Jump to content

Doodsey

Members
 View Profile  See their activity

  • Posts

    4

  • Joined

  • Last visited

Reputation

0 Neutral
  1. Doodsey
    Of course my man, here it is. Until now it seems the problem has been mitigated, I'll let you know if anything else comes up! Thank you for your time dude, I really appreciate that, people like you make the world a better place. Peace! Quarantine.rar
  2. Doodsey
    Here's the log my dude: Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 02.01.2018 Executado por eduad (04-01-2018 17:34:06) Run:1 Executando a partir de C:\Users\eduad\Desktop Perfis Carregados: eduad (Perfis Disponíveis: eduad) Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** CloseProcesses: CreateRestorePoint: DeleteKey: HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ligncphnohhjkgekjkghahajihclailj CHR HomePage: Default -> hxxp://mail.ru/cnt/10445?gp=811141 CHR StartupUrls: Default -> "hxxp://mail.ru/cnt/10445?gp=811141" CHR NewTab: Default -> "active": true, "entry": "chrome-extension://ligncphnohhjkgekjkghahajihclailj/visual-bookmarks.html" CustomCLSID: HKU\S-1-5-21-2296285372-3677760609-50217273-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-F3CE210F6533}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Nenhum Arquivo Task: {2A698375-F022-4423-9131-71275FF535FC} - System32\Tasks\EoAauKDauI => C:\Windows\SysWOW64\rryEfEnTyuPEI.bat [2017-09-29] () <==== ATENÇÃO Task: {3A6B3FCB-E882-4666-AE61-789B011A0E72} - System32\Tasks\LjRekYiYAtJ => C:\Windows\uwYzUoeIOEo.bat [2017-09-29] () <==== ATENÇÃO Task: {881C1C68-7F6B-475E-9D9A-0C13BB1B926B} - System32\Tasks\AyeEeXeI => C:\Users\eduad\AppData\Roaming\eQeWALMjE.exe [2017-09-29] (Microsoft Corporation) <==== ATENÇÃO C:\ProgramData\ntuser.pol C:\Users\Todos os Usuários\ntuser.pol C:\Users\eduad\AppData\Localtransition_66dee9f2b0fd52bf1b060ee36e97c818.ini C:\Users\eduad\AppData\Local\WMI.ini C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeocknbjpmfgaclencnfjfkklmmfmiie C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ligncphnohhjkgekjkghahajihclailj C:\Users\eduad\AppData\Roaming\eQeWALMjE.exe C:\Windows\iZYFY C:\Windows\HLLYlRbERKVw C:\Windows\uwYzUoeIOEo C:\Windows\iZYFY.bat C:\Windows\HLLYlRbERKVw.bat C:\Windows\uwYzUoeIOEo.bat C:\Windows\YBOZOiA.exe C:\Windows\SysWOW64\rryEfEnTyuPEI C:\Windows\SysWOW64\rryEfEnTyuPEI.bat EmptyTemp: ***************** Processos fechados com sucesso. Ponto de Restauração criado com sucesso. "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ligncphnohhjkgekjkghahajihclailj" => removido (a) com sucesso. "Chrome HomePage" => não encontrado (a) "Chrome StartupUrls" => não encontrado (a) "NewTab" => não encontrado (a) "entry": "chrome-extension://ligncphnohhjkgekjkghahajihclailj/visual-bookmarks.html" => Erro: Nenhuma correção automática foi encontrada para esta entrada. "HKU\S-1-5-21-2296285372-3677760609-50217273-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-F3CE210F6533}" => removido (a) com sucesso. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A698375-F022-4423-9131-71275FF535FC} => chave não encontrado (a) "C:\Windows\System32\Tasks\EoAauKDauI" => não encontrado (a) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EoAauKDauI => chave não encontrado (a) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A6B3FCB-E882-4666-AE61-789B011A0E72} => chave não encontrado (a) "C:\Windows\System32\Tasks\LjRekYiYAtJ" => não encontrado (a) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LjRekYiYAtJ => chave não encontrado (a) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{881C1C68-7F6B-475E-9D9A-0C13BB1B926B} => chave não encontrado (a) "C:\Windows\System32\Tasks\AyeEeXeI" => não encontrado (a) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AyeEeXeI => chave não encontrado (a) C:\ProgramData\ntuser.pol => movido com sucesso "C:\Users\Todos os Usuários\ntuser.pol" => não encontrado (a) C:\Users\eduad\AppData\Localtransition_66dee9f2b0fd52bf1b060ee36e97c818.ini => movido com sucesso C:\Users\eduad\AppData\Local\WMI.ini => movido com sucesso "C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeocknbjpmfgaclencnfjfkklmmfmiie" => não encontrado (a) "C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ligncphnohhjkgekjkghahajihclailj" => não encontrado (a) C:\Users\eduad\AppData\Roaming\eQeWALMjE.exe => movido com sucesso C:\Windows\iZYFY => movido com sucesso C:\Windows\HLLYlRbERKVw => movido com sucesso C:\Windows\uwYzUoeIOEo => movido com sucesso C:\Windows\iZYFY.bat => movido com sucesso C:\Windows\HLLYlRbERKVw.bat => movido com sucesso C:\Windows\uwYzUoeIOEo.bat => movido com sucesso C:\Windows\YBOZOiA.exe => movido com sucesso C:\Windows\SysWOW64\rryEfEnTyuPEI => movido com sucesso C:\Windows\SysWOW64\rryEfEnTyuPEI.bat => movido com sucesso =========== EmptyTemp: ========== BITS transfer queue => 7888896 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15981156 B Java, Flash, Steam htmlcache => 66551433 B Windows/system/drivers => 152500 B Edge => 8704 B Chrome => 0 B Firefox => 380607152 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 6288 B eduad => 6723220 B RecycleBin => 2070 B EmptyTemp: => 455.8 MB de dados temporários Removidos. ================================ O sistema precisou ser reiniciado.
  3. Doodsey
    Here's the malwarebytes summary you asked : (P. S. I had previously run malwarebytes several times before making the post.) Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 04/01/18 Hora da análise: 11:48 Arquivo de registro: e6129bfe-f155-11e7-addd-10feed080c02.json Administrador: Sim -Informação do software- Versão: 3.3.1.2183 Versão de componentes: 1.0.262 Versão do pacote de definições: 1.0.3621 Licença: Versão de Avaliação -Informação do sistema- Sistema operacional: Windows 10 (Build 16299.192) CPU: x64 Sistema de arquivos: NTFS Usuário: PIRILAMPO\eduad -Resumo da análise- Tipo de análise: Análise de Ameaças Resultado: Concluído Objetos verificados: 291617 Ameaças detectadas: 4 Ameaças em quarentena: 4 Tempo decorrido: 3 min, 40 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Desabilitado Heurística: Habilitado PUP: Detectar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 0 (Nenhum item malicioso detectado) Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 4 Adware.FileTour, C:\USERS\EDUAD\APPDATA\LOCAL\TEMP\IS-5FSD5.TMP\C65700AD, Excluir ao reiniciar, [150], [413261],1.0.3621 Adware.FileTour, C:\USERS\EDUAD\APPDATA\LOCAL\TEMP\IS-9BEEN.TMP\C8877729, Excluir ao reiniciar, [150], [413261],1.0.3621 Adware.FileTour, C:\USERS\EDUAD\APPDATA\LOCAL\TEMP\IS-9BEEN.TMP\CD66FBD2, Excluir ao reiniciar, [150], [423225],1.0.3621 Adware.FileTour, C:\USERS\EDUAD\APPDATA\LOCAL\TEMP\IS-5FSD5.TMP\5B48C503, Excluir ao reiniciar, [150], [423225],1.0.3621 Setor físico: 0 (Nenhum item malicioso detectado) (end)
  4. Doodsey
    The title describes it all, every 30 minutes my cmd opens (if I close it) and starts downloading the archive on the annex: I don't know what else to do... I've ran the FRST tool and I'll follow up with the log, please help me! My CPU usage simply Skyrockets whenever the cmd finishes the download, making it so that I have to keep resetting the PC very often, it's really annoying. Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 02.01.2018 Executado por eduad (administrador) em PIRILAMPO (04-01-2018 07:25:39) Executando a partir de C:\Users\eduad\Desktop Perfis Carregados: eduad (Perfis Disponíveis: eduad) Platform: Windows 10 Pro Versão 1709 16299.192 (X64) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão: FF) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe () C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe () C:\Windows\KMS-R@1n.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe () C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\NisSrv.exe (RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe () C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Discord Inc.) C:\Users\eduad\AppData\Local\Discord\app-0.0.299\Discord.exe (Spotify Ltd) C:\Users\eduad\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\eduad\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (Spotify Ltd) C:\Users\eduad\AppData\Roaming\Spotify\Spotify.exe (Discord Inc.) C:\Users\eduad\AppData\Local\Discord\app-0.0.299\Discord.exe (Spotify Ltd) C:\Users\eduad\AppData\Roaming\Spotify\Spotify.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Spotify Ltd) C:\Users\eduad\AppData\Roaming\Spotify\Spotify.exe (香港飞翔科技集团有限公司) C:\Program Files\Gaming MouseV30\MotoSpeed_GamingMouse_V30.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Discord Inc.) C:\Users\eduad\AppData\Local\Discord\app-0.0.299\Discord.exe () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (BitTorrent Inc.) C:\Users\eduad\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) C:\Users\eduad\AppData\Roaming\uTorrent\updates\3.5.1_44332\utorrentie.exe (BitTorrent Inc.) C:\Users\eduad\AppData\Roaming\uTorrent\updates\3.5.1_44332\utorrentie.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe () C:\Windows\KMS-R@1nhook.exe (Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation) HKLM\...\Run: [MouseDriver] => c:\windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] () HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5885352 2017-06-29] (LogMeIn Inc.) HKU\S-1-5-21-2296285372-3677760609-50217273-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation) HKU\S-1-5-21-2296285372-3677760609-50217273-1001\...\Run: [Discord] => C:\Users\eduad\AppData\Local\Discord\app-0.0.299\Discord.exe [57954808 2017-12-11] (Discord Inc.) HKU\S-1-5-21-2296285372-3677760609-50217273-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-2296285372-3677760609-50217273-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10024624 2017-11-08] (Piriform Ltd) HKU\S-1-5-21-2296285372-3677760609-50217273-1001\...\Run: [Spotify] => C:\Users\eduad\AppData\Roaming\Spotify\Spotify.exe [21070224 2017-12-17] (Spotify Ltd) HKU\S-1-5-21-2296285372-3677760609-50217273-1001\...\Run: [World of Tanks] => "C:\World Of Tanks\WargamingGameUpdater.exe" HKU\S-1-5-21-2296285372-3677760609-50217273-1001\...\Run: [Spotify Web Helper] => C:\Users\eduad\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2017-12-17] (Spotify Ltd) HKU\S-1-5-21-2296285372-3677760609-50217273-1001\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe [2382432 2017-09-20] (Adobe Systems Incorporated) IFEO\OSppSvc.exe: [Debugger] KMS-R@1nhook.exe IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nhook.exe Startup: C:\Users\eduad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MotoSpeed Mouse.lnk [2017-11-14] ShortcutTarget: MotoSpeed Mouse.lnk -> C:\Program Files\Gaming MouseV30\MotoSpeed_GamingMouse_V30.exe (香港飞翔科技集团有限公司) Startup: C:\Users\eduad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-12-30] ShortcutTarget: Twitch.lnk -> C:\Users\eduad\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\..\Interfaces\{3bdc754f-94c1-4435-965e-d390b19a1ca9}: [DhcpNameServer] 192.168.100.1 Internet Explorer: ================== SearchScopes: HKU\S-1-5-21-2296285372-3677760609-50217273-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation) Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: hlkycn4s.default-1514932134659 FF ProfilePath: C:\Users\eduad\AppData\Roaming\Mozilla\Firefox\Profiles\hlkycn4s.default-1514932134659 [2018-01-04] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-12-15] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-12-15] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems) Chrome: ======= CHR HomePage: Default -> hxxp://mail.ru/cnt/10445?gp=811141 CHR StartupUrls: Default -> "hxxp://mail.ru/cnt/10445?gp=811141" CHR NewTab: Default -> "active": true, "entry": "chrome-extension://ligncphnohhjkgekjkghahajihclailj/visual-bookmarks.html" CHR DefaultSearchKeyword: Default -> google.com.br CHR Profile: C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default [2018-01-04] CHR Extension: (Apresentações) - C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-22] CHR Extension: (Material Incognito Dark Theme) - C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahifcnpnjgbadkjdhagpfjfkmlapfoel [2017-10-22] CHR Extension: (Documentos) - C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-22] CHR Extension: (Google Drive) - C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-22] CHR Extension: (MEGA) - C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2017-12-22] CHR Extension: (YouTube) - C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-22] CHR Extension: (Social Blade) - C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2017-12-22] CHR Extension: (Rastreador de Pacotes dos Correios) - C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnlegggomkoaacenefdcdddgcgjhjmfg [2017-11-13] CHR Extension: (Fair AdBlocker App) - C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcnofaichneijfbkdkghmhjjbepjmble [2017-10-22] CHR Extension: (Tampermonkey) - C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-01-02] CHR Extension: (ScriptGate) - C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeocknbjpmfgaclencnfjfkklmmfmiie [2018-01-02] CHR Extension: (Planilhas) - C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-22] CHR Extension: (Stylish - Custom themes for any website) - C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2017-10-22] CHR Extension: (Favoritos do iCloud) - C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2017-10-22] CHR Extension: (Documentos Google off-line) - C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-22] CHR Extension: (AdBlock) - C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-12-06] CHR Extension: (Inbox by Gmail) - C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkljgfmjocfalijkgoogmfffkhmkbgol [2017-10-22] CHR Extension: (LastPass: Free Password Manager) - C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2017-11-16] CHR Extension: (Reedy) - C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihbdojmggkmjbhfflnchljfkgdhokffj [2017-10-22] CHR Extension: (Grammarly for Chrome) - C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2017-12-21] CHR Extension: (Пульс) - C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ligncphnohhjkgekjkghahajihclailj [2018-01-02] CHR Extension: (Tom's Hardware - My Threads) - C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nddbmgcnelmmhlfibkmfnhnfeccaliip [2017-10-22] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-22] CHR Extension: (Gmail) - C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-22] CHR Extension: (Chrome Media Router) - C:\Users\eduad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-14] CHR HKLM-x32\...