Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Internet problems after a while and maybe a hijack(?)


  • Please log in to reply

#1
asbr242

asbr242

    New Member

  • Member
  • Pip
  • 5 posts

Hello,

I'm going right to the point, I have been suffering for an issue in my Win10 desktop that after some hours using it, it continues to show internet connection good but the browsers can't connect to the sites while my iPhone shows +- 50Mbps. I've run almost everything (tron script, Malwarebytes tools, RogueKiller, ect) I could to find and patch any error but nothing helped. Going to attach my FRST log so we can fix it faster (I didn't try to use fixlit in FRST becaus I don't have enougth skills to read the log properly). In safe mode it looks like internet is working, but I don't acctualy used the pc enougth time to see if it goes deos.

 

To complement, 3 days ago I noticed that had some strange music on Recently Played on my Spotify account, as I use it on the desktop, I think it might be linked with the internet issue.

 

 

Thanks in advance and sorry for any English misspellings.

 

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 20.06.2018
Executado por User (administrador) em DESKTOP-DELL (15-07-2018 00:20:40)
Executando a partir de C:\Users\User\Downloads
Perfis Carregados: User (Perfis Disponíveis: User)
Platform: Windows 10 Home Single Language Versão 1803 17134.137 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: FF)
Modo da Inicialização: Safe Mode (with Networking)
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe

==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-07-06] (Apple Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1151872 2016-11-18] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-06-22] (Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\...\Run: [LonelyScreen] => C:\Program Files (x86)\LonelyScreen\lonelyscreen.exe [23353856 2017-10-24] ()
HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3201312 2018-06-08] (Valve Corporation)
HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\...\Run: [qBittorrent] => C:\Program Files\qBittorrent\qbittorrent.exe [24781824 2018-05-27] ()
HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\...\Run: [Spotify Web Helper] => C:\Users\User\AppData\Roaming\Spotify\SpotifyWebHelper.exe [782736 2018-06-03] (Spotify Ltd)
HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3961968 2018-06-25] (Tonec Inc.)
HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\...\RunOnce: [Application Restart #0] => C:\Windows\System32\Taskmgr.exe [1326952 2018-04-11] (Microsoft Corporation)
GroupPolicy: Restrição ? <==== ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{f2631fd8-28f2-4e31-8d65-4398523bdf28}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{f574d103-b55a-4542-ad1e-56b3f32c2eba}: [DhcpNameServer] 181.213.132.3 181.213.132.2

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <==== ATENÇÃO
SearchScopes: HKU\S-1-5-21-3482450098-3671538303-3377208914-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2018-06-19] (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-07-12] (Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-03] (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2018-06-19] (Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-05-08] (Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-03] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-03] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-03] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-03] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: igd5c9k9.default
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\igd5c9k9.default [2018-07-15]
FF Extension: (IBM Security Rapport) - C:\Users\User\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] (1).xpi [2018-04-20]
FF Extension: (Privacy Badger) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\igd5c9k9.default\Extensions\[email protected] [2018-05-11]
FF Extension: (uBlock Origin) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\igd5c9k9.default\Extensions\[email protected] [2018-07-03]
FF Extension: (User-Agent Switcher) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\igd5c9k9.default\Extensions\{75afe46a-7a50-4c6b-b866-c43a1075b071}.xpi [2018-06-03]
FF Extension: (Adblock Plus) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\igd5c9k9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-07-03]
FF Extension: (Greasemonkey) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\igd5c9k9.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2018-07-12]
FF Extension: (Nano Defender) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\igd5c9k9.default\Extensions\{f9cacf2e-cafc-4f0f-b6ad-8e1a01b4b4d0}.xpi [2018-07-10]
FF Extension: (WebCompat Reporter) - C:\Program Files\Mozilla Firefox\browser\features\[email protected] [2018-07-05] [Legacy] [não assinado]
FF HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2018-06-25]
FF HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\User\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\User\AppData\Roaming\IDM\idmmzcc5 [2018-07-02] [Legacy] [não assinado]
FF HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-06-22] (Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-04-02] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-04] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-22] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-06-22] (Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2018-07-14]
CHR Extension: (Apresentações) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-23]
CHR Extension: (Documentos) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-23]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-23]
CHR Extension: (IBM Security Rapport) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2018-04-20]
CHR Extension: (Signal Private Messenger) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bikioccmkafdpakkkcpdbppfkghcmihk [2018-07-02]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-23]
CHR Extension: (Planilhas) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-23]
CHR Extension: (Documentos Google off-line) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-02-24]
CHR Extension: (IDM Integration Module) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-07-14]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-20]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-23]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-02]
CHR Extension: (GeoProxy) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pooljnboifbodgifngpppfklhifechoe [2018-03-02]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-06-25]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-06-25]

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-06-22] (Adobe Systems Incorporated)
S3 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
S3 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-07-05] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7234640 2018-07-12] ()
S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8765104 2018-06-30] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [775296 2018-04-02] (EasyAntiCheat Ltd)
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S3 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2017-12-11] (Foxit Software Inc.)
S2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382456 2017-03-13] (Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S2 osrss; C:\WINDOWS\system32\osrss.dll [130808 2018-06-08] (Microsoft Corporation)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2018-04-22] ()
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-04] (Realtek Semiconductor)
S3 SophosVirusRemovalTool; C:\Users\User\Downloads\tron\resources\stage_3_disinfect\sophos_virus_remover\SVRTservice.exe [163680 2017-06-15] (Sophos Limited)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\NisSrv.exe [3925648 2018-07-02] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MsMpEng.exe [100080 2018-07-02] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4599728 2017-02-22] (Qualcomm Atheros Communications, Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [896752 2016-12-15] (Realtek )
S3 SIVDriver; C:\Windows\system32\Drivers\SIVX64.sys [181904 2018-02-14] (Ray Hinchliffe)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2018-07-14] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46592 2018-07-02] (Microsoft Corporation)
S0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-07-02] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59944 2018-07-02] (Microsoft Corporation)
S1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2018-07-08] (BigNox Corporation)

