 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-10 19:25 - 2016-04-23 01:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-10 19:25 - 2016-04-23 01:28 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-05-10 19:25 - 2016-04-23 01:28 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-05-10 19:25 - 2016-04-23 01:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-05-10 19:25 - 2016-04-23 01:27 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-05-10 19:25 - 2016-04-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-05-10 19:25 - 2016-04-23 01:26 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-05-10 19:25 - 2016-04-23 01:26 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-05-10 19:25 - 2016-04-23 01:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-05-10 19:25 - 2016-04-23 01:25 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-05-10 19:25 - 2016-04-23 01:25 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-05-10 19:25 - 2016-04-23 01:25 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-05-10 19:25 - 2016-04-23 01:25 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-10 19:25 - 2016-04-23 01:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-05-10 19:25 - 2016-04-23 01:24 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-05-10 19:25 - 2016-04-23 01:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-05-10 19:25 - 2016-04-23 01:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-05-10 19:25 - 2016-04-23 01:24 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-05-10 19:25 - 2016-04-23 01:24 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-10 19:25 - 2016-04-23 01:24 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-10 19:25 - 2016-04-23 01:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-05-10 19:25 - 2016-04-23 01:23 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-05-10 19:25 - 2016-04-23 01:23 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-05-10 19:25 - 2016-04-23 01:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-05-10 19:25 - 2016-04-23 01:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-10 19:25 - 2016-04-23 01:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-05-10 19:25 - 2016-04-23 01:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-05-10 19:25 - 2016-04-23 01:22 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-05-10 19:25 - 2016-04-23 01:22 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-10 19:25 - 2016-04-23 01:21 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-10 19:25 - 2016-04-23 01:21 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-10 19:25 - 2016-04-23 01:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-05-10 19:25 - 2016-04-23 01:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-05-10 19:25 - 2016-04-23 01:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-05-10 19:25 - 2016-04-23 01:20 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-05-10 19:25 - 2016-04-23 01:20 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-10 19:25 - 2016-04-23 01:20 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-05-10 19:25 - 2016-04-23 01:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-05-10 19:25 - 2016-04-23 01:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-05-10 19:25 - 2016-04-23 01:19 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-05-10 19:25 - 2016-04-23 01:19 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-05-10 19:25 - 2016-04-23 01:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-10 19:25 - 2016-04-23 01:19 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-05-10 19:25 - 2016-04-23 01:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-10 19:25 - 2016-04-23 01:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2016-05-10 19:25 - 2016-04-23 01:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-05-10 19:25 - 2016-04-23 01:18 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-10 19:25 - 2016-04-23 01:18 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-05-10 19:25 - 2016-04-23 01:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-05-10 19:25 - 2016-04-23 01:18 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-05-10 19:25 - 2016-04-23 01:18 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-05-10 19:25 - 2016-04-23 01:18 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-10 19:25 - 2016-04-23 01:18 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-10 19:25 - 2016-04-23 01:18 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-05-10 19:25 - 2016-04-23 01:18 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-10 19:25 - 2016-04-23 01:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-05-10 19:25 - 2016-04-23 01:18 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-10 19:25 - 2016-04-23 01:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-05-10 19:25 - 2016-04-23 01:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-05-10 19:25 - 2016-04-23 01:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-05-10 19:25 - 2016-04-23 01:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-05-10 19:25 - 2016-04-23 01:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-05-10 19:25 - 2016-04-23 01:17 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-05-10 19:25 - 2016-04-23 01:16 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-10 19:25 - 2016-04-23 01:16 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-10 19:25 - 2016-04-23 01:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-05-10 19:25 - 2016-04-23 01:15 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-05-10 19:25 - 2016-04-23 01:15 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-10 19:25 - 2016-04-23 01:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-05-10 19:25 - 2016-04-23 01:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-05-10 19:25 - 2016-04-23 01:15 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-10 19:25 - 2016-04-23 01:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-05-10 19:25 - 2016-04-23 01:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-05-10 19:25 - 2016-04-23 01:14 - 13383168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-10 19:25 - 2016-04-23 01:14 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-10 19:25 - 2016-04-23 01:14 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-05-10 19:25 - 2016-04-23 01:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-05-10 19:25 - 2016-04-23 01:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-05-10 19:25 - 2016-04-23 01:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-05-10 19:25 - 2016-04-23 01:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-05-10 19:25 - 2016-04-23 01:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-05-10 19:25 - 2016-04-23 01:13 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-05-10 19:25 - 2016-04-23 01:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-05-10 19:25 - 2016-04-23 01:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-05-10 19:25 - 2016-04-23 01:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-05-10 19:25 - 2016-04-23 01:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-05-10 19:25 - 2016-04-23 01:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-05-10 19:25 - 2016-04-23 01:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-05-10 19:25 - 2016-04-23 01:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-05-10 19:25 - 2016-04-23 01:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-05-10 19:25 - 2016-04-23 01:09 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-10 