\Chrome\Extension: [ligncphnohhjkgekjkghahajihclailj] - hxxps://clients2.google.com/service/update2/crx ==================== Serviços (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-11-28] () R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.) R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2017-11-03] () [Arquivo não assinado] R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes) R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [18432 2016-06-25] () [Arquivo não assinado] S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-11-26] (Microsoft Corporation) R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.) R2 Wallpaper Engine Service; C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe [345064 2017-10-04] () R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\NisSrv.exe [356176 2017-12-07] (Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MsMpEng.exe [105792 2017-12-07] (Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (Whitelisted) ====================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2017-06-29] (LogMeIn Inc.) S3 iVCam; C:\Windows\system32\DRIVERS\iVCam.sys [1089480 2017-11-25] (e2eSoft) S3 KINONI_Wave; C:\Windows\system32\drivers\kinonivad.sys [32360 2016-04-17] (Windows ® Win 7 DDK provider) R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d37ca5c2cde53609\nvlddmkm.sys [17028552 2017-12-18] (NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek ) R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] () S3 smbdirect; C:\Windows\System32\DRIVERS\smbdirect.sys [151552 2017-09-30] (Microsoft Corporation) S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] () S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46072 2017-12-07] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [288848 2017-12-07] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [129616 2017-12-07] (Microsoft Corporation) S3 xhunter1; C:\Windows\xhunter1.sys [47096 2017-10-30] (Wellbia.com Co., Ltd.) S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2018-01-04 07:25 - 2018-01-04 07:26 - 000019442 _____ C:\Users\eduad\Desktop\FRST.txt 2018-01-04 05:54 - 2018-01-04 06:00 - 000000000 ____D C:\Users\eduad\Desktop\DeSmuME 2018-01-04 05:53 - 2018-01-04 05:53 - 001868290 _____ C:\Users\eduad\Downloads\desmume-0.9.11-win64.zip 2018-01-04 05:49 - 2018-01-04 05:49 - 060822854 _____ C:\Users\eduad\Downloads\4787 - Pokemon - HeartGold Version (US).zip 2018-01-04 05:42 - 2018-01-04 05:42 - 000000000 ____D C:\Users\eduad\Downloads\Met-Art-2015-06-08-Kika-Quinte-x119-2884x4324 2018-01-04 05:19 - 2018-01-04 05:42 - 143594981 _____ C:\Users\eduad\Downloads\Met-Art-2015-06-08-Kika-Quinte-x119-2884x4324.zip 2018-01-04 05:05 - 2018-01-04 05:05 - 000000000 ____D C:\Users\eduad\AppData\LocalLow\uTorrent 2018-01-04 05:04 - 2018-01-04 05:04 - 000010692 _____ C:\Users\eduad\Downloads\Pokemon-HeartGold-nds-rom.torrent 2018-01-04 05:01 - 2018-01-04 05:01 - 013122151 _____ C:\Users\eduad\Downloads\2sg2ss4105.zip 2018-01-04 01:04 - 2018-01-04 01:04 - 000000000 ____D C:\Windows\system32\Drivers\wd 2018-01-04 00:46 - 2018-01-01 15:15 - 000956416 _____ (Microsoft Corporation) C:\Windows\system32\Spectrum.exe 2018-01-04 00:46 - 2018-01-01 10:54 - 000924648 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2018-01-04 00:46 - 2018-01-01 10:53 - 001090984 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2018-01-04 00:46 - 2018-01-01 10:52 - 000066712 _____ (Microsoft Corporation) C:\Windows\system32\iumcrypt.dll 2018-01-04 00:46 - 2018-01-01 10:51 - 001414784 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2018-01-04 00:46 - 2018-01-01 10:51 - 001209240 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2018-01-04 00:46 - 2018-01-01 10:51 - 001055128 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe 2018-01-04 00:46 - 2018-01-01 10:51 - 000191816 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll 2018-01-04 00:46 - 2018-01-01 10:51 - 000059800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bam.sys 2018-01-04 00:46 - 2018-01-01 10:50 - 005905752 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll 2018-01-04 00:46 - 2018-01-01 10:50 - 000780464 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe 2018-01-04 00:46 - 2018-01-01 10:50 - 000479912 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_enclave.dll 2018-01-04 00:46 - 2018-01-01 10:50 - 000077208 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll 2018-01-04 00:46 - 2018-01-01 10:49 - 008605080 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2018-01-04 00:46 - 2018-01-01 10:49 - 000599448 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe 2018-01-04 00:46 - 2018-01-01 10:49 - 000319352 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2018-01-04 00:46 - 2018-01-01 10:49 - 000292376 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll 2018-01-04 00:46 - 2018-01-01 10:48 - 007831760 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2018-01-04 00:46 - 2018-01-01 10:48 - 001954048 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2018-01-04 00:46 - 2018-01-01 10:48 - 000382360 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2018-01-04 00:46 - 2018-01-01 10:47 - 000649304 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2018-01-04 00:46 - 2018-01-01 10:47 - 000082840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys 2018-01-04 00:46 - 2018-01-01 10:46 - 002709704 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2018-01-04 00:46 - 2018-01-01 10:46 - 000898216 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll 2018-01-04 00:46 - 2018-01-01 10:46 - 000733592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys 2018-01-04 00:46 - 2018-01-01 10:46 - 000471960 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2018-01-04 00:46 - 2018-01-01 10:45 - 002395032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2018-01-04 00:46 - 2018-01-01 10:45 - 001277848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2018-01-04 00:46 - 2018-01-01 10:45 - 000398744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys 2018-01-04 00:46 - 2018-01-01 10:43 - 001173576 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2018-01-04 00:46 - 2018-01-01 10:43 - 000367336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll 2018-01-04 00:46 - 2018-01-01 10:43 - 000062872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys 2018-01-04 00:46 - 2018-01-01 10:42 - 001029016 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll 2018-01-04 00:46 - 2018-01-01 10:42 - 000571288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys 2018-01-04 00:46 - 2018-01-01 10:42 - 000494488 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2018-01-04 00:46 - 2018-01-01 10:42 - 000184984 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2018-01-04 00:46 - 2018-01-01 10:42 - 000109976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys 2018-01-04 00:46 - 2018-01-01 10:41 - 007676296 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll 2018-01-04 00:46 - 2018-01-01 10:41 - 000559512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2018-01-04 00:46 - 2018-01-01 10:41 - 000549552 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll 2018-01-04 00:46 - 2018-01-01 10:40 - 001206680 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe 2018-01-04 00:46 - 2018-01-01 10:39 - 000902416 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll 2018-01-04 00:46 - 2018-01-01 10:39 - 000677784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2018-01-04 00:46 - 2018-01-01 10:39 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe 2018-01-04 00:46 - 2018-01-01 10:39 - 000362904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys 2018-01-04 00:46 - 2018-01-01 10:39 - 000129432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvsocket.sys 2018-01-04 00:46 - 2018-01-01 10:38 - 003904808 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2018-01-04 00:46 - 2018-01-01 10:38 - 000727448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys 2018-01-04 00:46 - 2018-01-01 10:38 - 000519152 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe 2018-01-04 00:46 - 2018-01-01 10:38 - 000103320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys 2018-01-04 00:46 - 2018-01-01 10:38 - 000038808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2018-01-04 00:46 - 2018-01-01 10:37 - 001426664 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2018-01-04 00:46 - 2018-01-01 10:37 - 000461720 _____ (Microsoft Corporation) C:\Windows\system32\wifitask.exe 2018-01-04 00:46 - 2018-01-01 10:36 - 000413888 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2018-01-04 00:46 - 2018-01-01 10:36 - 000374032 _____ (Microsoft Corporation) C:\Windows\system32\vac.exe 2018-01-04 00:46 - 2018-01-01 10:36 - 000166296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys 2018-01-04 00:46 - 2018-01-01 10:36 - 000113560 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll 2018-01-04 00:46 - 2018-01-01 10:36 - 000057752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys 2018-01-04 00:46 - 2018-01-01 10:35 - 001170008 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2018-01-04 00:46 - 2018-01-01 10:35 - 000075160 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthProxyStub.dll 2018-01-04 00:46 - 2018-01-01 10:34 - 007385088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll 2018-01-04 00:46 - 2018-01-01 10:34 - 001336344 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2018-01-04 00:46 - 2018-01-01 10:34 - 000260896 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2018-01-04 00:46 - 2018-01-01 10:34 - 000087384 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll 2018-01-04 00:46 - 2018-01-01 10:33 - 002773400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2018-01-04 00:46 - 2018-01-01 10:33 - 000603920 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2018-01-04 00:46 - 2018-01-01 10:32 - 004481240 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll 2018-01-04 00:46 - 2018-01-01 10:32 - 000617304 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll 2018-01-04 00:46 - 2018-01-01 10:27 - 000713624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys 2018-01-04 00:46 - 2018-01-01 10:27 - 000163736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2018-01-04 00:46 - 2018-01-01 10:26 - 000428952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys 2018-01-04 00:46 - 2018-01-01 10:26 - 000081304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmcl.sys 2018-01-04 00:46 - 2018-01-01 10:25 - 000615768 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2018-01-04 00:46 - 2018-01-01 10:25 - 000147864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys 2018-01-04 00:46 - 2018-01-01 10:23 - 021352144 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2018-01-04 00:46 - 2018-01-01 10:21 - 001103768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2018-01-04 00:46 - 2018-01-01 10:21 - 000614296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2018-01-04 00:46 - 2018-01-01 10:06 - 000311192 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2018-01-04 00:46 - 2018-01-01 10:03 - 000777904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2018-01-04 00:46 - 2018-01-01 10:03 - 000650328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe 2018-01-04 00:46 - 2018-01-01 10:03 - 000566664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll 2018-01-04 00:46 - 2018-01-01 10:03 - 000123512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2018-01-04 00:46 - 2018-01-01 09:53 - 001615712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2018-01-04 00:46 - 2018-01-01 09:49 - 000481464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2018-01-04 00:46 - 2018-01-01 09:49 - 000258808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll 2018-01-04 00:46 - 2018-01-01 09:46 - 003485392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2018-01-04 00:46 - 2018-01-01 09:46 - 000289816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll 2018-01-04 00:46 - 2018-01-01 09:45 - 006092152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll 2018-01-04 00:46 - 2018-01-01 09:45 - 005615968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2018-01-04 00:46 - 2018-01-01 09:45 - 002192624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2018-01-04 00:46 - 2018-01-01 09:45 - 000450928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll 2018-01-04 00:46 - 2018-01-01 09:43 - 020286120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2018-01-04 00:46 - 2018-01-01 09:42 - 006479552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll 2018-01-04 00:46 - 2018-01-01 09:42 - 004644912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2018-01-04 00:46 - 2018-01-01 09:42 - 001246432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2018-01-04 00:46 - 2018-01-01 09:42 - 001003152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2018-01-04 00:46 - 2018-01-01 09:42 - 000982528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2018-01-04 00:46 - 2018-01-01 09:42 - 000386424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2018-01-04 00:46 - 2018-01-01 09:42 - 000129184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2018-01-04 00:46 - 2018-01-01 09:42 - 000074992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remoteaudioendpoint.dll 2018-01-04 00:46 - 2018-01-01 09:37 - 025247232 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll 2018-01-04 00:46 - 2018-01-01 09:34 - 000703568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll 2018-01-04 00:46 - 2018-01-01 09:25 - 002905600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys 2018-01-04 00:46 - 2018-01-01 09:25 - 001008640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll 2018-01-04 00:46 - 2018-01-01 09:25 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2018-01-04 00:46 - 2018-01-01 09:25 - 000344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll 2018-01-04 00:46 - 2018-01-01 09:25 - 000097792 _____ C:\Windows\system32\runexehelper.exe 2018-01-04 00:46 - 2018-01-01 09:24 - 003668480 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys 2018-01-04 00:46 - 2018-01-01 09:24 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\AboutSettingsHandlers.dll 2018-01-04 00:46 - 2018-01-01 09:24 - 000202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll 2018-01-04 00:46 - 2018-01-01 09:24 - 000096256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2018-01-04 00:46 - 2018-01-01 09:24 - 000038912 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2018-01-04 00:46 - 2018-01-01 09:23 - 001313792 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll 2018-01-04 00:46 - 2018-01-01 09:23 - 000561152 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2018-01-04 00:46 - 2018-01-01 09:23 - 000536576 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll 2018-01-04 00:46 - 2018-01-01 09:23 - 000385024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys 2018-01-04 00:46 - 2018-01-01 09:23 - 000250368 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll 2018-01-04 00:46 - 2018-01-01 09:23 - 000232960 _____ (Microsoft Corporation) C:\Windows\system32\convertvhd.exe 2018-01-04 00:46 - 2018-01-01 09:23 - 000121344 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2018-01-04 00:46 - 2018-01-01 09:23 - 000080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmclr.sys 2018-01-04 00:46 - 2018-01-01 09:23 - 000047104 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2018-01-04 00:46 - 2018-01-01 09:22 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rfxvmt.dll 