========================== MD5 dos Drivers =======================

C:\WINDOWS\System32\drivers\1394ohci.sys 4B45A2D37CCE3CC0F161B7C7286081A6
C:\WINDOWS\System32\drivers\3ware.sys F5E5BA493B7C497F1F769942E2EA4CE2
C:\WINDOWS\System32\drivers\ACPI.sys CA51BB1B81F97E896E116C839B92D9D8
C:\WINDOWS\System32\drivers\AcpiDev.sys 75795E4B19BB3ED8D3C25A17CD15DC30
C:\WINDOWS\System32\Drivers\acpiex.sys DDA0FC1400A24988A7D3E746AEDF2C0F
C:\WINDOWS\System32\drivers\acpipagr.sys 1F2EC25DA23D1DF3ADA12FE5A26D321C
C:\WINDOWS\System32\drivers\acpipmi.sys 6AFFD57803BBB6FBCB483F983900A5C4
C:\WINDOWS\System32\drivers\acpitime.sys 0FC8673FAFC7D78C1CDC000F892CAC64
C:\WINDOWS\System32\drivers\ADP80XX.SYS A3D4CF2F3A433BE18CD4AD3E6665DC63
C:\WINDOWS\system32\drivers\afd.sys 4DCCC3E02A22ED4A4ADB11386F226071
C:\WINDOWS\system32\drivers\afunix.sys F267095A11A461BEF39FB180750BE801
C:\Windows\SysWOW64\drivers\afunix.sys 254921C0E1C35BBF22728BE95AD31950
C:\WINDOWS\System32\DRIVERS\ahcache.sys 0CD0F0C62414217DE9EA7EC8D425277E
C:\WINDOWS\System32\drivers\amdk8.sys 6DF48AD26E6285FB137F11328B64A376
C:\WINDOWS\System32\drivers\amdppm.sys D8804032BCDE4077A6D8D431D12AC6CC
C:\WINDOWS\System32\drivers\amdsata.sys A88F5E24B65228FB25F2051B3408A0E4
C:\WINDOWS\System32\drivers\amdsbs.sys AECD39E51DABC2BF045B2857F02FA2BD
C:\WINDOWS\System32\drivers\amdxata.sys B4CC9943230CAEB05B46CC30C220E141
C:\WINDOWS\System32\drivers\appid.sys E4A18157BF5D8D714C05169A8A8D604C
C:\WINDOWS\System32\drivers\applockerfltr.sys 769316CA5884FBBD02D45C28FE105922
C:\WINDOWS\System32\drivers\arcsas.sys 013E057DF3D13A4462AD912D7732E7E0
C:\WINDOWS\System32\drivers\asyncmac.sys B25ACCD9BE5F5798E9DD8FFB04D7BE4C
C:\WINDOWS\System32\drivers\atapi.sys 90AB4ED8EBD72A1C096A40CC35404B91
C:\WINDOWS\System32\drivers\athw10x.sys BE543A329745763D9FF43DD6B1A90F07
C:\WINDOWS\System32\drivers\bxvbda.sys F10E4C9444A9FC6DCBAB2C42F6999FA1
C:\WINDOWS\System32\drivers\bam.sys 982FAA5686F67BFEF3E6094705C2621F
C:\WINDOWS\System32\drivers\BasicDisplay.sys FA4973E379E872C61D0CF4E39F807833
C:\WINDOWS\System32\drivers\BasicRender.sys F024B80EA0076A318598DAB795F9C3D0
C:\WINDOWS\System32\drivers\bcmfn2.sys 739D089777D2B66DBE7201E5EA4BA2D7
C:\Windows\System32\Drivers\Beep.sys 9B068DF7B7B3DDF768D06DFD69B49FD0
C:\WINDOWS\system32\drivers\bindflt.sys BC1E5F20251E0AFDB955E7D91093B619
C:\WINDOWS\System32\DRIVERS\bowser.sys 00C33AC3096BB64BACD5554A55025F8F
C:\WINDOWS\system32\DRIVERS\btfilter.sys 147C143D995843CBB22BE46D7656F638
C:\WINDOWS\System32\drivers\BthEnum.sys E0121734C2492406034FA23E3D394EBD
C:\WINDOWS\System32\drivers\bthhfenum.sys 02FEC31842DD153D966AC227B6DDF8BB
C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys 8EE632BFE4BABD4E7A299AF54476F9A5
C:\WINDOWS\System32\drivers\bthmodem.sys A0EC1D5C937995A2C5F1179538A8A6B4
C:\WINDOWS\System32\drivers\bthpan.sys B10E0CC936462BBA7BC659C0927617A0
C:\WINDOWS\system32\DRIVERS\BTHport.sys CEC858AC998DE405F079FEFD55924394
C:\WINDOWS\system32\DRIVERS\BTHUSB.sys 0D5ECDF2601312025811F6AC413F851A
C:\WINDOWS\System32\drivers\bttflt.sys E3786BEBB7E4003DE324A18069DDA081
C:\WINDOWS\System32\drivers\buttonconverter.sys 03C13BB635635B9152DBF49AA07B728C
C:\WINDOWS\System32\drivers\CAD.sys 9983FF8D9834F2E67787F4BDC42A8E36
C:\WINDOWS\System32\drivers\capimg.sys 407B33DE151A3DFCF564AC4270E44B1D
C:\WINDOWS\System32\DRIVERS\cdfs.sys D3CBC6DE5955D014407C7BD1FFE80F00
C:\WINDOWS\System32\drivers\cdrom.sys 6834DBBA2A1DBA5B9B6360D0B9A3CBB5
C:\WINDOWS\System32\drivers\cht4sx64.sys 4A08B239F92B319AD31E3916D27AD4B9
C:\WINDOWS\System32\drivers\cht4vx64.sys C8EA9376E4D284F9DF24B27AC6E3AB85
C:\WINDOWS\System32\drivers\circlass.sys 3AA86DA04A561E8162C2DBBF92D12074
C:\WINDOWS\System32\drivers\cldflt.sys 5619FC2A3AE4F43D4B20D95472ED948E
C:\WINDOWS\System32\drivers\CLFS.sys DB26170CF6555B9AFF76CFA067ABCF90
C:\WINDOWS\System32\drivers\CmBatt.sys 66CBF6F8FE6F436B315D7FEAF5D2BB40
C:\WINDOWS\System32\Drivers\cng.sys 5501C33DB55D2828859CB90C1AB26F17
C:\WINDOWS\System32\DRIVERS\cnghwassist.sys 037DCC7A71938729CB12E8174E03031C
C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys E40C99A3E0FFF49687F2187BF3E3050D
C:\WINDOWS\System32\drivers\condrv.sys 3799A9DFB162D9AAD6AC12CB8185FD19
C:\WINDOWS\System32\drivers\dam.sys 8711386E9B04357F8F58166760759F3A
C:\WINDOWS\System32\Drivers\dfsc.sys 8A1C10410FDA4287A76EC5A64371E221
C:\WINDOWS\System32\drivers\disk.sys A79FCB89805FA9EA9F48B671A4591D4E
C:\WINDOWS\System32\drivers\dmvsc.sys F69D7A5D7EDEE16B85F08040836FB09C
C:\WINDOWS\System32\drivers\drmkaud.sys AD1BEFBF96C0273925EDC9282557D984
C:\WINDOWS\System32\drivers\dxgkrnl.sys 8FF323926AAF82B04CCE7DD4FAA17990
C:\WINDOWS\System32\drivers\evbda.sys 75CA88887850A74DDAAAF92500B6D9B9
C:\WINDOWS\System32\drivers\EhStorClass.sys 7E838D857FC55535710C316441459C38
C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys 49023DD6F646B8C70AE1C105415F3E2B
C:\WINDOWS\System32\drivers\errdev.sys 1DF19D7A941CB06F8EADF89FA0BF59AD
C:\Windows\System32\Drivers\exfat.sys B2858C386B99A68C3E3F0DFAB935C232
C:\Windows\System32\Drivers\fastfat.sys CE38CED74D85849BB2C9894DCA712615
C:\WINDOWS\System32\drivers\fdc.sys 6701B9973DE98578A491721B4BDE0926
C:\WINDOWS\System32\drivers\filecrypt.sys 9BC7FE262AF52B341048234809AA7D91
C:\WINDOWS\System32\drivers\fileinfo.sys A0AF205465482EE0FC6261782629566B
C:\WINDOWS\System32\drivers\filetrace.sys 01D83D284E6B37902DB3C4D4DB0649E0
C:\WINDOWS\System32\drivers\flpydisk.sys CE9CB1DB00B5007ABFFF0717E748E919
C:\WINDOWS\System32\drivers\fltmgr.sys C5374BA2CAE89DE7269EC61A969EF5D5
C:\WINDOWS\System32\drivers\FsDepends.sys 835F9C7193B6F9A796DE76897DC56968
C:\Windows\System32\Drivers\Fs_Rec.sys A01BA0506E07F316483E99D7AD9B6E75
C:\WINDOWS\System32\DRIVERS\fvevol.sys F00AA662A862BA1B5B0BB9FBDFAE2DFC
C:\WINDOWS\System32\drivers\vmgencounter.sys 71DBED7FB264DB60341BC796EC2E8135
C:\WINDOWS\System32\drivers\genericusbfn.sys EA5EE5EF9765A9157B346DF671952F18
C:\WINDOWS\System32\Drivers\msgpioclx.sys 6BE6550F1A32796A11EBC58BBC72C44D
C:\WINDOWS\System32\drivers\gpuenergydrv.sys 508614CAC7BF8AEE4FB9002A413919B1
C:\WINDOWS\System32\drivers\HDAudBus.sys DED74127C7A2266715C0B8EA2EE75214
C:\WINDOWS\System32\drivers\HidBatt.sys 95888B85956AF97320D1F5C354632957
C:\WINDOWS\System32\drivers\hidbth.sys 33346BD26BB0AE4361DF1ED00D2876CF
C:\WINDOWS\System32\drivers\hidi2c.sys 6D767FEB02DF712F783BEEFF09E06431
C:\WINDOWS\System32\drivers\hidinterrupt.sys 542AB7A14235C5227A9307ACF1636F0B
C:\WINDOWS\System32\drivers\hidir.sys 1553DF41F4EE4F60B4BEEEC62264BE71
C:\WINDOWS\System32\drivers\hidusb.sys 6E3FB2047B8AE72E1B5F1C00A5F3E475
C:\WINDOWS\System32\drivers\HpSAMD.sys 621B1FFB2E4E4745484EA01B013BF1D2
C:\WINDOWS\System32\drivers\HTTP.sys 744428491FA6BB37EC8070886C49CB12
C:\WINDOWS\System32\drivers\hvcrash.sys 9E1F3BA540DB9F4942A3F50A92E5754F
C:\WINDOWS\System32\drivers\hvservice.sys 621042C19113527CF8FA89F3454576BF
C:\WINDOWS\System32\Drivers\mshwnclx.sys B149905CD7451160B6BFA2191A3F6182
C:\WINDOWS\System32\drivers\hwpolicy.sys FE36689912DEC37D45B7A6C6414046FE
C:\WINDOWS\System32\drivers\hyperkbd.sys A1133368F47D514D73DD7FB4C4FD2B75
C:\WINDOWS\System32\drivers\HyperVideo.sys B68252C53556FFB52CCE18FF30FACA99
C:\WINDOWS\System32\drivers\i8042prt.sys DA179667B8CEC22E4ECBBF4210DC0E35
C:\WINDOWS\System32\drivers\iagpio.sys B5EC43755E62591197DE5CBBDAA9FEB7
C:\WINDOWS\System32\drivers\iai2c.sys D8CA23F9C5FEF44296FDE1E005C06EC0
C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys 7B769C9D19C013F94874C4B15D59A005
C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys E0F1B3A2A70FABE3BE1C9140BB55E607
C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys 89A869BCC0588A3009ECB875B09ECD39
C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys 2E693DF3C02A0859DB8DE25772751100
C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 16A10CCEDCF5AC4CAAE43DC9FC40392F
C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys EB82A11613326691508D9ED9A4FE29E7
C:\WINDOWS\System32\drivers\iaStorAVC.sys 26405FA714257E449581DE5D6E6200E6
C:\WINDOWS\System32\drivers\iaStorV.sys 11AC0355FE52CC8813EE6864DE7531E4
C:\WINDOWS\System32\drivers\ibbus.sys 62CD9FA7394BCDF7784CCEFC9D00C9AA
C:\WINDOWS\system32\DRIVERS\idmwfp.sys 6248F7270A37B8890C7A058AAD4D6620
C:\WINDOWS\system32\DRIVERS\igdkmd64.sys 7370CC8F95F82B57D0F84DC7817E5CBB
C:\WINDOWS\System32\drivers\IndirectKmd.sys AA38C19A3D65E8228D822EB18037E19D
C:\WINDOWS\system32\drivers\RTKVHD64.sys 48AC5F706780BCC34811EA89A0727189
C:\WINDOWS\system32\DRIVERS\IntcDAud.sys E300D1E37B737ED14F7A08CD5604E5D9
C:\WINDOWS\System32\drivers\intelide.sys F1B552F7ACDF6E3E4DDDB76118CAFDE3
C:\WINDOWS\System32\drivers\intelpep.sys E6CC7C1E7CEDC81D6B15BF2CF4C99109
C:\WINDOWS\System32\drivers\intelppm.sys 2CEF9DEB97B2CA327175EE8AD5F195A1
C:\WINDOWS\System32\drivers\iorate.sys 917931A6116F03DB3CA56CFCE8634667
C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys FB72A49FAD5C343C8C38948F92D87BBF
C:\WINDOWS\System32\drivers\IPMIDrv.sys 5C58142E0F1F8AA379748CC123BA7527
C:\WINDOWS\System32\drivers\ipnat.sys 7408B83959A4B8271EF67FD06A6B366B
C:\WINDOWS\System32\drivers\ipt.sys 7BEA2228C81FB6E1EADDD54D615B4C7E
C:\WINDOWS\system32\drivers\irda.sys 030AE3773151CFA728C67E38416FAD8D
C:\WINDOWS\System32\drivers\irenum.sys 79D02DC54AB4F85D2C13A728A0E36193
C:\WINDOWS\System32\drivers\isapnp.sys 38A6EC08D0067DECF7B5BA4C871B846C
C:\WINDOWS\System32\drivers\msiscsi.sys 5529131AAB75E07D9295B19E20C54DAE
C:\WINDOWS\System32\drivers\ItSas35i.sys C35FD802C800F3CBB4FD426D5A542A22
C:\WINDOWS\System32\drivers\kbdclass.sys 17F3B012B28F27E7B813A7B037A3D790
C:\WINDOWS\System32\drivers\kbdhid.sys 843B4BBD15DD0340C5C293CD419D4A76
C:\WINDOWS\System32\drivers\kdnic.sys 5BBB86F3F1700E0ACE1DF10F0EF7B227
C:\WINDOWS\System32\Drivers\ksecdd.sys D54931F61470509C2DEBF6B99F9C314F
C:\WINDOWS\System32\Drivers\ksecpkg.sys 3EDB01A28D23898492878460C28E8A91
C:\WINDOWS\system32\drivers\ksthunk.sys 10F2EBC1F1C4549C355781715DE47B66
C:\WINDOWS\System32\drivers\lltdio.sys 3CF979AFF0196DF3DF5E54DFC049EB1F
C:\WINDOWS\System32\drivers\lsi_sas.sys 48380096385DB46E43D85CD92B9500DB
C:\WINDOWS\System32\drivers\lsi_sas2i.sys F708223E5829510DF0D5AF209D11C8B8
C:\WINDOWS\System32\drivers\lsi_sas3i.sys B91BCC8F670F128A4BB826ACF2C2B9D5
C:\WINDOWS\System32\drivers\lsi_sss.sys FA31CDF977CD31AF9AEAAA422966ACC1
C:\WINDOWS\system32\drivers\luafv.sys E86400D7B6E095E89CF63667D94D3F50
C:\WINDOWS\System32\drivers\mausbhost.sys BD3D311802427608403C5E73A8D6137D
C:\WINDOWS\System32\drivers\mausbip.sys 61C2D9790943D8E3AD05AE35E4A313EF
C:\WINDOWS\System32\drivers\megasas.sys 61BCE12529E96E6F0335A2A8DEB83C61
C:\WINDOWS\System32\drivers\MegaSas2i.sys CA22763F12783A9C81C512ED747CECDD
C:\WINDOWS\System32\drivers\megasas35i.sys FDB06D857FC43D654547BBB31D039DB4
C:\WINDOWS\System32\drivers\megasr.sys 230361AF74DDB91705284E024A22DF4F
C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys F1E754DEEB3369BCCE2228D5C10DE101
C:\WINDOWS\System32\drivers\mlx4_bus.sys A8931C3820D5F392D89176E0628E766E
C:\WINDOWS\system32\drivers\mmcss.sys EB4D7C9354CB88DE4B085EA3EEA5BC76
C:\WINDOWS\System32\drivers\modem.sys CA25F2D78FDD0D36E3F3071B4B317BD4
C:\WINDOWS\System32\drivers\monitor.sys 13142B3B30F633F407D5256B2FFCCEF0
C:\WINDOWS\System32\drivers\mouclass.sys 66C9CCC6A100ACF7A4514BD3091CE566
C:\WINDOWS\System32\drivers\mouhid.sys 6BE61DAF4CDC0E13940096EAC4A9F490
C:\WINDOWS\System32\drivers\mountmgr.sys 2CFB54C638F75E39FBB22723401A8A56
C:\WINDOWS\System32\drivers\mpsdrv.sys 11B4962A359DCE5F80C4D5F9E492EE93
C:\WINDOWS\system32\drivers\mrxdav.sys C12373EC998C6F17C0FE2D6C3CBB9C04
C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 3C0FA2ED75875481D00F3D77B1A3E336
C:\WINDOWS\System32\DRIVERS\mrxsmb10.sys E59589471F58AF1413B18A6817769B15
C:\WINDOWS\System32\DRIVERS\mrxsmb20.sys 42FE3D84EFE835443151DC2A50D05643
C:\WINDOWS\System32\drivers\bridge.sys F14DE177087F9E990EDE95ACE1F94662
C:\Windows\System32\Drivers\Msfs.sys 128E1D8C23F690DF1DD7AFDB214DB6ED
C:\WINDOWS\System32\drivers\msgpiowin32.sys 5A5ABA987943317300A4E55A5C5EB8C4
C:\WINDOWS\System32\drivers\mshidkmdf.sys D727DEA75E316C80793C7098225D3F56
C:\WINDOWS\System32\drivers\mshidumdf.sys E12A703CE10B068727499276340D5296
C:\WINDOWS\System32\drivers\msisadrv.sys 8E42D6B92CB4567467E29F58F2E31715
C:\WINDOWS\System32\drivers\MSKSSRV.sys 2F3B9A23F8DEE9C3AD58CB3D966D83DD
C:\WINDOWS\System32\drivers\mslldp.sys AECFFBE104D428E8A74BCABF5B3B9912
C:\WINDOWS\System32\drivers\MSPCLOCK.sys 83364A92271339D8042C9DD5FD938A84
C:\WINDOWS\System32\drivers\MSPQM.sys AE5A4B89CDFF544B6481970BFD48A056
C:\Windows\System32\Drivers\MsRPC.sys 999433544A4136A9B879C98049821EE6
C:\WINDOWS\System32\drivers\mssmbios.sys 4566CB65F176CE5CD8FCA487D2E3A64B
C:\WINDOWS\System32\drivers\MSTEE.sys 8A11E03B32840C0B73C14D16794F1A8A
C:\WINDOWS\System32\drivers\MTConfig.sys 794285C4F166B8108292E63FEA3C41E3
C:\WINDOWS\System32\Drivers\mup.sys EEB9D3E90B83546864211D63C1A0A74A
C:\WINDOWS\System32\drivers\mvumis.sys 69CECA6726FAD321F5643B16A1FF3934
C:\WINDOWS\System32\DRIVERS\nwifi.sys B66E5DDF484DE03D61B83118E45D5E11
C:\WINDOWS\System32\drivers\ndfltr.sys AB9EB3CADF4D415B598487397476A23A
C:\WINDOWS\System32\drivers\ndis.sys 5269DDC879DF5FEA2B7DB91AA4726CCA
C:\WINDOWS\System32\drivers\ndiscap.sys AF73B18F3096B165A6F4417C5ED36B01
C:\WINDOWS\System32\drivers\NdisImPlatform.sys 1A9B1F5B8B131CE461A01C9424E149D7
C:\WINDOWS\System32\DRIVERS\ndistapi.sys 4C8BBD7EE829CE9BFB8E21134AC477E0
C:\WINDOWS\System32\drivers\ndisuio.sys 76DB7B344F90A29A16CB6B7C67B87CF6
C:\WINDOWS\System32\drivers\NdisVirtualBus.sys A76D79B71300EB3FEDD3D12D4C6F1D76
C:\WINDOWS\System32\drivers\ndiswan.sys DA9896F6ED9EAFDAC19177ADF99DD932
C:\WINDOWS\System32\DRIVERS\ndiswan.sys DA9896F6ED9EAFDAC19177ADF99DD932
C:\WINDOWS\System32\DRIVERS\NDProxy.sys 934E4A5CFD9CB891CD338052FA3467C6
C:\WINDOWS\System32\drivers\Ndu.sys 0E3B0F3645D1BAE79397C66FE8AF6402
C:\WINDOWS\System32\drivers\NetAdapterCx.sys A704515CF3038668E9E2CA66E31A0700
C:\WINDOWS\System32\drivers\netbios.sys DD09E3115DF2CDB36FED21E67149EB91
C:\WINDOWS\System32\DRIVERS\netbt.sys 045A018E0BA5F9B75C5928A31C0E822C
C:\WINDOWS\System32\drivers\netvsc.sys DA8548D75434CE421BF921BAAC0916D9
C:\Windows\System32\Drivers\Npfs.sys 7190932DB00BE83B57C01B5EAC4D746B
C:\WINDOWS\System32\drivers\npsvctrig.sys 218DB396170D77BB94F69B526CC51B8F
C:\WINDOWS\System32\drivers\nsiproxy.sys A4952889D7C5804F17ABB9F454A371C2
C:\Windows\System32\Drivers\Ntfs.sys B892BC212736F0D60D878A28CEC2E2D2
C:\Windows\System32\Drivers\Null.sys C029E5408EEE26C3B4E5BA5D29738DB8
C:\WINDOWS\System32\drivers\nvdimm.sys 189E5FCB96ABFEA84239A16062256EE4
C:\WINDOWS\System32\drivers\nvraid.sys 1F50ED95984009BF3634D6BD1A16FA5B
C:\WINDOWS\System32\drivers\nvstor.sys D6C14906B78F235461EEF96A886830D4
C:\WINDOWS\System32\drivers\parport.sys 13B175715A4391E4E5D2AB2EBC8CDBB5
C:\WINDOWS\System32\drivers\partmgr.sys 428B9FAFB0EE6EF66EAAB7B49A96487A
C:\WINDOWS\System32\drivers\pci.sys 7B6C0AFE5029A791F23B03EB13194797
C:\WINDOWS\System32\drivers\pciide.sys C447CDA030A3415711E4E940D2E9B399
C:\WINDOWS\System32\drivers\pcmcia.sys 753174DF234EA8BBF732986D5F78FCE7
C:\WINDOWS\System32\drivers\pcw.sys 1D05B6DE437515281CD91A16C16529E6
C:\WINDOWS\System32\drivers\pdc.sys F5F1A092463D6E46E71CC709A65403D1
C:\WINDOWS\System32\drivers\peauth.sys 42B12A76D3C98AE69C97727E3BEC7D8A
C:\WINDOWS\System32\drivers\percsas2i.sys CD9BA1C279BE0E92E971C2B45A7F3D9B
C:\WINDOWS\System32\drivers\percsas3i.sys 6D5EA79E82A48B181E18C2C39416E8C8
C:\WINDOWS\System32\drivers\pmem.sys E8BE4041A69023B6A4D1096EE8436347
C:\WINDOWS\System32\drivers\pnpmem.sys 99ECEDA6B2E1FDB6892FBD5AED1E5D99
C:\WINDOWS\System32\drivers\raspptp.sys 1FB09FD846D5030B82EB345E9970A105
C:\WINDOWS\System32\drivers\processr.sys E0E55CDA29C80A9520FCFC78D7F8A73D
C:\WINDOWS\System32\drivers\pacer.sys E4BF8BE7B3711BCBBC95EE983C0236F4
C:\WINDOWS\System32\pwdrvio.sys C32ECB99AD25E9A04F01C8665DF29EF8
C:\Windows\system32\pwdspio.sys D619356B955EEFA642F5FF72755E8B3C
C:\WINDOWS\system32\drivers\qwavedrv.sys 00F72861538B6C4E925A21BAE397A49D
C:\WINDOWS\System32\DRIVERS\ramdisk.sys 0FFABEB2D06CD74DDE0BCA510EEAEEBC
C:\WINDOWS\System32\DRIVERS\rasacd.sys B834761352403111D0113284D8736025
C:\WINDOWS\System32\drivers\AgileVpn.sys FA99CE309B66586A0AA6EF9CFF7BC467
C:\WINDOWS\System32\drivers\rasl2tp.sys 775ED7E51B58CF9EB415A1DBA540DACF
C:\WINDOWS\System32\DRIVERS\raspppoe.sys E2433A620ABF4083157944E4692C500D
C:\WINDOWS\System32\drivers\rassstp.sys EE5D1D51FA74ECCE57CF2DB8F6A417D8
C:\WINDOWS\System32\DRIVERS\rdbss.sys 5F7027A2F16AFF56DA68D996FAFDAAD8
C:\WINDOWS\System32\drivers\rdpbus.sys 206AB796793FDBD518B82E2F308A7176
C:\WINDOWS\System32\drivers\rdpdr.sys 3DE4216324BE32FC3AF7667AE2406EE5
C:\WINDOWS\System32\drivers\rdpvideominiport.sys 0600DF60EF88FD10663EC84709E5E245
C:\WINDOWS\System32\drivers\rdyboost.sys 65652EFAAF4A8A59E60A2D7BE15317E8
C:\Windows\System32\Drivers\ReFS.sys 3DCB3FAFE46B9FE41C9065EBBED97724
C:\Windows\System32\Drivers\ReFSv1.sys B76350D40A46DBA17205F8373528FD83
C:\WINDOWS\System32\drivers\rfcomm.sys 59F600BDA5B6EE591802945F1D8388D5
C:\WINDOWS\System32\drivers\rhproxy.sys 3D4F4CCE0364CD3F1B539D2630686F24
C:\WINDOWS\System32\drivers\rspndr.sys FFFB16EF6E0B8B5F7F19B425923E7D12
C:\WINDOWS\System32\drivers\rt640x64.sys 876408F1D96FADC347353EB2808261D3
C:\WINDOWS\System32\drivers\vms3cap.sys A2939E69027B97105014434BFBFF7195
C:\WINDOWS\System32\drivers\sbp2port.sys 04C51BBD8C9F54E5F2C5D831B03B11E3
C:\WINDOWS\System32\DRIVERS\scfilter.sys 0070C2DC6563C48EDA63A282748F3FCD
C:\WINDOWS\System32\drivers\scmbus.sys 6538E939E55B589AA4F5BC22D35A6B36
C:\WINDOWS\System32\drivers\sdbus.sys 495273177E87B0C34D7E431E9254FA23
C:\WINDOWS\System32\drivers\SDFRd.sys 9EF09DE84CE20B787C02395394AC2A7E
C:\WINDOWS\System32\drivers\sdstor.sys F80D6C03FEA2F7DEE14023B7229DA8C2
C:\WINDOWS\System32\drivers\SerCx.sys C5CF2941AA9E417B3A224601255C002E
C:\WINDOWS\System32\drivers\SerCx2.sys B9C113BD9FCA4F3E23F03708A7DA07CC
C:\WINDOWS\System32\drivers\serenum.sys 1845736FA47A1DFBBB642FE21095B4E0
C:\WINDOWS\System32\drivers\serial.sys F1BABF50469041797ED9928C31318832
C:\WINDOWS\System32\drivers\sermouse.sys 340116988930B07629A2D0C2B380A365
C:\WINDOWS\System32\drivers\sfloppy.sys 77FF0A5BA023D8E8C82EACCD54EA5C78
C:\WINDOWS\System32\drivers\SgrmAgent.sys 1941F5CA54C469E16957587FD56ED842
C:\WINDOWS\System32\drivers\SiSRaid2.sys 1443CF919C2A3207CE7724E0A31686A2
C:\WINDOWS\System32\drivers\sisraid4.sys C0B1EAD6CC127CAE4E84EBF54105B3B8
C:\Windows\system32\Drivers\SIVX64.sys 3D2389F398520DBBDE4C205A3ECE0497
C:\WINDOWS\System32\drivers\spaceport.sys 5E70A578D27BCC7E37E16055669F2836
C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys FE1776E587227120DC04EAEC45473245
C:\WINDOWS\System32\drivers\SpbCx.sys D05EB2BB52EC6B665D1631EC33241B80
C:\WINDOWS\System32\DRIVERS\srv2.sys 3EB4023AC700182D84CB6761D3727394
C:\WINDOWS\System32\DRIVERS\srvnet.sys 93DF24D0C33F2894429D4180145CBDA7
C:\WINDOWS\System32\drivers\stexstor.sys DA82903F26AE12034CC5229F61098948
C:\WINDOWS\System32\drivers\storahci.sys F2D1983C7BEF5E3AB8978A7796C59A75
C:\WINDOWS\System32\drivers\vmstorfl.sys 76C9E2AA3400C22FC7091AD2F2999F95
C:\WINDOWS\System32\drivers\stornvme.sys 701078F20919BD635EA25F691880F651
C:\WINDOWS\System32\drivers\storqosflt.sys 47CE4211A40C2C023A8138E18757F3D2
C:\WINDOWS\System32\drivers\storufs.sys 25D7B79F80F3C2CD97D797C14D470165
C:\WINDOWS\System32\drivers\storvsc.sys 1FC7B7BE58A29DF27F5E6F6C2F061FA3
C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys 54255DF324C621A97220EBFA832237D2
C:\WINDOWS\System32\drivers\Synth3dVsc.sys A2A42A570524C975259E3B81C4D80DCA
C:\WINDOWS\System32\drivers\tcpip.sys 25D436DFEEF7EDAD08F1594C68A93500
C:\WINDOWS\System32\drivers\tcpip.sys 25D436DFEEF7EDAD08F1594C68A93500
C:\WINDOWS\System32\drivers\tcpipreg.sys 085F8A5F09E64CC27309AF160EF4F9BA
C:\WINDOWS\system32\DRIVERS\tdx.sys 16071C42E21CE3378FA449322FB9AB1D
C:\WINDOWS\System32\drivers\terminpt.sys B2C4D7CB291293CAC636748E695D111E
C:\WINDOWS\System32\drivers\tpm.sys BF705C64C1522646BF00E72393DC5D6F
C:\Windows\System32\drivers\TrueSight.sys 0D5A09B08568760AE85A801FCBC0F83D
C:\WINDOWS\System32\drivers\tsusbflt.sys 0D721F40C179EC5737C15E551F22C69B
C:\WINDOWS\System32\drivers\TsUsbGD.sys DE1296871208D1F13B7AC57C4B1FA46C
C:\WINDOWS\System32\drivers\tunnel.sys BC938ABBF586272BD4063CA51F09149F
C:\WINDOWS\System32\drivers\uaspstor.sys BDFACE024EFF2398214797143AD76C87
C:\WINDOWS\System32\Drivers\UcmCx.sys 00C4396DE1CD3502884BB2E2B6D6861C
C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys ED9CBD1541C8AFDAA9B8255A384E2B53
C:\WINDOWS\System32\drivers\UcmUcsi.sys F58F1BC6A6972437CE18516F8ACCEB9F
C:\WINDOWS\System32\drivers\ucx01000.sys EE62D07172014C8BBE7C80A3AAF56E8F
C:\WINDOWS\System32\drivers\udecx.sys 12E2B6B642360E66396502B62B048694
C:\WINDOWS\System32\DRIVERS\udfs.sys 6A442723D4D05D9F15D24C9942CDA00D
C:\WINDOWS\System32\drivers\UEFI.sys D30AF38971B6670C222250AC2CBB6227
C:\WINDOWS\System32\drivers\ufx01000.sys 588B9212DEE84F5192C09A147AA5C316
C:\WINDOWS\System32\drivers\UfxChipidea.sys 78B5C069C9AA1463ACC833FD7E2A3BD5
C:\WINDOWS\System32\drivers\ufxsynopsys.sys 533BF4F456A1C6E7581E8C0A4EC59300
C:\WINDOWS\System32\drivers\umbus.sys 360FEE6F687D98EFFE46A5433FE6182E
C:\WINDOWS\System32\drivers\umpass.sys F6F1A9D91F684AA02951B96EE8127DAE
C:\WINDOWS\System32\drivers\urschipidea.sys 49A5E1B43C59DC0E363AD9C2D7D10BE4
C:\WINDOWS\System32\drivers\urscx01000.sys 53F1DA2D92D1D8CE4BB9D33E58D7DF01
C:\WINDOWS\System32\drivers\urssynopsys.sys 09518A324B95BBC0B472BD5A472CB916
C:\WINDOWS\System32\Drivers\usbaapl64.sys F957092C63CD71D85903CA0D8370F473
C:\WINDOWS\system32\drivers\usbaudio.sys C7AD46F101A681B0F4D7F15534A5FF04
C:\WINDOWS\System32\drivers\usbccgp.sys B7211393225AB05324C52BA47B31FEB4
C:\WINDOWS\System32\drivers\usbcir.sys 250D21958EE5F45CD13FE6BE3788EE70
C:\WINDOWS\System32\drivers\usbehci.sys 4269DE1EB8029D55B3BB3A8A330FCF90
C:\WINDOWS\System32\drivers\usbhub.sys D67AABAE0C9EBAC9BBA2E20E0AF52EF1
C:\WINDOWS\System32\drivers\UsbHub3.sys D1F6348F41DFCE25AA918E38F02E80FD
C:\WINDOWS\System32\drivers\usbohci.sys A547E7B1B3FB2228259AA85AC7E82698
C:\WINDOWS\System32\drivers\usbprint.sys 692C0BA4109C8F78392A299369F51129
C:\WINDOWS\system32\DRIVERS\usbscan.sys 555DE99E30E6A6EF37137F8325B30068
C:\WINDOWS\System32\drivers\usbser.sys 45A9E57185B79420EFEA5A4AED655809
C:\WINDOWS\System32\drivers\USBSTOR.SYS CEF7527514EC49EBE0C760D784643EF0
C:\WINDOWS\System32\drivers\usbuhci.sys A4124036C4FD2B94C6157C4588EEB4E3
C:\WINDOWS\System32\drivers\USBXHCI.SYS 9F4CCFCD4B4C6008C940510E43D54AEC
C:\WINDOWS\System32\drivers\vdrvroot.sys 8DCB7E5A9497C030484E5AD9E541B85C
C:\WINDOWS\System32\drivers\VerifierExt.sys 5C25C1A89650C95D15F7988D71487B08
C:\WINDOWS\System32\drivers\vhdmp.sys E8E5F722A699EF037891D735CB588F8D
C:\WINDOWS\System32\drivers\vhf.sys 209A34F4BE17B0A56328C86F8CCC5577
C:\WINDOWS\System32\drivers\vmbus.sys 44F4ED5D8FC0CFA7C3755D44C575D994
C:\WINDOWS\System32\drivers\VMBusHID.sys E2D57FB1A62F0BB7F70570806A09CE2B
C:\WINDOWS\System32\drivers\vmgid.sys C9F69EBA06A703CE726CC6FC0AEFB5E9
C:\WINDOWS\System32\drivers\volmgr.sys 708410755721F94FC8939673893C2E2B
C:\WINDOWS\System32\drivers\volmgrx.sys 1514506CA7462A64DC38C48108DDBB45
C:\WINDOWS\System32\drivers\volsnap.sys F0EE4E6028CCA58BEA9A04E7BEAB7DB4
C:\WINDOWS\System32\drivers\volume.sys 77FD1607F2C371ABD241EC7699C58884
C:\WINDOWS\System32\drivers\vpci.sys CB90DACF9194DD9D60A2C1DBFBC1E0D1
C:\WINDOWS\System32\drivers\vsmraid.sys ED0B3436E1DE601C6C8EB86789AC8BAB
C:\WINDOWS\System32\drivers\vstxraid.sys 3D706FBED35DF3B17809C6714F31F9B0
C:\WINDOWS\System32\drivers\vwifibus.sys 0B11DBB8173AD374D67893D54EBEE9F3
C:\WINDOWS\System32\drivers\vwififlt.sys 95540F74893235C189409C98643D7A77
C:\WINDOWS\System32\drivers\vwifimp.sys 60A14582772A4DF0D0BE27B3F873BE6B
C:\WINDOWS\System32\drivers\wacompen.sys 87A01F65BD16C9FCCDD1B65F56CB93B0
C:\WINDOWS\System32\DRIVERS\wanarp.sys 85E187443F68F285DB78BD2279AE3701
C:\WINDOWS\System32\DRIVERS\wanarp.sys 85E187443F68F285DB78BD2279AE3701
C:\WINDOWS\system32\drivers\wcifs.sys 8A304D6CDC067922448CBA1EBB9FFCA8
C:\WINDOWS\system32\drivers\wcnfs.sys FCA1B5465213EF4DE373A1F7E76D260E
C:\WINDOWS\System32\drivers\wd\WdBoot.sys CD8A7398D8E0710CD3AA316A4427C56B
C:\WINDOWS\System32\drivers\Wdf01000.sys 152926023B401D1F5F8852929572F5C3
C:\WINDOWS\System32\drivers\wd\WdFilter.sys 58B452788C0051C6C6E62F188EFEE438
C:\WINDOWS\System32\DRIVERS\wdiwifi.sys 5DDA2C4B9AAED51E73DD6D580406F07A
C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys EAF4FB729E94561EE31BDE5BEF869C65
C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys 65081A53DB730D2347AD66AF7187795A
C:\WINDOWS\System32\drivers\wfplwfs.sys EB0B154F12F78DE232F38EF61BCDEEA2
C:\WINDOWS\System32\drivers\wimmount.sys 3AE28A996C9EB8A6F2AC12BC55035126
C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys 2BB82BABE32D41F430D290239ABC0E87
C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys 5F0EDDA201630E132C2251BC9DA85023
C:\WINDOWS\System32\drivers\winmad.sys 762D8D839C44C5A0BE0449AA84034522
C:\WINDOWS\System32\drivers\winnat.sys 48194110C410B335AC985D9194275A1C
C:\WINDOWS\System32\drivers\WinUSB.SYS 6FA3D810FE082001B16ADE19829F1E8E
C:\WINDOWS\System32\drivers\winverbs.sys D2D6DB37E06608A5AF5B68D8E677B219
C:\WINDOWS\System32\drivers\wmiacpi.sys EAEF2A087812BB7110C744446AB731D5
C:\Windows\System32\Drivers\Wof.sys E122AD60BF4D7E4B28CCBABF33B28C1F
C:\WINDOWS\System32\drivers\WpdUpFltr.sys 15C1131EA0216F799C86B03EDAE0BE45
C:\WINDOWS\system32\drivers\ws2ifsl.sys C1C2E769FCD3B00A59FF876FB2AD4336
C:\WINDOWS\System32\drivers\WudfPf.sys 813DC18CC654CFB1875074139B0FEFD3
C:\WINDOWS\System32\drivers\WudfRd.sys FB64BAD6DEDB27EA39B03685AC0A8EB4
C:\WINDOWS\system32\DRIVERS\WUDFRd.sys FB64BAD6DEDB27EA39B03685AC0A8EB4
C:\WINDOWS\system32\DRIVERS\WUDFRd.sys FB64BAD6DEDB27EA39B03685AC0A8EB4
C:\WINDOWS\System32\drivers\xboxgip.sys 93352403D9E6B71C275996690672488F
C:\WINDOWS\System32\drivers\xinputhid.sys CE1F78B5C1F14F74242008B2B3153FA2
C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys 3C68ADDE2437FB45CFE71FD8C33C4919