19:25 - 2016-04-23 01:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-05-10 19:25 - 2016-04-23 01:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-05-10 19:25 - 2016-04-23 01:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-05-10 19:25 - 2016-04-23 01:07 - 02598912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-10 19:25 - 2016-04-23 01:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-05-10 19:25 - 2016-04-23 01:07 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-10 19:25 - 2016-04-23 01:06 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-10 19:25 - 2016-04-23 01:05 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-10 19:25 - 2016-04-23 01:05 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-10 19:25 - 2016-04-23 01:05 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-10 19:25 - 2016-04-23 01:05 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-10 19:25 - 2016-04-23 01:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-05-10 19:25 - 2016-04-23 01:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-10 19:25 - 2016-04-23 01:05 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-05-10 19:25 - 2016-04-23 01:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-05-10 19:25 - 2016-04-23 01:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-05-10 19:25 - 2016-04-23 01:04 - 01731072 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-10 19:25 - 2016-04-23 01:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-05-10 19:25 - 2016-04-23 01:03 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-10 19:25 - 2016-04-23 01:03 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-05-10 19:25 - 2016-04-23 01:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-05-10 19:25 - 2016-04-23 01:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-05-10 19:25 - 2016-04-23 01:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-05-10 19:25 - 2016-04-23 01:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-05-10 19:25 - 2016-04-23 01:02 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-05-10 19:25 - 2016-04-23 01:02 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-10 19:25 - 2016-04-23 01:01 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-10 19:25 - 2016-04-23 01:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-10 19:25 - 2016-04-23 01:00 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-10 19:25 - 2016-04-23 00:45 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-05-10 19:25 - 2016-04-22 23:10 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-10 19:24 - 2016-04-22 23:10 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-05-10 19:24 - 2016-04-18 19:30 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2016-05-08 21:37 - 2016-05-08 21:37 - 00000000 ____D C:\WINDOWS\system32\rhph
2016-05-08 21:34 - 2016-05-08 21:34 - 00000000 ____D C:\WINDOWS\system32\iuma
2016-05-08 21:32 - 2016-05-08 21:32 - 00000000 ____D C:\WINDOWS\system32\ocuv
2016-05-08 21:28 - 2016-05-08 21:28 - 00000000 ____D C:\Users\Victor\AppData\LocalLow00000223C3454EB8
2016-05-08 21:28 - 2016-05-08 21:28 - 00000000 ____D C:\Users\Victor\AppData\LocalLow00000223C3453B68
2016-05-08 21:28 - 2016-05-08 21:28 - 00000000 ____D C:\Users\Victor\AppData\LocalLow00000223C3420C18
2016-05-08 21:23 - 2016-05-08 21:23 - 00000000 ____D C:\Users\Victor\AppData\LocalLow00000257DC138038
2016-05-08 21:23 - 2016-05-08 21:23 - 00000000 ____D C:\Users\Victor\AppData\LocalLow00000257DC137F68
2016-05-08 21:23 - 2016-05-08 21:23 - 00000000 ____D C:\Users\Victor\AppData\LocalLow00000257DC137DC8
2016-05-08 21:23 - 2016-05-08 21:23 - 00000000 ____D C:\Users\Victor\AppData\LocalLow00000257DC137C28
2016-05-08 21:23 - 2016-05-08 21:23 - 00000000 ____D C:\Users\Victor\AppData\LocalLow00000257DC0EE4F8
2016-05-08 21:23 - 2016-05-08 21:23 - 00000000 ____D C:\Users\Victor\AppData\LocalLow0000023212BCA208
2016-05-08 21:23 - 2016-05-08 21:23 - 00000000 ____D C:\Users\Victor\AppData\LocalLow0000023212BC9B88
2016-05-08 21:23 - 2016-05-08 21:23 - 00000000 ____D C:\Users\Victor\AppData\LocalLow0000023212BC9AB8
2016-05-08 21:23 - 2016-05-08 21:23 - 00000000 ____D C:\Users\Victor\AppData\LocalLow0000023212B94EA8
2016-05-08 21:23 - 2016-05-08 21:23 - 00000000 ____D C:\Users\Victor\AppData\LocalLow0000023212B7D688
2016-05-08 21:21 - 2016-05-08 21:21 - 00000000 ____D C:\Users\Victor\AppData\LocalLow000001ACCBE9CF58
2016-05-08 21:21 - 2016-05-08 21:21 - 00000000 ____D C:\Users\Victor\AppData\LocalLow000001ACCBE9CA78
2016-05-08 21:21 - 2016-05-08 21:21 - 00000000 ____D C:\Users\Victor\AppData\LocalLow000001ACCBE631C8
2016-05-08 21:21 - 2016-05-08 21:21 - 00000000 ____D C:\Users\Victor\AppData\LocalLow000001ACCBE405B8
2016-05-08 21:19 - 2016-05-08 21:34 - 00413439 _____ C:\Users\Todos os Usuários\xdo.zip
2016-05-08 21:19 - 2016-05-08 21:34 - 00413439 _____ C:\ProgramData\xdo.zip
2016-05-08 21:19 - 2016-05-08 21:19 - 06494208 _____ C:\Users\Victor\AppData\Roaming\agent.dat
2016-05-08 21:19 - 2016-05-08 21:19 - 01626777 _____ C:\Users\Victor\AppData\Roaming\Joystrong.tst
2016-05-08 21:19 - 2016-05-08 21:19 - 00072717 _____ C:\Users\Victor\AppData\Roaming\K-air.tst
2016-05-08 21:19 - 2016-05-08 21:19 - 00018432 _____ C:\Users\Victor\AppData\Roaming\Main.dat
2016-05-08 21:19 - 2016-04-26 18:03 - 01253376 _____ (eee) C:\Users\Todos os Usuários\apptj.exe
2016-05-08 21:19 - 2016-04-26 18:03 - 01253376 _____ (eee) C:\ProgramData\apptj.exe
2016-05-08 21:19 - 2016-04-25 11:46 - 00114176 _____ C:\Users\Todos os Usuários\hp.exe
2016-05-08 21:19 - 2016-04-25 11:46 - 00114176 _____ C:\ProgramData\hp.exe
2016-05-08 21:18 - 2016-05-15 19:22 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Wiypj
2016-05-08 21:18 - 2016-05-08 21:46 - 00000000 ____D C:\Users\Todos os Usuários\Windows Update
2016-05-08 21:18 - 2016-05-08 21:46 - 00000000 ____D C:\ProgramData\Windows Update
2016-05-08 21:18 - 2016-05-08 21:34 - 00002303 _____ C:\Users\Todos os Usuários\webad.xml
2016-05-08 21:18 - 2016-05-08 21:34 - 00002303 _____ C:\ProgramData\webad.xml
2016-05-08 21:18 - 2016-05-08 21:18 - 00000000 ____D C:\Users\Victor\AppData\Roaming\gplyra
2016-05-08 21:17 - 2016-05-08 21:17 - 00127488 _____ C:\Users\Victor\AppData\Roaming\Installer.dat
2016-05-08 21:12 - 2016-05-08 21:10 - 00001496 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2016-05-08 21:09 - 2016-05-15 19:22 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Liapladme
2016-05-08 21:09 - 2016-05-08 21:46 - 00000000 ____D C:\Users\Victor\AppData\Roaming\JaauaLejpo
2016-05-08 21:09 - 2016-05-08 21:18 - 00000000 ____D C:\Users\Victor\AppData\Local\Tempfolder
2016-05-08 21:09 - 2016-05-08 21:09 - 00000000 ____D C:\uninst
2016-05-08 20:55 - 2016-05-08 20:55 - 00000000 ____D C:\Program Files\Common Files\AV
2016-05-08 20:53 - 2016-05-08 20:53 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-05-08 20:52 - 2016-05-08 21:33 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-05-08 20:52 - 2016-05-08 21:00 - 00000000 ____D C:\Users\Todos os Usuários\Spybot - Search & Destroy
2016-05-08 20:52 - 2016-05-08 21:00 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-05-08 20:51 - 2016-05-08 20:51 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Victor\Downloads\spybot-2.4.exe
2016-05-08 20:42 - 2016-05-08 20:44 - 00076108 _____ C:\TDSSKiller.3.1.0.9_08.05.2016_20.42.48_log.txt
2016-05-08 20:42 - 2016-05-08 20:42 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Victor\Downloads\tdsskiller.exe
2016-05-08 20:32 - 2016-05-08 20:33 - 05658358 _____ (Swearware) C:\Users\Victor\Downloads\ComboFix.exe