2018-01-04 00:46 - 2018-01-01 09:22 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Provisioning.ProxyStub.dll 2018-01-04 00:46 - 2018-01-01 09:22 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpstorport.sys 2018-01-04 00:46 - 2018-01-01 09:22 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\VmApplicationHealthMonitorProxy.dll 2018-01-04 00:46 - 2018-01-01 09:21 - 000268288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2018-01-04 00:46 - 2018-01-01 09:21 - 000233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppLockerCSP.dll 2018-01-04 00:46 - 2018-01-01 09:21 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netvsc.sys 2018-01-04 00:46 - 2018-01-01 09:21 - 000133632 _____ (Microsoft Corporation) C:\Windows\system32\wificonnapi.dll 2018-01-04 00:46 - 2018-01-01 09:21 - 000097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll 2018-01-04 00:46 - 2018-01-01 09:21 - 000097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys 2018-01-04 00:46 - 2018-01-01 09:21 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys 2018-01-04 00:46 - 2018-01-01 09:21 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys 2018-01-04 00:46 - 2018-01-01 09:21 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll 2018-01-04 00:46 - 2018-01-01 09:20 - 019337216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2018-01-04 00:46 - 2018-01-01 09:20 - 018917888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll 2018-01-04 00:46 - 2018-01-01 09:20 - 000524288 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll 2018-01-04 00:46 - 2018-01-01 09:20 - 000459776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll 2018-01-04 00:46 - 2018-01-01 09:20 - 000397824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2018-01-04 00:46 - 2018-01-01 09:20 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys 2018-01-04 00:46 - 2018-01-01 09:20 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll 2018-01-04 00:46 - 2018-01-01 09:20 - 000212992 _____ (Microsoft Corporation) C:\Windows\system32\container.dll 2018-01-04 00:46 - 2018-01-01 09:20 - 000204288 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll 2018-01-04 00:46 - 2018-01-01 09:20 - 000186368 _____ (Microsoft Corporation) C:\Windows\system32\ACPBackgroundManagerPolicy.dll 2018-01-04 00:46 - 2018-01-01 09:20 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll 2018-01-04 00:46 - 2018-01-01 09:20 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll 2018-01-04 00:46 - 2018-01-01 09:20 - 000133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2018-01-04 00:46 - 2018-01-01 09:20 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\rasauto.dll 2018-01-04 00:46 - 2018-01-01 09:20 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\SCardDlg.dll 2018-01-04 00:46 - 2018-01-01 09:20 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RfxVmt.sys 2018-01-04 00:46 - 2018-01-01 09:20 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshhttp.dll 2018-01-04 00:46 - 2018-01-01 09:19 - 008014848 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2018-01-04 00:46 - 2018-01-01 09:19 - 000795136 _____ (Microsoft Corporation) C:\Windows\system32\NaturalAuth.dll 2018-01-04 00:46 - 2018-01-01 09:19 - 000675328 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll 2018-01-04 00:46 - 2018-01-01 09:19 - 000461312 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll 2018-01-04 00:46 - 2018-01-01 09:19 - 000450048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TileDataRepository.dll 2018-01-04 00:46 - 2018-01-01 09:19 - 000430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll 2018-01-04 00:46 - 2018-01-01 09:19 - 000416768 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2018-01-04 00:46 - 2018-01-01 09:19 - 000369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll 2018-01-04 00:46 - 2018-01-01 09:19 - 000366080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll 2018-01-04 00:46 - 2018-01-01 09:19 - 000365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll 2018-01-04 00:46 - 2018-01-01 09:19 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2018-01-04 00:46 - 2018-01-01 09:19 - 000334848 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll 2018-01-04 00:46 - 2018-01-01 09:19 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys 2018-01-04 00:46 - 2018-01-01 09:19 - 000188416 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll 2018-01-04 00:46 - 2018-01-01 09:19 - 000174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll 2018-01-04 00:46 - 2018-01-01 09:19 - 000149504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\container.dll 2018-01-04 00:46 - 2018-01-01 09:19 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2018-01-04 00:46 - 2018-01-01 09:19 - 000097792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msoert2.dll 2018-01-04 00:46 - 2018-01-01 09:19 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2018-01-04 00:46 - 2018-01-01 09:19 - 000079872 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2018-01-04 00:46 - 2018-01-01 09:19 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\provtool.exe 2018-01-04 00:46 - 2018-01-01 09:19 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll 2018-01-04 00:46 - 2018-01-01 09:19 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\nshhttp.dll 2018-01-04 00:46 - 2018-01-01 09:18 - 000748032 _____ (Microsoft Corporation) C:\Windows\system32\PhoneProviders.dll 2018-01-04 00:46 - 2018-01-01 09:18 - 000699904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll 2018-01-04 00:46 - 2018-01-01 09:18 - 000588800 _____ (Microsoft Corporation) C:\Windows\system32\SmsRouterSvc.dll 2018-01-04 00:46 - 2018-01-01 09:18 - 000465920 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll 2018-01-04 00:46 - 2018-01-01 09:18 - 000436224 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll 2018-01-04 00:46 - 2018-01-01 09:18 - 000432640 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll 2018-01-04 00:46 - 2018-01-01 09:18 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll 2018-01-04 00:46 - 2018-01-01 09:18 - 000427008 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll 2018-01-04 00:46 - 2018-01-01 09:18 - 000425984 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll 2018-01-04 00:46 - 2018-01-01 09:18 - 000391168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2018-01-04 00:46 - 2018-01-01 09:18 - 000380928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll 2018-01-04 00:46 - 2018-01-01 09:18 - 000374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll 2018-01-04 00:46 - 2018-01-01 09:18 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\APHostService.dll 2018-01-04 00:46 - 2018-01-01 09:18 - 000343040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2018-01-04 00:46 - 2018-01-01 09:18 - 000336896 _____ (Microsoft Corporation) C:\Windows\system32\AppLockerCSP.dll 2018-01-04 00:46 - 2018-01-01 09:18 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2018-01-04 00:46 - 2018-01-01 09:18 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2018-01-04 00:46 - 2018-01-01 09:18 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll 2018-01-04 00:46 - 2018-01-01 09:18 - 000210944 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll 2018-01-04 00:46 - 2018-01-01 09:18 - 000144896 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2018-01-04 00:46 - 2018-01-01 09:18 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\provdatastore.dll 2018-01-04 00:46 - 2018-01-01 09:17 - 011923968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2018-01-04 00:46 - 2018-01-01 09:17 - 006564864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2018-01-04 00:46 - 2018-01-01 09:17 - 001485312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll 2018-01-04 00:46 - 2018-01-01 09:17 - 000791552 _____ (Microsoft Corporation) C:\Windows\system32\PhoneService.dll 2018-01-04 00:46 - 2018-01-01 09:17 - 000708096 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2018-01-04 00:46 - 2018-01-01 09:17 - 000616960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll 2018-01-04 00:46 - 2018-01-01 09:17 - 000594432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2018-01-04 00:46 - 2018-01-01 09:17 - 000568832 _____ (Microsoft Corporation) C:\Windows\system32\TileDataRepository.dll 2018-01-04 00:46 - 2018-01-01 09:17 - 000559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2018-01-04 00:46 - 2018-01-01 09:17 - 000555520 _____ (Microsoft Corporation) C:\Windows\system32\SensorService.dll 2018-01-04 00:46 - 2018-01-01 09:17 - 000542208 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll 2018-01-04 00:46 - 2018-01-01 09:17 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2018-01-04 00:46 - 2018-01-01 09:17 - 000423936 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll 2018-01-04 00:46 - 2018-01-01 09:17 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll 2018-01-04 00:46 - 2018-01-01 09:17 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2018-01-04 00:46 - 2018-01-01 09:17 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\msoert2.dll 2018-01-04 00:46 - 2018-01-01 09:16 - 005833216 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll 2018-01-04 00:46 - 2018-01-01 09:16 - 004839424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll 2018-01-04 00:46 - 2018-01-01 09:16 - 003676672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2018-01-04 00:46 - 2018-01-01 09:16 - 000966656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll 2018-01-04 00:46 - 2018-01-01 09:16 - 000956928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll 2018-01-04 00:46 - 2018-01-01 09:16 - 000831488 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll 2018-01-04 00:46 - 2018-01-01 09:16 - 000815616 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll 2018-01-04 00:46 - 2018-01-01 09:16 - 000812544 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll 2018-01-04 00:46 - 2018-01-01 09:16 - 000720896 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll 2018-01-04 00:46 - 2018-01-01 09:16 - 000668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2018-01-04 00:46 - 2018-01-01 09:16 - 000664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2018-01-04 00:46 - 2018-01-01 09:16 - 000624128 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll 2018-01-04 00:46 - 2018-01-01 09:16 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2018-01-04 00:46 - 2018-01-01 09:16 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2018-01-04 00:46 - 2018-01-01 09:16 - 000401920 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2018-01-04 00:46 - 2018-01-01 09:16 - 000235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2018-01-04 00:46 - 2018-01-01 09:16 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll 2018-01-04 00:46 - 2018-01-01 09:16 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll 2018-01-04 00:46 - 2018-01-01 09:15 - 012687872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2018-01-04 00:46 - 2018-01-01 09:15 - 006029312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll 2018-01-04 00:46 - 2018-01-01 09:15 - 002349568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll 2018-01-04 00:46 - 2018-01-01 09:15 - 001657856 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll 2018-01-04 00:46 - 2018-01-01 09:15 - 001245184 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll 2018-01-04 00:46 - 2018-01-01 09:15 - 000970240 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2018-01-04 00:46 - 2018-01-01 09:15 - 000951808 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll 2018-01-04 00:46 - 2018-01-01 09:15 - 000756736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2018-01-04 00:46 - 2018-01-01 09:15 - 000588800 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2018-01-04 00:46 - 2018-01-01 09:15 - 000434176 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll 2018-01-04 00:46 - 2018-01-01 09:15 - 000366080 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2018-01-04 00:46 - 2018-01-01 09:15 - 000258560 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2018-01-04 00:46 - 2018-01-01 09:14 - 023655936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2018-01-04 00:46 - 2018-01-01 09:14 - 002465280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2018-01-04 00:46 - 2018-01-01 09:14 - 001495040 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll 2018-01-04 00:46 - 2018-01-01 09:14 - 001097728 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll 2018-01-04 00:46 - 2018-01-01 09:14 - 001003008 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll 2018-01-04 00:46 - 2018-01-01 09:14 - 000985600 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2018-01-04 00:46 - 2018-01-01 09:14 - 000917504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll 2018-01-04 00:46 - 2018-01-01 09:14 - 000870912 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll 2018-01-04 00:46 - 2018-01-01 09:13 - 013657600 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2018-01-04 00:46 - 2018-01-01 09:13 - 012830208 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2018-01-04 00:46 - 2018-01-01 09:13 - 003121664 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.dll 2018-01-04 00:46 - 2018-01-01 09:13 - 002869760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2018-01-04 00:46 - 2018-01-01 09:13 - 002013184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2018-01-04 00:46 - 2018-01-01 09:13 - 001559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2018-01-04 00:46 - 2018-01-01 09:13 - 001474560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2018-01-04 00:46 - 2018-01-01 09:13 - 000897024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2018-01-04 00:46 - 2018-01-01 09:12 - 002633216 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2018-01-04 00:46 - 2018-01-01 09:12 - 002208768 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll 2018-01-04 00:46 - 2018-01-01 09:12 - 001573376 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll 2018-01-04 00:46 - 2018-01-01 09:12 - 001547776 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2018-01-04 00:46 - 2018-01-01 09:12 - 001424896 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2018-01-04 00:46 - 2018-01-01 09:12 - 000760320 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2018-01-04 00:46 - 2018-01-01 09:12 - 000464384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll 2018-01-04 00:46 - 2018-01-01 09:11 - 008108544 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll 2018-01-04 00:46 - 2018-01-01 09:11 - 004748288 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2018-01-04 00:46 - 2018-01-01 09:11 - 003334144 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2018-01-04 00:46 - 2018-01-01 09:11 - 003165696 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll 2018-01-04 00:46 - 2018-01-01 09:11 - 002859520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2018-01-04 00:46 - 2018-01-01 09:11 - 002082304 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2018-01-04 00:46 - 2018-01-01 09:11 - 001955328 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll 2018-01-04 00:46 - 2018-01-01 09:11 - 001822208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2018-01-04 00:46 - 2018-01-01 09:11 - 001816576 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll 2018-01-04 00:46 - 2018-01-01 09:11 - 001597952 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2018-01-04 00:46 - 2018-01-01 09:11 - 001343488 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll 2018-01-04 00:46 - 2018-01-01 09:11 - 001231872 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll 2018-01-04 00:46 - 2018-01-01 09:11 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2018-01-04 00:46 - 2018-01-01 09:11 - 000812032 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2018-01-04 00:46 - 2018-01-01 09:11 - 000715776 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2018-01-04 00:46 - 2018-01-01 09:10 - 003126272 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll 2018-01-04 00:46 - 2018-01-01 09:10 - 002528256 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll 2018-01-04 00:46 - 2018-01-01 09:10 - 000012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscproxystub.dll 2018-01-04 00:46 - 2018-01-01 09:09 - 001487872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2018-01-04 00:46 - 2018-01-01 09:09 - 000925184 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll 2018-01-04 00:46 - 2018-01-01 09:09 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\DbgModel.dll 2018-01-04 00:46 - 2018-01-01 09:09 - 000599552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll 2018-01-04 00:46 - 2018-01-01 09:08 - 000963072 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll 2018-01-04 00:46 - 2018-01-01 09:08 - 000726016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2018-01-04 00:46 - 2018-01-01 09:08 - 000685056 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2018-01-04 00:46 - 2018-01-01 09:08 - 000505344 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll 2018-01-04 00:46 - 2018-01-01 09:06 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\wscproxystub.dll 2018-01-04 00:46 - 2018-01-01 09:05 - 002510848 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll 2018-01-04 00:46 - 2018-01-01 09:05 - 001160704 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll 2018-01-04 00:46 - 2018-01-01 09:05 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2018-01-04 00:27 - 2018-01-04 00:55 - 000006408 _____ C:\Users\eduad\Desktop\Fixlog.txt 2018-01-04 00:19 - 2018-01-04 00:20 - 000062316 _____ C:\Users\eduad\Downloads\Addition.txt 2018-01-04 00:18 - 2018-01-04 00:20 - 000191140 _____ C:\Users\eduad\Downloads\FRST.txt 2018-01-04 00:17 - 2018-01-04 07:25 - 000000000 ____D C:\FRST 2018-01-04 00:17 - 2018-01-04 00:17 - 002393088 _____ (Farbar) C:\Users\eduad\Desktop\FRST64.exe 2018-01-03 22:16 - 2018-01-04 05:13 - 000000000 ____D C:\Users\eduad\Downloads\MetArt.com.16.12.24.Daniel.Sea.Temmo.XXX.IMAGESET-IEVA[rarbg] 2018-01-03 16:10 - 2018-01-03 16:10 - 000000000 ____D C:\Users\eduad\AppData\Local\ESET 2018-01-03 16:06 - 2018-01-03 16:06 - 006968952 _____ (ESET spol. s r.o.) C:\Users\eduad\Downloads\esetonlinescanner_enu.exe 2018-01-03 16:04 - 2018-01-03 16:04 - 008198432 _____ (Malwarebytes) C:\Users\eduad\Downloads\AdwCleaner.exe 2018-01-03 14:04 - 2018-01-03 16:03 - 000000000 ____D C:\Users\Todos os Usuários\Malwarebytes' Anti-Malware (portable) 2018-01-03 14:04 - 2018-01-03 16:03 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2018-01-03 14:04 - 2018-01-03 14:04 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\4767F513.sys 2018-01-03 14:03 - 2018-01-03 14:03 - 014178840 _____ (Malwarebytes Corp.) C:\Users\eduad\Downloads\mbar-1.10.3.1001.exe 2018-01-03 14:02 - 2018-01-03 14:02 - 000000222 _____ C:\Users\eduad\Desktop\ha.txt 2018-01-02 23:53 - 2018-01-03 01:02 - 000000000 ____D C:\Program Files (x86)\Resident Evil 7 Biohazard 2018-01-02 23:10 - 2018-01-02 23:10 - 012363764 _____ C:\Users\eduad\Downloads\[HS][Chara][Arisha][roy12][v1.1].7z 2018-01-02 23:09 - 2018-01-02 23:09 - 010843475 _____ C:\Users\eduad\Downloads\[HS][Chara][Lili][roy12][v1.0].7z 2018-01-02 23:03 - 2018-01-03 14:04 - 000000000 ____D C:\Users\Todos os Usuários\Malwarebytes 2018-01-02 23:03 - 2018-01-03 14:04 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-01-02 23:03 - 2018-01-02 23:03 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2018-01-02 23:03 - 2018-01-02 23:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2018-01-02 23:03 - 2018-01-02 23:03 - 000000000 ____D C:\Program Files\Malwarebytes 2018-01-02 23:03 - 2017-11-29 09:11 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys 2018-01-02 23:02 - 2018-01-02 23:03 - 083316440 _____ (Malwarebytes ) C:\Users\eduad\Downloads\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3374.exe 2018-01-02 18:01 - 2018-01-02 18:01 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2018-01-02 18:01 - 2018-01-02 18:01 - 000000993 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2018-01-02 18:01 - 2018-01-02 18:01 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-01-02 18:01 - 2018-01-02 18:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-01-02 14:53 - 2018-01-03 16:05 - 000000000 ____D C:\AdwCleaner 2018-01-02 14:52 - 2018-01-02 14:52 - 008198432 _____ (Malwarebytes) C:\Users\eduad\Downloads\adwcleaner-7-0-6-0.exe 2018-01-02 14:44 - 2018-01-04 07:11 - 000003324 _____ C:\Windows\System32\Tasks\LjRekYiYAtJ 2018-01-02 14:44 - 2018-01-04 01:11 - 000003546 _____ C:\Windows\System32\Tasks\EoAauKDauI 2018-01-02 14:44 - 2018-01-02 14:44 - 000003704 _____ C:\Windows\System32\Tasks\AyeEeXeI 2018-01-02 14:44 - 2018-01-02 14:44 - 000000001 _____ C:\Users\eduad\AppData\Local\WMI.ini 2018-01-02 14:44 - 2017-09-29 11:42 - 000174592 _____ (Microsoft Corporation) C:\Windows\YBOZOiA.exe 2018-01-02 14:44 - 2017-09-29 11:42 - 000059904 _____ (Microsoft Corporation) C:\Users\eduad\AppData\Roaming\eQeWALMjE.exe 2018-01-02 14:44 - 2017-09-29 11:42 - 000001098 _____ C:\Windows\iZYFY 2018-01-02 14:44 - 2017-09-29 11:42 - 000000939 _____ C:\Windows\HLLYlRbERKVw 2018-01-02 14:44 - 2017-09-29 11:42 - 000000053 _____ C:\Windows\SysWOW64\rryEfEnTyuPEI 2018-01-02 14:44 - 2017-09-29 11:42 - 000000046 _____ C:\Windows\uwYzUoeIOEo 2018-01-02 14:27 - 2018-01-02 14:35 - 932602286 _____ C:\Users\eduad\Downloads\sdm4Bq6.zip 2018-01-01 14:59 - 2018-01-01 14:59 - 000000038 _____ C:\Users\eduad\Documents\Final Fantasy XIV.txt 2017-12-31 20:06 - 2017-12-31 20:06 - 000000000 ____D C:\Users\eduad\Desktop\ePSXe 2017-12-31 20:05 - 2017-12-31 20:05 - 001307547 _____ C:\Users\eduad\Downloads\ePSXe202-1.zip 2017-12-31 20:01 - 2017-12-31 20:01 - 000050383 _____ C:\Users\eduad\Downloads\SSSPSX-0.0.34e.ZIP 2017-12-31 20:01 - 2017-12-31 20:01 - 000050383 _____ C:\Users\eduad\Downloads\SSSPSX-0.0.34e(1).ZIP 2017-12-31 14:17 - 2018-01-04 02:04 - 000000000 ____D C:\Users\eduad\AppData\Local\LogMeIn Hamachi 2017-12-31 14:17 - 2017-12-31 14:17 - 000000000 ____D C:\Users\Todos os Usuários\LogMeIn 2017-12-31 14:17 - 2017-12-31 14:17 - 000000000 ____D C:\Users\eduad\AppData\Local\LogMeIn 2017-12-31 14:17 - 2017-12-31 14:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2017-12-31 14:17 - 2017-12-31 14:17 - 000000000 ____D C:\ProgramData\LogMeIn 2017-12-31 14:17 - 2017-12-31 14:17 - 000000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2017-12-31 14:16 - 2017-12-31 14:16 - 009781248 _____ C:\Users\eduad\Downloads\hamachi.msi 2017-12-31 14:12 - 2017-12-31 14:12 - 000000000 ____D C:\Program Files (x86)\Microsoft XNA 2017-12-31 14:09 - 2017-12-31 14:09 - 000000222 _____ C:\Users\eduad\Desktop\Terraria.url 2017-12-30 20:23 - 2017-12-30 20:32 - 000000000 ____D C:\Users\eduad\AppData\Roaming\Twitch 2017-12-30 20:23 - 2017-12-30 20:23 - 000000972 _____ C:\Users\eduad\Desktop\Twitch.lnk 2017-12-30 20:23 - 2017-12-30 20:23 - 000000958 _____ C:\Users\eduad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch.lnk 2017-12-30 20:22 - 2017-12-30 20:23 - 109436736 _____ C:\Users\eduad\Downloads\TwitchSetup_[usher-139742669].exe 2017-12-30 17:19 - 2017-12-30 17:19 - 000000221 _____ C:\Users\eduad\Desktop\FINAL FANTASY XIV Online.url 2017-12-29 23:43 - 2017-12-29 23:43 - 000000000 ____D C:\Users\eduad\AppData\Local\Tempzxpsigndfbafd020bc6ff03 2017-12-29 23:43 - 2017-12-29 23:43 - 000000000 ____D C:\Users\eduad\AppData\Local\Tempzxpsign690ce7be9ebb3db3 2017-12-29 23:43 - 2017-12-29 23:43 - 000000000 ____D C:\Users\eduad\AppData\Local\Tempzxpsign4ed7e0b4d65f7049 2017-12-29 23:43 - 2017-12-29 23:43 - 000000000 ____D C:\Users\eduad\AppData\Local\Tempzxpsign1d443c25b6db06bc 2017-12-29 03:47 - 2017-12-29 03:47 - 000000000 ____D C:\Users\eduad\AppData\Roaming\Wargaming.net 2017-12-28 14:29 - 2017-12-28 14:29 - 000000000 ____D C:\Users\eduad\AppData\Roaming\AnkamaCertificates 2017-12-28 14:27 - 2017-12-28 14:37 - 000000008 _____ C:\Users\eduad\AppData\Roaming\DofusAppId0_1 2017-12-28 14:27 - 2017-12-28 14:37 - 000000000 ____D C:\Users\eduad\AppData\Roaming\Dofus 2017-12-28 14:27 - 2017-12-28 14:28 - 000000000 ____D C:\Users\eduad\AppData\Roaming\Reg 2017-12-28 14:27 - 2017-12-28 14:27 - 000000113 _____ C:\Users\eduad\AppData\Roaming\D2Info0 2017-12-28 13:28 - 2017-12-28 14:27 - 000347815 _____ C:\Users\eduad\AppData\Localtransition_66dee9f2b0fd52bf1b060ee36e97c818.ini 2017-12-28 13:28 - 2017-12-28 13:28 - 000001118 _____ C:\Users\eduad\AppData\Roaming\Microsoft\Windows\Start Menu\Dofus.lnk 2017-12-28 13:28 - 2017-12-28 13:28 - 000001116 _____ C:\Users\eduad\Desktop\Dofus.lnk 2017-12-28 13:28 - 2017-12-28 13:28 - 000000000 ____D C:\Users\eduad\AppData\Local\Ankama 2017-12-28 10:57 - 2017-12-28 10:57 - 000002062 _____ C:\Users\eduad\Desktop\Movie Battles 2.lnk 2017-12-28 10:05 - 2017-12-28 10:05 - 000000000 ____D C:\Users\eduad\AppData\Local\Movie_Battles_Team 2017-12-28 03:28 - 2017-12-28 04:04 - 000000000 ____D C:\Users\eduad\Downloads\MovieBattlesII_FULL_V1.4.8 2017-12-28 03:28 - 2017-12-28 03:28 - 000000220 _____ C:\Users\eduad\Desktop\STAR WARS Jedi Knight Jedi Academy.url 2017-12-28 00:23 - 2017-12-28 00:24 - 000000000 ____D C:\Users\eduad\AppData\LocalLow\eforb 2017-12-27 15:57 - 2017-12-27 15:58 - 000000000 ____D C:\Users\eduad\Downloads\Digimon World (USA) 2017-12-27 15:45 - 2017-12-27 15:45 - 000000706 _____ C:\Users\eduad\Desktop\ePSXe.lnk 2017-12-27 15:36 - 2017-12-27 15:36 - 000000000 ____D C:\Users\eduad\Documents\ePSXe 2017-12-27 15:26 - 2017-12-27 15:54 - 000000000 ____D C:\Users\eduad\Downloads\darkwood_hotfix3 2017-12-27 10:44 - 2018-01-04 00:32 - 000000008 __RSH C:\Users\Todos os Usuários\ntuser.pol 2017-12-27 10:44 - 2018-01-04 00:32 - 000000008 __RSH C:\ProgramData\ntuser.pol 2017-12-26 18:40 - 2017-12-26 18:40 - 000000000 ____D C:\Override 2017-12-26 18:12 - 2017-12-26 18:12 - 000000221 _____ C:\Users\eduad\Desktop\STAR WARS Knights of the Old Republic.url 2017-12-26 11:36 - 2017-12-26 11:36 - 000000000 ____D C:\Users\eduad\Documents\idle_master 2017-12-26 11:34 - 2017-12-26 11:34 - 000000000 ____D C:\Users\eduad\Documents\Pasta Legal 2017-12-25 23:53 - 2017-12-25 23:53 - 000000000 ____D C:\Users\eduad\AppData\Roaming\RenPy 2017-12-25 23:43 - 2017-12-25 23:51 - 1121626627 ____R C:\Users\eduad\Downloads\GalaxyGirlsDeluxeUncensored.zip 2017-12-25 22:09 - 2017-12-25 22:10 - 000000000 ____D C:\Users\eduad\Documents\Color Sustainer 2017-12-25 22:09 - 2017-12-25 22:09 - 000000000 ____D C:\Users\eduad\Documents\nVidia Inspector 2017-12-25 20:44 - 2017-12-26 11:36 - 000000000 ____D C:\Users\eduad\AppData\Local\IdleMaster 2017-12-25 20:44 - 2017-12-25 20:44 - 000000000 ____D C:\Users\eduad\Desktop\idlemaster 2017-12-24 18:20 - 2017-12-24 18:32 - 000000000 ____D C:\Users\eduad\Downloads\The Silence Of The Lambs (1991) [1080p] 2017-12-24 18:09 - 2017-12-24 18:09 - 000000222 _____ C:\Users\eduad\Desktop\Sleeping Dogs Definitive Edition.url 2017-12-22 13:12 - 2017-12-22 13:12 - 000000222 _____ C:\Users\eduad\Desktop\Doki Doki Literature Club.url 2017-12-21 09:32 - 2017-12-21 09:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2017-12-21 09:32 - 2017-12-21 09:32 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2017-12-21 09:32 - 2017-12-15 20:47 - 000143960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2017-12-21 09:32 - 2017-09-13 21:20 - 000798008 _____ C:\Windows\SysWOW64\vulkan-1.dll 2017-12-21 09:32 - 2017-09-13 21:20 - 000490296 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2017-12-21 09:32 - 2017-09-13 21:19 - 000927544 _____ C:\Windows\system32\vulkan-1.dll 2017-12-21 09:32 - 2017-09-13 21:19 - 000591160 _____ C:\Windows\system32\vulkaninfo.exe 2017-12-21 09:28 - 2017-12-15 22:23 - 040237456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 035157488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 029381936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 023267096 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 019040512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 013867656 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 013255032 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 011781912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 010883744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 004202992 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 003615032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 001990128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438871.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 001674736 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438871.