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2018-07-15 00:20 - 2018-07-15 00:22 - 000043435 _____ C:\Users\User\Downloads\FRST.txt
2018-07-15 00:20 - 2018-07-15 00:20 - 000000000 ____D C:\FRST
2018-07-15 00:19 - 2018-07-15 00:19 - 002412544 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2018-07-15 00:15 - 2018-07-15 00:15 - 005659639 _____ (Swearware) C:\Users\User\Downloads\ComboFix.exe
2018-07-14 15:16 - 2018-07-14 15:16 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\7375D188.sys
2018-07-14 14:53 - 2018-07-14 15:37 - 000000000 ____D C:\Users\User\Desktop\mbar
2018-07-14 14:53 - 2018-07-14 15:37 - 000000000 ____D C:\Users\Todos os Usuários\Malwarebytes' Anti-Malware (portable)
2018-07-14 14:53 - 2018-07-14 15:37 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-07-14 14:53 - 2018-07-14 15:16 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2018-07-14 14:53 - 2018-07-14 14:53 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\592353CA.sys
2018-07-14 14:46 - 2018-07-14 14:46 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2018-07-14 14:22 - 2018-07-14 14:22 - 014178840 _____ (Malwarebytes Corp.) C:\Users\User\Downloads\mbar-1.10.3.1001.exe
2018-07-14 13:56 - 2018-07-14 13:56 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2018-07-14 13:55 - 2018-07-14 13:55 - 000000000 ____D C:\Users\Todos os Usuários\RogueKiller
2018-07-14 13:55 - 2018-07-14 13:55 - 000000000 ____D C:\ProgramData\RogueKiller
2018-07-14 13:46 - 2018-07-14 13:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-07-14 13:38 - 2018-07-14 13:41 - 027086392 _____ (Adlice Software) C:\Users\User\Downloads\RogueKiller_portable64.exe
2018-07-14 12:44 - 2018-07-14 12:47 - 000000000 ____D C:\Users\Public\Desktop\CC Support
2018-07-14 12:27 - 2018-07-14 12:27 - 000000540 _____ C:\Users\User\Desktop\JRT.txt
2018-07-14 08:45 - 2018-07-03 13:17 - 000000000 ____D C:\Users\User\Downloads\tron
2018-07-14 07:56 - 2018-07-14 08:42 - 640897293 _____ (Igor Pavlov) C:\Users\User\Downloads\Tron v10.5.2 (2018-07-04).exe
2018-07-14 05:15 - 2018-07-14 05:15 - 000000000 ____D C:\WINDOWS\system32\MpEngineStore
2018-07-13 23:38 - 2018-07-13 23:38 - 000000000 ____D C:\Users\User\AppData\Local\CrashReportClient
2018-07-13 23:37 - 2018-07-13 23:37 - 000000000 ___HD C:\Users\Public\Shared Files
2018-07-13 10:33 - 2018-07-13 13:16 - 2911075058 _____ C:\Users\User\Downloads\iPhone_4.7_P3_11.0_11.3.1_15E302_Restore.ipsw
2018-07-13 02:55 - 2018-07-13 02:55 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2018-07-13 02:49 - 2018-07-13 02:57 - 000000000 ____D C:\Users\User\AppData\Roaming\Apple Computer
2018-07-13 02:49 - 2018-07-13 02:49 - 000000000 ____D C:\Users\User\AppData\Local\Apple Computer
2018-07-13 02:48 - 2018-07-13 02:48 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2018-07-13 02:48 - 2018-07-13 02:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-07-13 02:48 - 2018-07-13 02:48 - 000000000 ____D C:\Program Files\iPod
2018-07-13 02:47 - 2018-07-13 02:48 - 000000000 ____D C:\Program Files\iTunes
2018-07-13 02:47 - 2018-07-13 02:47 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2018-07-13 02:47 - 2018-07-13 02:47 - 000000000 ____D C:\Users\User\AppData\Local\Apple
2018-07-13 02:47 - 2018-07-13 02:47 - 000000000 ____D C:\Users\Todos os Usuários\Apple Computer
2018-07-13 02:47 - 2018-07-13 02:47 - 000000000 ____D C:\ProgramData\Apple Computer
2018-07-13 02:47 - 2018-07-13 02:47 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2018-07-13 02:46 - 2018-07-13 02:46 - 000000000 ____D C:\Program Files\Bonjour
2018-07-13 02:46 - 2018-07-13 02:46 - 000000000 ____D C:\Program Files (x86)\Bonjour
2018-07-13 02:45 - 2018-07-13 02:47 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-07-12 23:41 - 2018-07-12 23:41 - 000000000 ____D C:\Users\User\AppData\LocalLow\noio
2018-07-12 23:11 - 2018-07-14 15:43 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-07-12 23:11 - 2018-07-12 23:11 - 000000222 _____ C:\Users\User\Desktop\Kingdom Classic.url
2018-07-12 22:03 - 2018-07-12 22:03 - 000002461 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-07-12 22:03 - 2018-07-12 22:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office
2018-07-09 16:16 - 2018-07-10 11:55 - 000000000 ____D C:\Users\User\Documents\page metro sp
2018-07-08 20:38 - 2018-07-08 21:07 - 1446241276 _____ C:\Users\User\Downloads\PUBG MOBILE_v0.6.0_apkpure.com_2.xapk
2018-07-08 20:22 - 2018-07-08 21:10 - 000000000 ____D C:\Users\User\.android
2018-07-08 20:22 - 2018-07-08 20:22 - 000000066 _____ C:\Users\User\inittk.ini
2018-07-08 20:22 - 2018-07-08 20:22 - 000000045 _____ C:\Users\User\nuuid.ini
2018-07-08 20:22 - 2018-07-08 20:22 - 000000041 _____ C:\Users\User\inst.ini
2018-07-08 20:22 - 2018-07-08 20:22 - 000000000 ____D C:\Users\User\Nox_share
2018-07-08 20:21 - 2018-07-08 21:10 - 000000000 ____D C:\Users\User\vmlogs
2018-07-08 20:21 - 2018-07-08 21:10 - 000000000 ____D C:\Users\User\.BigNox
2018-07-08 20:21 - 2018-07-08 20:21 - 000001121 _____ C:\Users\User\Desktop\Multi-Drive.lnk
2018-07-08 20:21 - 2018-07-08 20:21 - 000001040 _____ C:\Users\User\Desktop\Nox.lnk
2018-07-08 20:21 - 2018-07-08 20:21 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Nox
2018-07-08 20:21 - 2018-07-08 20:21 - 000000000 ____D C:\Program Files (x86)\Bignox
2018-07-08 20:20 - 2018-07-08 22:35 - 000000000 ____D C:\Users\User\AppData\Local\Nox
2018-07-08 20:20 - 2018-07-08 20:20 - 000000000 ____D C:\Program Files (x86)\Nox
2018-07-08 20:15 - 2018-07-08 20:15 - 000000000 ____D C:\Users\User\AppData\Local\Bluestacks
2018-07-08 15:46 - 2018-07-15 00:15 - 000274180 _____ C:\WINDOWS\ntbtlog.txt
2018-07-08 15:46 - 2018-07-15 00:14 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-07-08 15:36 - 2018-07-08 19:33 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
2018-07-08 06:56 - 2018-07-08 06:58 - 000000000 ____D C:\Users\Todos os Usuários\Packages
2018-07-08 06:56 - 2018-07-08 06:58 - 000000000 ____D C:\ProgramData\Packages
2018-07-08 06:42 - 2018-07-08 06:42 - 000000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2018-07-08 06:42 - 2018-07-08 06:42 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-07-08 06:38 - 2018-07-08 06:38 - 000000020 ___SH C:\Users\User\ntuser.ini
2018-07-08 06:37 - 2018-07-15 00:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-07-08 06:37 - 2018-07-08 06:38 - 000003576 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-07-08 06:37 - 2018-07-08 06:38 - 000002920 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3482450098-3671538303-3377208914-1001
2018-07-08 06:37 - 2018-07-08 06:38 - 000002540 _____ C:\WINDOWS\System32\Tasks\AutoPico Daily Restart
2018-07-08 06:37 - 2018-07-08 06:37 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2018-07-08 06:37 - 2018-07-08 06:37 - 000007623 _____ C:\WINDOWS\diagerr.xml
2018-07-08 06:37 - 2018-07-08 06:37 - 000003352 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-07-08 06:37 - 2018-07-08 06:37 - 000002720 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-DELL-User
2018-07-08 06:37 - 2018-07-08 06:37 - 000000000 ____D C:\WINDOWS\System32\Tasks\[email protected]
2018-07-08 06:31 - 2018-07-15 00:19 - 001737602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-07-08 06:29 - 2018-07-08 06:29 - 000022956 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-07-08 06:21 - 2018-07-08 06:21 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-07-08 06:19 - 2018-07-08 06:20 - 000000000 ____D C:\Users\User\AppData\Roaming\Mozilla
2018-07-08 06:19 - 2018-07-08 06:19 - 000000000 _SHDL C:\Users\User\Modelos
2018-07-08 06:19 - 2018-07-08 06:19 - 000000000 _SHDL C:\Users\User\Meus Documentos
2018-07-08 06:19 - 2018-07-08 06:19 - 000000000 _SHDL C:\Users\User\Menu Iniciar
2018-07-08 06:19 - 2018-07-08 06:19 - 000000000 _SHDL C:\Users\User\Documents\Minhas Músicas
2018-07-08 06:19 - 2018-07-08 06:19 - 000000000 _SHDL C:\Users\User\Documents\Minhas Imagens
2018-07-08 06:19 - 2018-07-08 06:19 - 000000000 _SHDL C:\Users\User\Documents\Meus Vídeos
2018-07-08 06:19 - 2018-07-08 06:19 - 000000000 _SHDL C:\Users\User\Dados de Aplicativos
2018-07-08 06:19 - 2018-07-08 06:19 - 000000000 _SHDL C:\Users\User\Configurações Locais
2018-07-08 06:19 - 2018-07-08 06:19 - 000000000 _SHDL C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2018-07-08 06:19 - 2018-07-08 06:19 - 000000000 _SHDL C:\Users\User\AppData\Local\Histórico
2018-07-08 06:19 - 2018-07-08 06:19 - 000000000 _SHDL C:\Users\User\AppData\Local\Dados de Aplicativos
2018-07-08 06:19 - 2018-07-08 06:19 - 000000000 _SHDL C:\Users\User\Ambiente de Rede
2018-07-08 06:19 - 2018-07-08 06:19 - 000000000 _SHDL C:\Users\User\Ambiente de Impressão
2018-07-08 06:19 - 2018-07-08 06:19 - 000000000 ____D C:\Users\Todos os Usuários\USOShared
2018-07-08 06:19 - 2018-07-08 06:19 - 000000000 ____D C:\ProgramData\USOShared
2018-07-08 06:19 - 2018-04-20 10:12 - 000000000 ____D C:\Users\User\AppData\Local\Trusteer
2018-07-08 06:19 - 2018-04-11 20:34 - 000001105 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-07-08 06:19 - 2018-04-11 20:33 - 002752000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-07-08 06:18 - 2018-07-13 23:37 - 000000000 ____D C:\Intel
2018-07-08 06:18 - 2017-03-13 23:20 - 000112656 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2018-07-08 06:18 - 2017-03-13 23:20 - 000108560 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2018-07-08 06:16 - 2018-07-14 14:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-07-08 06:16 - 2018-07-08 06:24 - 000401120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-07-08 06:11 - 2018-07-08 06:15 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-07-08 06:09 - 2018-07-08 06:11 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-07-08 06:09 - 2018-07-08 06:09 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-07-08 06:07 - 2018-07-08 06:07 - 025847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 022714368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 022003712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 021388856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 019403264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 013873152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 013570560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 011901952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 009147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 008623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 007900984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 007581696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 007436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 006817872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 006661120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 006572000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 006528600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 006043600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 005951488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 005821544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 005780992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 004970360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 004788504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 004561920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 004527680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 004469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 004403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 004392448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 004371456 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 004333568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 004070400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 003999232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 003733320 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 003712512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 003640832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 003492864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 003444224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 003441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 003348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 003296896 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 003293696 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 003283408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 003180176 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 003086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002962944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002922496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002903040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002895872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 002841312 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002830240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 002789376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002753040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002718624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 002699776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002590400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2018-07-08 06:07 - 2018-07-08 06:07 - 002583552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002570712 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002563960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002548736 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 002546592 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002486992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002479272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002422688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 002417840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002401280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-07-08 06:07 - 2018-07-08 06:07 - 002371392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002367488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002331576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002307336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2018-07-08 06:07 - 2018-07-08 06:07 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002242208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 002206528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2018-07-08 06:07 - 2018-07-08 06:07 - 002178136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002172416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002163184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-07-08 06:07 - 2018-07-08 06:07 - 002062488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002061824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002051072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 002015744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-07-08 06:07 - 2018-07-08 06:07 - 001988072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001981384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001953280 _____ C:\WINDOWS\system32\rdpnano.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001946752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001945784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001934400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001921944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 001855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001825792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001805752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001798552 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001792808 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001784584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001742272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001710240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001676800 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001675264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001665920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001665024 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001659904 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001659296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001649760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001634808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001632256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001620872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001613200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001584128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001581568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001565592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdt.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001508352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdt.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 001490144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001462824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001462784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001457128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-07-08 06:07 - 2018-07-08 06:07 - 001456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001454024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001426328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001397192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001380192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001376576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001364184 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001363632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001360384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001342976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001318400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001308672 _____ C:\WINDOWS\system32\FaceProcessor.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001299056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 001288840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001271296 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001251736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001242112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001213368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 001210880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001209800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001192448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001190152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001175056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001174424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001150408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001145696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001144120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001140568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-07-08 06:07 - 2018-07-08 06:07 - 001129640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001114112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001112600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001097640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001077504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001069056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 001063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-07-08 06:07 - 2018-07-08 06:07 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 001046944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001034632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 001034096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 001026896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001020160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001018616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001017088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001017080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 001012408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001011968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000999936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000992768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000988128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000983008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000978432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000976384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000950272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2018-07-08 06:07 - 2018-07-08 06:07 - 000945568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000941056 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000917408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2018-07-08 06:07 - 2018-07-08 06:07 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000906752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.PhoneNumberFormatting.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000898760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000885848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000880152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2018-07-08 06:07 - 2018-07-08 06:07 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000861616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000861096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000857088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2018-07-08 06:07 - 2018-07-08 06:07 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000811520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000808960 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2018-07-08 06:07 - 2018-07-08 06:07 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000792984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000788216 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000786176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-07-08 06:07 - 2018-07-08 06:07 - 000776880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000770152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000761440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000759192 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000753152 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000748512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000735560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000722808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000719552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000717208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000713376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000709848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000705440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-07-08 06:07 - 2018-07-08 06:07 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000678840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000665320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000661160 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000661152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000659096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000653208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000642088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs4.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000613144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000611232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000607648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000606448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000594128 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs3.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-07-08 06:07 - 2018-07-08 06:07 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000568720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000567176 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000567144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000565152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-07-08 06:07 - 2018-07-08 06:07 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000562080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000560488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000553248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000550608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000542888 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000541600 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000527264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000510904 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000506184 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000500552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000491304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000482472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs2.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000473496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000472136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000457152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs1.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000444240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000434584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000433560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000416144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000413816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000413080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000382872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000375712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000356960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000348256 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000347704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000338352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000326024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000324000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000313592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000308408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000286200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000281080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000269248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000266656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000247984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2018-07-08 06:07 - 2018-07-08 06:07 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win81.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000232488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2018-07-08 06:07 - 2018-07-08 06:07 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000228768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000226720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ucx01000.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2018-07-08 06:07 - 2018-07-08 06:07 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VideoHandlers.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000170904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000164768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Analog.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManagerAPI.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win8rtm.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000134560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000131232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000130456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000129192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000118872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000116632 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppHostRegistrationVerifier.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000105376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000105368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000101288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000094104 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000089984 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000088472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayUtil.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000083360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000077040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000072768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000064648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LanguageOverlayUtil.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000057960 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000050208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000048544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidparse.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSHEIF.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\DsmUserTask.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000029600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2018-07-08 06:07 - 2018-07-08 06:07 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2018-07-08 06:07 - 2018-07-08 06:07 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSHEIF.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandlerPS.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000018716 _____ C:\WINDOWS\SysWOW64\srms-apr.dat
2018-07-08 06:07 - 2018-07-08 06:07 - 000018716 _____ C:\WINDOWS\system32\srms-apr.dat
2018-07-08 06:07 - 2018-07-08 06:07 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-07-08 06:07 - 2018-07-08 06:07 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-07-08 06:00 - 2018-07-08 06:00 - 004492288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-07-08 06:00 - 2018-07-08 06:00 - 003398144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-07-08 06:00 - 2018-07-08 06:00 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2018-07-08 06:00 - 2018-07-08 06:00 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2018-07-08 06:00 - 2018-07-08 06:00 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2018-07-08 06:00 - 2018-07-08 06:00 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2018-07-08 06:00 - 2018-07-08 06:00 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2018-07-08 06:00 - 2018-07-08 06:00 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2018-07-08 06:00 - 2018-07-08 06:00 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2018-07-08 06:00 - 2018-07-08 06:00 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-07-08 06:00 - 2018-07-08 06:00 - 000000000 ____D C:\Program Files\MSBuild
2018-07-08 06:00 - 2018-07-08 06:00 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-07-08 06:00 - 2018-07-08 06:00 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-07-08 05:59 - 2018-07-08 05:59 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-07-08 05:59 - 2018-07-08 05:59 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-07-08 05:59 - 2018-07-08 05:59 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-07-08 05:59 - 2018-07-08 05:59 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-07-08 05:59 - 2018-07-08 05:59 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-07-08 05:59 - 2018-07-08 05:59 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-07-08 05:56 - 2018-07-08 05:56 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2018-07-08 05:56 - 2018-07-08 05:56 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2018-07-08 05:56 - 2018-07-08 05:56 - 000058524 _____ C:\WINDOWS\system32\srms.dat
2018-07-07 18:49 - 2018-07-07 19:52 - 000000000 ____D C:\Users\User\Downloads\Franc_
2018-07-07 16:33 - 2018-07-07 16:37 - 000207992 _____ C:\Users\User\Downloads\[bleep].bmp
2018-07-06 02:05 - 2018-07-06 17:34 - 000001171 _____ C:\Users\User\Desktop\PC Novo.txt
2018-07-05 21:34 - 2018-07-08 15:59 - 000000286 __RSH C:\Users\Todos os Usuários\ntuser.pol
2018-07-05 21:34 - 2018-07-08 15:59 - 000000286 __RSH C:\ProgramData\ntuser.pol
2018-07-05 02:39 - 2018-07-05 03:07 - 000000000 ____D C:\Users\User\Desktop\fts
2018-07-03 01:52 - 2018-06-08 14:09 - 000130808 _____ (Microsoft Corporation) C:\WINDOWS\system32\osrss.dll
2018-07-02 17:12 - 2018-07-08 20:28 - 000000000 ____D C:\Users\User\AppData\Roaming\vlc
2018-07-02 16:00 - 2018-07-02 16:14 - 000000000 ____D C:\Users\User\Downloads\Udemy - Photoshop CC Full Course
2018-07-02 14:45 - 2018-07-14 23:59 - 000000000 ____D C:\Users\User\AppData\Roaming\DMCache
2018-07-02 14:45 - 2018-07-08 20:29 - 000000000 ____D C:\Users\User\AppData\Roaming\IDM
2018-07-02 14:45 - 2018-07-08 06:23 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2018-07-02 14:45 - 2018-07-08 06:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2018-07-02 14:45 - 2018-07-02 15:54 - 000000000 ____D C:\Users\User\Downloads\Compressed
2018-07-02 14:45 - 2018-07-02 14:46 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2018-07-02 14:45 - 2018-07-02 14:45 - 000001082 _____ C:\Users\User\Desktop\Internet Download Manager.lnk
2018-07-02 14:45 - 2018-07-02 14:45 - 000000000 ____D C:\Users\User\Downloads\Video
2018-07-02 14:45 - 2018-07-02 14:45 - 000000000 ____D C:\Users\Todos os Usuários\IDM
2018-07-02 14:45 - 2018-07-02 14:45 - 000000000 ____D C:\ProgramData\IDM
2018-07-02 14:44 - 2018-07-02 14:45 - 007337584 _____ (Tonec Inc.) C:\Users\User\Downloads\idman631build2f.exe
2018-07-02 14:44 - 2018-07-02 14:44 - 000047354 _____ C:\Users\User\Downloads\IDM_6.2x_Crack_v16.1-Ali.Dbg.rar
2018-07-02 04:40 - 2018-07-02 07:10 - 000000000 ____D C:\Users\User\Downloads\Phlearn Pro - Lightroom 101 _ 201
2018-07-02 04:38 - 2018-07-02 04:40 - 000000000 ____D C:\Users\User\Downloads\Technics Publications - Adobe Photoshop Lightroom Fundamentals
2018-07-02 03:42 - 2018-07-02 03:43 - 000000000 ____D C:\Users\User\Desktop\Adobe Pack
2018-07-02 03:28 - 2018-07-02 03:28 - 000001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2018.lnk
2018-07-02 03:19 - 2018-07-02 03:19 - 000001151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2018.lnk
2018-07-02 03:19 - 2018-07-02 03:19 - 000000000 ____D C:\Users\Public\Documents\Adobe
2018-07-02 03:11 - 2018-07-02 03:11 - 000000000 ____D C:\Users\User\Downloads\AMTEmu v.0.9.2 Windows
2018-07-02 03:10 - 2018-07-02 03:10 - 000000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecs
2018-07-02 03:09 - 2018-07-02 03:09 - 000001106 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic CC.lnk
2018-07-02 03:00 - 2018-07-02 22:01 - 000000000 ____D C:\Users\User\Documents\Adobe
2018-07-02 03:00 - 2018-07-02 03:00 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2018.lnk
2018-07-02 02:49 - 2018-07-02 03:19 - 000000000 ____D C:\Program Files\Common Files\Adobe
2018-07-02 02:47 - 2018-07-02 03:28 - 000000000 ____D C:\Program Files\Adobe
2018-07-02 02:46 - 2018-07-02 02:46 - 000000000 ___RD C:\Users\User\Creative Cloud Files
2018-07-02 02:42 - 2018-07-02 02:42 - 000001302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2018-07-02 02:14 - 2018-07-02 02:14 - 002029144 _____ (Adobe Systems Incorporated) C:\Users\User\Downloads\Creative_Cloud_Set-Up.exe
2018-07-02 01:58 - 2018-07-02 01:59 - 070280357 _____ C:\Users\User\Downloads\mt_pw_free_x_64bit.zip
2018-07-02 01:42 - 2018-07-02 01:42 - 000030664 _____ C:\Users\User\Downloads\po di sangui.rar
2018-07-02 01:41 - 2018-07-02 02:21 - 000000036 _____ C:\Users\User\Desktop\mvs.txt
2018-07-02 01:38 - 2018-07-08 06:23 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome
2018-06-30 16:15 - 2018-07-08 06:38 - 000000000 ___DC C:\WINDOWS\Panther
2018-06-30 15:53 - 2018-06-30 15:53 - 000000000 ____D C:\WINDOWS\SystemAppsBAckup
2018-06-25 16:28 - 2018-03-01 11:36 - 000226032 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys
2018-06-24 23:05 - 2018-06-24 23:05 - 000000000 ____D C:\Users\User\Desktop\MiniTool Partition Wizard 10
2018-06-24 23:05 - 2017-03-23 09:04 - 003547136 _____ C:\WINDOWS\system32\pwNative.exe
2018-06-24 23:05 - 2013-09-30 15:26 - 000019152 _____ C:\WINDOWS\system32\pwdrvio.sys
2018-06-24 23:05 - 2013-09-30 15:26 - 000012504 _____ C:\WINDOWS\system32\pwdspio.sys
2018-06-12 22:51 - 2018-06-13 00:05 - 000000000 ____D C:\Users\User\Downloads\BOURDIEU
2018-06-03 17:18 - 2018-07-13 22:11 - 000000000 ____D C:\Users\User\AppData\Roaming\Spotify
2018-06-03 17:18 - 2018-07-13 22:11 - 000000000 ____D C:\Users\User\AppData\Local\Spotify
2018-06-03 17:18 - 2018-06-03 17:18 - 000727536 _____ (Spotify Ltd) C:\Users\User\Downloads\SpotifySetup.exe
2018-06-03 17:18 - 2018-06-03 17:18 - 000001845 _____ C:\Users\User\Desktop\Spotify.lnk
2018-06-03 17:18 - 2018-06-03 17:18 - 000001831 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2018-06-03 12:54 - 2018-06-03 12:54 - 000000907 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2018-06-03 12:54 - 2018-06-03 12:54 - 000000859 _____ C:\Users\User\Desktop\Start Tor Browser.lnk
2018-06-03 12:53 - 2018-06-03 12:54 - 000000000 ____D C:\Users\User\Desktop\Tor Browser
2018-06-03 12:50 - 2018-06-03 12:50 - 053793728 _____ C:\Users\User\Downloads\torbrowser-install-7.5.4_en-US.exe
2018-06-03 12:36 - 2018-07-08 06:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2018-06-03 12:36 - 2018-06-03 12:36 - 000000000 ____D C:\Program Files\qBittorrent
2018-06-03 12:34 - 2018-06-03 12:34 - 023043847 _____ (The qBittorrent project) C:\Users\User\Downloads\qbittorrent_4.1.1_x64_setup.exe
2018-05-13 23:15 - 2018-05-13 23:22 - 000000000 ____D C:\Users\User\Downloads\Mobile Suit Gundam AGE Dual Audio AVC 720p Part II
2018-05-13 21:26 - 2018-05-13 21:28 - 000000000 ____D C:\Users\User\Downloads\Skarknado.Film 1-5.720p.X265.AAC-PTSd
2018-05-13 21:25 - 2018-05-13 21:25 - 000000000 ____D C:\Users\User\Downloads\The.Man.Who.Would.Be.King.1975.1080p.BluRay.x264-CiNEFiLE
2018-05-12 09:49 - 2018-05-12 10:47 - 000000000 ____D C:\Users\User\Downloads\MutzNutz Music Pack 57 2018
2018-05-12 09:48 - 2018-05-12 09:48 - 000000000 ____D C:\Users\User\Downloads\Top 40 ITunes UK Albums Chart Wednesday 9th May 2018
2018-05-10 23:34 - 2018-05-11 00:34 - 000000000 ____D C:\Users\User\Downloads\MutzNutz Music Pack 56 2018
2018-05-10 11:14 - 2018-05-10 11:14 - 018732774 _____ (The qBittorrent project) C:\Users\User\Downloads\qbittorrent_4.1.0_x64_setup.exe
2018-05-09 02:10 - 2018-05-09 02:10 - 000000000 _____ C:\WINDOWS\EEventManager.INI
2018-05-08 22:37 - 2018-05-08 22:37 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2018-05-08 22:06 - 2018-05-08 22:06 - 000000000 ____D C:\CPY_SAVES
2018-05-08 22:04 - 2018-07-06 17:06 - 000000000 ____D C:\Users\User\Documents\Smart PC Utilities
2018-05-08 22:04 - 2018-07-06 17:06 - 000000000 ____D C:\Program Files\Smart PC Utilities
2018-05-08 22:04 - 2018-05-08 22:04 - 000000000 ____D C:\Program Files (x86)\Contig
2018-05-08 22:02 - 2018-05-08 22:02 - 009340728 _____ (Smart PC Utilities) C:\Users\User\Downloads\gamefire.exe
2018-05-08 21:45 - 2018-07-14 15:18 - 000007595 _____ C:\Users\User\AppData\Local\Resmon.ResmonCfg
2018-05-08 21:31 - 2018-05-08 21:31 - 000000000 ____D C:\Users\User\Documents\My Games
2018-05-08 21:31 - 2018-05-08 21:31 - 000000000 ____D C:\Users\User\Documents\CPY_SAVES
2018-05-08 21:29 - 2018-07-08 06:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry 5
2018-05-08 21:29 - 2018-05-08 21:29 - 000001266 _____ C:\Users\Public\Desktop\Far Cry 5.lnk
2018-05-08 21:14 - 2018-05-08 21:28 - 000000000 ____D C:\Program Files (x86)\Far Cry 5
2018-05-08 18:25 - 2018-05-08 19:36 - 000000000 ____D C:\Users\User\AppData\Roaming\PhotoFiltre Studio X
2018-05-08 18:25 - 2018-05-08 18:25 - 000000000 ____D C:\Users\User\Desktop\PhotoFiltre Studio X
2018-05-08 18:24 - 2018-05-08 18:25 - 011557486 _____ C:\Users\User\Downloads\pfsx-en-10.12.1.zip
2018-05-08 18:16 - 2018-05-08 18:21 - 000000000 ____D C:\Users\User\Desktop\caveira
2018-05-08 00:27 - 2018-03-30 00:28 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-05-07 23:35 - 2018-07-07 03:31 - 000000000 ____D C:\Users\User\Downloads\Far.Cry.5-CPY
2018-05-04 10:03 - 2018-05-04 10:03 - 006112072 _____ (Apple, Inc.) C:\WINDOWS\system32\usbaaplrc.dll
2018-05-04 10:03 - 2018-05-04 10:03 - 000054784 _____ (Apple, Inc.) C:\WINDOWS\system32\Drivers\usbaapl64.sys
2018-04-23 09:28 - 2018-04-23 09:31 - 000000000 ____D C:\AdwCleaner
2018-04-23 03:07 - 2018-04-23 03:07 - 000000000 ____D C:\Users\Todos os Usuários\Sophos
2018-04-23 03:07 - 2018-04-23 03:07 - 000000000 ____D C:\ProgramData\Sophos
2018-04-23 00:14 - 2018-04-23 00:14 - 000000000 ____D C:\Users\User\AppData\Roaming\Macromedia
2018-04-23 00:11 - 2018-02-14 04:43 - 000181904 _____ (Ray Hinchliffe) C:\WINDOWS\system32\Drivers\SIVX64.sys
2018-04-23 00:09 - 2018-07-03 17:26 - 000000000 ____D C:\Users\User\Downloads\integrity_verification
2018-04-23 00:09 - 2018-04-23 09:31 - 000000000 ____D C:\Users\User\Desktop\tron
2018-04-22 23:54 - 2018-04-23 00:02 - 626886669 _____ (Igor Pavlov) C:\Users\User\Downloads\Tron v10.5.0 (2018-04-04).exe
2018-04-22 22:24 - 2018-06-30 15:38 - 000000000 ____D C:\Program Files\Common Files\AV
2018-04-22 22:23 - 2018-06-30 15:42 - 000000000 ____D C:\Users\Todos os Usuários\Kaspersky Lab
2018-04-22 22:23 - 2018-06-30 15:42 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-04-22 22:14 - 2018-04-22 22:15 - 000000000 ____D C:\Users\Todos os Usuários\Kaspersky Lab Setup Files
2018-04-22 22:14 - 2018-04-22 22:15 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-04-22 22:13 - 2018-04-22 22:14 - 002377776 _____ (Kaspersky Lab) C:\Users\User\Downloads\kfa18.0.0.405abpt_13157.exe
2018-04-20 10:13 - 2018-04-20 10:13 - 000000000 ____D C:\Users\Usuário Padrão\AppData\Roaming\Mozilla
2018-04-20 10:13 - 2018-04-20 10:13 - 000000000 ____D C:\Users\Default\AppData\Roaming\Mozilla
2018-04-20 10:13 - 2018-04-20 10:13 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Mozilla
2018-04-20 10:12 - 2018-04-20 10:12 - 000000000 ____D C:\Users\Usuário Padrão\AppData\Local\Trusteer
2018-04-20 10:12 - 2018-04-20 10:12 - 000000000 ____D C:\Users\Default\AppData\Local\Trusteer
2018-04-20 10:12 - 2018-04-20 10:12 - 000000000 ____D C:\Users\Default User\AppData\Local\Trusteer
2018-04-19 08:33 - 2018-04-19 08:33 - 000223604 _____ C:\Users\User\Downloads\03-18 Luz.pdf
2018-04-19 08:21 - 2018-04-19 08:21 - 000000000 ____H C:\Users\User\AppData\Local\BIT9561.tmp
2018-04-19 08:21 - 2018-04-19 08:21 - 000000000 _____ C:\Users\User\AppData\Local\{6D9B512E-5E7E-42D1-9968-BB57784DD353}