2016-05-08 20:16 - 2016-05-08 20:16 - 22851472 _____ (Malwarebytes ) C:\Users\Victor\Downloads\mbam-setup-2.2.1.1043.exe
2016-05-08 19:59 - 2016-05-12 20:59 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-05-08 19:58 - 2016-05-12 20:59 - 01093398 _____ C:\WINDOWS\ntbtlog.txt
2016-05-08 19:50 - 2016-05-08 19:50 - 22851472 _____ (Malwarebytes ) C:\Users\Victor\Downloads\explorer.exe
2016-05-08 19:48 - 2016-05-08 19:48 - 22851472 _____ (Malwarebytes ) C:\Users\Victor\Downloads\fasasfg.bat
2016-05-08 19:38 - 2016-05-08 19:38 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Victor\Downloads\mbam-clean-2.1.1.1001.exe
2016-05-08 19:24 - 2016-05-08 19:24 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Victor\Downloads\rkill.exe
2016-05-08 18:53 - 2016-05-08 18:53 - 18046709 _____ C:\Users\Victor\Downloads\tportable.0.9.44.zip
2016-05-08 18:53 - 2016-05-08 18:53 - 00000000 ____D C:\Users\Victor\Downloads\tportable.0.9.44
2016-05-08 18:52 - 2016-05-12 21:16 - 00001035 _____ C:\Users\Victor\Desktop\Telegram.lnk
2016-05-08 18:52 - 2016-05-08 18:52 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2016-05-08 18:51 - 2016-05-08 18:52 - 16346792 _____ (Telegram Messenger LLP ) C:\Users\Victor\Downloads\tsetup.0.9.44.exe
2016-05-02 23:14 - 2016-05-02 23:37 - 00000000 ____D C:\Users\Victor\Downloads\Telegram Desktop
2016-05-02 17:52 - 2016-05-10 19:32 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Telegram Desktop
2016-05-01 19:48 - 2016-05-01 19:48 - 31867518 _____ C:\Users\Victor\Desktop\flyer gracyanne.psd
2016-05-01 19:17 - 2016-05-01 19:17 - 00102459 _____ C:\Users\Victor\Desktop\Bananada.pdf
2016-04-28 21:10 - 2016-04-28 21:10 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-04-28 21:10 - 2016-04-28 21:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-28 21:10 - 2016-04-28 21:10 - 00000000 ____D C:\Program Files (x86)\Java
2016-04-28 21:09 - 2016-04-28 21:09 - 00738368 _____ (Oracle Corporation) C:\Users\Victor\Downloads\JavaSetup8u91.exe
2016-04-26 09:24 - 2016-04-26 09:24 - 00000009 _____ C:\Users\Todos os Usuários\a.bat
2016-04-26 09:24 - 2016-04-26 09:24 - 00000009 _____ C:\ProgramData\a.bat
2016-04-23 12:19 - 2016-04-23 12:21 - 00000000 ____D C:\Users\Victor\AppData\Roaming\download
2016-04-19 19:55 - 2016-04-19 19:55 - 00000000 ____D C:\Program Files (x86)\AMD
2016-04-19 19:53 - 2016-04-19 19:53 - 00000000 ____D C:\Users\Todos os Usuários\ATI
2016-04-19 19:53 - 2016-04-19 19:53 - 00000000 ____D C:\ProgramData\ATI
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-05-15 22:22 - 2015-07-30 19:36 - 00001108 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-15 22:16 - 2015-07-30 21:11 - 00001052 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-05-15 21:25 - 2015-07-30 19:34 - 00000000 ___RD C:\Users\Victor\OneDrive
2016-05-15 21:24 - 2015-08-04 22:15 - 00000000 ____D C:\Users\Todos os Usuários\Origin
2016-05-15 21:24 - 2015-08-04 22:15 - 00000000 ____D C:\ProgramData\Origin
2016-05-15 21:16 - 2015-07-30 21:11 - 00001048 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-05-15 20:08 - 2015-12-15 18:23 - 00000000 ____D C:\Users\Victor\AppData\Local\Spotify
2016-05-15 20:01 - 2015-10-30 16:11 - 00785262 _____ C:\WINDOWS\system32\prfh0416.dat
2016-05-15 20:01 - 2015-10-30 16:11 - 00154048 _____ C:\WINDOWS\system32\prfc0416.dat
2016-05-15 20:01 - 2015-10-30 04:21 - 00000000 ____D C:\WINDOWS\INF
2016-05-15 20:01 - 2015-07-30 19:34 - 01819274 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-15 19:56 - 2015-12-15 18:22 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Spotify
2016-05-15 19:55 - 2016-01-21 06:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-15 19:55 - 2015-09-17 21:50 - 00028888 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\gbpddfac64.sys
2016-05-15 19:55 - 2015-09-17 21:49 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-05-15 19:55 - 2015-07-30 19:36 - 00001104 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-15 19:54 - 2015-10-30 03:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-05-15 19:22 - 2015-07-30 19:59 - 00000000 ____D C:\Users\Victor\Downloads\danny.therebels.ATIVADORWIN10
2016-05-15 19:05 - 2015-12-23 23:05 - 00004186 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2711FCCB-3DFA-47FB-8F7F-6AEAC2C0EE83}
2016-05-15 12:47 - 2015-10-30 04:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-15 12:47 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-15 12:46 - 2015-07-30 21:28 - 00000000 ____D C:\Users\Victor\AppData\Local\Adobe
2016-05-14 20:13 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\rescache
2016-05-14 17:59 - 2015-09-26 14:22 - 00000000 ____D C:\Users\Victor\AppData\LocalLow\Temp
2016-05-14 16:17 - 2015-07-30 21:11 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-05-14 15:46 - 2015-10-30 04:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-14 14:23 - 2016-01-21 06:14 - 05507576 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-14 14:14 - 2015-07-30 22:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-05-14 14:14 - 2015-07-30 19:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-14 14:03 - 2015-10-30 16:14 - 00000000 ____D C:\WINDOWS\ShellNew
2016-05-14 14:03 - 2015-07-30 22:07 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-05-14 13:56 - 2015-07-10 08:04 - 00000076 _____ C:\WINDOWS\win.ini
2016-05-14 13:53 - 2015-10-20 11:23 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2016-05-14 13:53 - 2015-07-31 19:36 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-05-14 13:51 - 2015-07-30 21:30 - 00000000 ____D C:\Program Files\Adobe
2016-05-14 13:50 - 2015-07-30 19:32 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Adobe
2016-05-14 13:47 - 2015-07-30 21:31 - 00000000 ____D C:\Users\Todos os Usuários\regid.1986-12.com.adobe
2016-05-14 13:47 - 2015-07-30 21:31 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-05-14 13:47 - 2015-07-30 21:29 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-05-14 13:46 - 2015-07-30 21:28 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-05-14 13:46 - 2015-07-30 21:28 - 00000000 ____D C:\ProgramData\Adobe
2016-05-12 22:30 - 2015-07-30 19:32 - 00000000 ____D C:\Users\Victor\AppData\Local\Packages
2016-05-12 21:18 - 2015-07-10 08:04 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-05-12 21:17 - 2016-03-24 16:46 - 00001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-05-12 21:17 - 2016-01-21 06:20 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-05-12 21:17 - 2016-01-05 14:27 - 00002757 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center.lnk
2016-05-12 21:17 - 2015-07-30 20:52 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-05-12 21:17 - 2015-07-30 19:48 - 00001134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-05-12 21:16 - 2015-12-24 17:34 - 00000721 _____ C:\Users\Victor\Desktop\Fallout 4.lnk
2016-05-12 21:16 - 2015-12-23 23:10 - 00001247 _____ C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CNext.lnk
2016-05-12 21:16 - 2015-12-15 18:23 - 00001841 _____ C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-05-12 21:16 - 2015-09-19 20:01 - 00001783 _____ C:\Users\Victor\Desktop\Metal Gear Solid V - The Phantom Pain.lnk
2016-05-12 21:16 - 2015-07-30 19:34 - 00002376 _____ C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-05-12 20:58 - 2016-02-18 22:59 - 00002393 _____ C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-05-12 20:58 - 2016-02-18 22:57 - 00001365 _____ C:\Users\Administrador\Desktop\Google Chrome.lnk
2016-05-12 20:57 - 2016-02-18 22:57 - 00000000 ____D C:\Users\Administrador\AppData\Local\Google