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 001331016 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 001321448 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 001135464 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 001101104 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 001044848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 001038496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 001032688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 000980880 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 000933360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 000885680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 000794392 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 000740144 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 000634224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 000618744 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 000616240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 000599536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll 2017-12-21 09:28 - 2017-12-15 22:23 - 000506864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2017-12-20 09:36 - 2017-12-20 09:36 - 000000000 ____D C:\Users\eduad\AppData\Local\id Software 2017-12-19 23:13 - 2017-12-19 23:13 - 000000222 _____ C:\Users\eduad\Desktop\DOOM.url 2017-12-17 11:43 - 2018-01-04 00:25 - 000000000 ____D C:\Users\eduad\AppData\Local\Spotify 2017-12-17 11:43 - 2017-12-17 11:43 - 000001850 _____ C:\Users\eduad\Desktop\Spotify.lnk 2017-12-17 11:43 - 2017-12-17 11:43 - 000001836 _____ C:\Users\eduad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2017-12-17 11:42 - 2018-01-04 05:44 - 000000000 ____D C:\Users\eduad\AppData\Roaming\Spotify 2017-12-15 16:13 - 2017-12-15 16:13 - 000000000 ____D C:\Users\eduad\AppData\Local\Tempzxpsigndc56a4ec5994ddcc 2017-12-15 16:12 - 2017-12-15 16:12 - 000000000 ____D C:\Users\eduad\AppData\Local\Tempzxpsigne4ccb391179ac62e 2017-12-15 16:12 - 2017-12-15 16:12 - 000000000 ____D C:\Users\eduad\AppData\Local\Tempzxpsign832598ad2c512493 2017-12-15 16:12 - 2017-12-15 16:12 - 000000000 ____D C:\Users\eduad\AppData\Local\Tempzxpsign7c87c81623750a2b 2017-12-15 16:12 - 2017-12-15 16:12 - 000000000 ____D C:\Users\eduad\AppData\Local\Tempzxpsign47e310a74e8e9448 2017-12-14 22:22 - 2017-12-14 22:22 - 000000000 ____D C:\Users\eduad\AppData\Local\Tempzxpsignf08306c510af69f1 2017-12-14 22:22 - 2017-12-14 22:22 - 000000000 ____D C:\Users\eduad\AppData\Local\Tempzxpsign6aeeef8e75dce4bf 2017-12-14 22:22 - 2017-12-14 22:22 - 000000000 ____D C:\Users\eduad\AppData\Local\Tempzxpsign5896046fcc9fc6a3 2017-12-14 22:22 - 2017-12-14 22:22 - 000000000 ____D C:\Users\eduad\AppData\Local\Tempzxpsign25547731672cde54 2017-12-14 22:20 - 2017-12-14 22:20 - 000000000 ____D C:\Users\eduad\AppData\Local\Tempzxpsignbc1e32ece9ea029b 2017-12-14 22:19 - 2017-12-14 22:19 - 000000000 ____D C:\Users\eduad\AppData\Local\Tempzxpsign62b8859b8bbbef3b 2017-12-14 22:18 - 2017-12-14 22:18 - 000000000 ____D C:\Users\eduad\AppData\Local\Tempzxpsigna4df45169d648fd5 2017-12-14 22:18 - 2017-12-14 22:18 - 000000000 ____D C:\Users\eduad\AppData\Local\Tempzxpsign75213dadee309393 2017-12-14 12:31 - 2017-12-14 12:31 - 000000000 ____D C:\Users\eduad\AppData\Local\Tempzxpsigne1b88678d69d7816 2017-12-14 12:31 - 2017-12-14 12:31 - 000000000 ____D C:\Users\eduad\AppData\Local\Tempzxpsignc57f23f1d7c12c05 2017-12-14 12:31 - 2017-12-14 12:31 - 000000000 ____D C:\Users\eduad\AppData\Local\Tempzxpsign90c2e6ba34fcee1d 2017-12-14 12:31 - 2017-12-14 12:31 - 000000000 ____D C:\Users\eduad\AppData\Local\Tempzxpsign75476775f6035312 2017-12-14 12:31 - 2017-12-14 12:31 - 000000000 ____D C:\Users\eduad\AppData\Local\Tempzxpsign2b5bd2cac55f8a1a 2017-12-13 14:07 - 2017-12-13 14:07 - 000000000 ____D C:\Users\eduad\Documents\NBGI 2017-12-13 14:06 - 2017-12-13 14:06 - 000000000 ____D C:\Users\eduad\AppData\Local\NBGI 2017-12-13 13:47 - 2017-12-13 13:47 - 000001578 _____ C:\Users\Public\Desktop\Dark Souls - Prepare to Die Edition.lnk 2017-12-13 13:46 - 2017-12-13 13:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BANDAI NAMCO Games 2017-12-13 13:40 - 2017-12-13 13:40 - 000000000 ____D C:\Program Files (x86)\BANDAI NAMCO Games 2017-12-13 13:10 - 2017-12-13 13:10 - 000000000 ____D C:\Users\eduad\Documents\Assassin's Creed IV Black Flag 2017-12-13 10:39 - 2017-12-08 04:52 - 000666112 _____ (Microsoft Corporation) C:\Windows\system32\DHolographicDisplay.dll 2017-12-13 10:39 - 2017-12-07 21:34 - 001925296 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll 2017-12-13 10:39 - 2017-12-07 21:34 - 001634288 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2017-12-13 10:39 - 2017-12-07 21:28 - 000710912 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2017-12-13 10:39 - 2017-12-07 21:28 - 000630752 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll 2017-12-13 10:39 - 2017-12-07 21:27 - 004504456 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe 2017-12-13 10:39 - 2017-12-07 21:26 - 000525208 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe 2017-12-13 10:39 - 2017-12-07 21:24 - 000705944 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll 2017-12-13 10:39 - 2017-12-07 21:24 - 000437144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS 2017-12-13 10:39 - 2017-12-07 21:24 - 000246168 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll 2017-12-13 10:39 - 2017-12-07 21:22 - 001003104 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2017-12-13 10:39 - 2017-12-07 21:22 - 000979352 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll 2017-12-13 10:39 - 2017-12-07 21:22 - 000137544 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2017-12-13 10:39 - 2017-12-07 21:16 - 001776272 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2017-12-13 10:39 - 2017-12-07 21:15 - 000721592 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll 2017-12-13 10:39 - 2017-12-07 21:12 - 000401304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys 2017-12-13 10:39 - 2017-12-07 20:56 - 001528904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2017-12-13 10:39 - 2017-12-07 20:55 - 001490328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2017-12-13 10:39 - 2017-12-07 20:55 - 000097144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2017-12-13 10:39 - 2017-12-07 20:37 - 001145104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2017-12-13 10:39 - 2017-12-07 20:36 - 000769096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll 2017-12-13 10:39 - 2017-12-07 20:33 - 000747416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll 2017-12-13 10:39 - 2017-12-07 20:33 - 000592280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll 2017-12-13 10:39 - 2017-12-07 20:31 - 001522176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2017-12-13 10:39 - 2017-12-07 20:29 - 000047000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KeyboardFilterShim.dll 2017-12-13 10:39 - 2017-12-07 20:12 - 000101376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscript.ocx 2017-12-13 10:39 - 2017-12-07 20:10 - 006466048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2017-12-13 10:39 - 2017-12-07 20:10 - 000150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll 2017-12-13 10:39 - 2017-12-07 20:10 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2017-12-13 10:39 - 2017-12-07 20:09 - 001663488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\batmeter.dll 2017-12-13 10:39 - 2017-12-07 20:09 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FSClient.dll 2017-12-13 10:39 - 2017-12-07 20:09 - 000147456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe 2017-12-13 10:39 - 2017-12-07 20:09 - 000143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe 2017-12-13 10:39 - 2017-12-07 20:09 - 000136704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gamingtcui.dll 2017-12-13 10:39 - 2017-12-07 20:08 - 000514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll 2017-12-13 10:39 - 2017-12-07 20:08 - 000206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll 2017-12-13 10:39 - 2017-12-07 20:08 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2017-12-13 10:39 - 2017-12-07 20:07 - 000254976 _____ (Microsoft Corporation) C:\Windows\system32\PushToInstall.dll 2017-12-13 10:39 - 2017-12-07 20:07 - 000246272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2017-12-13 10:39 - 2017-12-07 20:07 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll 2017-12-13 10:39 - 2017-12-07 20:07 - 000164864 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe 2017-12-13 10:39 - 2017-12-07 20:06 - 000676352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll 2017-12-13 10:39 - 2017-12-07 20:06 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcui.dll 2017-12-13 10:39 - 2017-12-07 20:06 - 000164864 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe 2017-12-13 10:39 - 2017-12-07 20:05 - 001670656 _____ (Microsoft Corporation) C:\Windows\system32\batmeter.dll 2017-12-13 10:39 - 2017-12-07 20:05 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll 2017-12-13 10:39 - 2017-12-07 20:05 - 000539136 _____ (Microsoft Corporation) C:\Windows\system32\HolographicExtensions.dll 2017-12-13 10:39 - 2017-12-07 20:05 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll 2017-12-13 10:39 - 2017-12-07 20:05 - 000363008 _____ (Microsoft Corporation) C:\Windows\system32\SettingsEnvironment.Desktop.dll 2017-12-13 10:39 - 2017-12-07 20:05 - 000306688 _____ (Microsoft Corporation) C:\Windows\system32\FSClient.dll 2017-12-13 10:39 - 2017-12-07 20:05 - 000222208 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll 2017-12-13 10:39 - 2017-12-07 20:05 - 000164864 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2017-12-13 10:39 - 2017-12-07 20:05 - 000019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slcext.dll 2017-12-13 10:39 - 2017-12-07 20:04 - 001498112 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll 2017-12-13 10:39 - 2017-12-07 20:04 - 001321472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll 2017-12-13 10:39 - 2017-12-07 20:03 - 001230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll 2017-12-13 10:39 - 2017-12-07 20:03 - 000841728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll 2017-12-13 10:39 - 2017-12-07 20:03 - 000708096 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll 2017-12-13 10:39 - 2017-12-07 20:03 - 000308736 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2017-12-13 10:39 - 2017-12-07 20:03 - 000085504 _____ (Microsoft Corporation) C:\Windows\system32\hascsp.dll 2017-12-13 10:39 - 2017-12-07 20:02 - 007545344 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2017-12-13 10:39 - 2017-12-07 20:02 - 002864640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll 2017-12-13 10:39 - 2017-12-07 20:02 - 002117632 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll 2017-12-13 10:39 - 2017-12-07 20:02 - 000496640 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll 2017-12-13 10:39 - 2017-12-07 20:01 - 004592640 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll 2017-12-13 10:39 - 2017-12-07 20:01 - 001980928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll 2017-12-13 10:39 - 2017-12-07 20:01 - 000601088 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll 2017-12-13 10:39 - 2017-12-07 20:01 - 000021504 _____ (Microsoft Corporation) C:\Windows\system32\slcext.dll 2017-12-13 10:39 - 2017-12-07 20:00 - 001509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll 2017-12-13 10:39 - 2017-12-07 19:59 - 002105856 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys 2017-12-13 10:39 - 2017-12-07 19:59 - 001666048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll 2017-12-13 10:39 - 2017-12-07 19:59 - 001058304 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll 2017-12-13 10:39 - 2017-12-07 19:58 - 003478016 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll 2017-12-13 10:39 - 2017-12-07 19:58 - 003211776 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll 2017-12-13 10:39 - 2017-12-07 19:58 - 001353728 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll 2017-12-13 10:39 - 2017-12-07 19:56 - 002666496 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll 2017-12-13 10:39 - 2017-12-07 19:56 - 001739264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll 2017-12-13 10:39 - 2017-12-07 19:54 - 001570816 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe 2017-12-12 09:40 - 2017-12-12 09:40 - 000001248 _____ C:\Users\eduad\Desktop\AIDA64 Extreme.lnk 2017-12-12 09:40 - 2017-12-12 09:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire 2017-12-12 09:40 - 2017-12-12 09:40 - 000000000 ____D C:\Program Files (x86)\FinalWire 2017-12-12 09:39 - 2017-12-12 09:40 - 050693368 _____ (FinalWire Ltd. ) C:\Users\eduad\Downloads\aida64extreme595.exe 2017-12-11 19:15 - 2017-12-11 22:21 - 000000039 _____ C:\Users\eduad\Documents\ringous[.txt 2017-12-11 19:02 - 2017-12-11 19:02 - 000000000 ____D C:\Users\eduad\Documents\Curse 2017-12-11 19:00 - 2017-12-11 19:00 - 000000000 ____D C:\Users\Todos os Usuários\Twitch 2017-12-11 19:00 - 2017-12-11 19:00 - 000000000 ____D C:\ProgramData\Twitch 2017-12-09 22:22 - 2018-01-01 09:13 - 000003130 _____ C:\Windows\System32\Tasks\MSIAfterburner 2017-12-09 11:12 - 2017-12-09 11:48 - 000000000 ____D C:\Users\eduad\Zomboid 2017-12-09 11:12 - 2017-12-09 11:12 - 000000000 ____D C:\Users\Todos os Usuários\Oracle 2017-12-09 11:12 - 2017-12-09 11:12 - 000000000 ____D C:\ProgramData\Oracle 2017-12-09 10:53 - 2017-12-09 10:53 - 000000222 _____ C:\Users\eduad\Desktop\Tom Clancy's Rainbow Six Siege.url 2017-12-08 19:30 - 2012-06-26 22:00 - 016969792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm-patched.sys 2017-12-08 14:18 - 2017-12-12 10:40 - 000000000 ____D C:\Program Files (x86)\Rockstar Games 2017-12-08 14:18 - 2017-12-12 10:39 - 000000000 ____D C:\Program Files\Rockstar Games 2017-12-08 14:18 - 2017-12-08 14:18 - 000000000 ____D C:\Users\eduad\Documents\Rockstar Games 2017-12-08 14:18 - 2017-12-08 14:18 - 000000000 ____D C:\Users\eduad\AppData\Local\Rockstar Games 2017-12-08 10:27 - 2017-12-08 10:27 - 000000000 ____D C:\Users\eduad\Documents\PCSX2 2017-12-08 10:26 - 2017-12-08 10:26 - 000002008 _____ C:\Users\Public\Desktop\PCSX2 1.4.0.lnk 2017-12-08 10:26 - 2017-12-08 10:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2 2017-12-08 10:26 - 2017-12-08 10:26 - 000000000 ____D C:\Program Files (x86)\PCSX2 1.4.0 2017-12-07 20:31 - 2017-12-07 20:31 - 000000222 _____ C:\Users\eduad\Desktop\Grand Theft Auto V.url 2017-12-07 02:06 - 2017-12-07 02:06 - 000000222 _____ C:\Users\eduad\Desktop\PLAYERUNKNOWN'S BATTLEGROUNDS.url 2017-12-05 14:51 - 2017-12-05 14:51 - 000000222 _____ C:\Users\eduad\Desktop\PLAYERUNKNOWN'S BATTLEGROUNDS (Test Server).url 2017-12-05 10:27 - 2017-12-08 18:03 - 000000000 ____D C:\Users\eduad\Documents\Jogos PS2 2017-12-05 00:04 - 2017-12-05 00:06 - 000000000 ____D C:\Users\eduad\AppData\Roaming\FiraxisLive 2017-12-05 00:02 - 2017-12-05 00:02 - 000000000 ____D C:\Users\eduad\AppData\Roaming\ModLauncherWPF ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2018-01-04 07:26 - 2017-10-27 11:19 - 000000000 ____D C:\Users\eduad\AppData\Roaming\uTorrent 2018-01-04 05:55 - 2012-05-25 13:09 - 000000000 ____D C:\Users\eduad\Desktop\Sacred Gold & Storm Silver V1.05 2018-01-04 05:15 - 2017-10-26 05:55 - 000000000 ____D C:\Users\eduad\AppData\LocalLow\Mozilla 2018-01-04 04:57 - 2017-10-22 19:25 - 000000000 ____D C:\Windows\system32\SleepStudy 2018-01-04 04:11 - 2017-11-01 20:24 - 000000000 ____D C:\Users\eduad\AppData\Local\CrashDumps 2018-01-04 01:11 - 2017-10-22 19:35 - 002866228 _____ C:\Windows\system32\PerfStringBackup.INI 2018-01-04 01:11 - 2017-09-30 12:30 - 001044554 _____ C:\Windows\system32\prfh0416.dat 2018-01-04 01:11 - 2017-09-30 12:30 - 000398280 _____ C:\Windows\system32\prfc0416.dat 2018-01-04 01:09 - 2017-10-22 20:28 - 000000000 ____D C:\Program Files (x86)\Steam 2018-01-04 01:08 - 2017-10-22 19:36 - 000000000 __RHD C:\Users\Public\AccountPictures 2018-01-04 01:08 - 2017-10-22 19:36 - 000000000 ___RD C:\Users\eduad\3D Objects 2018-01-04 01:07 - 2017-09-29 11:44 - 000000000 ____D C:\Windows\INF 2018-01-04 01:06 - 2017-11-28 15:31 - 000000000 ____D C:\Users\Todos os Usuários\NVIDIA 2018-01-04 01:06 - 2017-11-28 15:31 - 000000000 ____D C:\ProgramData\NVIDIA 2018-01-04 01:05 - 2017-10-22 19:25 - 005007056 _____ C:\Windows\system32\FNTCACHE.DAT 2018-01-04 01:04 - 2017-10-22 19:25 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-01-04 01:02 - 2017-09-29 06:45 - 000786432 _____ C:\Windows\system32\config\BBI 2018-01-04 01:01 - 2017-09-29 11:46 - 000000000 ___SD C:\Windows\SysWOW64\F12 2018-01-04 01:01 - 2017-09-29 11:46 - 000000000 ___SD C:\Windows\system32\F12 2018-01-04 01:01 - 2017-09-29 11:46 - 000000000 ____D