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2018-07-15 00:20 - 2018-03-02 15:45 - 000000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
2018-07-15 00:19 - 2018-04-12 13:41 - 000750582 _____ C:\WINDOWS\system32\prfh0416.dat
2018-07-15 00:19 - 2018-04-12 13:41 - 000147916 _____ C:\WINDOWS\system32\prfc0416.dat
2018-07-15 00:19 - 2018-04-11 20:36 - 000000000 ____D C:\WINDOWS\INF
2018-07-15 00:13 - 2018-04-11 18:04 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2018-07-15 00:12 - 2018-02-24 13:40 - 000000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics
2018-07-14 17:57 - 2018-03-02 16:25 - 000000000 ____D C:\Program Files (x86)\Steam
2018-07-14 17:44 - 2018-04-11 20:38 - 000000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2018-07-14 17:44 - 2018-04-11 20:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-07-14 17:14 - 2018-02-23 00:33 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-07-14 17:14 - 2018-02-23 00:33 - 000000000 __SHD C:\Users\User\IntelGraphicsProfiles
2018-07-14 14:57 - 2018-04-11 20:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-07-14 14:53 - 2018-03-02 16:08 - 000000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2018-07-14 14:53 - 2018-03-02 16:08 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-07-14 00:36 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-07-13 23:37 - 2018-04-11 20:38 - 000000000 __SHD C:\Users\Public\Libraries
2018-07-13 23:31 - 2018-04-02 09:45 - 000000000 ____D C:\Users\User\AppData\Local\UnrealEngine
2018-07-13 02:53 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-07-13 02:47 - 2018-03-02 15:44 - 000000000 ____D C:\Users\Todos os Usuários\Apple
2018-07-13 02:47 - 2018-03-02 15:44 - 000000000 ____D C:\ProgramData\Apple
2018-07-13 00:25 - 2018-03-02 15:43 - 000000000 ____D C:\Users\User\AppData\Roaming\qBittorrent
2018-07-12 22:05 - 2018-04-11 20:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-07-12 22:05 - 2018-02-25 09:37 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-07-12 22:03 - 2018-02-23 00:41 - 000002536 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2018-07-12 22:03 - 2018-02-23 00:41 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-07-12 22:03 - 2018-02-23 00:41 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-07-12 22:03 - 2018-02-23 00:41 - 000002474 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-07-12 22:03 - 2018-02-23 00:41 - 000002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-07-12 22:03 - 2018-02-23 00:41 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-07-12 22:03 - 2018-02-23 00:41 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-07-12 22:02 - 2018-02-25 09:37 - 134675576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-07-12 22:02 - 2018-02-23 00:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-07-12 21:54 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-07-09 14:44 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\appcompat
2018-07-08 20:21 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\Registration
2018-07-08 19:35 - 2018-04-02 09:44 - 000000000 ____D C:\Users\Todos os Usuários\Epic
2018-07-08 19:35 - 2018-04-02 09:44 - 000000000 ____D C:\ProgramData\Epic
2018-07-08 15:44 - 2018-02-23 00:52 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder
2018-07-08 08:39 - 2018-02-23 00:33 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2018-07-08 06:56 - 2018-04-11 20:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-07-08 06:40 - 2018-02-23 00:33 - 000000000 ____D C:\Users\User\AppData\Local\ConnectedDevicesPlatform
2018-07-08 06:39 - 2018-02-23 00:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-07-08 06:39 - 2018-02-23 00:33 - 000000000 ___RD C:\Users\User\3D Objects
2018-07-08 06:38 - 2018-04-11 20:38 - 000000000 ____D C:\Program Files\windows nt
2018-07-08 06:38 - 2018-04-11 18:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-07-08 06:37 - 2018-04-11 20:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-07-08 06:30 - 2018-04-11 20:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-07-08 06:27 - 2018-02-23 00:41 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-07-08 06:27 - 2018-02-23 00:41 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-07-08 06:23 - 2018-02-23 00:45 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-07-08 06:20 - 2018-03-02 15:43 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2018-07-08 06:19 - 2018-04-11 20:38 - 000000000 ____D C:\Users\Todos os Usuários\USOPrivate
2018-07-08 06:19 - 2018-04-11 20:38 - 000000000 ____D C:\ProgramData\USOPrivate
2018-07-08 06:18 - 2018-02-23 00:33 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2018-07-08 06:17 - 2018-02-23 00:36 - 000849474 _____ C:\WINDOWS\system32\Drivers\rtwavesskdy.dat
2018-07-08 06:17 - 2018-02-23 00:36 - 000192907 _____ C:\WINDOWS\system32\Drivers\RTWAVES40.dat
2018-07-08 06:17 - 2018-02-23 00:36 - 000031095 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat
2018-07-08 06:17 - 2018-02-23 00:36 - 000010945 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat
2018-07-08 06:17 - 2018-02-23 00:36 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-07-08 06:15 - 2018-04-11 20:41 - 000000000 ____D C:\WINDOWS\Setup
2018-07-08 06:15 - 2018-04-11 20:38 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-07-08 06:15 - 2018-04-11 20:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-07-08 06:15 - 2018-04-11 20:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-07-08 06:15 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-07-08 06:15 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\spool
2018-07-08 06:15 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-07-08 06:15 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-07-08 06:15 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-07-08 06:15 - 2018-04-11 20:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-07-08 06:15 - 2018-03-19 00:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
2018-07-08 06:15 - 2018-03-18 23:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2018-07-08 06:15 - 2018-03-18 20:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2018-07-08 06:15 - 2018-03-04 23:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2018-07-08 06:15 - 2018-03-02 16:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2018-07-08 06:15 - 2018-03-02 15:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-07-08 06:15 - 2018-03-02 15:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LonelyScreen
2018-07-08 06:15 - 2018-03-02 15:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-07-08 06:15 - 2018-02-23 00:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-07-08 06:15 - 2018-02-23 00:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016
2018-07-08 06:15 - 2017-09-29 10:46 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-07-08 06:15 - 2017-09-29 10:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-07-08 06:12 - 2018-02-23 00:36 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2018-07-08 06:11 - 2018-03-04 23:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2018-07-08 06:11 - 2018-02-24 16:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2018-07-08 06:11 - 2018-02-23 00:36 - 000000000 ____D C:\Program Files\Realtek
2018-07-08 06:11 - 2018-02-23 00:33 - 000000000 ____D C:\Program Files\Intel
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\te-IN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\or-IN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\km-KH
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\is-IS
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\id-ID
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\be-BY
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\as-IN
2018-07-08 06:08 - 2018-04-12 13:45 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2018-07-08 06:08 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-07-08 06:08 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2018-07-08 06:08 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-07-08 06:08 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-07-08 06:08 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-07-08 06:08 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\ta-in
2018-07-08 06:08 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-07-08 06:08 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\si-lk
2018-07-08 06:08 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\setup
2018-07-08 06:08 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-07-08 06:08 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\am-et
2018-07-08 06:08 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\Provisioning
2018-07-08 06:08 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-07-08 06:08 - 2018-04-11 20:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-07-08 06:08 - 2018-04-11 20:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-07-08 06:08 - 2018-04-11 18:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-07-08 06:00 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2018-07-08 06:00 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2018-07-08 06:00 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2018-07-08 06:00 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2018-07-08 06:00 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2018-07-08 06:00 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2018-07-08 06:00 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\MUI
2018-07-08 06:00 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2018-07-08 06:00 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2018-07-08 06:00 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\et-EE
2018-07-08 06:00 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\es-MX
2018-07-08 06:00 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\en-GB
2018-07-05 21:01 - 2018-03-02 15:45 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-07-05 21:01 - 2018-03-02 15:45 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-07-05 21:01 - 2018-03-02 15:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-07-05 02:29 - 2018-03-04 23:04 - 000000000 ____D C:\Users\User\AppData\Roaming\Epson
2018-07-02 22:01 - 2018-02-23 00:33 - 000000000 ____D C:\Users\User\AppData\Roaming\Adobe
2018-07-02 03:14 - 2018-02-23 00:51 - 000000000 ____D C:\Users\Todos os Usuários\Adobe
2018-07-02 03:14 - 2018-02-23 00:51 - 000000000 ____D C:\ProgramData\Adobe
2018-07-02 03:14 - 2018-02-23 00:49 - 000000000 ____D C:\Users\User\AppData\Local\Adobe
2018-07-02 02:46 - 2018-02-23 00:51 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-07-02 02:33 - 2018-04-02 09:46 - 000000000 ____D C:\Users\Todos os Usuários\Package Cache
2018-07-02 02:33 - 2018-04-02 09:46 - 000000000 ____D C:\ProgramData\Package Cache
2018-07-02 01:43 - 2018-03-01 23:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-06-30 15:59 - 2018-02-25 09:37 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-06-28 22:13 - 2018-04-11 20:41 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-06-28 22:13 - 2018-04-11 20:41 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-24 23:11 - 2018-02-23 00:36 - 000000000 ___RD C:\Users\User\OneDrive