2016-05-12 20:48 - 2015-10-30 04:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-05-12 20:46 - 2016-01-21 06:16 - 00000000 ____D C:\Users\Victor
2016-05-12 20:35 - 2016-02-18 22:57 - 00000000 ____D C:\Users\Administrador\AppData\Local\Packages
2016-05-12 20:33 - 2015-12-23 22:27 - 00000000 ____D C:\Users\Victor\AppData\Local\ElevatedDiagnostics
2016-05-12 20:17 - 2016-02-18 22:58 - 00000000 ____D C:\Users\Administrador\AppData\Roaming\Raptr
2016-05-12 20:16 - 2016-02-18 22:58 - 00000000 ____D C:\Users\Administrador\AppData\Local\Adobe
2016-05-12 20:15 - 2016-02-18 22:57 - 00000000 ____D C:\Users\Administrador\AppData\Roaming\WTablet
2016-05-12 20:15 - 2015-07-30 19:32 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-11 21:44 - 2015-09-17 21:49 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-05-11 21:44 - 2015-09-17 21:49 - 00000000 ____D C:\ProgramData\GbPlugin
2016-05-11 18:48 - 2015-10-30 16:14 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-11 18:48 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-11 18:48 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-11 18:48 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-11 18:48 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-11 18:47 - 2015-10-30 04:24 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-11 16:57 - 2015-10-30 04:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-05-11 16:57 - 2015-10-30 04:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-11 13:56 - 2015-08-13 15:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-11 13:52 - 2015-08-13 15:10 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-10 20:22 - 2015-07-30 21:32 - 00000034 _____ C:\Users\Victor\AppData\Roaming\AdobeWLCMCache.dat
2016-05-10 20:19 - 2015-09-21 19:50 - 00000000 ____D C:\Users\Victor\AppData\Local\SquirrelTemp
2016-05-10 19:45 - 2015-07-30 19:36 - 00000000 ____D C:\Program Files (x86)\Google
2016-05-10 19:17 - 2015-07-30 19:36 - 00004166 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-10 19:17 - 2015-07-30 19:36 - 00003934 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-01 20:28 - 2015-08-01 11:34 - 00001456 _____ C:\Users\Victor\AppData\Local\Adobe Salvar para Web 13.0 Prefs
2016-04-28 21:12 - 2015-12-24 10:58 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2016-04-28 21:12 - 2015-12-24 10:58 - 00000000 ____D C:\ProgramData\Oracle
2016-04-28 16:15 - 2015-07-30 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-04-23 19:54 - 2016-01-13 16:24 - 00000000 ____D C:\Users\Victor\AppData\Local\Last.fm
2016-04-23 19:27 - 2015-10-20 22:05 - 00000000 ____D C:\Users\Victor\AppData\Roaming\vlc
2016-04-22 04:57 - 2015-07-30 19:40 - 00453288 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-19 19:53 - 2016-01-21 06:15 - 00000000 ____D C:\Program Files\AMD
2016-04-19 19:53 - 2015-07-30 20:41 - 00000000 ____D C:\Users\Victor\AppData\Local\AMD
2016-04-19 19:44 - 2015-07-30 19:40 - 00000000 ____D C:\AMD
2016-04-19 19:16 - 2015-12-24 10:58 - 00000000 ____D C:\Users\Victor\.oracle_jre_usage
2016-04-18 00:07 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-18 00:07 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-15 18:40 - 2015-07-30 21:11 - 00000000 ____D C:\Users\Victor\AppData\Local\Dropbox
==================== Arquivos na raiz de alguns diretórios =======
2015-07-30 21:32 - 2016-05-10 20:22 - 0000034 _____ () C:\Users\Victor\AppData\Roaming\AdobeWLCMCache.dat
2016-05-08 21:19 - 2016-05-08 21:19 - 6494208 _____ () C:\Users\Victor\AppData\Roaming\agent.dat
2016-05-08 21:17 - 2016-05-08 21:17 - 0127488 _____ () C:\Users\Victor\AppData\Roaming\Installer.dat
2016-05-08 21:19 - 2016-05-08 21:19 - 1626777 _____ () C:\Users\Victor\AppData\Roaming\Joystrong.tst
2016-05-08 21:19 - 2016-05-08 21:19 - 0072717 _____ () C:\Users\Victor\AppData\Roaming\K-air.tst
2016-05-08 21:19 - 2016-05-08 21:19 - 0018432 _____ () C:\Users\Victor\AppData\Roaming\Main.dat
2015-08-01 11:34 - 2016-05-01 20:28 - 0001456 _____ () C:\Users\Victor\AppData\Local\Adobe Salvar para Web 13.0 Prefs
2016-04-26 09:24 - 2016-04-26 09:24 - 0000009 _____ () C:\ProgramData\a.bat
2010-08-28 17:43 - 2010-08-28 17:43 - 0577335 _____ () C:\ProgramData\adb.exe
2016-05-08 21:19 - 2016-04-26 18:03 - 1253376 _____ (eee) C:\ProgramData\apptj.exe
2010-08-28 17:43 - 2010-08-28 17:43 - 0356009 _____ () C:\ProgramData\fastboot.exe
2016-05-08 21:19 - 2016-04-25 11:46 - 0114176 _____ () C:\ProgramData\hp.exe
2016-05-08 21:18 - 2016-05-08 21:34 - 0002303 _____ () C:\ProgramData\webad.xml
2016-05-08 21:19 - 2016-05-08 21:34 - 0413439 _____ () C:\ProgramData\xdo.zip
Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\a.bat
C:\ProgramData\adb.exe
C:\ProgramData\apptj.exe
C:\ProgramData\fastboot.exe
C:\ProgramData\hp.exe
C:\Users\Todos os Usuários\a.bat
C:\Users\Todos os Usuários\adb.exe
C:\Users\Todos os Usuários\apptj.exe
C:\Users\Todos os Usuários\fastboot.exe
C:\Users\Todos os Usuários\hp.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-05-08 11:17
==================== Fim de FRST.txt ============================
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:14-05-2016
Executado por Victor (2016-05-15 23:08:14)
Executando a partir de C:\Users\Victor\Desktop
Windows 10 Pro Versão 1511 (X64) (2016-01-21 09:24:47)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-2658076088-2665001163-1618427135-500 - Administrator - Enabled) => C:\Users\Administrador
Convidado (S-1-5-21-2658076088-2665001163-1618427135-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-2658076088-2665001163-1618427135-503 - Limited - Disabled)
Victor (S-1-5-21-2658076088-2665001163-1618427135-1001 - Administrator - Enabled) => C:\Users\Victor
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Amazon Kindle (HKU\S-1-5-21-2658076088-2665001163-1618427135-1001\...\Amazon Kindle) (Version: - Amazon)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.0403.2360.41341 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0403.2360.41341 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0403.2360.41341 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0403.2360.41341 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0403.2360.41341 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0403.2360.41341 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0403.2360.41341 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0403.2360.41341 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0403.2360.41341 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0403.2360.41341 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0403.2360.41341 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0403.2360.41341 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0403.2360.41341 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0403.2360.41341 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0403.2360.41341 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0403.2360.41341 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0403.2360.41341 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0403.2360.41341 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0403.2360.41341 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0403.2360.41341 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0403.2360.41341 - Advanced Micro Devices, Inc.) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.20.1 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Evernote v. 5.9.9 (HKLM-x32\...\{CC4235DA-F2CA-11E5-8B13-005056951CAD}) (Version: 5.9.9.9915 - Evernote Corp.)