C:\Windows\TextInput 2018-01-04 01:01 - 2017-09-29 11:46 - 000000000 ____D C:\Windows\SysWOW64\Dism 2018-01-04 01:01 - 2017-09-29 11:46 - 000000000 ____D C:\Windows\system32\oobe 2018-01-04 01:01 - 2017-09-29 11:46 - 000000000 ____D C:\Windows\system32\migwiz 2018-01-04 01:01 - 2017-09-29 11:46 - 000000000 ____D C:\Windows\system32\appraiser 2018-01-04 01:01 - 2017-09-29 11:46 - 000000000 ____D C:\Windows\Provisioning 2018-01-04 01:01 - 2017-09-29 11:46 - 000000000 ____D C:\Windows\PolicyDefinitions 2018-01-04 01:01 - 2017-09-29 06:45 - 000000000 ____D C:\Windows\system32\Dism 2018-01-04 00:50 - 2017-09-29 11:37 - 000000000 ____D C:\Windows\CbsTemp 2018-01-04 00:49 - 2017-09-29 11:41 - 000403968 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll 2018-01-04 00:48 - 2017-09-29 11:41 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll 2018-01-04 00:48 - 2017-09-29 11:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll 2018-01-04 00:40 - 2017-09-29 11:46 - 000000000 ____D C:\Windows\DeliveryOptimization 2018-01-04 00:28 - 2017-10-26 20:15 - 000000000 ____D C:\Users\eduad\AppData\LocalLow\Temp 2018-01-04 00:27 - 2017-09-29 11:46 - 000000000 ___HD C:\Windows\system32\GroupPolicy 2018-01-04 00:27 - 2017-09-29 11:46 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy 2018-01-04 00:21 - 2017-10-22 19:34 - 000000000 ____D C:\Users\eduad 2018-01-04 00:20 - 2017-11-28 12:06 - 000000000 ____D C:\Users\eduad\AppData\Local\Ubisoft Game Launcher 2018-01-03 14:01 - 2017-10-27 04:03 - 000000000 ____D C:\Windows\Minidump 2018-01-03 13:52 - 2017-09-29 11:46 - 000000000 ___HD C:\Program Files\WindowsApps 2018-01-03 13:52 - 2017-09-29 11:46 - 000000000 ____D C:\Windows\AppReadiness 2018-01-03 00:18 - 2017-10-28 09:31 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server 2018-01-02 23:08 - 2017-10-25 03:56 - 000000000 ____D C:\Program Files (x86)\Cheat Engine 6.7 2018-01-01 20:07 - 2017-10-30 15:08 - 000000000 ____D C:\Users\eduad\AppData\Roaming\discord 2017-12-31 14:12 - 2017-10-23 00:01 - 000000000 ____D C:\Users\eduad\Documents\My Games 2017-12-30 02:11 - 2017-10-26 05:55 - 000000000 ____D C:\Users\eduad\AppData\Local\Mozilla 2017-12-30 02:06 - 2017-10-26 05:55 - 000000000 ____D C:\Users\eduad\AppData\Roaming\Mozilla 2017-12-28 14:51 - 2017-11-15 11:19 - 000000000 ____D C:\Users\eduad\AppData\Roaming\vlc 2017-12-28 14:47 - 2017-11-29 22:57 - 000000000 ____D C:\Users\Todos os Usuários\boost_interprocess 2017-12-28 14:47 - 2017-11-29 22:57 - 000000000 ____D C:\ProgramData\boost_interprocess 2017-12-28 14:40 - 2017-11-06 11:41 - 000000000 ____D C:\Users\eduad\AppData\Roaming\obs-studio 2017-12-26 11:54 - 2017-12-02 11:10 - 000000000 ____D C:\Users\eduad\Desktop\Yet To Play 2017-12-26 01:55 - 2017-11-04 09:26 - 000000000 ____D C:\Users\Todos os Usuários\X360CE 2017-12-26 01:55 - 2017-11-04 09:26 - 000000000 ____D C:\ProgramData\X360CE 2017-12-25 23:53 - 2017-11-11 10:41 - 000000000 ____D C:\Users\eduad\AppData\Local\NVIDIA 2017-12-23 19:16 - 2017-10-28 09:31 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner 2017-12-21 09:33 - 2017-10-26 02:10 - 000003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-12-21 09:33 - 2017-10-26 02:10 - 000003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-12-21 09:33 - 2017-10-26 02:10 - 000003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-12-21 09:33 - 2017-10-26 02:10 - 000003696 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-12-21 09:32 - 2017-11-28 15:29 - 000000000 ____D C:\Users\Todos os Usuários\NVIDIA Corporation 2017-12-21 09:32 - 2017-11-28 15:29 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2017-12-21 09:32 - 2017-10-26 02:10 - 000003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-12-21 08:45 - 2017-10-23 00:17 - 000000000 ____D C:\Users\Todos os Usuários\Package Cache 2017-12-21 08:45 - 2017-10-23 00:17 - 000000000 ____D C:\ProgramData\Package Cache 2017-12-15 22:23 - 2017-11-28 15:29 - 036350960 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2017-12-15 22:23 - 2017-11-28 15:29 - 004485376 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2017-12-15 22:23 - 2017-11-28 15:29 - 003817584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2017-12-15 22:23 - 2017-11-28 15:29 - 000048442 _____ C:\Windows\system32\nvinfo.pb 2017-12-15 22:23 - 2017-10-26 02:10 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat 2017-12-15 21:15 - 2017-10-26 02:09 - 000001951 _____ C:\Windows\NvContainerRecovery.bat 2017-12-15 20:34 - 2017-11-28 15:31 - 005964688 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2017-12-15 20:34 - 2017-11-28 15:31 - 002589168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2017-12-15 20:34 - 2017-11-28 15:31 - 001767408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2017-12-15 20:34 - 2017-11-28 15:31 - 000608056 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2017-12-15 20:34 - 2017-11-28 15:31 - 000450544 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2017-12-15 20:34 - 2017-11-28 15:31 - 000123704 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2017-12-15 20:34 - 2017-11-28 15:31 - 000082928 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2017-12-14 16:24 - 2017-10-22 20:13 - 000002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-12-14 16:17 - 2017-11-28 15:31 - 007917671 _____ C:\Windows\system32\nvcoproc.bin 2017-12-14 10:38 - 2017-09-29 11:46 - 000000000 ____D C:\Windows\LiveKernelReports 2017-12-14 05:09 - 2017-09-29 11:46 - 000000000 ____D C:\Windows\rescache 2017-12-13 18:30 - 2017-10-22 19:36 - 000000000 ____D C:\Users\eduad\AppData\Local\Packages 2017-12-13 14:06 - 2017-10-22 19:36 - 000000000 ____D C:\Users\eduad\AppData\Local\VirtualStore 2017-12-13 10:45 - 2017-10-22 19:55 - 000000000 ____D C:\Windows\system32\MRT 2017-12-13 10:42 - 2017-10-22 19:55 - 133326408 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe 2017-12-13 10:42 - 2017-10-22 19:55 - 133326408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-12-11 20:54 - 2017-10-30 15:08 - 000002233 _____ C:\Users\eduad\Desktop\Discord.lnk 2017-12-11 20:54 - 2017-10-30 15:08 - 000000000 ____D C:\Users\eduad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2017-12-11 20:54 - 2017-10-30 15:08 - 000000000 ____D C:\Users\eduad\AppData\Local\Discord 2017-12-08 20:19 - 2017-10-25 04:48 - 000000000 ____D C:\Program Files (x86)\Illusion 2017-12-08 10:26 - 2017-10-28 09:32 - 000000000 ____D C:\Windows\SysWOW64\directx ==================== Arquivos na raiz de alguns diretórios ======= 2017-12-28 14:27 - 2017-12-28 14:27 - 000000113 _____ () C:\Users\eduad\AppData\Roaming\D2Info0 2017-12-28 14:27 - 2017-12-28 14:37 - 000000008 _____ () C:\Users\eduad\AppData\Roaming\DofusAppId0_1 2018-01-02 14:44 - 2017-09-29 11:42 - 000059904 _____ (Microsoft Corporation) C:\Users\eduad\AppData\Roaming\eQeWALMjE.exe 2017-11-03 13:10 - 2017-11-03 13:10 - 000000003 _____ () C:\Users\eduad\AppData\Local\updater.log 2017-11-03 13:10 - 2017-11-03 13:10 - 000000425 _____ () C:\Users\eduad\AppData\Local\UserProducts.xml 2018-01-02 14:44 - 2018-01-02 14:44 - 000000001 _____ () C:\Users\eduad\AppData\Local\WMI.ini ==================== Bamital & volsnap ====================== (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2018-01-01 06:34 ==================== Fim de FRST.txt ============================ Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 02.01.2018 Executado por eduad (04-01-2018 07:26:56) Executando a partir de C:\Users\eduad\Desktop Windows 10 Pro Versão 1709 16299.192 (X64) (2017-10-22 21:30:12) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-2296285372-3677760609-50217273-500 - Administrator - Disabled) Convidado (S-1-5-21-2296285372-3677760609-50217273-501 - Limited - Disabled) DefaultAccount (S-1-5-21-2296285372-3677760609-50217273-503 - Limited - Disabled) eduad (S-1-5-21-2296285372-3677760609-50217273-1001 - Administrator - Enabled) => C:\Users\eduad WDAGUtilityAccount (S-1-5-21-2296285372-3677760609-50217273-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-2296285372-3677760609-50217273-1001\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.) Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated) Adobe Media Encoder CC 2018 (HKLM-x32\...\AME_12_0_0) (Version: 12.0.0 - Adobe Systems Incorporated) Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated) Adobe Premiere (HKLM\...\{C1CB876C-A08E-4692-B525-42848BD154D7}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated) AIDA64 Extreme v5.95 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.95 - FinalWire Ltd.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.37 - Piriform) Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine) CPUID HWMonitor 1.33 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.33 - ) DARK SOULS - Prepare To Die Edition (HKLM-x32\...\DARK SOULS - Prepare To Die Edition_is1) (Version: - ) Discord (HKU\S-1-5-21-2296285372-3677760609-50217273-1001\...\Discord) (Version: 0.0.299 - Discord Inc.) Dofus (HKU\S-1-5-21-2296285372-3677760609-50217273-1001\...\2744A393-554C-4E35-A24F-DEF0392B4484-2) (Version: - Ankama) DVD-Cloner V14.10 Build 1421 (HKLM-x32\...\DVD-Cloner Gold_is1) (Version: 14.10.0.1421 - OpenCloner Inc.) Epic Games Launcher (HKLM-x32\...\{39A82E16-22F5-4E4C-890B-0D2EDD431760}) (Version: 1.1.129.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKLM-x32\...\{8CCCD0E7-56E4-45FB-B3FB-9F5183C2F4F0}) (Version: 4.1.2 - Riot Games) Hidden League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games) Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains) LogMeIn Hamachi (HKLM-x32\...\{BE82D2D7-6CA2-43B3-8C22-CCF6405806E7}) (Version: 2.2.0.579 - LogMeIn, Inc.) Hidden LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.579 - LogMeIn, Inc.) LOOT versão 0.11.0 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.11.0 - LOOT Team) Malwarebytes versão 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes) Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) MotoSpeed Gaming MouseV30 (HKLM-x32\...\{3E20AE4F-C805-4162-A3AB-4AC2B3FC96E5}_is1) (Version: 1.0 - 香港飞翔科技集团有限公司) Mozilla Firefox 57.0.3 (x64 pt-BR) (HKLM\...\Mozilla Firefox 57.0.3 (x64 pt-BR)) (Version: 57.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.3 - Mozilla) MSI Afterburner 4.4.0 (HKLM-x32\...\Afterburner) (Version: 4.4.0 - MSI Co., LTD) Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.14 - Black Tree Gaming) NVIDIA Driver de áudio HD 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation) NVIDIA Driver de controle do 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA Driver de gráficos 388.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.71 - NVIDIA Corporation) NVIDIA Driver do 3D Vision 388.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.71 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.1.1 - OBS Project) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) Painel de controle da NVIDIA 388.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.71 - NVIDIA Corporation) Hidden paint.net (HKLM\...\{F10AAD91-58DF-44EC-A647-810197141667}) (Version: 4.0.19 - dotPDN LLC) PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - ) QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Remote Mouse version 3.002 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 3.002 - Remote Mouse) Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden RivaTuner Statistics Server 7.0.0 (HKLM-x32\...\RTSS) (Version: 7.0.0 - Unwinder) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.1 - Rockstar Games) Spotify (HKU\S-1-5-21-2296285372-3677760609-50217273-1001\...\Spotify) (Version: 1.0.70.388.g8e1ed5af - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.) Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.) Twitch (HKU\S-1-5-21-2296285372-3677760609-50217273-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.) Update for Skype for Business 2016 (KB3128049) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{801D5242-0189-4C99-977B-0C77DBD1F046}) (Version: - Microsoft) Update for Skype for Business 2016 (KB3128049) 64-Bit Edition (HKLM\...\{90160000-012B-0416-1000-0000000FF1CE}_Office16.PROPLUS_{801D5242-0189-4C99-977B-0C77DBD1F046}) (Version: - Microsoft) Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden WhatsApp (HKU\S-1-5-21-2296285372-3677760609-50217273-1001\...\WhatsApp) (Version: 0.2.6968 - WhatsApp) WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-2296285372-3677760609-50217273-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-F3CE210F6533}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-2296285372-3677760609-50217273-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] () ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Nenhum Arquivo ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] () ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\ShellExt.dll [2017-09-29] (Microsoft Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\ShellExt.dll [2017-09-29] (Microsoft Corporation) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\ShellExt.dll [2017-09-29] (Microsoft Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-12-15] (NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] () ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {2A698375-F022-4423-9131-71275FF535FC} - System32\Tasks\EoAauKDauI => C:\Windows\SysWOW64\rryEfEnTyuPEI.bat [2017-09-29] () <==== ATENÇÃO Task: {3A566652-041E-4B1A-9659-6853DBDFC490} - System32\Tasks\R@1n-KMS\Office16ProPlus => wmic [Argument = path SoftwareLicensingProduct where (ID="d450596f-894d-49e0-966a-fd39ed4c4c64") call Activate] Task: {3A6B3FCB-E882-4666-AE61-789B011A0E72} - System32\Tasks\LjRekYiYAtJ => C:\Windows\uwYzUoeIOEo.bat [2017-09-29] () <==== ATENÇÃO Task: {3B7B5C72-32FA-46BF-ACAA-D48B84F04D74} - System32\Tasks\update-S-1-5-21-2296285372-3677760609-50217273-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>) Task: {3E0EC6E9-EBA4-46CA-A5F2-BDCF45E4C78C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-12-15] (NVIDIA Corporation) Task: {3F2B9413-0A9D-419F-9E03-C0C5D7008E6F} - System32\Tasks\V30-Marquee-TaskPlan => C:\Program Files\Gaming MouseV30\MotoSpeed_GamingMouse_V30.exe [2016-08-19] (香港飞翔科技集团有限公司) Task: {55E780C9-BD63-400E-8C59-F9A84852708B} - System32\Tasks\BorderlessGaming => C:\Program Files (x86)\Borderless Gaming\BorderlessGaming.exe Task: {64321ED6-52F7-4330-A720-FE5FB4EA3512} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation) Task: {6B7C1A26-5C15-4313-96F0-51EB64C4A2F5} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>) Task: {6D0F18D3-E1DA-441F-80C0-C24EDA71DB0A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation) Task: {6D1A8654-9B55-4D3F-811D-7E0C7D26302B} - System32\Tasks\CAM => C:\Program Files (x86)\NZXT\CAM\CAM_V3.exe Task: {731D682D-5DCE-430E-BFAC-F2E86166955E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation) Task: {881C1C68-7F6B-475E-9D9A-0C13BB1B926B} - System32\Tasks\AyeEeXeI => C:\Users\eduad\AppData\Roaming\eQeWALMjE.exe [2017-09-29] (Microsoft Corporation) <==== ATENÇÃO Task: {8AEC3A9A-BE3D-487B-B63E-2CA384FA417F} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2017-10-31] () Task: {94B909E7-9D24-4C40-9107-A8B4536DEFFD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-11-08] (Piriform Ltd) Task: {9FD79534-F2BE-4AA0-9015-A8BF75832287} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-12-15] (NVIDIA Corporation) Task: {A71659C0-F6BB-49B6-ABE8-A822208BF52D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-22] (Google Inc.) Task: {A8C2E65D-B4BF-4516-82D3-22C66913EC1E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation) Task: {B6AD71CA-EA6F-4152-8FEF-C1DC27A5F5D6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation) Task: {C4600920-0D47-472D-A1F9-89FF454A4354} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-12-15] (NVIDIA Corporation) Task: {E2FD9249-6F56-4909-80EF-5AEACD10F88F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-22] (Google Inc.) Task: {E7A4CD51-36E9-4A12-ADBC-040918A6E764} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-12-15] (NVIDIA Corporation) Task: {EADF96B5-99EE-422D-A21E-8E8A478AB03F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-11-08] (Piriform Ltd) Task: {EC55A3DD-3F68-4CC2-B433-BC430424787A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {F572A424-2A8B-4204-BA59-E2FE21EC6852} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {F9EB978C-FC70-458D-840C-59B58CB1CDCF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-12-15] (NVIDIA Corporation) Task: {FBA2E7E2-AC23-4BA2-9842-C5F268EBABD4} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-eduad2010@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\update-S-1-5-21-2296285372-3677760609-50217273-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Atalhos & WMI ======================== (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\eduad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Fair AdBlocker App.