==================== Arquivos na raiz de alguns diretórios =======

2018-04-19 08:21 - 2018-04-19 08:21 - 000000000 ____H () C:\Users\User\AppData\Local\BIT9561.tmp
2018-05-08 21:45 - 2018-07-14 15:18 - 000007595 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg
2018-04-19 08:21 - 2018-04-19 08:21 - 000000000 _____ () C:\Users\User\AppData\Local\{6D9B512E-5E7E-42D1-9968-BB57784DD353}

Alguns arquivos em TEMP:
====================
2018-07-14 13:55 - 2018-07-08 06:07 - 001945784 _____ (Microsoft Corporation) C:\Users\User\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

==================== BCD ================================

Gerenciador de Inicializa��o do Windows
---------------------------------------
identificador           {bootmgr}
device                  partition=\Device\HarddiskVolume2
description             Windows Boot Manager
locale                  pt-BR
inherit                 {globalsettings}
default                 {current}
resumeobject            {65afeb5c-828f-11e8-9f9e-bce3f638f9db}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Carregador de Inicializa��o do Windows
--------------------------------------
identificador           {current}
device                  partition=C:
path                    \WINDOWS\system32\winload.exe
description             Windows 10
locale                  pt-BR
inherit                 {bootloadersettings}
recoverysequence        {9f7f5b0a-828f-11e8-8d89-9e75094e39b8}
displaymessageoverride  Recovery
recoveryenabled         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \WINDOWS
resumeobject            {65afeb5c-828f-11e8-9f9e-bce3f638f9db}
nx                      OptIn
bootmenupolicy          Standard

Carregador de Inicializa��o do Windows
--------------------------------------
identificador           {9f7f5b0a-828f-11e8-8d89-9e75094e39b8}
device                  ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{9f7f5b0b-828f-11e8-8d89-9e75094e39b8}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
locale                  pt-BR
inherit                 {bootloadersettings}
displaymessage          Recovery
osdevice                ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{9f7f5b0b-828f-11e8-8d89-9e75094e39b8}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes

Continuar da Hiberna��o
-----------------------
identificador           {65afeb5c-828f-11e8-9f9e-bce3f638f9db}
device                  partition=C:
path                    \WINDOWS\system32\winresume.exe
description             Windows Resume Application
locale                  pt-BR
inherit                 {resumeloadersettings}
recoverysequence        {9f7f5b0a-828f-11e8-8d89-9e75094e39b8}
recoveryenabled         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No

Testador de Mem�ria do Windows
------------------------------
identificador           {memdiag}
device                  partition=\Device\HarddiskVolume2
path                    \boot\memtest.exe
description             Diagn�stico de Mem�ria do Windows
locale                  pt-BR
inherit                 {globalsettings}
badmemoryaccess         Yes

Configura��es de EMS
--------------------
identificador           {emssettings}
bootems                 No

Configura��es do Depurador
--------------------------
identificador           {dbgsettings}
debugtype               Local

Defeitos de RAM
---------------
identificador           {badmemory}

Configura��es Globais
---------------------
identificador           {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Configura��es do Carregador de Inicializa��o
--------------------------------------------
identificador           {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Configura��es do Hypervisor
---------------------------
identificador           {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Configura��es do Carregador de Retorno
--------------------------------------
identificador           {resumeloadersettings}
inherit                 {globalsettings}

Op��es de dispositivo
---------------------
identificador           {9f7f5b0b-828f-11e8-8d89-9e75094e39b8}
description             Windows Recovery
ramdisksdidevice        partition=\Device\HarddiskVolume2
ramdisksdipath          \Recovery\WindowsRE\boot.sdi


LastRegBack: 2018-07-08 06:16

==================== Fim de FRST.txt ============================

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 20.06.2018
Executado por User (15-07-2018 00:23:42)
Executando a partir de C:\Users\User\Downloads
Windows 10 Home Single Language Versão 1803 17134.137 (X64) (2018-07-08 09:38:44)
Modo da Inicialização: Safe Mode (with Networking)
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-3482450098-3671538303-3377208914-500 - Administrator - Disabled)
Convidado (S-1-5-21-3482450098-3671538303-3377208914-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3482450098-3671538303-3377208914-503 - Limited - Disabled)
User (S-1-5-21-3482450098-3671538303-3377208914-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-3482450098-3671538303-3377208914-504 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

7-Zip 18.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1801-000001000000}) (Version: 18.01.00.0 - Igor Pavlov)
7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.6.0.384 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_7_4) (Version: 7.4 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2018 (HKLM-x32\...\AME_12_1_1) (Version: 12.1.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_5) (Version: 19.1.5 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_1_1) (Version: 12.1.1 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{C29B636B-9015-4ED1-A12F-6375A337F23B}) (Version: 11.4.1.46 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version:  - Ubisoft)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform)
Epic Games Launcher (HKLM-x32\...\{F47DCC6C-FB71-4BF6-9B2A-68A5B4B35E92}) (Version: 1.1.147.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{816185C8-7C13-4650-9AB4-FC2EC9651A77}) (Version: 2.8.0.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{541E6575-D4A4-448A-91F3-F5E9D6731A7F}) (Version: 3.10.0083 - Seiko Epson Corporation)
EPSON L375 Series Printer Uninstall (HKLM\...\EPSON L375 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Far Cry 5 (HKLM-x32\...\{73B938C4-0DDA-448D-8E46-87401EA87339}_is1) (Version:  - Ubisoft)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.0.1.1049 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
iTunes (HKLM\...\{63895904-5266-45D1-A3C5-F61A3BAFA224}) (Version: 12.8.0.150 - Apple Inc.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
LonelyScreen 1.2 (HKLM-x32\...\LonelyScreen AirPlay Receiver_is1) (Version: 1.2 - IMTIGER Technologies Inc.)
LonelyScreen 1.2.16 (HKLM-x32\...\LonelyScreen_is1) (Version: 1.2.16 - IMTIGER Technologies Inc.)
Malwarebytes versão 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.10228.20104 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\...\OneDriveSetup.exe) (Version: 18.091.0506.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Mozilla Firefox 61.0.1 (x64 pt-BR) (HKLM\...\Mozilla Firefox 61.0.1 (x64 pt-BR)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.2.0.0 - Duodian Technology Co. Ltd.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10228.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.10228.20104 - Microsoft Corporation) Hidden
Opera Stable 51.0.2830.55 (HKLM-x32\...\Opera 51.0.2830.55) (Version: 51.0.2830.55 - Opera Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
qBittorrent 4.1.1 (HKLM-x32\...\qBittorrent) (Version: 4.1.1 - The qBittorrent project)
R for Windows 3.4.4 (HKLM\...\R for Windows 3.4.4_is1) (Version: 3.4.4 - R Core Team)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Spotify (HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\...\Spotify) (Version: 1.0.80.474.gef6b503e - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{E5347310-C82F-4833-AA36-8D11E5A8A86A}) (Version: 6.6 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{D745E014-74DD-43A3-98DF-E7D38164B681}) (Version: 6.6 - Apple Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 51.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.1 - VideoLAN)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-3482450098-3671538303-3377208914-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3482450098-3671538303-3377208914-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3482450098-3671538303-3377208914-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3482450098-3671538303-3377208914-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3482450098-3671538303-3377208914-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3482450098-3671538303-3377208914-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3482450098-3671538303-3377208914-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-A53DA100DCA5}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-3482450098-3671538303-3377208914-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [            IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2018-05-12] (Tonec Inc.)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Nenhum Arquivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-12-11] (Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Nenhum Arquivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-03-13] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-12-11] (Foxit Software Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {01471AC5-61B3-4521-B4E3-671D91667753} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-30] (Microsoft Corporation)
Task: {0784D2C5-F854-4A59-8A67-5EADF6B0D17D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-02] (Microsoft Corporation)
Task: {0BC3611D-6F4B-40D9-99D6-AAB52BC34909} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-02] (Microsoft Corporation)
Task: {11060B45-D467-49A2-B11D-D405943AE237} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-DELL-User => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
Task: {22B41B12-8129-4723-93B2-00AFF1988EA9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-07-12] (Microsoft Corporation)
Task: {2BE28AD4-87E5-4687-9878-A8922018F7B8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-12] (Microsoft Corporation)
Task: {42EF2573-81F5-4C82-9553-2A092B628E85} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-02] (Microsoft Corporation)
Task: {50FD9F97-B857-4E7D-9DE9-A76AF1FFD986} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-02] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {69CF70A4-1E7C-4088-81ED-EA7ACC0A7224} - System32\Tasks\[email protected]\Office16ProPlus => wmic [Argument = path SoftwareLicensingProduct where (ID="d450596f-894d-49e0-966a-fd39ed4c4c64") call Activate]
Task: {6B4C2235-D8E6-4CAE-A417-4535AEEF7E03} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {83AF18AC-1C66-491B-8CEA-462E6A2BE4C6} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-12] (Microsoft Corporation)
Task: {A940E0DF-6A31-45BE-B5B7-C9354CEAB259} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-07-12] (Microsoft Corporation)
Task: {AFD303C6-0B13-42D9-BC43-311915EE0969} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-23] (Google Inc.)
Task: {C29DFBC3-67C3-4036-AE04-1B1DBB93C682} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-23] (Google Inc.)
Task: {CBB299C0-292B-4271-9BA9-8756875400BA} - System32\Tasks\[email protected]\Windows64CoreSingleLanguage => wmic [Argument = path SoftwareLicensingProduct where (ID="cd918a57-a41b-4c82-8dce-1a538e221a83") call Activate]
Task: {CD6E2BC4-9C83-468A-A2C6-3298FA22CF71} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {F0D6D961-AE0D-43DE-9BB9-712323F15329} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-07-12] (Microsoft Corporation)
Task: {F4C97E30-763E-4A3A-AC95-60E452AA5512} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-30] (Microsoft Corporation)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)


ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Signal Private Messenger.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=bikioccmkafdpakkkcpdbppfkghcmihk

==================== Módulos Carregados (Whitelisted) ==============

2018-04-11 20:34 - 2018-04-11 20:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-02-27 20:08 - 2018-02-27 20:08 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SophosVirusRemovalTool => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SophosVirusRemovalTool => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)


==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2017-09-29 10:46 - 2018-07-14 23:55 - 000004929 _____ C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.0    choice.microsoft.com
0.0.0.0    choice.microsoft.com.nstac.net
0.0.0.0    df.telemetry.microsoft.com
0.0.0.0    oca.telemetry.microsoft.com
0.0.0.0    oca.telemetry.microsoft.com.nsatc.net
0.0.0.0    redir.metaservices.microsoft.com
0.0.0.0    reports.wes.df.telemetry.microsoft.com
0.0.0.0    services.wes.df.telemetry.microsoft.com
0.0.0.0    settings-sandbox.data.microsoft.com
0.0.0.0    settings-win.data.microsoft.com
0.0.0.0    sqm.df.telemetry.microsoft.com
0.0.0.0    sqm.telemetry.microsoft.com
0.0.0.0    sqm.telemetry.microsoft.com.nsatc.net
0.0.0.0    telecommand.telemetry.microsoft.com
0.0.0.0    telecommand.telemetry.microsoft.com.nsatc.net
0.0.0.0    telemetry.appex.bing.net
0.0.0.0    telemetry.microsoft.com
0.0.0.0    telemetry.urs.microsoft.com
0.0.0.0    vortex-sandbox.data.microsoft.com
0.0.0.0    vortex-win.data.microsoft.com
0.0.0.0    vortex.data.microsoft.com
0.0.0.0    watson.telemetry.microsoft.com
0.0.0.0    watson.telemetry.microsoft.com.nsatc.net
0.0.0.0    watson.ppe.telemetry.microsoft.com
0.0.0.0    wes.df.telemetry.microsoft.com
0.0.0.0    vortex-bn2.metron.live.com.nsatc.net
0.0.0.0    vortex-cy2.metron.live.com.nsatc.net
0.0.0.0    watson.live.com
0.0.0.0    watson.microsoft.com
0.0.0.0    feedback.search.microsoft.com

Existem ainda 83 mais linhas.


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\...\StartupApproved\Run: => "LonelyScreen"
HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\...\StartupApproved\Run: => "qBittorrent"
HKU\S-1-5-21-3482450098-3671538303-3377208914-1001\...\StartupApproved\Run: => "IDMan"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{A832D69E-C0EE-471A-8F38-38C138712C3E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [UDP Query User{F22613E6-968D-4BAF-96FA-B07D4FCB75CD}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{C59601C4-6D86-441E-850A-F002B4B87378}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [{1681FBAC-0ACA-4AE1-B15E-759D6173206A}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{097F1954-CC86-4F19-A982-6C282A5CA0CF}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{7CEB47FA-1FCD-4CA9-B1CB-C9FB7ACA78F4}] => (Allow) LPort=8999
FirewallRules: [{D09506E3-CA90-4510-B94A-9E871324C843}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{1AC777DA-B47A-4F5E-A263-293B1C28CF66}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{239D09DD-A8A5-4F0F-BF85-5B6BC61815AB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F7E3FB3B-CD3A-424D-80CB-E0125DD46CD2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6B978D61-5D6D-4874-B3B1-0B1F0A783C6A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1F1F63CC-51E5-4D50-9A72-21238EB05F25}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3A1ADCBA-BC25-4C6C-A639-5DA887FBAA21}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{2A9358EE-306D-4918-8BB8-9126CEB8AF5C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{C9CC5FA5-48F1-477D-92C6-B650FBFF9A64}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{0B000702-D79D-4900-88E1-28BC06968DCA}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [UDP Query User{0FDA8BE0-2CB2-486E-B593-1F1139A38DD1}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{4A1A9DA1-9B5D-4469-949A-11AF5104B159}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{A9660537-D2E9-4AA2-ADD4-C3A26CCC67BC}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{F1DCC342-EA65-49E1-9EE3-E388A65F3D56}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{D309ABA5-25FC-47D8-9DA7-7902BE0C177F}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{7BB174A6-B028-4DB3-AD92-37E92CA5931B}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{F6B6A899-AB50-4A48-B359-199F104EF6CE}] => (Allow) C:\Program Files\Opera\51.0.2830.55\opera.exe
FirewallRules: [{A15CF90E-6FC2-40A3-A641-B91929065804}] => (Allow) C:\Users\User\AppData\Local\Temp\WZSE0.TMP\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{12A8DEC4-B670-45BF-BE8E-49F3BA047292}] => (Allow) C:\Users\User\AppData\Local\Temp\WZSE0.TMP\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{975AB07A-B980-4F2B-AE11-471599DC1C47}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{8C8A6F6E-C7DD-4A99-A06B-2905383F6665}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{C5EA1B38-0637-4BB8-9EE2-5638746BE805}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{1DF52AAD-16DA-424D-B55E-5D6AE323C7BB}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [UDP Query User{3BDB1748-EDEF-42DB-9514-1A0B313B99EE}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{C6B29D55-31B5-448E-8908-93A69E36EC67}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{25340243-AF02-4974-A450-2F5EB4419713}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{9CDD7ACF-6DF7-49EC-A10F-8F9862AD21E7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6A0A850B-E53C-40B7-B893-71E18F91248D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{644ADBD6-1CC2-4220-A9D7-24CFDFA4DF3C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{113B604E-C188-4820-8C05-138A700A7712}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{65D64D1D-A9BA-4F18-907A-217D26FE7B46}] => (Allow) C:\Program Files\Opera\51.0.2830.40\opera.exe
FirewallRules: [{FC0E0B47-8363-412B-85E5-5C81E4B8B9CF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E4ACDFF8-503C-429E-A11D-B72C7C517749}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{8B22B53A-9B0B-4408-9F63-ADE6BF433C82}C:\program files (x86)\lonelyscreen\lonelyscreen.exe] => (Allow) C:\program files (x86)\lonelyscreen\lonelyscreen.exe
FirewallRules: [TCP Query User{A413754B-6A99-49A8-B543-77D9AD66248E}C:\program files (x86)\lonelyscreen\lonelyscreen.exe] => (Allow) C:\program files (x86)\lonelyscreen\lonelyscreen.exe
FirewallRules: [{DD9AA43E-AC06-4660-96F8-7E2CD7C59A1E}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{B5069D71-735C-4A88-8BD9-DF25D3B3E94E}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{8B623AC6-96C0-4B49-9D57-83C1305C3AA9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{50466953-ED75-47E2-9519-0AF56C9EA583}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{1247B014-8455-4BF4-81B9-2C2479276E8D}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe
FirewallRules: [{08BD4F8B-ECB1-4D2A-9C9D-4042A01FBE77}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe
FirewallRules: [{AF4C7249-5AFB-47FB-8DE4-BBBB666A6656}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kingdom\Kingdom.exe
FirewallRules: [{F34B2864-E12A-4BB4-8C72-B906EC2081F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kingdom\Kingdom.exe
FirewallRules: [{BF013EFA-0FEF-4B11-B40A-D1362BB68A92}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{E3A69165-7683-44CD-9EE8-0F7ACEB852B3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8A27865C-60CC-4589-8AEA-00A44FBA26AB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{691713C6-E1DB-4E96-B4B7-A8F6ECCD2B14}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B107C32F-6B22-4FCD-9110-1DB55D3C86AB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B8D42DBE-CBE8-4A7D-9B5D-5A6914D6AAA5}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{B4436D83-F546-4F35-90A8-760612FA5565}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Doki Doki Literature Club\DDLC.exe
FirewallRules: [{F4C22BEF-7011-4F87-9412-89354656AE4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Doki Doki Literature Club\DDLC.exe
FirewallRules: [{37C22159-85B5-4A2F-A051-22883FC04927}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hacknet\Hacknet.exe
FirewallRules: [{5F1FBC54-2A72-44AC-B4F8-3304DAC6C34D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hacknet\Hacknet.exe
FirewallRules: [{A553416C-F3B5-49F2-887D-809A608D1F02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{98209B52-98CC-46ED-86ED-B7F4D16EE9C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe

==================== Pontos de Restauração =========================

09-07-2018 00:49:46 Windows Update
12-07-2018 22:00:51 Windows Update
15-07-2018 00:05:35 Removed Rapport

==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: Áudio Intel® para telas
Description: Áudio Intel® para telas
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel® Corporation
Service: IntcDAud
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (07/14/2018 02:50:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Users\User\Desktop\tron\resources\stage_9_manual_tools\Autoruns v13.82 x86.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.137_none_42f1ce1c44dfc46d.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.137_none_fb44974530639b67.manifest.

Error: (07/14/2018 12:28:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Users\User\Desktop\tron\resources\stage_9_manual_tools\Autoruns v13.82 x86.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.137_none_42f1ce1c44dfc46d.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.137_none_fb44974530639b67.manifest.

Error: (07/14/2018 12:26:33 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Falha ao criar ponto de restauração (Processo = C:\Users\User\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT Pre-Junkware Removal"; Descrição = JRT Pre-Junkware Removal; Erro = 0x8007043c).

Error: (07/14/2018 12:07:37 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Users\User\Downloads\tron\resources\stage_9_manual_tools\Autoruns v13.82 x86.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.137_none_42f1ce1c44dfc46d.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.137_none_fb44974530639b67.manifest.

Error: (07/14/2018 10:56:36 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Users\User\Downloads\tron\resources\stage_9_manual_tools\Autoruns v13.82 x86.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.137_none_42f1ce1c44dfc46d.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.137_none_fb44974530639b67.manifest.