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - )
Flickr Uploadr for Windows (HKU\S-1-5-21-2658076088-2665001163-1618427135-1001\...\FlickrUploadrWindows) (Version: 1.0.1.292 - Flickr)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Drive (HKLM-x32\...\{D7269C20-B3CE-4CD0-8E88-3D307D3BD41A}) (Version: 1.29.2074.1528 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Last.fm Scrobbler 2.1.37 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm)
Mad Max (HKLM-x32\...\Steam App 234140) (Version: - Avalanche Studios)
Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesa Gráfica Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.15-3 - Wacom Technology Corp.)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.7.133.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 pt-BR)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.6 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.6 - VS Revo Group, Ltd.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)
Spotify (HKU\S-1-5-21-2658076088-2665001163-1618427135-1001\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Telegram Desktop versão 0.9.44 (HKU\S-1-5-21-2658076088-2665001163-1618427135-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.9.44 - Telegram Messenger LLP)
Transmission Remote GUI 5.0.1 (HKLM-x32\...\transgui_is1) (Version: - Yury Sidorov)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1-2) (Version: 1.0.3.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (Version: 1.0.3.1 - LunarG, Inc.) Hidden
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WhatsApp (HKU\S-1-5-21-2658076088-2665001163-1618427135-1001\...\WhatsApp) (Version: 0.2.684 - WhatsApp)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-2658076088-2665001163-1618427135-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Victor\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {1FB5D1D6-FD03-4048-8394-8F180FC41765} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-12-09] (Microsoft Corporation)
Task: {29777B79-BADA-4837-BE22-11D1CADD5B37} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-30] (Google Inc.)
Task: {2A7E429B-703E-4D7D-A810-971536A24C4E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-11] (Microsoft Corporation)
Task: {2B187BF8-617B-46DA-8F6C-8F55049958E4} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-victorlf@outlook.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07] (Adobe Systems Incorporated)
Task: {2D1F26E2-2191-4A28-898F-83228398D30C} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-12-09] (Microsoft Corporation)
Task: {3C546365-6383-4F7C-A79D-A357628DCAC1} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-12-09] (Microsoft Corporation)
Task: {40861C1C-CE8F-46EE-AD3F-1C2EC831552C} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-QGC4E84-Administrador => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07] (Adobe Systems Incorporated)
Task: {42462828-D2DD-47FD-AB7A-F2BDA349D3A0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {55C7FA89-89DE-4C9E-AF8C-5D0B4109C0A9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {5CB943A8-4397-4CBB-A861-2C867CC45DE5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {B2B8AF33-142C-4541-B7DF-B12EB9776483} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2015-12-09] (Microsoft)
Task: {C114137D-E070-439F-B641-6FAD0AE86B51} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-30] (Dropbox, Inc.)
Task: {C1E0DF0F-F8E6-4F87-884D-3CCEDB91B96B} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-04-03] (Advanced Micro Devices, Inc.)
Task: {D9D24F73-DD0B-45C1-8915-3BE08CA46B43} - \AutoKMS -> Nenhum Arquivo <==== ATENÇÃO
Task: {E06F6CA8-E4BE-43B5-AEFE-3AFEC63ED362} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-30] (Google Inc.)
Task: {FB4A0C84-373D-4F1A-B72C-4611D7F3A8E5} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-30] (Dropbox, Inc.)
Task: {FE438F16-BB8D-4C88-8E6A-5172F87371FE} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-12-09] (Microsoft Corporation)
Task: {FFB58B79-071D-4717-896F-93EC53DA12F0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
Shortcut: C:\Users\Victor\Desktop\Metal Gear Solid V - The Phantom Pain.lnk -> F:\Jogos\Metal Gear Solid 5 - The Phantom Pain\china.bat (Nenhum Arquivo)
==================== Módulos Carregados (Whitelisted) ==============
2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-25 22:51 - 2015-10-27 21:35 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-04-12 19:19 - 2016-03-29 07:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-12 19:19 - 2016-03-29 07:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-26 18:54 - 2016-04-26 18:54 - 00959176 _____ () C:\Users\Victor\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll
2016-01-21 19:47 - 2015-12-07 01:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-10 19:25 - 2016-04-23 01:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-10 19:25 - 2016-04-23 01:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-10 19:25 - 2016-04-23 00:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-10 19:25 - 2016-04-23 00:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-10 19:25 - 2016-04-23 01:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-03-15 22:17 - 2016-01-11 14:30 - 01349824 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2015-10-15 18:17 - 2014-08-19 16:12 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2015-06-25 06:34 - 2015-06-25 06:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 06:37 - 2015-06-25 06:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 06:35 - 2015-06-25 06:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 06:38 - 2015-06-25 06:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 05:53 - 2015-06-25 05:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 05:51 - 2015-06-25 05:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-04-19 19:12 - 2016-04-19 19:12 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-05-04 17:39 - 2016-05-04 17:39 - 03940040 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6868.40731.0_x64__8wekyb3d8bbwe\gfxim.dll
2016-03-29 19:11 - 2016-03-29 19:11 - 00016896 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-03-29 19:11 - 2016-03-29 19:11 - 17535488 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-03-03 16:51 - 2016-03-03 16:51 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-04-30 17:48 - 2016-04-30 17:48 - 10256384 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2016-01-21 18:31 - 2016-01-21 18:31 - 03746816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-12-15 18:16 - 2015-12-15 18:16 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-05-14 11:09 - 2016-05-14 11:09 - 00701440 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_4.453.58926.0_x86__8xx8rvfyw5nnt\WinUAPEntry.exe
2016-05-15 19:55 - 2016-05-15 19:55 - 00098816 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\win32api.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00110080 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\pywintypes27.dll
2016-05-15 19:55 - 2016-05-15 19:55 - 00364544 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\pythoncom27.dll
2016-05-15 19:55 - 2016-05-15 19:55 - 00320512 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\win32com.shell.shell.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00776704 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\_hashlib.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 01176576 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\wx._core_.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00806400 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\wx._gdi_.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00816128 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\wx._windows_.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 01067008 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\wx._controls_.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00733184 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\wx._misc_.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00682496 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\pysqlite2._sqlite.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00088064 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\_ctypes.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00119808 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\win32file.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00108544 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\win32security.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00007168 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\hashobjs_ext.