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=dcnofaichneijfbkdkghmhjjbepjmble ==================== Módulos Carregados (Whitelisted) ============== 2017-09-29 11:41 - 2017-09-29 11:41 - 000184432 _____ () C:\Windows\SYSTEM32\inputhost.dll 2017-11-10 10:08 - 2016-06-25 08:52 - 000018432 _____ () C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe 2017-11-03 11:58 - 2017-11-03 11:58 - 000026112 _____ () C:\Windows\KMS-R@1n.exe 2016-03-18 22:56 - 2016-03-18 22:56 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-03-18 22:56 - 2016-03-18 22:56 - 001329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-10-22 20:47 - 2017-10-04 16:28 - 000345064 _____ () C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe 2017-09-27 18:29 - 2017-10-31 04:07 - 000444008 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll 2017-09-26 02:52 - 2017-09-26 02:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll 2017-10-31 07:05 - 2017-10-31 07:05 - 000722216 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe 2017-10-22 20:47 - 2017-12-17 05:54 - 001348072 _____ () C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe 2017-12-02 11:48 - 2017-11-26 10:23 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-12-02 11:47 - 2017-11-26 10:01 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-10-31 04:07 - 2017-10-31 04:07 - 000252008 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe 2017-10-31 04:07 - 2017-10-31 04:07 - 000035432 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe 2017-10-31 04:07 - 2017-10-31 04:07 - 000061032 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe 2017-11-03 11:58 - 2017-11-03 11:58 - 000004608 _____ () C:\Windows\KMS-R@1nhook.exe 2017-10-29 18:01 - 2017-10-29 18:01 - 000071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll 2017-10-29 18:00 - 2017-10-29 18:00 - 000056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll 2017-10-29 18:01 - 2017-10-29 18:01 - 000232448 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll 2017-10-29 18:01 - 2017-10-29 18:01 - 000357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll 2017-10-29 18:01 - 2017-10-29 18:01 - 000565760 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll 2017-09-27 18:29 - 2017-10-31 04:07 - 000410728 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll 2017-10-22 20:30 - 2017-11-29 03:09 - 000781088 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2017-10-22 20:30 - 2017-12-15 17:59 - 002558752 _____ () C:\Program Files (x86)\Steam\video.dll 2017-10-22 20:30 - 2016-08-31 23:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2017-12-14 10:39 - 2017-11-03 23:54 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll 2017-12-14 10:39 - 2017-11-03 23:54 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll 2017-12-14 10:39 - 2017-11-03 23:54 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll 2017-12-14 10:39 - 2017-11-03 23:54 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll 2017-12-14 10:39 - 2017-11-03 23:54 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll 2017-10-22 20:30 - 2016-08-31 23:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2017-10-22 20:30 - 2016-08-31 23:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2017-10-22 20:30 - 2017-12-15 17:59 - 000904992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2017-10-22 20:30 - 2016-07-04 20:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2017-12-11 20:54 - 2017-12-11 10:54 - 001893880 _____ () C:\Users\eduad\AppData\Local\Discord\app-0.0.299\ffmpeg.dll 2017-12-11 21:30 - 2017-12-11 21:30 - 001886712 _____ () \\?\C:\Users\eduad\AppData\Roaming\discord\0.0.299\modules\discord_toaster\discord_toaster.node 2017-12-11 21:30 - 2017-12-11 21:30 - 001773560 _____ () \\?\C:\Users\eduad\AppData\Roaming\discord\0.0.299\modules\discord_overlay2\discord_overlay2.node 2017-12-17 11:43 - 2017-12-17 15:34 - 068214160 _____ () C:\Users\eduad\AppData\Roaming\Spotify\libcef.dll 2017-12-11 20:54 - 2017-12-11 10:54 - 001938424 _____ () C:\Users\eduad\AppData\Local\Discord\app-0.0.299\libglesv2.dll 2017-12-11 20:54 - 2017-12-11 10:54 - 000095736 _____ () C:\Users\eduad\AppData\Local\Discord\app-0.0.299\libegl.dll 2017-12-17 11:43 - 2017-12-17 15:34 - 003112848 _____ () C:\Users\eduad\AppData\Roaming\Spotify\libglesv2.dll 2017-12-17 11:43 - 2017-12-17 15:34 - 000089488 _____ () C:\Users\eduad\AppData\Roaming\Spotify\libegl.dll 2017-10-22 20:31 - 2017-09-07 00:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll 2017-10-22 20:31 - 2017-10-31 02:44 - 071471904 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll 2017-10-22 20:30 - 2015-09-24 21:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll 2017-12-11 21:30 - 2017-12-11 21:30 - 009802232 _____ () \\?\C:\Users\eduad\AppData\Roaming\discord\0.0.299\modules\discord_voice\discord_voice.node 2017-12-11 21:30 - 2017-12-11 21:30 - 001505784 _____ () \\?\C:\Users\eduad\AppData\Roaming\discord\0.0.299\modules\discord_utils\discord_utils.node 2017-12-11 21:30 - 2017-12-11 21:30 - 000513016 _____ () \\?\C:\Users\eduad\AppData\Roaming\discord\0.0.299\modules\discord_erlpack\discord_erlpack.node 2017-12-11 21:30 - 2017-12-11 21:30 - 002662904 _____ () \\?\C:\Users\eduad\AppData\Roaming\discord\0.0.299\modules\discord_rpc\discord_rpc.node 2017-12-11 21:30 - 2017-12-11 21:30 - 001517048 _____ () \\?\C:\Users\eduad\AppData\Roaming\discord\0.0.299\modules\discord_game_utils\discord_game_utils.node 2017-12-11 21:31 - 2017-12-11 21:31 - 002749944 _____ () \\?\C:\Users\eduad\AppData\Roaming\discord\0.0.299\modules\discord_contact_import\discord_contact_import.node 2017-10-10 16:52 - 2017-10-10 16:52 - 000353792 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll 2017-10-10 16:52 - 2017-10-10 16:52 - 000071680 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll 2017-10-10 16:51 - 2017-10-10 16:51 - 000055808 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2017-09-29 11:46 - 2017-09-29 11:44 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-2296285372-3677760609-50217273-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\eduad\Pictures\Wallpaper Robots.png DNS Servers: 192.168.100.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKU\S-1-5-21-2296285372-3677760609-50217273-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk" HKU\S-1-5-21-2296285372-3677760609-50217273-1001\...\StartupApproved\Run: => "CCleaner Monitoring" ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [TCP Query User{275F6020-3F2E-42DA-876A-191933B1057E}C:\users\eduad\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eduad\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{69435429-88F3-4BC6-B190-5FB81073A52E}C:\users\eduad\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eduad\appdata\roaming\spotify\spotify.exe FirewallRules: [{BB41708E-92D2-4B8E-827A-6A6D080AC562}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{2AE13503-C10B-4B3F-80F0-E1832F57F101}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{1862D478-A974-454C-BAC7-22BF003416B2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{7DEB564C-F581-4D29-B095-30BF6DE2F37D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{A3AFA5EE-BC9A-4917-BC63-644D8BE1ECCA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe FirewallRules: [{BC7A0D2A-A246-4D11-B295-DEE838D4B3CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe FirewallRules: [{C7356233-B563-445E-8994-EC07F91CE2DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\game_launcher.exe FirewallRules: [{8AE6299E-5E56-4CB9-AB15-B445D69ED3A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\game_launcher.exe FirewallRules: [TCP Query User{210EB9DA-8801-4D2D-910F-D6504E72D451}C:\program files (x86)\pro evolution soccer 2018\pes2018.exe] => (Allow) C:\program files (x86)\pro evolution soccer 2018\pes2018.exe FirewallRules: [UDP Query User{757C4D70-BD23-4424-A21C-E0A2FAB14574}C:\program files (x86)\pro evolution soccer 2018\pes2018.exe] => (Allow) C:\program files (x86)\pro evolution soccer 2018\pes2018.exe FirewallRules: [TCP Query User{734B8F89-6C77-4F6E-BFC4-8CABB54DCEB1}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe FirewallRules: [UDP Query User{8B49D4FE-0841-413B-A9F8-88C6DFAEBC5A}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe FirewallRules: [{2684AB70-6BDD-4081-89E9-22D6FE6DA23B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe FirewallRules: [{BC0F88ED-846A-40FE-B42B-3C8794CF1236}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe FirewallRules: [{F273CAF2-B5B2-4185-AD85-4BCAFC82A0E5}] => (Allow) C:\Users\eduad\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{FB987131-A811-4286-9D67-119BEB014977}] => (Allow) C:\Users\eduad\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{F01B6555-DB79-4182-9D8E-D21B4DF613C2}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [UDP Query User{0F0E09BE-E27A-44B0-B5AB-0E0D8837CF35}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [TCP Query User{E193D42A-DF11-409E-A815-8EED7C4A7ECB}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [UDP Query User{59AE0FE9-C35D-4A45-9CE6-99B6CE4DAE15}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [TCP Query User{8911FBF6-CFC1-47E1-90EA-3B2816E1AD51}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [UDP Query User{2F52E903-DB4B-4043-9C45-6D8DDB43CA32}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [{5BCB474B-C1A0-4AD4-9D8F-A85D9AECAD1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe FirewallRules: [{647FF37F-D43D-420E-B3E1-47EA34EF37BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe FirewallRules: [{87F821B8-4C17-4F2B-BFE3-4D6272D188B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe FirewallRules: [{2ADE064E-F0FA-47D5-9FA9-6AAE63AF63F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe FirewallRules: [TCP Query User{04033A49-AB6F-4CD0-BDB7-FFE2A30C59D6}C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe FirewallRules: [UDP Query User{10C594B5-7403-4459-AE80-377EB247CD26}C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe FirewallRules: [{2B4B35FC-3CB6-4408-9AD7-C5CD1D018A12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deponia\deponia.exe FirewallRules: [{E084BD04-0911-4EBD-B70F-B52F906375F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deponia\deponia.exe FirewallRules: [{3EB4422E-74FC-4231-868C-164297A8BE6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deponia\VisionaireConfigurationTool.exe FirewallRules: [{844C5799-263B-4079-A433-595998352649}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deponia\VisionaireConfigurationTool.exe FirewallRules: [{959352F9-0BB1-4ED6-9801-F1E354E4493C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cave Story+\CaveStory+.exe FirewallRules: [{06700E68-F4A9-4DC9-8DCB-D80156D10AD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cave Story+\CaveStory+.exe FirewallRules: [{116B4B2C-ADCA-4405-8CAA-0E0031D911A3}] => (Allow) C:\Windows\KMS-R@1n.exe FirewallRules: [{57D85B09-FFA4-4BCF-AC6A-3F10BA4C8B3B}] => (Allow) C:\Windows\KMS-R@1n.exe FirewallRules: [TCP Query User{5BF941F4-C8A2-49B7-B4A9-DDED57771A1A}C:\program files (x86)\battle.net\games\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\battle.net\games\overwatch\overwatch.exe FirewallRules: [UDP Query User{0ADCF7A2-5E56-4213-BC20-7E3A5913F43C}C:\program files (x86)\battle.net\games\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\battle.net\games\overwatch\overwatch.exe FirewallRules: [{034B6D2F-7D88-45AD-897F-ABB19F716325}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{C64C67D1-CDDF-4F14-AC2F-B4C998C68EA9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{24BD394E-BCD1-44B1-B2C3-7516EF543DE1}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe FirewallRules: [{FB6189D5-71B8-471A-AF81-2FBFF37ACD0D}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe FirewallRules: [{4B3857B4-3E1D-4DBC-8CFC-73A0E53973C3}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe FirewallRules: [{FFC27CD8-CB8A-45F0-9534-61EC4E1F0047}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe FirewallRules: [{1C47EBE8-EE2D-4366-BDA7-3272685737D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe FirewallRules: [{699B20CE-B9CD-401A-9AD2-FD200F6924D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe FirewallRules: [{44CCE1D3-6B5D-4160-AD58-DA74729AE478}] => (Allow) LPort=9143 FirewallRules: [{2EA90644-D0CE-490F-96BF-F472478C019B}] => (Allow) LPort=2333 FirewallRules: [{230DC50C-2A99-4979-9D8E-E3B9DA2755B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Yu-Gi-Oh! Duel Links\dlpc.exe FirewallRules: [{02B3F841-4041-4BF7-9223-D48678EBC497}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Yu-Gi-Oh! Duel Links\dlpc.exe FirewallRules: [{A898C567-77E4-44C7-89F9-029F55F67D8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe FirewallRules: [{ABB27CDC-A328-436E-A114-921D460461BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe FirewallRules: [{7352C8CE-7CE2-4F3A-9779-6C4BD3B5D520}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe FirewallRules: [{50CB96DF-235C-4FE5-BB54-26CC3A2949BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe FirewallRules: [{C36737C4-ED31-455A-AF92-C315712BF1EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe FirewallRules: [{B2B45CEA-409D-4FF2-AE6E-AE2C550408B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe FirewallRules: [{E2BA73DE-CBF6-4E2D-990C-FC30F418CA15}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{DC4AA4FF-3ADB-4AA2-A1A7-88AEB607FB90}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{CA4B5D34-FC05-47B2-90C0-7E46F1967521}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{26E36DEA-B745-4912-A246-04970BBE2FEE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{75534F2F-783C-4F1E-A6CF-8B3300F1369F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe FirewallRules: [{8660C6FA-43D9-4242-AA9A-E361E96DF56D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe FirewallRules: [{F7FB19D9-6699-42F8-B2F4-74C69B96B9A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{4A5665AE-AFA4-4A61-9729-12F38B0DCB66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [TCP Query User{E81F94B7-821A-482E-B049-67518CFFD49B}C:\program files (x86)\illusion\playhome\playhome64bit.exe] => (Allow) C:\program files (x86)\illusion\playhome\playhome64bit.exe FirewallRules: [UDP Query User{4FA7F5F9-F41E-4D7E-BCC4-35BE6040992D}C:\program files (x86)\illusion\playhome\playhome64bit.exe] => (Allow) C:\program files (x86)\illusion\playhome\playhome64bit.exe FirewallRules: [{00BD1D86-22D3-4765-9834-E0A8BE191805}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{0128D892-1E85-45EB-A5DE-0FE6DB5A65A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{3F70D2CA-2D32-40A5-BA2D-8910BCAEBCF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{25DA1682-D57B-42E4-B4FC-46DFBDB7EEC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe FirewallRules: [{B2459F46-3293-4C87-813A-33F05268BD50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe FirewallRules: [{844E166B-2D2A-463B-920F-CBBFA9A78555}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{2B3D8A82-032B-4096-8C83-2E12388C93D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{5B6F937B-BF8C-4F3B-AD38-C1D514A24668}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kingdom\Kingdom.exe FirewallRules: [{C972131C-6010-4818-9658-7DB223CE65F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kingdom\Kingdom.exe FirewallRules: [{983BBF17-86D2-4259-BDA0-E297757966D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DOOM\DOOMx64.exe FirewallRules: [{1AF57226-F700-4E7C-A681-8C411F1B2C94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DOOM\DOOMx64.exe FirewallRules: [{5EEEEB4A-5C7D-4D49-A819-CBE5560C2017}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Doki Doki Literature Club\DDLC.exe FirewallRules: [{3A9B94EA-3E1E-4C10-8437-EECFC359112A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Doki Doki Literature Club\DDLC.exe FirewallRules: [{CD2C32E3-92B8-4CC9-B1D6-53FFB0069F0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SleepingDogsDefinitiveEdition\sdhdship.exe FirewallRules: [{5E90C184-D921-47D4-8146-885AABEF6CBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SleepingDogsDefinitiveEdition\sdhdship.exe FirewallRules: [{17B8138A-4916-470E-93E8-D3411FF2FD4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\swkotor\swkotor.exe FirewallRules: [{BD44DAF5-FE88-4F03-AE33-ADCD86ACE1C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\swkotor\swkotor.exe FirewallRules: [{BD224B6D-92C2-4849-B4DA-E1451FBCA6D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jedi Academy\GameData\jasp.exe FirewallRules: [{9E20945E-3672-418A-8A64-960B7AFF2580}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jedi Academy\GameData\jasp.exe FirewallRules: [{7FCAB419-C3AC-4FD8-8AAA-1F9E1ECBCEBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jedi Academy\GameData\jamp.exe FirewallRules: [{40987CE0-1F95-4F61-8FAD-78A03A846C75}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jedi Academy\GameData\jamp.exe FirewallRules: [{0815E773-1A1D-49D7-9196-7C1B42710E9A}] => (Allow) C:\World Of Tanks\WoTLauncher.exe FirewallRules: [{1BE3893F-C35B-4A06-9B4F-5BC81F61F98B}] => (Allow) C:\World Of Tanks\WoTLauncher.exe FirewallRules: [{40F74A12-6C71-45DD-8925-5AA8CCDC6B76}] => (Allow) C:\World Of Tanks\worldoftanks.exe FirewallRules: [{8BABA503-FB49-402F-B030-9AB33C9EA933}] => (Allow) C:\World Of Tanks\worldoftanks.exe FirewallRules: [{3E0A889B-310B-4D71-8966-61DEEDAD3014}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{9DDAE6C9-6A06-4332-9C09-57A9986941DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe FirewallRules: [{B1310E52-8243-431B-A89F-5B13E0598A1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe FirewallRules: [{26D9D195-30F1-4848-96C9-EA01EFDC1EBE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe FirewallRules: [{3CA6CA16-1840-460D-8652-73C03C30925B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe ==================== Pontos de Restauração ========================= 31-12-2017 14:12:02 Installed Microsoft XNA Framework Redistributable 4.0 31-12-2017 14:17:09 Installed LogMeIn Hamachi 04-01-2018 00:45:31 Windows Update ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (01/04/2018 04:11:45 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: 2715410563.exe, versão: 0.0.0.0, carimbo de data/hora: 0x2a425e36 Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000 Código de exceção: 0xc0000005 Deslocamento da falha: 0x25ffc08b ID do processo com falha: 0x1454 Hora de início do aplicativo com falha: 0x01d38522de16e4fd Caminho do aplicativo com falha: C:\Users\eduad\AppData\Local\Temp\is-9BEEN.tmp\2715410563.exe Caminho do módulo com falha: unknown ID do Relatório: 26aeabf4-83a8-4436-bfe3-1cf519436454 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/04/2018 04:11:44 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: 2715410563.exe, versão: 0.0.0.0, carimbo de data/hora: 0x2a425e36 Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000 Código de exceção: 0xc0000005 Deslocamento da falha: 0x25ffc08b ID do processo com falha: 0x1454 Hora de início do aplicativo com falha: 0x01d38522de16e4fd Caminho do aplicativo com falha: C:\Users\eduad\AppData\Local\Temp\is-9BEEN.tmp\2715410563.exe Caminho do módulo com falha: unknown ID do Relatório: 565488f5-4d6f-4734-bbe1-1c48c0707c8c Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/04/2018 04:11:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: 2715410563.exe, versão: 0.0.0.0, carimbo de data/hora: 0x2a425e36 Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000 Código de exceção: 0xc0000005 Deslocamento da falha: 0x25ffc08b ID do processo com falha: 0x1454 Hora de início do aplicativo com falha: 0x01d38522de16e4fd Caminho do aplicativo com falha: C:\Users\eduad\AppData\Local\Temp\is-9BEEN.tmp\2715410563.exe Caminho do módulo com falha: unknown ID do Relatório: 571e59cb-6933-4a17-be43-e955b6cf3863 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/04/2018 04:11:42 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: 2715410563.exe, versão: 0.0.0.0, carimbo de data/hora: 0x2a425e36 Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000 Código de exceção: 0xc0000005 Deslocamento da falha: 0x25ffc08b ID do processo com falha: 0x1454 Hora de início do aplicativo com falha: 0x01d38522de16e4fd Caminho do aplicativo com falha: C:\Users\eduad\AppData\Local\Temp\is-9BEEN.tmp\2715410563.exe Caminho do módulo com falha: unknown ID do Relatório: 3388d859-b9e8-4550-8020-62929b31505f Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/04/2018 04:11:42 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: 2715410563.exe, versão: 0.0.0.0, carimbo de data/hora: 0x2a425e36 Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000 Código de exceção: 0xc0000005 Deslocamento da falha: 0x25ffc08b ID do processo com falha: 0x1454 Hora de início do aplicativo com falha: 0x01d38522de16e4fd Caminho do aplicativo com falha: C:\Users\eduad\AppData\Local\Temp\is-9BEEN.tmp\2715410563.exe Caminho do módulo com falha: unknown ID do Relatório: 6d7d85e5-a733-4b29-a3f2-dbb076dde294 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/04/2018 04:11:41 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: 2715410563.exe, versão: 0.0.0.0, carimbo de data/hora: 0x2a425e36 Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000 Código de exceção: 0xc0000005 Deslocamento da falha: 0x25ffc08b ID do processo com falha: 0x1454 Hora de início do aplicativo com falha: 0x01d38522de16e4fd Caminho do aplicativo com falha: C:\Users\eduad\AppData\Local\Temp\is-9BEEN.tmp\2715410563.exe Caminho do módulo com falha: unknown ID do Relatório: a1c7bfc8-9ab1-4710-91b8-a436d8ae42d2 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/04/2018 04:11:40 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: 2715410563.exe, versão: 0.0.0.0, carimbo de data/hora: 0x2a425e36 Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000 Código de exceção: 0xc0000005 Deslocamento da falha: 0x25ffc08b ID do processo com falha: 0x1454 Hora de início do aplicativo com falha: 0x01d38522de16e4fd Caminho do aplicativo com falha: C:\Users\eduad\AppData\Local\Temp\is-9BEEN.tmp\2715410563.exe Caminho do módulo com falha: unknown ID do Relatório: 7467ab28-58dc-4188-b3cc-0e1dd9ec3db4 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/04/2018 04:11:39 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: 2715410563.exe, versão: 0.0.0.0, carimbo de data/hora: 0x2a425e36 Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000 Código de exceção: 0xc0000005 Deslocamento da falha: 0x25ffc08b ID do processo com falha: 0x1454 Hora de início do aplicativo com falha: 0x01d38522de16e4fd Caminho do aplicativo com falha: C:\Users\eduad\AppData\Local\Temp\is-9BEEN.tmp\2715410563.exe Caminho do módulo com falha: unknown ID do Relatório: fcf5ec1c-8b84-4609-9931-f0f2b094de37 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/04/2018 04:11:38 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: 2715410563.exe, versão: 0.0.0.0, carimbo de data/hora: 0x2a425e36 Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000 Código de exceção: 0xc0000005 Deslocamento da falha: 0x25ffc08b ID do processo com falha: 0x1454 Hora de início do aplicativo com falha: 0x01d38522de16e4fd Caminho do aplicativo com falha: C:\Users\eduad\AppData\Local\Temp\is-9BEEN.tmp\2715410563.exe Caminho do módulo com falha: unknown ID do Relatório: ee8f53ca-f818-47de-b185-70396465f05d Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/04/2018 04:11:32 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: 2715410563.exe, versão: 0.0.0.0, carimbo de data/hora: 0x2a425e36 Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000 Código de exceção: 0xc0000005 Deslocamento da falha: 0x18343272 ID do processo com falha: 0x1454 Hora de início do aplicativo com falha: 0x01d38522de16e4fd Caminho do aplicativo com falha: C:\Users\eduad\AppData\Local\Temp\is-9BEEN.tmp\2715410563.exe Caminho do módulo com falha: unknown ID do Relatório: dfe83f89-50a8-4dc0-a064-f29875ce8973 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Erros de Sistema: ============= Error: (01/04/2018 07:26:45 AM) (Source: DCOM) (EventID: 10001) (User: PIRILAMPO) Description: Não é possível iniciar o servidor DCOM: {9AA46009-3CE0-458A-A354-715610A075E6} como Não Disponível/Não Disponível. O erro: "740" Aconteceu ao iniciar este comando: C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding Error: (01/04/2018 07:26:45 AM) (Source: DCOM) (EventID: 10001) (User: PIRILAMPO) Description: Não é possível iniciar o servidor DCOM: {9AA46009-3CE0-458A-A354-715610A075E6} como Não Disponível/Não Disponível. O erro: "740" Aconteceu ao iniciar este comando: C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding Error: (01/04/2018 07:26:45 AM) (Source: DCOM) (EventID: 10001) (User: PIRILAMPO) Description: Não é possível iniciar o servidor DCOM: {9AA46009-3CE0-458A-A354-715610A075E6} como Não Disponível/Não Disponível. O erro: "740" Aconteceu ao iniciar este comando: C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding Error: (01/04/2018 07:20:46 AM) (Source: DCOM) (EventID: 10001) (User: PIRILAMPO) Description: Não é possível iniciar o servidor DCOM: {9AA46009-3CE0-458A-A354-715610A075E6} como Não Disponível/Não Disponível. O erro: "740" Aconteceu ao iniciar este comando: C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding Error: (01/04/2018 07:20:45 AM) (Source: DCOM) (EventID: 10001) (User: PIRILAMPO) Description: Não é possível iniciar o servidor DCOM: {9AA46009-3CE0-458A-A354-715610A075E6} como Não Disponível/Não Disponível. O erro: "740" Aconteceu ao iniciar este comando: C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding Error: (01/04/2018 07:20:43 AM) (Source: DCOM) (EventID: 10001) (User: PIRILAMPO) Description: Não é possível iniciar o servidor DCOM: {9AA46009-3CE0-458A-A354-715610A075E6} como Não Disponível/Não Disponível. O erro: "740" Aconteceu ao iniciar este comando: C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding Error: (01/04/2018 07:20:40 AM) (Source: DCOM) (EventID: 10001) (User: PIRILAMPO) Description: Não é possível iniciar o servidor DCOM: {9AA46009-3CE0-458A-A354-715610A075E6} como Não Disponível/Não Disponível. O erro: "740" Aconteceu ao iniciar este comando: C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding Error: (01/04/2018 07:20:40 AM) (Source: DCOM) (EventID: 10001) (User: PIRILAMPO) Description: Não é possível iniciar o servidor DCOM: {9AA46009-3CE0-458A-A354-715610A075E6} como Não Disponível/Não Disponível. O erro: "740" Aconteceu ao iniciar este comando: C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding Error: (01/04/2018 07:17:05 AM) (Source: DCOM) (EventID: 10001) (User: PIRILAMPO) Description: Não é possível iniciar o servidor DCOM: {9AA46009-3CE0-458A-A354-715610A075E6} como Não Disponível/Não Disponível. O erro: "740" Aconteceu ao iniciar este comando: C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding Error: (01/04/2018 07:17:05 AM) (Source: DCOM) (EventID: 10001) (User: PIRILAMPO) Description: Não é possível iniciar o servidor DCOM: {9AA46009-3CE0-458A-A354-715610A075E6} como Não Disponível/Não Disponível. O erro: "740" Aconteceu ao iniciar este comando: C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding CodeIntegrity: =================================== Date: 2018-01-04 07:27:28.595 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-04 07:27:28.594 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-04 07:22:44.501 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-04 07:22:44.500 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-04 07:12:27.787 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-04 07:12:27.786 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-04 07:07:43.326 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-04 07:07:43.325 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-04 06:57:26.901 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-04 06:57:26.900 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. ==================== Informações da Memória =========================== Processador: AMD FX™-8350 Eight-Core Processor Percentagem de memória em uso: 46% RAM física total: 8161.87 MB RAM física disponível: 4389.39 MB Virtual Total: 14561.87 MB Virtual disponível: 9118 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.02 GB) (Free:294.27 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1AA23AEF) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.