Error: (07/13/2018 11:18:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-DELL.local already in use; will try DESKTOP-DELL-2.local instead

Error: (07/13/2018 11:18:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 DESKTOP-DELL.local. Addr 172.20.10.4

Error: (07/13/2018 11:18:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 172.20.10.4:5353   16 DESKTOP-DELL.local. AAAA 2804:0018:080B:D8CC:8060:A9C0:17F5:203A


Erros de Sistema:
=============
Error: (07/15/2018 12:24:34 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-DELL)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço ShellHWDetection com argumentos "Não Disponível" para executar o servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (07/15/2018 12:24:29 AM) (Source: DCOM) (EventID: 10005) (User: AUTORIDADE NT)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço wuauserv com argumentos "Não Disponível" para executar o servidor:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (07/15/2018 12:24:29 AM) (Source: DCOM) (EventID: 10005) (User: AUTORIDADE NT)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço wuauserv com argumentos "Não Disponível" para executar o servidor:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (07/15/2018 12:24:22 AM) (Source: DCOM) (EventID: 10005) (User: AUTORIDADE NT)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço EventSystem com argumentos "Não Disponível" para executar o servidor:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (07/15/2018 12:24:17 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-DELL)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço ShellHWDetection com argumentos "Não Disponível" para executar o servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (07/15/2018 12:22:16 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-DELL)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço ShellHWDetection com argumentos "Não Disponível" para executar o servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (07/15/2018 12:20:27 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-DELL)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço ShellHWDetection com argumentos "Não Disponível" para executar o servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (07/15/2018 12:20:20 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-DELL)
Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço ShellHWDetection com argumentos "Não Disponível" para executar o servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}


Windows Defender:
===================================
Date: 2018-07-14 17:45:46.979
Description:
O exame do Windows Defender Antivirus foi interrompido antes da conclusão.
ID do Exame: {2084C13A-9992-4ECD-ACAD-B393D3B27ED2}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2018-07-14 15:41:44.820
Description:
O exame do Windows Defender Antivirus foi interrompido antes da conclusão.
ID do Exame: {C850A67C-F99E-4CFA-A2B1-ECF3359020C8}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2018-07-13 23:09:59.119
Description:
O Windows Defender Antivirus detectou malware ou outros softwares potencialmente indesejados.
Para obter mais informações, consulte:
https://go.microsoft...47&enterprise=0
Nome: HackTool:Win32/Patcher
ID: 2147659947
Severidade: Alto
Categoria: Ferramenta
Caminho: containerfile:_C:\$RECYCLE.BIN\S-1-5-21-3482450098-3671538303-3377208914-1001\$RAC9JP3\amtemu.v0.9.2-painter.exe;file:_C:\$RECYCLE.BIN\S-1-5-21-3482450098-3671538303-3377208914-1001\$RAC9JP3\amtemu.v0.9.2-painter.exe->[lowcase_mzpe]
Origem da Detecção: Computador local
Tipo de Detecção: Concreto
Origem da Detecção: Sistema
Usuário: AUTORIDADE NT\SISTEMA
Nome do Processo: Unknown
Versão da Assinatura: AV: 1.271.935.0, AS: 1.271.935.0, NIS: 1.271.935.0
Versão do Mecanismo: AM: 1.1.15000.2, NIS: 1.1.15000.2

Date: 2018-07-13 23:07:53.053
Description:
O Windows Defender Antivirus detectou malware ou outros softwares potencialmente indesejados.
Para obter mais informações, consulte:
https://go.microsoft...47&enterprise=0
Nome: HackTool:Win32/Patcher
ID: 2147659947
Severidade: Alto
Categoria: Ferramenta
Caminho: containerfile:_C:\$RECYCLE.BIN\S-1-5-21-3482450098-3671538303-3377208914-1001\$RAC9JP3\amtemu.v0.9.2-painter.exe;file:_C:\$RECYCLE.BIN\S-1-5-21-3482450098-3671538303-3377208914-1001\$RAC9JP3\amtemu.v0.9.2-painter.exe->[lowcase_mzpe]
Origem da Detecção: Computador local
Tipo de Detecção: Concreto
Origem da Detecção: Sistema
Usuário: AUTORIDADE NT\SISTEMA
Nome do Processo: Unknown
Versão da Assinatura: AV: 1.271.935.0, AS: 1.271.935.0, NIS: 1.271.935.0
Versão do Mecanismo: AM: 1.1.15000.2, NIS: 1.1.15000.2

Date: 2018-07-13 23:07:23.821
Description:
O Windows Defender Antivirus detectou malware ou outros softwares potencialmente indesejados.
Para obter mais informações, consulte:
https://go.microsoft...47&enterprise=0
Nome: HackTool:Win32/Patcher
ID: 2147659947
Severidade: Alto
Categoria: Ferramenta
Caminho: containerfile:_C:\$RECYCLE.BIN\S-1-5-21-3482450098-3671538303-3377208914-1001\$RAC9JP3\amtemu.v0.9.2-painter.exe;file:_C:\$RECYCLE.BIN\S-1-5-21-3482450098-3671538303-3377208914-1001\$RAC9JP3\amtemu.v0.9.2-painter.exe;file:_C:\$RECYCLE.BIN\S-1-5-21-3482450098-3671538303-3377208914-1001\$RAC9JP3\amtemu.v0.9.2-painter.exe->[lowcase_mzpe]
Origem da Detecção: Computador local
Tipo de Detecção: Concreto
Origem da Detecção: Proteção em Tempo Real
Usuário: AUTORIDADE NT\SISTEMA
Nome do Processo: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Versão da Assinatura: AV: 1.271.935.0, AS: 1.271.935.0, NIS: 1.271.935.0
Versão do Mecanismo: AM: 1.1.15000.2, NIS: 1.1.15000.2

Date: 2018-07-15 00:24:29.525
Description:
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura:
Versão da Assinatura Anterior: 1.271.1003.0
Origem da Atualização: Servidor do Microsoft Update
Tipo de Assinatura: Antivírus
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SISTEMA
Versão do Mecanismo Atual:
Versão do Mecanismo Anterior: 1.1.15000.2
Código de erro: 0x8007043c
Descrição do erro: Não é possível compartilhar este serviço no modo de segurança

Date: 2018-07-15 00:14:24.501
Description:
O recurso de Proteção em Tempo Real do Windows Defender Antivirus encontrou um erro e falhou.
Recurso: Em Tempo de Acesso
Código do Erro: 0x8007043c
Descrição do erro: Não é possível compartilhar este serviço no modo de segurança
Motivo: A proteção antimalware parou de funcionar por um motivo desconhecido. Em alguns casos, reiniciar o serviço pode resolver o problema.

Date: 2018-07-14 00:51:34.932
Description:
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura:
Versão da Assinatura Anterior: 1.271.971.0
Origem da Atualização: Servidor do Microsoft Update
Tipo de Assinatura: Antivírus
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SISTEMA
Versão do Mecanismo Atual:
Versão do Mecanismo Anterior: 1.1.15000.2
Código de erro: 0x8007043c
Descrição do erro: Não é possível compartilhar este serviço no modo de segurança

Date: 2018-07-14 00:41:31.931
Description:
O recurso de Proteção em Tempo Real do Windows Defender Antivirus encontrou um erro e falhou.
Recurso: Em Tempo de Acesso
Código do Erro: 0x8007043c
Descrição do erro: Não é possível compartilhar este serviço no modo de segurança
Motivo: A proteção antimalware parou de funcionar por um motivo desconhecido. Em alguns casos, reiniciar o serviço pode resolver o problema.

Date: 2018-07-08 15:56:26.478
Description:
O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas.
Versão da Nova Assinatura:
Versão da Assinatura Anterior: 1.271.672.0
Origem da Atualização: Servidor do Microsoft Update
Tipo de Assinatura: Antivírus
Tipo de Atualização: Completa
Usuário: AUTORIDADE NT\SISTEMA
Versão do Mecanismo Atual:
Versão do Mecanismo Anterior: 1.1.15000.2
Código de erro: 0x8007043c
Descrição do erro: Não é possível compartilhar este serviço no modo de segurança

CodeIntegrity:
===================================

Date: 2018-07-15 00:00:40.330
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-07-15 00:00:40.328
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-07-15 00:00:40.323
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-07-15 00:00:40.321
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-07-15 00:00:40.313
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-07-15 00:00:40.311
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-07-14 23:59:12.211
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-07-14 23:59:12.208
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Informações da Memória ===========================

Processador: Intel® Pentium® CPU G3260 @ 3.30GHz
Percentagem de memória em uso: 15%
RAM física total: 6060.95 MB
RAM física disponível: 5128.64 MB
Virtual Total: 7020.95 MB
Virtual disponível: 6261.92 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.22 GB) (Free:168.04 GB) NTFS
Drive h: () (Fixed) (Total:465.76 GB) (Free:422.15 GB) NTFS

\\?\Volume{138efb62-0000-0000-0000-100000000000}\ (Reservado pelo Sistema) (Fixed) (Total:0.54 GB) (Free:0.13 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 668EB211)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 138EFB62)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================

Attached Files


Edited by asbr242, 15 July 2018 - 04:49 PM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,316 posts
  • MVP

Doesn't appear to be malware but let's try

 

Download aswMBR.exe  to your desktop.
The link is a direct download so the page won't change.

Right click the aswMBR.exe and select Run As Administrator to run it
Wait until the AV Scan shows up at the bottom left.
Change AV Scan: from Quick Scan to  C:\
Click the "Scan" button to start scan
If it asks you to allow the Avast engine to download then say Yes.  It will take a while to finish.  
On completion of the scan (Note if the Fix button is enabled and tell me but do not push any buttons) click save log, save it to your desktop and post in your next reply

If it crashes then try it again but uncheck Trace Disk IO Calls before hitting Scan.

 

Possibly a heat issue or a bad network adapter driver.

 

Run Speedfan to monitor your temps in real time:



http://www.filehippo...nload_speedfan/

Download, save and Install it (Win 7+ or Vista right click and Run As Admin.) then run it (Win 7+ or Vista right click and Run As Admin.).

It will tell you your temps in real time tho the default is to show the hard drive temp in the systray.  You can change it:  Hit Configure then click on the highest temp and check Show in tray.  With no other programs running what is the highest temp you see?  Run an anti-virus scan, play one of your games or watch a video for at least 5 minutes.  What is the highest temp now?
 

We don't really want it to go over about 65 under load or over time.  If it does it usually means either the fan is defective (speedfan should tell you your fan speed so you can see if it is running) or (most likely) the interface between the fan and the heatsink is clogged with dust. The best fix for a clogged heatsink is to remove the fan (not the heatsink or heatpipe) and vacuum out the heatsink.  However on some PCs this is major surgery.  Sometimes you can blow air backwards through the exhaust vent while vacuuming at the input vent and if you are lucky it may clear the heatsink.  Don't do it too long as the fan may overrev.

 

 

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer Errors
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

 

 

 

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.



 


  • 0

#3
asbr242

asbr242

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts

Okay, thanks for answering!

I'm going to run all of this and will edit this message when all done.


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,316 posts
  • MVP

Please do not edit.  I do not get notified of edits.  Instead just make a new Reply.  Multiple Replies are fine.


  • 0

#5
asbr242

asbr242

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts

Okay, I ran everything and will do a double replis: first with some stuff you asked and some notes, second with the logs.

PS: Most of the logs have Portuguese words, is this a problem?

 

aswmbt
It asked to use “Virtualization Technology” but crashed when I choose Yes.
It crashed after scanning too, so I disabeled the “trace disk IO calls” too.

 

Noted things while running:
Yellow:
19:47:32.963: Service MpKsl137a99b2
Red:
23:03:54.748 File: C:\Windows\SysWOW\GamePanel.exe
23:43:30.410 File ... WinSxs\wow64_microsoft...
23:43:32.098 File ... WinSxs\wow64_microsoft...

FixMBR button was possible to click at the end.

SpeedFan
Highest temp without anything running was 57ºC
Highest temp:
9 firefox tabs with youtube videos buffering: 57ºC
Steam open on background downloading a game and Portal 2 running: Forced too much of this weak computer and it froze, when restarted whas on 58ºC
Steam on background + Portal 2 on background on a fase + youtube video: stayed at 58ºC

Ps: the program shows

“Fan1: 947 RPM

Fan2: 0 RPM"

Process Explorer
I don’t know if I shorted by CPU the right way, got a bit confused on this.

 

 

 

Thanks a lot for the help!!


Edited by asbr242, 20 July 2018 - 10:01 PM.

  • 0

#6
asbr242

asbr242

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts

Logs:

aswMBR

aswMBR version 1.0.1.2290 Copyright© 2014 AVAST Software
Run date: 2018-07-20 19:41:10
-----------------------------
19:41:10.163    OS Version: Windows x64 6.2.9200
19:41:10.163    Number of processors: 2 586 0x3C03
19:41:10.163    ComputerName: DESKTOP-DELL  UserName: User
19:41:13.288    Initialize success
19:41:13.335    VM: initialized successfully
19:41:13.335    VM: Intel CPU supported
19:42:06.944    VM: not used
19:46:01.653    AVAST engine defs: 17030301
19:46:52.848    Disk 0  \Device\Harddisk0\DR0 -> \Device\00000028
19:46:52.848    Disk 0 Vendor: HGST_HTS545050A7E380 GG2OACY0 Size: 476940MB BusType: 11
19:46:52.848    Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\00000029
19:46:52.864    Disk 1 Vendor: ST500DM002-1SB10A CC43 Size: 476940MB BusType: 11
19:46:52.989    Disk 1 MBR read successfully
19:46:52.989    Disk 1 MBR scan
19:46:53.020    Disk 1 Windows 7 default MBR code
19:46:53.020    Disk 1 Partition 1 80 (A) 07      HPFS/NTFS NTFS          549 MB offset 2048
19:46:53.035    Disk 1 Partition 2 00     07      HPFS/NTFS NTFS       476389 MB offset 1126400
19:46:53.114    Disk 1 scanning C:\WINDOWS\system32\drivers
19:47:15.632    Service scanning
19:47:32.963    Service MpKsl137a99b2 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{34D73F03-0105-4D08-ADF7-F16CEDBBDC8C}\MpKsl137a99b2.sys **LOCKED**
19:47:54.761    Modules scanning
19:47:55.683    AVAST engine scan C:\
23:03:54.748    File: C:\Windows\SysWOW64\GamePanel.exe  **INFECTED** Win32:MalOb-CA [Cryp]
23:43:30.410    File: C:\Windows\WinSxS\wow64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.17134.1_none_2e8b005bc4dbb92d\GamePanel.exe  **INFECTED** Win32:MalOb-CA [Cryp]
23:43:32.098    File: C:\Windows\WinSxS\wow64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.17134.81_none_42e7daf4359b8433\GamePanel.exe  **INFECTED** Win32:MalOb-CA [Cryp]
23:48:04.989    Disk 1 statistics 31425873/0/0 @ 1,53 MB/s
23:48:05.005    Scan finished successfully
23:49:11.497    Disk 1 MBR has been saved successfully to "C:\Users\User\Downloads\Programs\fix\MBR.dat"
23:49:11.528    The log file has been saved successfully to "C:\Users\User\Downloads\Programs\fix\aswMBR.txt"

 

MiniToolBox

MiniToolBox by Farbar  Version: 17-06-2016
Ran by User (administrator) on 21-07-2018 at 00:36:25
Running from "C:\Users\User\Downloads\Programs\fix"
Microsoft Windows 10 Home Single Language  (X64)
Model: Inspiron 3647 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Configura��o de IP do Windows

Libera��o do Cache do DNS Resolver bem-sucedida.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
========================= IP Configuration: ================================

Dell Wireless 1705 802.11b/g/n (2.4GHZ) = Wi-Fi (Connected)
Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)


# ----------------------------------
# Configura‡Æo de IPv4
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Ethernet (Depurador de Kernel)" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ConexÆo Local* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ConexÆo de Rede Bluetooth" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ConexÆo Local* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ConexÆo Local* 13" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ConexÆo Local* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# Final da configura‡Æo IPv4



Configura‡Æo de IP do Windows

   Nome do host. . . . . . . . . . . . . . . . : DESKTOP-DELL
   Sufixo DNS prim rio . . . . . . . . . . . . :
   Tipo de n¢. . . . . . . . . . . . . . . . . : h¡brido
   Roteamento de IP ativado. . . . . . . . . . : nÆo
   Proxy WINS ativado. . . . . . . . . . . . . : nÆo

Adaptador Ethernet Ethernet:

   Estado da m¡dia. . . . . . . . . . . . . .  : m¡dia desconectada
   Sufixo DNS espec¡fico de conexÆo. . . . . . :
   Descri‡Æo . . . . . . . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Endere‡o F¡sico . . . . . . . . . . . . . . : F4-8E-38-E2-FF-E3
   DHCP Habilitado . . . . . . . . . . . . . . : Sim
   Configura‡Æo Autom tica Habilitada. . . . . : Sim

Adaptador de Rede sem Fio ConexÆo Local* 1:

   Estado da m¡dia. . . . . . . . . . . . . .  : m¡dia desconectada
   Sufixo DNS espec¡fico de conexÆo. . . . . . :
   Descri‡Æo . . . . . . . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Endere‡o F¡sico . . . . . . . . . . . . . . : 1A-14-01-A6-2A-61
   DHCP Habilitado . . . . . . . . . . . . . . : Sim
   Configura‡Æo Autom tica Habilitada. . . . . : Sim

Adaptador de Rede sem Fio ConexÆo Local* 3:

   Estado da m¡dia. . . . . . . . . . . . . .  : m¡dia desconectada
   Sufixo DNS espec¡fico de conexÆo. . . . . . :
   Descri‡Æo . . . . . . . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #3
   Endere‡o F¡sico . . . . . . . . . . . . . . : 2A-14-01-A6-2A-61
   DHCP Habilitado . . . . . . . . . . . . . . : Sim
   Configura‡Æo Autom tica Habilitada. . . . . : Sim

Adaptador de Rede sem Fio Wi-Fi:

   Sufixo DNS espec¡fico de conexÆo. . . . . . :
   Descri‡Æo . . . . . . . . . . . . . . . . . : Dell Wireless 1705 802.11b/g/n (2.4GHZ)
   Endere‡o F¡sico . . . . . . . . . . . . . . : 68-14-01-A6-2A-61
   DHCP Habilitado . . . . . . . . . . . . . . : Sim
   Configura‡Æo Autom tica Habilitada. . . . . : Sim
   Endere‡o IPv6 de link local . . . . . . . . : fe80::8060:a9c0:17f5:203a%20(Preferencial)
   Endere‡o IPv4. . . . . . . .  . . . . . . . : 192.168.2.131(Preferencial)
   M scara de Sub-rede . . . . . . . . . . . . : 255.255.255.0
   ConcessÆo Obtida. . . . . . . . . . . . . . : s bado, 21 de julho de 2018 00:18:53
   ConcessÆo Expira. . . . . . . . . . . . . . : s bado, 21 de julho de 2018 02:18:53
   Gateway PadrÆo. . . . . . . . . . . . . . . : 192.168.2.1
   Servidor DHCP . . . . . . . . . . . . . . . : 192.168.2.1
   IAID de DHCPv6. . . . . . . . . . . . . . . : 241701889
   DUID de Cliente DHCPv6. . . . . . . . . . . : 00-01-00-01-22-21-43-11-F4-8E-38-E2-FF-E3
   Servidores DNS. . . . . . . . . . . . . . . : 208.67.222.123
                                                 208.67.220.123
   NetBIOS em Tcpip. . . . . . . . . . . . . . : Habilitado
Servidor:  resolver1-fs.opendns.com
Address:  208.67.222.123

Nome:    google.com
Addresses:  2800:3f0:4001:809::200e
      216.58.202.78


Disparando google.com [216.58.202.78] com 32 bytes de dados:
Resposta de 216.58.202.78: bytes=32 tempo=8ms TTL=54
Resposta de 216.58.202.78: bytes=32 tempo=103ms TTL=54

Estat¡sticas do Ping para 216.58.202.78:
    Pacotes: Enviados = 2, Recebidos = 2, Perdidos = 0 (0% de
             perda),
Aproximar um n£mero redondo de vezes em milissegundos:
    M¡nimo = 8ms, M ximo = 103ms, M‚dia = 55ms
Servidor:  resolver1-fs.opendns.com
Address:  208.67.222.123

Nome:    yahoo.com
Addresses:  2001:4998:c:1023::5
      2001:4998:44:41d::3
      2001:4998:c:1023::4
      2001:4998:58:1836::10
      2001:4998:44:41d::4
      2001:4998:58:1836::11
      72.30.35.9
      98.137.246.7
      98.138.219.231
      98.137.246.8
      72.30.35.10
      98.138.219.232


Disparando yahoo.com [98.137.246.7] com 32 bytes de dados:
Resposta de 98.137.246.7: bytes=32 tempo=550ms TTL=49
Resposta de 98.137.246.7: bytes=32 tempo=252ms TTL=49

Estat¡sticas do Ping para 98.137.246.7:
    Pacotes: Enviados = 2, Recebidos = 2, Perdidos = 0 (0% de
             perda),
Aproximar um n£mero redondo de vezes em milissegundos:
    M¡nimo = 252ms, M ximo = 550ms, M‚dia = 401ms

Disparando 127.0.0.1 com 32 bytes de dados:
Resposta de 127.0.0.1: bytes=32 tempo<1ms TTL=128
Resposta de 127.0.0.1: bytes=32 tempo<1ms TTL=128

Estat¡sticas do Ping para 127.0.0.1:
    Pacotes: Enviados = 2, Recebidos = 2, Perdidos = 0 (0% de
             perda),
Aproximar um n£mero redondo de vezes em milissegundos:
    M¡nimo = 0ms, M ximo = 0ms, M‚dia = 0ms
===========================================================================
Lista de interfaces
 21...f4 8e 38 e2 ff e3 ......Realtek PCIe GBE Family Controller
 16...1a 14 01 a6 2a 61 ......Microsoft Wi-Fi Direct Virtual Adapter
  7...2a 14 01 a6 2a 61 ......Microsoft Wi-Fi Direct Virtual Adapter #3
 20...68 14 01 a6 2a 61 ......Dell Wireless 1705 802.11b/g/n (2.4GHZ)
  1...........................Software Loopback Interface 1
===========================================================================