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00017920 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\thumbnails_ext.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00088064 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\usb_ext.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00167936 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\win32gui.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00018432 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\win32event.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00046080 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\_socket.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 01208320 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\_ssl.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00128512 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\_elementtree.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00127488 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\pyexpat.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00012288 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\common.time34.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00038912 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\win32inet.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00036864 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\_psutil_windows.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00525208 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\windows._lib_cacheinvalidation.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00011264 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\win32crypt.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00077312 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\wx._html2.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00027136 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\_multiprocessing.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00020480 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\_yappi.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00035840 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\win32process.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00686080 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\unicodedata.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00078848 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\wx._animate.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00123392 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\wx._wizard.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00024064 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\win32pipe.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00010240 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\select.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00025600 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\win32pdh.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00017408 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\win32profile.pyd
2016-05-15 19:55 - 2016-05-15 19:55 - 00022528 ____R () C:\Users\Victor\AppData\Local\Temp\_MEI63202\win32ts.pyd
2016-03-25 15:36 - 2016-03-25 15:36 - 00439480 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2016-03-25 15:36 - 2016-03-25 15:36 - 00321208 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2015-12-14 19:06 - 2016-04-19 16:47 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-05-14 16:17 - 2016-04-19 16:48 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-05-14 16:17 - 2016-04-19 16:47 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-14 19:06 - 2016-04-19 16:47 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-14 19:06 - 2016-04-19 16:47 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-14 19:06 - 2016-05-06 19:35 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-14 19:06 - 2016-04-19 16:49 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-05-14 16:17 - 2016-04-19 16:47 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-12-14 19:06 - 2016-05-06 19:35 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-14 19:06 - 2016-04-19 16:47 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-05-14 16:17 - 2016-05-06 19:34 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-14 19:06 - 2016-04-19 16:48 - 00121296 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-05-14 16:17 - 2016-05-06 19:34 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-05-14 16:17 - 2016-05-06 19:34 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-12-14 19:06 - 2016-05-06 19:35 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-05-14 16:17 - 2016-05-06 19:34 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-05-14 16:17 - 2016-04-19 16:49 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-14 19:06 - 2016-04-19 16:49 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-14 19:06 - 2016-04-19 16:49 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-14 19:06 - 2016-04-19 16:49 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-02-18 23:31 - 2016-05-06 19:35 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-14 19:06 - 2016-04-19 16:49 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-14 19:06 - 2016-04-19 16:49 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-14 19:06 - 2016-04-19 16:49 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-14 19:06 - 2016-04-19 16:49 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-14 19:06 - 2016-04-19 16:49 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2015-12-14 19:06 - 2016-04-19 16:49 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-05-14 16:17 - 2016-05-06 19:34 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-14 19:06 - 2016-04-19 16:49 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2015-12-14 19:06 - 2016-04-19 16:49 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-05-14 16:17 - 2016-05-06 19:34 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-05-14 16:17 - 2016-05-06 19:34 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2015-12-14 19:06 - 2016-04-19 16:47 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-05-14 16:17 - 2016-04-19 16:47 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-05-14 16:17 - 2016-04-19 16:48 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2016-02-18 23:31 - 2016-05-06 19:35 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-18 23:31 - 2016-05-06 19:35 - 00021824 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-02-18 23:31 - 2016-05-06 19:35 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-02-18 23:31 - 2016-05-06 19:35 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-05-14 16:17 - 2016-05-06 19:34 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-05-14 16:17 - 2016-04-19 16:50 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-05-14 16:17 - 2016-05-06 19:34 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-14 19:06 - 2016-05-06 19:35 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-14 19:06 - 2016-04-19 16:49 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-02-18 23:31 - 2016-05-06 19:35 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-05-14 16:17 - 2016-05-06 19:34 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-05-14 16:17 - 2016-03-11 21:46 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-05-14 16:17 - 2016-05-06 19:34 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-05-14 16:17 - 2016-05-06 19:34 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-14 19:06 - 2016-04-19 16:48 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-05-14 16:17 - 2016-05-06 19:35 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-05-14 16:17 - 2016-05-06 19:34 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-05-14 16:17 - 2016-05-06 19:34 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-05-14 16:17 - 2016-05-06 19:35 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-05-14 16:17 - 2016-05-06 19:35 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-05-14 16:17 - 2016-05-06 19:34 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-04-19 19:12 - 2016-04-19 19:12 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 19:12 - 2016-04-19 19:12 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-05-14 11:09 - 2016-05-14 11:09 - 00012800 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_4.453.58926.0_x86__8xx8rvfyw5nnt\WP8MSVCCommon.dll
2016-05-14 11:09 - 2016-05-14 11:09 - 00503808 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_4.453.58926.0_x86__8xx8rvfyw5nnt\WP8MSVCBridge.dll
2016-05-14 11:09 - 2016-05-14 11:09 - 00078336 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_4.453.58926.0_x86__8xx8rvfyw5nnt\WinPhoneBridge_osmeta.dll