Tabela de rotas IPv4
===========================================================================
Rotas ativas:
Endere‡o de rede          M scara   Ender. gateway       Interface   Custo
          0.0.0.0          0.0.0.0      192.168.2.1    192.168.2.131     55
        127.0.0.0        255.0.0.0      No v¡nculo         127.0.0.1    331
        127.0.0.1  255.255.255.255      No v¡nculo         127.0.0.1    331
  127.255.255.255  255.255.255.255      No v¡nculo         127.0.0.1    331
      192.168.2.0    255.255.255.0      No v¡nculo     192.168.2.131    311
    192.168.2.131  255.255.255.255      No v¡nculo     192.168.2.131    311
    192.168.2.255  255.255.255.255      No v¡nculo     192.168.2.131    311
        224.0.0.0        240.0.0.0      No v¡nculo         127.0.0.1    331
        224.0.0.0        240.0.0.0      No v¡nculo     192.168.2.131    311
  255.255.255.255  255.255.255.255      No v¡nculo         127.0.0.1    331
  255.255.255.255  255.255.255.255      No v¡nculo     192.168.2.131    311
===========================================================================
Rotas persistentes:
  Nenhuma

Tabela de rotas IPv6
===========================================================================
Rotas ativas:
 Se destino de rede de m‚trica      Gateway
  1    331 ::1/128                  No v¡nculo
 20    311 fe80::/64                No v¡nculo
 20    311 fe80::8060:a9c0:17f5:203a/128
                                    No v¡nculo
  1    331 ff00::/8                 No v¡nculo
 20    311 ff00::/8                 No v¡nculo
===========================================================================
Rotas persistentes:
  Nenhuma
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [54784] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [24064] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [51712] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67072] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [84992] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [84992] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31232] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 14 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/21/2018 12:19:41 AM) (Source: Application Error) (User: )
Description: Nome do aplicativo com falha: SearchUI.exe, versão: 10.0.17134.165, carimbo de data/hora: 0x5b3f13b5
Nome do módulo com falha: SearchUI.exe, versão: 10.0.17134.165, carimbo de data/hora: 0x5b3f13b5
Código de exceção: 0xc000027b
Deslocamento da falha: 0x00000000001b6aa5
ID do processo com falha: 0x1bf0
Hora de início do aplicativo com falha: 0xSearchUI.exe0
Caminho do aplicativo com falha: SearchUI.exe1
Caminho do módulo com falha: SearchUI.exe2
ID do Relatório: SearchUI.exe3
Nome completo do pacote com falha: SearchUI.exe4
ID do aplicativo relativo ao pacote com falha: SearchUI.exe5

Error: (07/21/2018 12:19:37 AM) (Source: Application Error) (User: )
Description: Nome do aplicativo com falha: SearchUI.exe, versão: 10.0.17134.165, carimbo de data/hora: 0x5b3f13b5
Nome do módulo com falha: SearchUI.exe, versão: 10.0.17134.165, carimbo de data/hora: 0x5b3f13b5
Código de exceção: 0xc000027b
Deslocamento da falha: 0x00000000001b6aa5
ID do processo com falha: 0x594
Hora de início do aplicativo com falha: 0xSearchUI.exe0
Caminho do aplicativo com falha: SearchUI.exe1
Caminho do módulo com falha: SearchUI.exe2
ID do Relatório: SearchUI.exe3
Nome completo do pacote com falha: SearchUI.exe4
ID do aplicativo relativo ao pacote com falha: SearchUI.exe5

Error: (07/21/2018 12:19:33 AM) (Source: Application Error) (User: )
Description: Nome do aplicativo com falha: SearchUI.exe, versão: 10.0.17134.165, carimbo de data/hora: 0x5b3f13b5
Nome do módulo com falha: SearchUI.exe, versão: 10.0.17134.165, carimbo de data/hora: 0x5b3f13b5
Código de exceção: 0xc000027b
Deslocamento da falha: 0x00000000001b6aa5
ID do processo com falha: 0x1724
Hora de início do aplicativo com falha: 0xSearchUI.exe0
Caminho do aplicativo com falha: SearchUI.exe1
Caminho do módulo com falha: SearchUI.exe2
ID do Relatório: SearchUI.exe3
Nome completo do pacote com falha: SearchUI.exe4
ID do aplicativo relativo ao pacote com falha: SearchUI.exe5

Error: (07/21/2018 12:19:29 AM) (Source: Application Error) (User: )
Description: Nome do aplicativo com falha: SearchUI.exe, versão: 10.0.17134.165, carimbo de data/hora: 0x5b3f13b5
Nome do módulo com falha: SearchUI.exe, versão: 10.0.17134.165, carimbo de data/hora: 0x5b3f13b5
Código de exceção: 0xc000027b
Deslocamento da falha: 0x00000000001b6aa5
ID do processo com falha: 0x23c
Hora de início do aplicativo com falha: 0xSearchUI.exe0
Caminho do aplicativo com falha: SearchUI.exe1
Caminho do módulo com falha: SearchUI.exe2
ID do Relatório: SearchUI.exe3
Nome completo do pacote com falha: SearchUI.exe4
ID do aplicativo relativo ao pacote com falha: SearchUI.exe5

Error: (07/21/2018 12:19:25 AM) (Source: Application Error) (User: )
Description: Nome do aplicativo com falha: SearchUI.exe, versão: 10.0.17134.165, carimbo de data/hora: 0x5b3f13b5
Nome do módulo com falha: SearchUI.exe, versão: 10.0.17134.165, carimbo de data/hora: 0x5b3f13b5
Código de exceção: 0xc000027b
Deslocamento da falha: 0x00000000001b6aa5
ID do processo com falha: 0x1a5c
Hora de início do aplicativo com falha: 0xSearchUI.exe0
Caminho do aplicativo com falha: SearchUI.exe1
Caminho do módulo com falha: SearchUI.exe2
ID do Relatório: SearchUI.exe3
Nome completo do pacote com falha: SearchUI.exe4
ID do aplicativo relativo ao pacote com falha: SearchUI.exe5

Error: (07/21/2018 12:19:14 AM) (Source: Application Error) (User: )
Description: Nome do aplicativo com falha: SearchUI.exe, versão: 10.0.17134.165, carimbo de data/hora: 0x5b3f13b5
Nome do módulo com falha: SearchUI.exe, versão: 10.0.17134.165, carimbo de data/hora: 0x5b3f13b5
Código de exceção: 0xc000027b
Deslocamento da falha: 0x00000000001b6aa5
ID do processo com falha: 0x1728
Hora de início do aplicativo com falha: 0xSearchUI.exe0
Caminho do aplicativo com falha: SearchUI.exe1
Caminho do módulo com falha: SearchUI.exe2
ID do Relatório: SearchUI.exe3
Nome completo do pacote com falha: SearchUI.exe4
ID do aplicativo relativo ao pacote com falha: SearchUI.exe5

Error: (07/20/2018 07:40:55 PM) (Source: Application Error) (User: )
Description: Nome do aplicativo com falha: SearchUI.exe, versão: 10.0.17134.165, carimbo de data/hora: 0x5b3f13b5
Nome do módulo com falha: SearchUI.exe, versão: 10.0.17134.165, carimbo de data/hora: 0x5b3f13b5
Código de exceção: 0xc000027b
Deslocamento da falha: 0x00000000001b6aa5
ID do processo com falha: 0x11c4
Hora de início do aplicativo com falha: 0xSearchUI.exe0
Caminho do aplicativo com falha: SearchUI.exe1
Caminho do módulo com falha: SearchUI.exe2
ID do Relatório: SearchUI.exe3
Nome completo do pacote com falha: SearchUI.exe4
ID do aplicativo relativo ao pacote com falha: SearchUI.exe5

Error: (07/20/2018 07:40:50 PM) (Source: Application Error) (User: )
Description: Nome do aplicativo com falha: SearchUI.exe, versão: 10.0.17134.165, carimbo de data/hora: 0x5b3f13b5
Nome do módulo com falha: SearchUI.exe, versão: 10.0.17134.165, carimbo de data/hora: 0x5b3f13b5
Código de exceção: 0xc000027b
Deslocamento da falha: 0x00000000001b6aa5
ID do processo com falha: 0x136c
Hora de início do aplicativo com falha: 0xSearchUI.exe0
Caminho do aplicativo com falha: SearchUI.exe1
Caminho do módulo com falha: SearchUI.exe2
ID do Relatório: SearchUI.exe3
Nome completo do pacote com falha: SearchUI.exe4
ID do aplicativo relativo ao pacote com falha: SearchUI.exe5

Error: (07/20/2018 07:40:46 PM) (Source: Application Error) (User: )
Description: Nome do aplicativo com falha: SearchUI.exe, versão: 10.0.17134.165, carimbo de data/hora: 0x5b3f13b5
Nome do módulo com falha: SearchUI.exe, versão: 10.0.17134.165, carimbo de data/hora: 0x5b3f13b5
Código de exceção: 0xc000027b
Deslocamento da falha: 0x00000000001b6aa5
ID do processo com falha: 0x1050
Hora de início do aplicativo com falha: 0xSearchUI.exe0
Caminho do aplicativo com falha: SearchUI.exe1
Caminho do módulo com falha: SearchUI.exe2
ID do Relatório: SearchUI.exe3
Nome completo do pacote com falha: SearchUI.exe4
ID do aplicativo relativo ao pacote com falha: SearchUI.exe5

Error: (07/20/2018 07:40:41 PM) (Source: Application Error) (User: )
Description: Nome do aplicativo com falha: SearchUI.exe, versão: 10.0.17134.165, carimbo de data/hora: 0x5b3f13b5
Nome do módulo com falha: SearchUI.exe, versão: 10.0.17134.165, carimbo de data/hora: 0x5b3f13b5
Código de exceção: 0xc000027b
Deslocamento da falha: 0x00000000001b6aa5
ID do processo com falha: 0x1af8
Hora de início do aplicativo com falha: 0xSearchUI.exe0
Caminho do aplicativo com falha: SearchUI.exe1
Caminho do módulo com falha: SearchUI.exe2
ID do Relatório: SearchUI.exe3
Nome completo do pacote com falha: SearchUI.exe4
ID do aplicativo relativo ao pacote com falha: SearchUI.exe5


System errors:
=============
Error: (07/21/2018 12:22:14 AM) (Source: DCOM) (User: DESKTOP-DELL)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}DESKTOP-DELLUserS-1-5-21-3482450098-3671538303-3377208914-1001LocalHost (Usando LRPC)Não DisponívelNão Disponível

Error: (07/21/2018 12:18:48 AM) (Source: EventLog) (User: )
Description: O desligamento do sistema que ocorreu às 23:40:00 do dia ‎20/‎07/‎2018 não era esperado.

Error: (07/21/2018 12:03:43 AM) (Source: DCOM) (User: DESKTOP-DELL)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}DESKTOP-DELLUserS-1-5-21-3482450098-3671538303-3377208914-1001LocalHost (Usando LRPC)Não DisponívelNão Disponível

Error: (07/20/2018 07:42:13 PM) (Source: DCOM) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalIniciarWindows.SecurityCenter.WscDataProtectionNão DisponívelAUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível

Error: (07/20/2018 07:41:46 PM) (Source: BugCheck) (User: )
Description: 0x000000d1 (0xffffbb012f811010, 0x00000000000000ff, 0x0000000000000000, 0xfffff80e671395ae)C:\WINDOWS\MEMORY.DMPc21e8162-5b5d-4aab-b900-1457e8923147

Error: (07/20/2018 07:39:59 PM) (Source: EventLog) (User: )
Description: O desligamento do sistema que ocorreu às 19:32:01 do dia ‎20/‎07/‎2018 não era esperado.

Error: (07/20/2018 07:34:18 PM) (Source: DCOM) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalIniciarWindows.SecurityCenter.WscDataProtectionNão DisponívelAUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível

Error: (07/20/2018 07:33:53 PM) (Source: BugCheck) (User: )
Description: 0x00000050 (0xfffff6fb7dbed938, 0x0000000000000000, 0xfffff804d45e78be, 0x000000000000000c)C:\WINDOWS\MEMORY.DMPfd26c74b-9d94-491c-8b7f-fe7795387d72

Error: (07/20/2018 07:32:01 PM) (Source: EventLog) (User: )
Description: O desligamento do sistema que ocorreu às 17:32:48 do dia ‎19/‎07/‎2018 não era esperado.

Error: (07/19/2018 05:40:27 PM) (Source: DCOM) (User: DESKTOP-DELL)
Description: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI


Microsoft Office Sessions:
=========================
Error: (07/21/2018 12:19:41 AM) (Source: Application Error)(User: )
Description: SearchUI.exe10.0.17134.1655b3f13b5SearchUI.exe10.0.17134.1655b3f13b5c000027b00000000001b6aa51bf001d420a1aa213ffaC:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exeC:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exece8d3b00-a312-49bc-9739-98f37f7d8a93Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewyCortanaUI

Error: (07/21/2018 12:19:37 AM) (Source: Application Error)(User: )
Description: SearchUI.exe10.0.17134.1655b3f13b5SearchUI.exe10.0.17134.1655b3f13b5c000027b00000000001b6aa559401d420a1a7b90d4fC:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exeC:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exece07728e-0aa6-4af8-b5d6-9abc15b2083dMicrosoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewyCortanaUI

Error: (07/21/2018 12:19:33 AM) (Source: Application Error)(User: )
Description: SearchUI.exe10.0.17134.1655b3f13b5SearchUI.exe10.0.17134.1655b3f13b5c000027b00000000001b6aa5172401d420a1a53ef1a5C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exeC:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exec33e1c03-2a83-4db2-9562-e0cb4973f661Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewyCortanaUI

Error: (07/21/2018 12:19:29 AM) (Source: Application Error)(User: )
Description: SearchUI.exe10.0.17134.1655b3f13b5SearchUI.exe10.0.17134.1655b3f13b5c000027b00000000001b6aa523c01d420a1a2c16321C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exeC:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe5eb21ac9-588f-4a05-8867-15d8ca62f87bMicrosoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewyCortanaUI

Error: (07/21/2018 12:19:25 AM) (Source: Application Error)(User: )
Description: SearchUI.exe10.0.17134.1655b3f13b5SearchUI.exe10.0.17134.1655b3f13b5c000027b00000000001b6aa51a5c01d420a1a01695f5C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exeC:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exee0345923-d441-44bf-85d9-65ea692427bfMicrosoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewyCortanaUI

Error: (07/21/2018 12:19:14 AM) (Source: Application Error)(User: )
Description: SearchUI.exe10.0.17134.1655b3f13b5SearchUI.exe10.0.17134.1655b3f13b5c000027b00000000001b6aa5172801d420a198374714C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exeC:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exeaa48c25d-ece1-4a7d-af16-012086efe875Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewyCortanaUI

Error: (07/20/2018 07:40:55 PM) (Source: Application Error)(User: )
Description: SearchUI.exe10.0.17134.1655b3f13b5SearchUI.exe10.0.17134.1655b3f13b5c000027b00000000001b6aa511c401d4207ab8115027C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exeC:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe1c27e4f1-545b-4f53-a75c-1d0673f67907Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewyCortanaUI

Error: (07/20/2018 07:40:50 PM) (Source: Application Error)(User: )
Description: SearchUI.exe10.0.17134.1655b3f13b5SearchUI.exe10.0.17134.1655b3f13b5c000027b00000000001b6aa5136c01d4207ab5a2c483C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exeC:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exec585c9c5-461a-4788-9459-f6bbe79d6dbdMicrosoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewyCortanaUI

Error: (07/20/2018 07:40:46 PM) (Source: Application Error)(User: )
Description: SearchUI.exe10.0.17134.1655b3f13b5SearchUI.exe10.0.17134.1655b3f13b5c000027b00000000001b6aa5105001d4207ab2e0f759C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exeC:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe7c0d09bc-cfee-4aa2-b642-4f988c51e691Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewyCortanaUI

Error: (07/20/2018 07:40:41 PM) (Source: Application Error)(User: )
Description: SearchUI.exe10.0.17134.1655b3f13b5SearchUI.exe10.0.17134.1655b3f13b5c000027b00000000001b6aa51af801d4207ab04c2f60C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exeC:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe15a03b90-b267-40ce-9141-002f8ba1ed22Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewyCortanaUI


CodeIntegrity Errors:
===================================
  Date: 2018-07-21 00:29:28.669
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-07-21 00:29:28.668
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-07-21 00:29:13.729
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-07-21 00:29:13.728
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-07-21 00:29:11.797
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-07-21 00:29:11.796
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-07-21 00:29:08.961
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-07-21 00:29:08.960
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-07-21 00:29:06.704
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-07-21 00:29:06.703
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.


=========================== Installed Programs ============================

7-Zip 18.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1801-000001000000}) (Version: 18.01.00.0 - Igor Pavlov)
7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.6.0.384 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_7_4) (Version: 7.4 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2018 (HKLM-x32\...\AME_12_1_1) (Version: 12.1.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_5) (Version: 19.1.5 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_1_1) (Version: 12.1.1 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{C29B636B-9015-4ED1-A12F-6375A337F23B}) (Version: 11.4.1.46 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version:  - Ubisoft)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform)
Doki Doki Literature Club (HKLM\...\Steam App 698780) (Version:  - Team Salvato)
Epic Games Launcher (HKLM-x32\...\{F47DCC6C-FB71-4BF6-9B2A-68A5B4B35E92}) (Version: 1.1.147.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{816185C8-7C13-4650-9AB4-FC2EC9651A77}) (Version: 2.8.0.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{541E6575-D4A4-448A-91F3-F5E9D6731A7F}) (Version: 3.10.0083 - Seiko Epson Corporation)
EPSON L375 Series Printer Uninstall (HKLM\...\EPSON L375 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Far Cry 5 (HKLM-x32\...\{73B938C4-0DDA-448D-8E46-87401EA87339}_is1) (Version:  - Ubisoft)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.0.1.1049 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Hacknet (HKLM\...\Steam App 365450) (Version:  - Team Fractal Alligator)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
iTunes (HKLM\...\{63895904-5266-45D1-A3C5-F61A3BAFA224}) (Version: 12.8.0.150 - Apple Inc.)
Kingdom: Classic (HKLM\...\Steam App 368230) (Version:  - Noio)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
LonelyScreen 1.2 (HKLM-x32\...\LonelyScreen AirPlay Receiver_is1) (Version: 1.2 - IMTIGER Technologies Inc.)
LonelyScreen 1.2.16 (HKLM-x32\...\LonelyScreen_is1) (Version: 1.2.16 - IMTIGER Technologies Inc.)
Malwarebytes versão 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.10228.20134 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 18.091.0506.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Mozilla Firefox 61.0.1 (x64 pt-BR) (HKLM\...\Mozilla Firefox 61.0.1 (x64 pt-BR)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.2.0.0 - Duodian Technology Co. Ltd.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Opera Stable 51.0.2830.55 (HKLM-x32\...\Opera 51.0.2830.55) (Version: 51.0.2830.55 - Opera Software)
Portal (HKLM\...\Steam App 400) (Version:  - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
qBittorrent 4.1.1 (HKLM-x32\...\qBittorrent) (Version: 4.1.1 - The qBittorrent project)
R for Windows 3.4.4 (HKLM\...\R for Windows 3.4.4_is1) (Version: 3.4.4 - R Core Team)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKCU\...\Spotify) (Version: 1.0.80.474.gef6b503e - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{E5347310-C82F-4833-AA36-8D11E5A8A86A}) (Version: 6.6 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{D745E014-74DD-43A3-98DF-E7D38164B681}) (Version: 6.6 - Apple Inc.)
The Awesome Adventures of Captain Spirit (HKLM\...\Steam App 845070) (Version:  - DONTNOD Entertainment)
Uplay (HKLM-x32\...\Uplay) (Version: 51.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.1 - VideoLAN)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 24%
Total physical RAM: 6060.95 MB
Available physical RAM: 4594.43 MB
Total Virtual: 7020.95 MB
Available Virtual: 5708.98 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.22 GB) (Free:145.69 GB) NTFS
3 Drive f: (HD EXTERNO ATHOS) (Fixed) (Total:298.09 GB) (Free:68.06 GB) NTFS
4 Drive h: () (Fixed) (Total:465.76 GB) (Free:422.15 GB) NTFS

========================= Users: ========================================

Contas de usu rio para \\DESKTOP-DELL

Administrador            Convidado                DefaultAccount           
User                     WDAGUtilityAccount       
Comando conclu¡do com ˆxito.