2016-05-14 11:09 - 2016-05-14 11:09 - 01218048 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_4.453.58926.0_x86__8xx8rvfyw5nnt\System_osmeta.dll
2016-05-14 11:09 - 2016-05-14 11:09 - 00080910 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_4.453.58926.0_x86__8xx8rvfyw5nnt\unwind_osmeta.dll
2016-05-14 11:09 - 2016-05-14 11:09 - 00107008 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_4.453.58926.0_x86__8xx8rvfyw5nnt\pthreadVC_osmeta.dll
2016-05-14 11:09 - 2016-05-14 11:09 - 00587776 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_4.453.58926.0_x86__8xx8rvfyw5nnt\CrossPortability_osmeta.dll
2016-05-14 11:09 - 2016-05-14 11:09 - 60783577 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_4.453.58926.0_x86__8xx8rvfyw5nnt\osmeta.dll
2016-05-14 11:09 - 2016-05-14 11:09 - 00122368 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_4.453.58926.0_x86__8xx8rvfyw5nnt\EGL_osmeta.dll
2016-05-14 11:09 - 2016-05-14 11:09 - 00702464 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_4.453.58926.0_x86__8xx8rvfyw5nnt\ffmpeg_osmeta.dll
2016-05-14 11:09 - 2016-05-14 11:09 - 01020928 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_4.453.58926.0_x86__8xx8rvfyw5nnt\c++_osmeta.dll
2016-05-14 11:09 - 2016-05-14 11:09 - 00144384 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_4.453.58926.0_x86__8xx8rvfyw5nnt\exif_osmeta.dll
2016-05-14 11:09 - 2016-05-14 11:09 - 00148480 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_4.453.58926.0_x86__8xx8rvfyw5nnt\z_osmeta.dll
2016-05-14 11:09 - 2016-05-14 11:09 - 03295232 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_4.453.58926.0_x86__8xx8rvfyw5nnt\SystemResources_osmeta.dll
2016-05-14 11:09 - 2016-05-14 11:09 - 00158720 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_4.453.58926.0_x86__8xx8rvfyw5nnt\WinMediaFoundation_osmeta.dll
2016-05-14 11:09 - 2016-05-14 11:09 - 01113088 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_4.453.58926.0_x86__8xx8rvfyw5nnt\GLESv2_osmeta.dll
2016-05-14 11:09 - 2016-05-14 11:09 - 137768963 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_4.453.58926.0_x86__8xx8rvfyw5nnt\App.dll
2016-05-14 11:09 - 2016-05-14 11:09 - 28077519 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_4.453.58926.0_x86__8xx8rvfyw5nnt\WebCore_osmeta.dll
2016-05-14 11:09 - 2016-05-14 11:09 - 01079808 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_4.453.58926.0_x86__8xx8rvfyw5nnt\iconv_osmeta.dll
2016-05-14 11:09 - 2016-05-14 11:09 - 04448696 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_4.453.58926.0_x86__8xx8rvfyw5nnt\WebKit_osmeta.dll
2016-05-14 11:09 - 2016-05-14 11:09 - 00384000 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_4.453.58926.0_x86__8xx8rvfyw5nnt\OpenAL_osmeta.dll
2016-05-14 11:09 - 2016-05-14 11:09 - 02132408 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_4.453.58926.0_x86__8xx8rvfyw5nnt\WebKitLegacy_osmeta.dll
2016-05-12 20:24 - 2016-05-11 08:48 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll
2016-05-12 20:24 - 2016-05-11 08:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [1270]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-2658076088-2665001163-1618427135-1001\...\google.com -> www.google.com
IE trusted site: HKU\S-1-5-21-2658076088-2665001163-1618427135-1001\...\google.com.br -> www.google.com.br
IE trusted site: HKU\S-1-5-21-2658076088-2665001163-1618427135-1001\...\itau.b.br -> www.itau.b.br
IE trusted site: HKU\S-1-5-21-2658076088-2665001163-1618427135-1001\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-2658076088-2665001163-1618427135-1001\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-2658076088-2665001163-1618427135-1001\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-2658076088-2665001163-1618427135-1001\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2015-07-10 08:04 - 2016-05-14 17:58 - 00000027 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-2658076088-2665001163-1618427135-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Victor\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{b9b249ad-dca6-4e31-a0ba-3acacb229efe}.jpg
DNS Servers: 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
HKLM\...\StartupApproved\Run32: => " QQPCTray"
HKLM\...\StartupApproved\Run32: => "tasklist"
HKU\S-1-5-21-2658076088-2665001163-1618427135-1001\...\StartupApproved\Run: => "Lync"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{36D6D3B0-7B38-4853-B446-566303B01167}C:\users\victor\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\victor\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{D3F43C8E-D4C9-448C-B4F8-BEC5C15CF695}C:\users\victor\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\victor\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C9C3EC16-172D-4875-A92E-F6BA99EC2789}C:\users\victor\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\victor\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{9DC891A4-885A-48C4-BE48-D963756B901B}C:\users\victor\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\victor\appdata\roaming\spotify\spotify.exe
FirewallRules: [{54271A0A-AABB-4A1B-A8E8-562F850FFDB5}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{6770AD5F-D1B3-4D96-803B-D06EEB926443}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{984264AB-360B-49A3-9223-A375381BBFC6}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{EB07A301-33A5-4D96-ADD3-F4349F11A69A}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{73529788-69FD-4DC9-80F1-9CA665605A0E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8450C231-C8A6-4794-946C-38D37EDBA60D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{91236977-0B32-4127-ABBB-BB9AA79FFDA5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{22A0FF2C-8869-44A7-AEA4-90E413433AFA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{61F5F081-D85C-4E81-A4E7-49055861F749}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C2473496-4362-4CB8-8C1A-482BBB582161}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8A40C426-3A5A-4CF8-ABB0-DDCAD7E05EA2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{98F7C592-A05C-4A03-B75B-2A492322BBAC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{011F2BAC-2791-453C-B16D-8B6A0922F370}] => (Allow) F:\Jogos\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{907A4637-6BDC-4AEE-8DC9-2DD4DD6EBDAD}] => (Allow) F:\Jogos\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{81BE36E2-55A2-4AD2-8388-06C3A3CD714F}] => (Allow) F:\Jogos\Steam\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{576A3414-295F-499F-8FFD-525B2F8D0C5F}] => (Allow) F:\Jogos\Steam\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{11B4451F-4622-45DC-AD2B-3B4377E47360}] => (Allow) F:\Jogos\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{58743839-915E-4967-BC0B-AE469A2CB4C5}] => (Allow) F:\Jogos\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{7587D88F-5D52-48CE-A72F-F983499DBA28}] => (Allow) F:\Jogos\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{CD928C18-BA98-4B3A-8427-3ABCE1F0B791}] => (Allow) F:\Jogos\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [UDP Query User{B5E352B7-3957-44E4-9EA7-A022AA4707FE}F:\jogos\steam\steamapps\common\mass effect 2\binaries\masseffect2.exe] => (Block) F:\jogos\steam\steamapps\common\mass effect 2\binaries\masseffect2.exe
FirewallRules: [TCP Query User{22A82840-0153-4234-9E37-9E9A98961C8D}F:\jogos\steam\steamapps\common\mass effect 2\binaries\masseffect2.exe] => (Block) F:\jogos\steam\steamapps\common\mass effect 2\binaries\masseffect2.exe
FirewallRules: [UDP Query User{A63F32C8-4CFA-4B2A-BE55-2F34E0990601}F:\jogos\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) F:\jogos\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{E57B1DD6-D9E8-48C4-88C9-85D1E4B557CF}F:\jogos\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) F:\jogos\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{3A941EE2-320E-4AC7-A9A2-F47F51004865}] => (Allow) F:\Jogos\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{1394349C-D991-46D7-AFFB-9663178D40CF}] => (Allow) F:\Jogos\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [UDP Query User{816B3C16-9B96-4327-A726-C3B50D56FA5C}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{D3E6620F-DBCD-4DE2-9A2F-33B49C106F7F}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{B3B84685-62DE-4A0B-8906-74959B34FBDA}] => (Allow) F:\Jogos\Steam\bin\steamwebhelper.exe
FirewallRules: [{8BCCE09C-A694-4AD5-895F-58F6558ED40C}] => (Allow) F:\Jogos\Steam\bin\steamwebhelper.exe
FirewallRules: [{4ED9AFED-A1A6-44FE-B97A-EFEC259B8A55}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CBECAEB5-6619-4A7F-90BA-E6263B21BDE8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E06FC205-C29F-4386-84B5-109D570D4B4C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{765CD5BD-18A8-409E-9A5E-45669A154268}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F71B8FBC-7E09-4DC0-9DA3-5DCF937B2F16}] => (Allow) F:\Jogos\Steam\Steam.exe
FirewallRules: [{B5B2BC5C-DA6D-4150-9757-0B911E133A7B}] => (Allow) F:\Jogos\Steam\Steam.exe
FirewallRules: [{7F969F44-3D73-4B1C-9313-9A75453411EA}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{0DA2F100-AC0E-40B7-B061-BFC826926DEE}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{3CB3F0F8-20DC-43F5-ACA2-6006868F5E29}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{D4096305-3B6A-475B-9933-A8BA55070146}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{9BD6288F-652E-47A0-ACD5-57412EE9F375}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3A8CC5B0-ED79-4EFA-9358-062CB1B316CC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8F701DEB-B29F-40AC-8A21-CD1FED653573}F:\jogos\firewatch\firewatch.exe] => (Allow) F:\jogos\firewatch\firewatch.exe
FirewallRules: [UDP Query User{EDDB6F03-FF01-4F78-830D-F6F0EBECDD0C}F:\jogos\firewatch\firewatch.exe] => (Allow) F:\jogos\firewatch\firewatch.exe
FirewallRules: [{417054B8-F38B-4F63-BAF3-3724BE9AF066}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{2DA1A767-C5CF-4443-AA22-290B57C3F0EE}] => (Allow) C:\Windows\Temp\download\MiniThunderPlatform.exe
FirewallRules: [{308004E7-5DDC-4106-8558-D9ABCEE7B245}] => (Allow) C:\Windows\Temp\download\MiniThunderPlatform.exe
FirewallRules: [{8474067A-A874-4D75-8AFF-4C411659CC04}] => (Allow) c:\users\victor\appdata\roaming\download\MiniThunderPlatform.exe
FirewallRules: [{6569A602-4C70-4661-B4B0-47FEE233D6AB}] => (Allow) c:\users\victor\appdata\roaming\download\MiniThunderPlatform.exe
FirewallRules: [{87BDA3ED-D151-437C-84FC-B39F21FD27E6}] => (Allow) C:\Users\Victor\AppData\Roaming\download\MiniThunderPlatform.exe
FirewallRules: [{F2721D39-A017-44EF-8240-8655530A69FC}] => (Allow) C:\Users\Victor\AppData\Roaming\download\MiniThunderPlatform.exe
FirewallRules: [{CF2F649A-F43C-437C-B85C-224797B5DDA5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{DE32BB50-C4C0-4FD0-AE44-AEE08AC4443E}] => (Allow) C:\Users\Victor\AppData\Roaming\download\MiniThunderPlatform.exe
FirewallRules: [{76046DC5-2D46-4A2B-9CF5-8683079F0804}] => (Allow) C:\Users\Victor\AppData\Roaming\download\MiniThunderPlatform.exe
FirewallRules: [{CCED084E-71A2-4C8E-8C10-4F7A76001301}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Pontos de Restauração =========================
ATENÇÃO: A Restauração do Sistema está desabilitada
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (05/15/2016 08:06:16 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Outlook8
Error: (05/15/2016 08:06:16 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (05/15/2016 05:37:48 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Erro no arquivo de manifesto ou de política "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2", na linha C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (05/15/2016 12:53:26 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -2147467259
Error: (05/15/2016 12:48:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Erro no arquivo de manifesto ou de política "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2", na linha C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (05/15/2016 01:06:59 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Erro no arquivo de manifesto ou de política "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2", na linha C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (05/14/2016 06:35:00 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Erro no arquivo de manifesto ou de política "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2", na linha C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (05/14/2016 06:34:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Erro no arquivo de manifesto ou de política "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2", na linha C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (05/14/2016 06:34:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Erro no arquivo de manifesto ou de política "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2", na linha C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (05/14/2016 06:34:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Erro no arquivo de manifesto ou de política "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2", na linha C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Erros de Sistema:
=============
Error: (05/15/2016 08:11:28 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QGC4E84)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-QGC4E84VictorS-1-5-21-2658076088-2665001163-1618427135-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (05/15/2016 08:11:28 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QGC4E84)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-QGC4E84VictorS-1-5-21-2658076088-2665001163-1618427135-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (05/15/2016 08:11:28 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QGC4E84)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-QGC4E84VictorS-1-5-21-2658076088-2665001163-1618427135-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (05/15/2016 08:11:28 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QGC4E84)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-QGC4E84VictorS-1-5-21-2658076088-2665001163-1618427135-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (05/15/2016 08:11:12 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QGC4E84)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-QGC4E84VictorS-1-5-21-2658076088-2665001163-1618427135-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (05/15/2016 08:11:12 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QGC4E84)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-QGC4E84VictorS-1-5-21-2658076088-2665001163-1618427135-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (05/15/2016 08:11:12 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QGC4E84)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-QGC4E84VictorS-1-5-21-2658076088-2665001163-1618427135-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (05/15/2016 08:11:12 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QGC4E84)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-QGC4E84VictorS-1-5-21-2658076088-2665001163-1618427135-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (05/15/2016 08:11:12 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QGC4E84)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-QGC4E84VictorS-1-5-21-2658076088-2665001163-1618427135-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (05/15/2016 08:11:12 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QGC4E84)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-QGC4E84VictorS-1-5-21-2658076088-2665001163-1618427135-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
CodeIntegrity:
===================================
Date: 2016-05-14 20:01:56.117
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-14 15:57:33.790
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-11 21:44:15.679
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-10 21:20:28.448
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-05-10 21:20:28.430
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-05-10 20:53:33.226
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-05-10 20:53:33.211
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-05-10 20:47:25.669
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-05-10 20:47:25.536
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-05-10 20:47:25.373
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
==================== Informações da Memória ===========================
Processador: AMD FX™-8120 Eight-Core Processor
Percentagem de memória em uso: 30%
RAM física total: 8173.22 MB
RAM física disponível: 5642.44 MB
Virtual Total: 11629.22 MB
Virtual disponível: 8503.95 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.3 GB) (Free:41.06 GB) NTFS
Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]
Drive e: (BREAD) (Fixed) (Total:99.9 GB) (Free:49.03 GB) NTFS
Drive f: (MAKES YOU FAT) (Fixed) (Total:831.51 GB) (Free:226.82 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 98D6A434)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=99.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=831.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: CF79D76F)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================
Here goes. Oh man, and thanks for being so helpful! I appreciate it. 
Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
This topic is locked