========================= Minidump Files ==================================

No minidump file found


**** End of log ****
 

Process Explorer

 

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
ctfmon.exe        4.700 K    15.420 K    4932    Carregador CTF    Microsoft Corporation    (Verified) Microsoft Windows
escsvc64.exe        1.288 K    5.596 K    2888    Epson Scanner Service (64bit)    Seiko Epson Corporation    (Verified) SEIKO EPSON Corporation
fontdrvhost.exe        5.768 K    11.748 K    920    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
fontdrvhost.exe        1.556 K    3.924 K    912    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
GoogleUpdate.exe        2.276 K    1.268 K    1032    Google Installer    Google Inc.    (Verified) Google Inc
igfxCUIService.exe        2.056 K    8.876 K    1776    igfxCUIService Module    Intel Corporation    (Verified) Intel® pGFX
igfxEM.exe        3.600 K    12.540 K    6316    igfxEM Module    Intel Corporation    (Verified) Intel® pGFX
igfxHK.exe        2.344 K    9.080 K    6324    igfxHK Module    Intel Corporation    (Verified) Intel® pGFX
igfxTray.exe        2.968 K    11.068 K    6332            (Verified) Intel® pGFX
mDNSResponder.exe        1.660 K    6.460 K    2836    Bonjour Service    Apple Inc.    (Verified) Apple Inc.
Memory Compression        112 K    2.280 K    1452            
NisSrv.exe        5.132 K    9.148 K    6016    Microsoft Network Realtime Inspection Service    Microsoft Corporation    (Verified) Microsoft Corporation
OfficeClickToRun.exe        33.716 K    50.484 K    2852    Microsoft Office Click-to-Run (SxS)    Microsoft Corporation    (Verified) Microsoft Corporation
PresentationFontCache.exe        28.812 K    23.780 K    4700    PresentationFontCache.exe    Microsoft Corporation    (Verified) Microsoft Corporation
procexp.exe        3.040 K    10.276 K    1040    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
RAVBg64.exe        5.812 K    13.732 K    2656    HD Audio Background Process    Realtek Semiconductor    (Verified) Realtek Semiconductor Corp
RAVBg64.exe        6.128 K    14.500 K    2648    HD Audio Background Process    Realtek Semiconductor    (Verified) Realtek Semiconductor Corp
RAVBg64.exe        5.800 K    13.904 K    6968    HD Audio Background Process    Realtek Semiconductor    (Verified) Realtek Semiconductor Corp
Registry        2.560 K    33.948 K    84            
RtkAudioService64.exe        1.700 K    7.384 K    2136    Realtek Audio Service    Realtek Semiconductor    (Verified) Realtek Semiconductor Corp
RtkNGUI64.exe        4.604 K    13.556 K    4344    Gerenciador de áudio HD Realtek    Realtek Semiconductor    (Verified) Realtek Semiconductor Corp
RuntimeBroker.exe        6.696 K    26.828 K    5904    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
SecurityHealthService.exe        3.168 K    13.140 K    3028    Windows Security Health Service    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SgrmBroker.exe        2.244 K    4.132 K    1968    Serviço System Guard Runtime Monitor Broker    Microsoft Corporation    (Verified) Microsoft Windows Publisher
ShellExperienceHost.exe    Suspended    30.008 K    78.136 K    5440    Windows Shell Experience Host    Microsoft Corporation    (Verified) Microsoft Windows
smss.exe        472 K    1.124 K    368    Gerenciador de Sessão do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
spoolsv.exe        5.744 K    15.780 K    2556    Aplicativo de subsistema de spooler    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        980 K    3.916 K    904    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3.576 K    7.644 K    1672    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.948 K    7.872 K    1872    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.320 K    5.764 K    1400    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.452 K    9.064 K    1252    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.060 K    8.124 K    1864    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.880 K    8.080 K    1664    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.032 K    9.424 K    1172    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.236 K    11.660 K    2500    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.960 K    8.052 K    2604    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.364 K    8.920 K    2128    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.356 K    5.600 K    3036    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.344 K    5.400 K    3412    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.632 K    6.500 K    3012    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.912 K    7.568 K    3048    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.004 K    8.580 K    3020    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.012 K    7.208 K    2916    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.768 K    7.024 K    3732    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.300 K    5.824 K    3664    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3.364 K    11.720 K    3500    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.384 K    5.472 K    4100    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3.608 K    10.556 K    2860    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.800 K    7.816 K    4884    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.668 K    8.016 K    1504    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.136 K    8.572 K    4452    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.408 K    6.012 K    7060    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.628 K    5.692 K    6872    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3.440 K    7.896 K    4280    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3.280 K    11.712 K    2896    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.072 K    7.572 K    7628    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7.268 K    31.300 K    4616    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.644 K    5.996 K    1284    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.124 K    7.424 K    1808    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.696 K    6.404 K    2188    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4.612 K    19.684 K    2276    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.592 K    11.732 K    5156    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.312 K    8.484 K    6956    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3.252 K    12.504 K    2196    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4.444 K    12.236 K    2240    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4.912 K    15.808 K    2448    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.952 K    7.292 K    2376    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3.584 K    12.576 K    2068    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4.236 K    11.680 K    1924    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7.832 K    25.776 K    2228    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.080 K    8.736 K    5632    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        9.200 K    18.716 K    1496    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.968 K    12.304 K    4184    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4.748 K    16.416 K    6860    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.360 K    7.852 K    500    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4.728 K    17.172 K    5548    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.656 K    10.612 K    1184    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        11.504 K    19.040 K    2880    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7.232 K    19.484 K    2868    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
taskhostw.exe        4.796 K    14.256 K    4728    Processo de Host para Tarefas do Windows    Microsoft Corporation    (Verified) Microsoft Windows
wininit.exe        1.396 K    6.536 K    656    Aplicativo de Inicialização do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
winlogon.exe        2.476 K    10.192 K    788    Aplicativo de Logon do Windows    Microsoft Corporation    (Verified) Microsoft Windows
WMIC.exe        2.308 K    10.928 K    5384    Utilitário de Linha de comando WMI    Microsoft Corporation    (Verified) Microsoft Windows
WmiPrvSE.exe        2.272 K    8.380 K    5928    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
WUDFHost.exe        2.032 K    8.220 K    1512    Windows Driver Foundation - Processo de Host da Estrutura de Driver de Modo de Usuário    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    < 0.01    1.900 K    7.796 K    1520    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
services.exe    < 0.01    4.824 K    9.588 K    724    Aplicativo de serviços e controle    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SearchIndexer.exe    < 0.01    21.980 K    25.700 K    2280    Indexador do Microsoft Windows Search    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    < 0.01    2.984 K    9.148 K    1352    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
audiodg.exe    < 0.01    6.268 K    11.504 K    4340    Isolamento de Gráfico de Dispositivo de Áudio do Windows     Microsoft Corporation    (Verified) Microsoft Windows
PnkBstrA.exe    < 0.01    1.404 K    6.512 K    2996            (Verified) Even Balance
svchost.exe    < 0.01    6.776 K    21.368 K    4580    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    51.380 K    60.428 K    1388    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
sihost.exe    < 0.01    4.860 K    24.268 K    4568    Shell Infrastructure Host    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    < 0.01    2.760 K    7.848 K    2204    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
conhost.exe    0.01    5.680 K    11.064 K    3208    Host da Janela do Console    Microsoft Corporation    (Verified) Microsoft Windows
EEventManager.exe    0.01    2.964 K    11.964 K    7132    EEventManager Application    SEIKO EPSON CORPORATION    (Verified) SEIKO EPSON CORPORATION
conhost.exe    0.01    5.676 K    11.036 K    6824    Host da Janela do Console    Microsoft Corporation    (Verified) Microsoft Windows
AppleMobileDeviceService.exe    0.01    3.444 K    12.632 K    2828    MobileDeviceService    Apple Inc.    (Verified) Apple Inc.
WMIC.exe    0.01    2.280 K    10.940 K    2212    Utilitário de Linha de comando WMI    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.01    1.892 K    9.704 K    6612    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    0.01    5.900 K    14.712 K    1132    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
RuntimeBroker.exe    0.01    4.912 K    15.288 K    6136    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
csrss.exe    0.02    1.732 K    5.096 K    564    Processo do tempo de Execução do Servidor do Cliente    Microsoft Corporation    (Verified) Microsoft Windows Publisher
lsass.exe    0.03    5.672 K    14.760 K    732    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    0.04    8.208 K    22.448 K    988    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    0.07    16.348 K    19.516 K    1532    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
speedfan.exe    0.07    11.892 K    26.924 K    7084            (Verified) SOKNO S.R.L.
explorer.exe    0.10    61.936 K    136.648 K    5064    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
csrss.exe    0.13    2.176 K    5.324 K    672    Processo do tempo de Execução do Servidor do Cliente    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    0.17    8.932 K    18.208 K    2024    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
dwm.exe    0.23    34.088 K    54.932 K    568    Gerenciador de Janelas da Área de Trabalho    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.25    5.284 K    11.108 K    316    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
Interrupts    0.39    0 K    0 K    n/a    Hardware Interrupts and DPCs        
MsMpEng.exe    0.65    124.244 K    100.980 K    1936    Antimalware Service Executable    Microsoft Corporation    (Verified) Microsoft Corporation
SppExtComObj.Exe    0.97    2.300 K    9.544 K    7292    KMS Connection Broker    Microsoft Corporation    (Verified) Microsoft Windows
System    1.69    204 K    7.932 K    4            
procexp64.exe    2.10    26.468 K    58.912 K    5532    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
WmiPrvSE.exe    2.64    5.380 K    13.176 K    6852    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
sppsvc.exe    37.32    6.904 K    16.064 K    2480    Serviço da Plataforma de Proteção de Software da Microsoft    Microsoft Corporation    (Verified) Microsoft Windows
System Idle Process    53.03    52 K    8 K    0            
 

 

junk.txt

Nome da imagem            Identifi Serviços                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
Registry                        84 N/A                                         
smss.exe                       368 N/A                                         
csrss.exe                      564 N/A                                         
wininit.exe                    656 N/A                                         
csrss.exe                      672 N/A                                         
services.exe                   724 N/A                                         
lsass.exe                      732 KeyIso, SamSs                               
winlogon.exe                   788 N/A                                         
svchost.exe                    904 PlugPlay                                    
fontdrvhost.exe                912 N/A                                         
fontdrvhost.exe                920 N/A                                         
svchost.exe                    988 BrokerInfrastructure, DcomLaunch, Power,    
                                   SystemEventsBroker                          
svchost.exe                    316 RpcEptMapper, RpcSs                         
svchost.exe                    500 LSM                                         
dwm.exe                        568 N/A                                         
svchost.exe                   1132 Schedule                                    
svchost.exe                   1172 NcbService                                  
svchost.exe                   1184 ProfSvc                                     
svchost.exe                   1252 UserManager                                 
svchost.exe                   1284 hidserv                                     
svchost.exe                   1388 SysMain                                     
svchost.exe                   1400 Themes                                      
Memory Compression            1452 N/A                                         
svchost.exe                   1496 BFE, CoreMessagingRegistrar, mpssvc         
svchost.exe                   1504 TimeBrokerSvc                               
WUDFHost.exe                  1512 N/A                                         
svchost.exe                   1520 EventSystem                                 
svchost.exe                   1532 EventLog                                    
svchost.exe                   1664 SENS                                        
svchost.exe                   1672 nsi                                         
igfxCUIService.exe            1776 igfxCUIService2.0.0.0                       
svchost.exe                   1808 Dhcp                                        
svchost.exe                   1864 AudioEndpointBuilder                        
svchost.exe                   1872 FontCache                                   
svchost.exe                   1924 NlaSvc                                      
svchost.exe                   2024 Winmgmt                                     
svchost.exe                   1352 netprofm                                    
svchost.exe                   2068 Audiosrv                                    
RtkAudioService64.exe         2136 RtkAudioService                             
svchost.exe                   2188 DusmSvc                                     
svchost.exe                   2196 Wcmsvc                                      
svchost.exe                   2204 Dnscache                                    
svchost.exe                   2240 StateRepository                             
svchost.exe                   2376 WinHttpAutoProxySvc                         
svchost.exe                   2448 WlanSvc                                     
svchost.exe                   2500 ShellHWDetection                            
spoolsv.exe                   2556 Spooler                                     
svchost.exe                   2604 LanmanWorkstation                           
RAVBg64.exe                   2648 N/A                                         
RAVBg64.exe                   2656 N/A                                         
AppleMobileDeviceService.     2828 Apple Mobile Device Service                 
mDNSResponder.exe             2836 Bonjour Service                             
OfficeClickToRun.exe          2852 ClickToRunSvc                               
svchost.exe                   2860 CryptSvc                                    
svchost.exe                   2868 DiagTrack                                   
svchost.exe                   2880 DPS                                         
escsvc64.exe                  2888 EpsonScanSvc                                
svchost.exe                   2896 iphlpsvc                                    
svchost.exe                   2916 osrss                                       
PnkBstrA.exe                  2996 PnkBstrA                                    
svchost.exe                   3012 SstpSvc                                     
svchost.exe                   3020 stisvc                                      
SecurityHealthService.exe     3028 SecurityHealthService                       
svchost.exe                   3036 TrkWks                                      
svchost.exe                   3048 W32Time                                     
MsMpEng.exe                   1936 WinDefend                                   
svchost.exe                   2128 LanmanServer                                
svchost.exe                   2276 WpnService                                  
svchost.exe                   3412 WdiServiceHost                              
svchost.exe                   3500 RasMan                                      
svchost.exe                   3664 DeviceAssociationService                    
svchost.exe                   3732 PolicyAgent                                 
svchost.exe                   4100 lmhosts                                     
sihost.exe                    4568 N/A                                         
svchost.exe                   4580 CDPUserSvc_433ef                            
svchost.exe                   4616 WpnUserService_433ef                        
PresentationFontCache.exe     4700 FontCache3.0.0.0                            
taskhostw.exe                 4728 N/A                                         
svchost.exe                   4884 TabletInputService                          
ctfmon.exe                    4932 N/A                                         
explorer.exe                  5064 N/A                                         
svchost.exe                   4184 TokenBroker                                 
svchost.exe                   5156 lfsvc                                       
ShellExperienceHost.exe       5440 N/A                                         
svchost.exe                   5548 CDPSvc                                      
RuntimeBroker.exe             5904 N/A                                         
NisSrv.exe                    6016 WdNisSvc                                    
igfxEM.exe                    6316 N/A                                         
igfxHK.exe                    6324 N/A                                         
igfxTray.exe                  6332 N/A                                         
svchost.exe                   6612 LicenseManager                              
WmiPrvSE.exe                  6852 N/A                                         
RtkNGUI64.exe                 4344 N/A                                         
svchost.exe                   7060 Appinfo                                     
RAVBg64.exe                   6968 N/A                                         
svchost.exe                   6872 WdiSystemHost                               
svchost.exe                   4280 PcaSvc                                      
EEventManager.exe             7132 N/A                                         
audiodg.exe                   4340 N/A                                         
speedfan.exe                  7084 N/A                                         
svchost.exe                   6956 RmSvc                                       
GoogleUpdate.exe              1032 N/A                                         
SgrmBroker.exe                1968 SgrmBroker                                  
svchost.exe                   2228 UsoSvc                                      
svchost.exe                   5632 wscsvc                                      
SearchIndexer.exe             2280 WSearch                                     
svchost.exe                   6860 DoSvc                                       
svchost.exe                   4452 StorSvc                                     
RuntimeBroker.exe             6136 N/A                                         
WmiPrvSE.exe                  5928 N/A                                         
powershell.exe                7548 N/A                                         
conhost.exe                   7560 N/A                                         
firefox.exe                   5892 N/A                                         
firefox.exe                   8120 N/A                                         
firefox.exe                   8044 N/A                                         
firefox.exe                    768 N/A                                         
firefox.exe                   3344 N/A                                         
sppsvc.exe                    4804 sppsvc                                      
SppExtComObj.Exe              6512 N/A                                         
tasklist.exe                  1060 N/A                                         
 

Speccy

"DESKTOP-DELL.txt" file attached

Attached Files


  • 0

#7
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,316 posts
  • MVP

Speccy shows you have a weak WiFi signal.

 

Wi-Fi (Bella Republica 1)
                    SSID    Bella Republica 1
                    Frequency    2442000 kHz
                    Channel Number    7
                    Name    Bella Republica 1
                    Signal Strength/Quality    40
                    Security    Enabled
                    State    The interface is connected to a network
                    Dot11 Type    Infrastructure BSS network
                    Network    Connectible
                    Network Flags    Currently Connected to this network
                    Cipher Algorithm to be used when joining this network    AES-CCMP algorithm
                    Default Auth used to join this network for the first time    802.11i RSNA algorithm that uses PSK

 

 

So your connection is marginal at best.  You might want to invest in a new Wireless adapter- one with an antenna.  Or move your PC closer to the router.  Or put the router up higher or move it so its signal is not blocked.  Or try different positions of the router's antenna.

 

Process Explorer shows a problem with

 

sppsvc.exe    37.32    6.904 K    16.064 K    2480    Serviço da Plataforma de Proteção de Software da Microsoft    Microsoft Corporation    (Verified) Microsoft Windows
 

 

Possibly we caught it at a bad time.  Make a new Process Explorer log and let's see if it still is using so much CPU.

 

57 seems high for a desktop.  Speccy seems to think it's running much cooler.  Was that after cleaning?


  • 0

#8
asbr242

asbr242

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts

Okay, the strenth was bad for real, I didn't notice that the desktop was faced to the wrong side when running the programs, but I don't think it was the problem, as the bad connections happened when was close to the router. I did a new Speccy so you can see:

 

Wi-Fi Info
            Using native Wi-Fi API version    2
            Available access points count    2
                   Wi-Fi (Bella Republica 1)
                    SSID    Bella Republica 1
                    Frequency    2442000 kHz
                    Channel Number    7
                    Name    Bella Republica 1
                    Signal Strength/Quality    86
                    Security    Enabled
                    State    The interface is connected to a network
                    Dot11 Type    Infrastructure BSS network
                    Network    Connectible
                    Network Flags    Currently Connected to this network
                    Cipher Algorithm to be used when joining this network    AES-CCMP algorithm
                    Default Auth used to join this network for the first time    802.11i RSNA algorithm that uses PSK

 

I ran another Process Explorer and you can see it here, I think sppsvc.exe got normal:

svchost.exe        2.540 K    7.072 K    500    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.980 K    7.420 K    2604    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4.676 K    12.324 K    2240    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        9.936 K    23.352 K    988    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        10.756 K    25.096 K    2228    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4.652 K    15.872 K    6860    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6.876 K    19.260 K    4580    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3.448 K    13.216 K    6612    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SystemSettings.exe    Suspended    19.836 K    42.640 K    320    Configurações    Microsoft Corporation    (Verified) Microsoft Windows
taskhostw.exe        6.192 K    17.812 K    7176    Processo de Host para Tarefas do Windows    Microsoft Corporation    (Verified) Microsoft Windows
taskhostw.exe        6.780 K    15.916 K    4728    Processo de Host para Tarefas do Windows    Microsoft Corporation    (Verified) Microsoft Windows
wininit.exe        1.316 K    5.260 K    656    Aplicativo de Inicialização do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
winlogon.exe        2.576 K    8.292 K    788    Aplicativo de Logon do Windows    Microsoft Corporation    (Verified) Microsoft Windows
WinStore.App.exe    Suspended    36.592 K    58.820 K    1852    Store    Microsoft Corporation    (Nenhuma assinatura presente no requerente) Microsoft Corporation
WMIC.exe        2.268 K    10.404 K    8900    Utilitário de Linha de comando WMI    Microsoft Corporation    (Verified) Microsoft Windows
WMIC.exe        2.272 K    10.312 K    5404    Utilitário de Linha de comando WMI    Microsoft Corporation    (Verified) Microsoft Windows
WmiPrvSE.exe        12.684 K    23.856 K    6852    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
WmiPrvSE.exe        3.180 K    9.176 K    7700    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
WUDFHost.exe        1.944 K    6.800 K    1512    Windows Driver Foundation - Processo de Host da Estrutura de Driver de Modo de Usuário    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    < 0.01    57.524 K    62.332 K    1388    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    4.744 K    14.964 K    5548    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    9.780 K    17.940 K    1496    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
PnkBstrA.exe    < 0.01    1.332 K    5.676 K    2996            (Verified) Even Balance
iexplore.exe    < 0.01    48.352 K    67.972 K    8988    Internet Explorer    Microsoft Corporation    (Verified) Microsoft Corporation
conhost.exe    < 0.01    5.680 K    10.564 K    5832    Host da Janela do Console    Microsoft Corporation    (Verified) Microsoft Windows
conhost.exe    < 0.01    5.688 K    10.540 K    6204    Host da Janela do Console    Microsoft Corporation    (Verified) Microsoft Windows
iexplore.exe    < 0.01    11.356 K    36.256 K    8624    Internet Explorer    Microsoft Corporation    (Verified) Microsoft Corporation
OfficeClickToRun.exe    < 0.01    34.828 K    40.996 K    2852    Microsoft Office Click-to-Run (SxS)    Microsoft Corporation    (Verified) Microsoft Corporation
svchost.exe    < 0.01    11.364 K    20.312 K    2024    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
EEventManager.exe    0.01    3.848 K    11.548 K    7132    EEventManager Application    SEIKO EPSON CORPORATION    (Verified) SEIKO EPSON CORPORATION
AppleMobileDeviceService.exe    0.01    3.444 K    7.856 K    2828    MobileDeviceService    Apple Inc.    (Verified) Apple Inc.
ctfmon.exe    0.01    13.164 K    18.492 K    4932    Carregador CTF    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.01    6.208 K    11.676 K    316    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
explorer.exe    0.04    84.252 K    150.864 K    5064    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
speedfan.exe    0.06    11.472 K    27.524 K    4648            (Verified) SOKNO S.R.L.
csrss.exe    0.12    2.308 K    4.804 K    672    Processo do tempo de Execução do Servidor do Cliente    Microsoft Corporation    (Verified) Microsoft Windows Publisher
lsass.exe    0.27    6.476 K    36.752 K    732    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
dwm.exe    0.28    42.536 K    53.460 K    568    Gerenciador de Janelas da Área de Trabalho    Microsoft Corporation    (Verified) Microsoft Windows
Interrupts    0.43    0 K    0 K    n/a    Hardware Interrupts and DPCs        
MsMpEng.exe    0.63    144.668 K    132.140 K    1936    Antimalware Service Executable    Microsoft Corporation    (Verified) Microsoft Corporation
System    1.89    216 K    11.560 K    4            
procexp64.exe    2.23    25.828 K    58.136 K    8296    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
System Idle Process    93.98    52 K    8 K    0
            
 

About the cooler/temps, I wasn't able to clean when did the tests, sorry to forget informing it before. Now I did some cleaning, but not how I wanted as I lost the only tool that fits on my cooler screw, so only did some ar through the opposite direction an used an small cloth to get "inside" the space bettween the cooler and the metal. Note that this is with the case door open: Now I get 47C on SpeedFan with only firefox running, will make some tests about gaming soon.


  • 0

#9
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,316 posts
  • MVP

Sounds like you are making progress.  How is it running now?


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP