Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Barkhamn

Problema ao acessar páginas de internet

Recommended Posts

Bom dia! Estou com um problema no qual, quando tento acessar qualquer página assim que abro o Chrome pela primeira vez, aparece no canto inferior esquerdo da janela a mensagem "fazendo download do script de proxy" e demora bastante até carregar a página. Após esse primeiro acesso, começa a acessar normalmente, qualquer site, até que, depois de um tempo, começa a travar para acessar de novo, desta vez aparecendo a mensagem "conectando..." e o ciclo se repete. 

 

Obs.: quando executei o ZA-Scan, quase no final apareceu uma mensagem de erro dizendo "DaS21 parou de funcionar". Cliquei no botão de fechar e após um tempo apareceu o log. Na 'assinatura do problema', o arquivo estava nomeado como DaS_21.exe.

ZA-Scan.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @Barkhamn

 

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.

 

Por favor, atente para o seguinte:

  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Sempre coloque suas respostas neste tópico... Não abra outro!
  • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  • Respeite a ordem das instruções passadas.

Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

 

# Etapa nº 1 #
 
Baixe o AdwCleaner e salve em sua Área de trabalho (Desktop)

Execute o arquivo adwcleaner.exe Como Administrador

  • Clique na aba Opções e deixe marcado apenas "Restaurar Políticas do IE" e "Restaurar Políticas do Chrome"
  • Clique no botão Verificar e aguarde o exame finalizar.
  • Clique no botão Limpar.
  • Abrirá um bloco de notas com o resultado.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.
  • O log também será salvo em C:\AdwCleaner


NOTA: Se o AdwCleaner encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC. Faça isso imediatamente, ao ser perguntado se quer reiniciar.
 
# Etapa nº 2 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Junkware Removal Tool (JRT) e salve em sua Área de trabalho (Desktop)

 

Execute o jrt.exe Como Administrador

  • A ferramenta começará o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Ao final um log se abrirá. Será salvo no desktop com o nome de JRT.txt.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 
# Etapa nº 3 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Faça o download do ZHPCleaner e salve em sua Área de trabalho (Desktop)

 

Execute o arquivo ZHPCleaner.exe Como Administrador

  • Clique no botão Scanner.
  • A ferramenta começara o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Em seguida clique no botão Reparar.
  • Será gerado um log chamado ZHPCleaner.txt
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites
  • Autor do tópico
  • Parece que o problema foi solucionado, pois estou conseguindo acessar páginas normalmente, sem nenhum delay. Obrigado pela ajuda! Seguem logs:

     

    AdwCleaner:

    # AdwCleaner 7.0.3.1 - Logfile created on Mon Oct 02 17:59:28 2017
    # Updated on 2017/29/09 by Malwarebytes 
    # Running on Windows 7 Home Premium (X64)
    # Mode: clean
    # Support: https://www.malwarebytes.com/support

    ***** [ Services ] *****

    No malicious services deleted.

    ***** [ Folders ] *****

    No malicious folders deleted.

    ***** [ Files ] *****

    No malicious files deleted.

    ***** [ DLL ] *****

    No malicious DLLs cleaned.

    ***** [ WMI ] *****

    No malicious WMI cleaned.

    ***** [ Shortcuts ] *****

    No malicious shortcuts cleaned.

    ***** [ Tasks ] *****

    No malicious tasks deleted.

    ***** [ Registry ] *****

    Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
    Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}


    ***** [ Firefox (and derivatives) ] *****

    No malicious Firefox entries deleted.

    ***** [ Chromium (and derivatives) ] *****

    No malicious Chromium entries deleted.

    *************************

    ::Tracing keys deleted
    ::Winsock settings cleared
    ::IE policies deleted
    ::Chrome policies deleted
    ::Additional Actions: 0

    *************************

    C:/AdwCleaner/AdwCleaner[S0].txt - [1118 B] - [2017/10/2 17:58:18]


    ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

     

     

     

    Junkware Removal Tool:

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.1.4 (07.09.2017)
    Operating System: Windows 7 Home Premium x64 
    Ran by Rone (Administrator) on 02/10/2017 at 15:41:00,15
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


    File System: 0 


    Registry: 0 

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 02/10/2017 at 18:50:13,43
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     

     

    ZHPCleaner:

    ~ ZHPCleaner v2017.109.2.173 by Nicolas Coolman (2017/10/02)
    ~ Run by Rone (Administrator)  (02/10/2017 19:14:59)
    ~ Web: https://www.nicolascoolman.com
    ~ Blog: https://nicolascoolman.eu/
    ~ Facebook : https://www.facebook.com/nicolascoolman1
    ~ State version : Version OK
    ~ Certificate ZHPCleaner: Legal
    ~ Type : Reparo
    ~ Report : C:\Users\Rone\Desktop\ZHPCleaner.txt
    ~ Quarantine : C:\Users\Rone\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
    ~ UAC : Activate
    ~ Boot Mode : Normal (Normal boot)
    Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)


    ---\\  Serviços (0)
    ~ Nenhum ítem malicioso o desnecessários foi encontrado.


    ---\\  Navegadores de Internet (0)
    ~ Nenhum ítem malicioso o desnecessários foi encontrado.


    ---\\  Arquivo hosts (1)
    ~ O arquivo hosts é legítimo (21)


    ---\\  Tarefas automáticas agendadas. (0)
    ~ Nenhum ítem malicioso o desnecessários foi encontrado.


    ---\\  Explorer ( Arquivos, Pastas) (5)
    MOVIDO pasta: C:\Users\Rone\AppData\Roaming\unins000.exe [ - Setup/Uninstall]  =>Adware.Pirrit
    MOVIDO pasta: C:\Users\Rone\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_hamachi.softonic.com.br_0.localstorage    =>.SUP.Softonic
    MOVIDO pasta: C:\Users\Rone\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_hamachi.softonic.com.br_0.localstorage-journal    =>.SUP.Softonic
    MOVIDO pasta: C:\Users\Rone\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ol.at.atwola.com_0.localstorage    =>.SUP.Atwola
    MOVIDO pasta: C:\Users\Rone\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ol.at.atwola.com_0.localstorage-journal    =>.SUP.Atwola


    ---\\  Registro ( Chaves, Valores, Dados ) (27)
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\1916A2AF346D399F50313C393200F14140456616 [Avast Software]  =>PUM.Misplaced.Certificate
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\2A83E9020591A55FC6DDAD3FB102794C52B24E70 [Avast Software]  =>PUM.Misplaced.Certificate
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\2B84BFBB34EE2EF949FE1CBE30AA026416EB2216 [Avast Software]  =>PUM.Misplaced.Certificate
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\305F8BD17AA2CBC483A4C41B19A39A0C75DA39D6 [Avast Software]  =>PUM.Misplaced.Certificate
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\367D4B3B4FCBBC0B767B2EC0CDB2A36EAB71A4EB [Avast Software]  =>PUM.Misplaced.Certificate
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\3A850044D8A195CD401A680C012CB0A3B5F8DC08 [Avast Software]  =>PUM.Misplaced.Certificate
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\40AA38731BD189F9CDB5B9DC35E2136F38777AF4 [Avast Software]  =>PUM.Misplaced.Certificate
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\43D9BCB568E039D073A74A71D8511F7476089CC3 [Avast Software]  =>PUM.Misplaced.Certificate
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\471C949A8143DB5AD5CDF1C972864A2504FA23C9 [Avast Software]  =>PUM.Misplaced.Certificate
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\51C3247D60F356C7CA3BAF4C3F429DAC93EE7B74 [Avast Software]  =>PUM.Misplaced.Certificate
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\5DE83EE82AC5090AEA9D6AC4E7A6E213F946E179 [Avast Software]  =>PUM.Misplaced.Certificate
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\61793FCBFA4F9008309BBA5FF12D2CB29CD4151A [Avast Software]  =>PUM.Misplaced.Certificate
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\637162CC59A3A1E25956FA5FA8F60D2E1C52EAC6 [Avast Software]  =>PUM.Misplaced.Certificate
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\63FEAE960BAA91E343CE2BD8B71798C76BDB77D0 [Avast Software]  =>PUM.Misplaced.Certificate
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\6431723036FD26DEA502792FA595922493030F97 [Avast Software]  =>PUM.Misplaced.Certificate
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\7D7F4414CCEF168ADF6BF40753B5BECD78375931 [Avast Software]  =>PUM.Misplaced.Certificate
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\80962AE4D6C5B442894E95A13E4A699E07D694CF [Avast Software]  =>PUM.Misplaced.Certificate
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\86E817C81A5CA672FE000F36F878C19518D6F844 [Avast Software]  =>PUM.Misplaced.Certificate
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\8E5BD50D6AE686D65252F843A9D4B96D197730AB [Avast Software]  =>PUM.Misplaced.Certificate
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\9845A431D51959CAF225322B4A4FE9F223CE6D15 [Avast Software]  =>PUM.Misplaced.Certificate
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\B533345D06F64516403C00DA03187D3BFEF59156 [Avast Software]  =>PUM.Misplaced.Certificate
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\B86E791620F759F17B8D25E38CA8BE32E7D5EAC2 [Avast Software]  =>PUM.Misplaced.Certificate
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\C060ED44CBD881BD0EF86C0BA287DDCF8167478C [Avast Software]  =>PUM.Misplaced.Certificate
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\CEA586B2CE593EC7D939898337C57814708AB2BE [Avast Software]  =>PUM.Misplaced.Certificate
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\D018B62DC518907247DF50925BB09ACF4A5CB3AD [Avast Software]  =>PUM.Misplaced.Certificate
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\F8A54E03AADC5692B850496A4C4630FFEAA29D83 [Avast Software]  =>PUM.Misplaced.Certificate
    SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\FA6660A94AB45F6A88C0D7874D89A863D74DEE97 [Avast Software]  =>PUM.Misplaced.Certificate


    ---\\  Resumo dos elementos encontrados na sua estação de trabalho (4)
    https://nicolascoolman.eu/2017/02/25/adware-pirrit/  =>Adware.Pirrit
    https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Softonic
    https://nicolascoolman.eu/2017/02/04/superfluous-atwola/  =>.SUP.Atwola
    https://nicolascoolman.eu/2017/06/26/trojan-certlock/  =>PUM.Misplaced.Certificate


    ---\\  Dodatkowe oczyszczenie. (23)
    ~ Chave de registro Tracing Supprimido (23)
    ~ Remover os relatórios antigos ZHPCleaner. (0)


    ---\\ Resultado de reparação
    Reparação efectuada com sucesso
    ~ Este navegador está faltando ! (Mozilla Firefox)
    ~ Este navegador está faltando ! (Opera Software)


    ---\\ Estatísticas
    ~ Items scan : 551
    ~ Items encontrado : 0
    ~ items cancelados : 0
    ~ Items réparo : 32


    ~ End of clean in 00h00mn32s
    ~====================
    ZHPCleaner-[R]-02102017-19_15_31.txt
    ZHPCleaner--02102017-19_12_44.txt
     

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro @Barkhamn

     

    Que bom amigo, mas vamos terminar! ;)

     

    Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

     

    Baixe o Farbar Recovery Scan Tool e salve-o na Área de Trabalho (Desktop).


    32 bit (x86) ou 64 bit (x64)

    • Clique com o botão direito e escolha Executar como Administrador;
    • Marque a caixa Arquivos 90 dias,  e clique no botão Examinar;
    • Aguarde e ao final os logs FRST.txt e Addition.txt serão salvos em sua Área de Trabalho (Desktop);
    • Selecione, copie e cole o conteúdo do log  FRST.txt em sua próxima resposta;
    • Anexe o log Addition.txt.

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Log FRST:

    Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 14-10-2017
    Executado por Rone (administrador) em PC-RONE (14-10-2017 14:30:04)
    Executando a partir de C:\Users\Default.PC-Rone\Downloads
    Perfis Carregados: Rone & Default (Perfis Disponíveis: Rone & Default)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) Idioma: Português (Brasil)
    Internet Explorer Versão 11 (Navegador padrão: Chrome)
    Modo da Inicialização: Normal
    Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processos (Whitelisted) =================

    (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
    (Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\ns.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
    (Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe
    (GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\ns.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
    (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    (Intel Corporation) C:\Windows\System32\igfxEM.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
    (Canon INC.) C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    (CANON INC.) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\cmd.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\conathst.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\Smart TimeLock\AlarmClock.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\ns.exe
    (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
    (Intel Corporation) C:\Windows\System32\igfxEM.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
    (Gigabyte Technology CO.) C:\Program Files\GIGABYTE\SmartRecovery2\RPMDaemon.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
    (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
    (GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
    (Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe

    ==================== Registro (Whitelisted) ===========================

    (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

    HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [404376 2015-08-09] ()
    HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
    HKLM\...\Run: [Persistence] => "C:\Windows\system32\igfxpers.exe"
    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
    HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
    HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17406072 2017-01-23] (Logitech Inc.)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16418560 2016-01-26] (Realtek Semiconductor)
    HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation)
    HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-25] (Intel Corporation)
    HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
    HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [52553728 2017-01-22] (Hammer & Chisel, Inc.)
    HKLM\...\RunOnce: [RPMKickstart] => C:\Program Files\GIGABYTE\SmartRecovery2\RPMKickstart.exe [2422272 2012-09-06] (Gigabyte Technology CO., LTD.)
    HKLM-x32\...\RunOnce: [EasyTune] => C:\Program Files (x86)\GIGABYTE\EasyTune\RunOnceTask.exe [10240 2013-11-13] (GIGA-BYTE TECHNOLOGY CO., LTD.)
    Winlogon\Notify\igfxcui: igfxdev.dll [X]
    Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2016-06-16] (Banco do Brasil)
    HKU\S-1-5-21-3545941749-2031850882-1986805429-1000\...\Run: [AceStream] => C:\Users\Rone\AppData\Roaming\ACEStream\engine\ace_engine.exe
    HKU\S-1-5-21-3545941749-2031850882-1986805429-1000\...\MountPoints2: {9153d827-cd5b-11e3-a7ac-806e6f6e6963} - D:\Run.exe
    ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1947872 2016-06-16] (Banco do Brasil)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2016-10-24]
    ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
    Startup: C:\Users\Default.PC-Rone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2017-06-14]
    ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)
    Startup: C:\Users\Rone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2016-10-24]
    ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)

    ==================== Internet (Whitelisted) ====================

    (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{31A59138-214D-436D-A9CE-BF2E7F47B7A9}: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{6642AF7F-FD14-4826-AA18-B8E303226F2F}: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{E5691E0E-67F3-4E5D-B832-2431889E6106}: [DhcpNameServer] 10.0.0.1

    Internet Explorer:
    ==================
    HKU\S-1-5-21-3545941749-2031850882-1986805429-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:tabs
    SearchScopes: HKU\S-1-5-21-3545941749-2031850882-1986805429-1002 -> DefaultScope {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NS&chn=1000&geo=BR&ver=22&locale=pt_BR&gct=kwd&qsrc=2869
    SearchScopes: HKU\S-1-5-21-3545941749-2031850882-1986805429-1002 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NS&chn=1000&geo=BR&ver=22&locale=pt_BR&gct=kwd&qsrc=2869
    BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
    BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\coIEPlg.dll [2017-10-04] (Symantec Corporation)
    BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine32\22.11.0.41\coIEPlg.dll [2017-10-04] (Symantec Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-21] (Oracle Corporation)
    BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll [2016-06-16] (Banco do Brasil)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-21] (Oracle Corporation)
    Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
    Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\coIEPlg.dll [2017-10-04] (Symantec Corporation)
    Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine32\22.11.0.41\coIEPlg.dll [2017-10-04] (Symantec Corporation)
    Toolbar: HKU\S-1-5-21-3545941749-2031850882-1986805429-1002 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\coIEPlg.dll [2017-10-04] (Symantec Corporation)
    DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1462251484785

    FireFox:
    ========
    FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.8.0.50\coFFAddon
    FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.8.0.50\coFFAddon [2017-07-20]
    FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.8.0.50\coFFAddon
    FF HKU\S-1-5-21-3545941749-2031850882-1986805429-1000\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Rone\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => não encontrado (a)
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll [2015-01-31] ()
    FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-04-26] (Microsoft Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
    FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
    FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll [2015-01-31] ()
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-21] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-21] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-04-26] (Microsoft Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-09-16] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-09-16] (NVIDIA Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
    FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
    FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
    FF Plugin HKU\S-1-5-21-3545941749-2031850882-1986805429-1000: @acestream.net/acestreamplugin,version=3.1.16.1 -> C:\Users\Rone\AppData\Roaming\ACEStream\player\npace_plugin.dll [Nenhum Arquivo]
    FF Plugin HKU\S-1-5-21-3545941749-2031850882-1986805429-1000: gastecnologia.com.br/sf/bb -> C:\Users\Rone\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll [2015-03-06] (GAS Tecnologia)
    FF Plugin HKU\S-1-5-21-3545941749-2031850882-1986805429-1000: gastecnologia.com.br/sf/bb64 -> C:\Users\Rone\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll [2015-03-06] (GAS Tecnologia)
    FF Plugin HKU\S-1-5-21-3545941749-2031850882-1986805429-1002: gastecnologia.com.br/sf/bb -> C:\Users\Default.PC-Rone\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll [2015-03-06] (GAS Tecnologia)
    FF Plugin HKU\S-1-5-21-3545941749-2031850882-1986805429-1002: gastecnologia.com.br/sf/bb64 -> C:\Users\Default.PC-Rone\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll [2015-03-06] (GAS Tecnologia)
    FF Plugin HKU\S-1-5-21-3545941749-2031850882-1986805429-1002: gastecnologia.com.br/sf/gas64 -> C:\Users\Default.PC-Rone\AppData\Local\GAS Tecnologia\GBBD\npsf_gas_64.dll [Nenhum Arquivo]
    FF Plugin HKU\S-1-5-21-3545941749-2031850882-1986805429-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-12-01] ()

    Chrome: 
    =======
    CHR DefaultProfile: Default
    CHR HomePage: Default -> hxxp://www.google.com/
    CHR StartupUrls: Default -> "hxxp://google.com/"
    CHR DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11908
    CHR DefaultSearchKeyword: Default -> NortonSafe
    CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?q={searchTerms}&li=ff
    CHR Profile: C:\Users\Rone\AppData\Local\Google\Chrome\User Data\Default [2017-10-04]
    CHR Extension: (YouTube) - C:\Users\Rone\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-01]
    CHR Extension: (Google Search) - C:\Users\Rone\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-01]
    CHR Extension: (Norton Safe) - C:\Users\Rone\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbmobhkkblcgdifigjglcjneplefbkmh [2017-06-11]
    CHR Extension: (Norton Identity Safe) - C:\Users\Rone\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-12-04]
    CHR Extension: (Ace Script) - C:\Users\Rone\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2017-10-02]
    CHR Extension: (GBBD Banco do Brasil) - C:\Users\Rone\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkeabchhfifpaaoefpockjhaphjmoapp [2015-05-14]
    CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Rone\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-02]
    CHR Extension: (Norton Security Toolbar) - C:\Users\Rone\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2017-06-11]
    CHR Extension: (Gmail) - C:\Users\Rone\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-14]
    CHR Extension: (Chrome Media Router) - C:\Users\Rone\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-03]
    CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\Exts\Chrome.crx <não encontrado (a)>
    CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-3545941749-2031850882-1986805429-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-3545941749-2031850882-1986805429-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pgacfjdigcddmmncljpflgcfpfahebkh] - C:\Users\Rone\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx <não encontrado (a)>
    CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\Exts\Chrome.crx <não encontrado (a)>
    CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

    ==================== Serviços (Whitelisted) ====================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
    S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1533448 2017-09-14] ()
    R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [631520 2016-07-04] (GAS Tecnologia)
    R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
    R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
    R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Arquivo não assinado]
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
    R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-01-23] (Logitech Inc.)
    S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
    R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
    R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
    R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [41760 2015-10-13] (Microsoft)
    R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\NS.exe [326144 2017-10-04] (Symantec Corporation)
    R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [513144 2017-09-16] (NVIDIA Corporation)
    S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [513144 2017-09-16] (NVIDIA Corporation)
    R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-09-16] (NVIDIA Corporation)
    R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-09-16] (NVIDIA Corporation)
    R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe [102400 2013-02-22] (Gigabyte Technology CO., LTD.) [Arquivo não assinado]
    R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [1056304 2017-09-20] (GAS Tecnologia LTDA)
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
    R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [672024 2015-02-26] (Wacom Technology, Corp.)
    S3 NvStreamNetworkSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" [X]

    ===================== Drivers (Whitelisted) ======================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
    R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.8.0.50\Definitions\BASHDefs\20171011.003\BHDrvx64.sys [1872032 2017-09-07] (Symantec Corporation)
    R1 ccSet_NS; C:\Windows\system32\drivers\NSx64\160B000.029\ccSetx64.sys [187520 2017-10-04] (Symantec Corporation)
    S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows (R) Win 7 DDK provider)
    R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [508032 2017-06-29] (Symantec Corporation)
    R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [158336 2017-06-29] (Symantec Corporation)
    R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2017-10-14] (GAS Tecnologia)
    S0 GbpKm; C:\Windows\SysWOW64\drivers\GbpKm.sys [49536 2013-05-08] (GAS Tecnologia)
    R3 GBPRCM; C:\PROGRAM FILES (X86)\GBPLUGIN\gbprcm64.sys [29912 2017-10-02] (GAS Tecnologia)
    R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
    R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.8.0.50\Definitions\IPSDefs\20171013.001\IDSvia64.sys [1056920 2017-10-13] (Symantec Corporation)
    R3 ladfGSS; C:\Windows\System32\drivers\ladfGSS.sys [54552 2017-01-23] (Logitech Inc.)
    R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
    R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [67736 2017-01-23] (Logitech Inc.)
    R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
    R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
    S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-09-16] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48248 2017-09-16] (NVIDIA Corporation)
    R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57976 2017-09-16] (NVIDIA Corporation)
    S3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-04-10] (Razer, Inc.)
    S3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [126464 2010-12-16] (Razer USA Ltd) [Arquivo não assinado]
    R3 SRTSP; C:\Windows\System32\Drivers\NSx64\160B000.029\SRTSP64.SYS [812704 2017-10-04] (Symantec Corporation)
    R1 SRTSPX; C:\Windows\system32\drivers\NSx64\160B000.029\SRTSPX64.SYS [49304 2017-10-04] (Symantec Corporation)
    R0 SymEFASI; C:\Windows\System32\drivers\NSx64\160B000.029\SYMEFASI64.SYS [1868416 2017-10-04] (Symantec Corporation)
    R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [102568 2017-07-19] (Symantec Corporation)
    R1 SymIRON; C:\Windows\system32\drivers\NSx64\160B000.029\Ironx64.SYS [301288 2017-10-04] (Symantec Corporation)
    R1 SymNetS; C:\Windows\System32\Drivers\NSx64\160B000.029\SYMNETS.SYS [566912 2017-10-04] (Symantec Corporation)
    S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
    R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)
    R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2017-10-02] (GAS Tecnologia LTDA)
    R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [28376 2017-10-14] (GAS Tecnologia)
    R1 wsddntf; C:\Windows\System32\DRIVERS\wsddntf.sys [36984 2016-11-11] (GAS Tecnologia)
    R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [25184 2016-11-11] (GAS Tecnologia)
    R3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [25184 2016-11-11] (GAS Tecnologia)
    S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [42760 2016-02-21] (Microsoft Corporation)
    R3 XtuAcpiDriver; C:\Windows\System32\DRIVERS\XtuAcpiDriver.sys [54344 2016-11-22] (Intel Corporation)
    S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
    S3 NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.8.0.50\Definitions\SDSDefs\20161024.009\ENG64.SYS [X]
    S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.8.0.50\Definitions\SDSDefs\20161024.009\EX64.SYS [X]

    ==================== NetSvcs (Whitelisted) ===================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


    ==================== Três Meses Criados arquivos e pastas ========

    (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

    2017-10-14 14:30 - 2017-10-14 14:30 - 000029565 _____ C:\Users\Default.PC-Rone\Downloads\FRST.txt
    2017-10-14 14:29 - 2017-10-14 14:30 - 000000000 ____D C:\FRST
    2017-10-14 14:25 - 2017-10-14 14:25 - 002402304 _____ (Farbar) C:\Users\Default.PC-Rone\Downloads\FRST64.exe
    2017-10-13 23:14 - 2017-10-13 23:14 - 000000000 ____D C:\Windows\System32\Tasks\Remediation
    2017-10-08 16:18 - 2017-10-08 16:18 - 000000000 ____D C:\Windows\System32\Tasks\Norton Security
    2017-10-08 16:13 - 2017-10-08 16:13 - 000003218 _____ C:\Windows\System32\Tasks\Norton WSC Integration
    2017-10-07 14:32 - 2017-10-14 14:26 - 000000000 ____D C:\Users\Todos os Usuários\GbPlugin
    2017-10-07 14:32 - 2017-10-14 14:26 - 000000000 ____D C:\ProgramData\GbPlugin
    2017-10-05 02:47 - 2017-10-05 02:47 - 000062070 _____ C:\Users\Default.PC-Rone\Desktop\DLWFkuYXoAAyB1I.jpg-large
    2017-10-04 13:26 - 2017-10-04 13:26 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-10-04 13:26 - 2017-10-04 13:26 - 000003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-10-04 13:26 - 2017-10-04 13:26 - 000003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-10-04 13:26 - 2017-10-04 13:26 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-10-04 13:26 - 2017-10-04 13:26 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-10-04 13:26 - 2017-10-04 13:26 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-10-04 13:26 - 2017-10-04 13:26 - 000003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-10-04 13:26 - 2017-10-04 13:26 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-10-04 13:26 - 2017-10-04 13:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2017-10-04 13:26 - 2017-10-04 13:26 - 000000000 ____D C:\Program Files (x86)\VulkanRT
    2017-10-04 13:26 - 2017-09-16 16:23 - 001923192 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
    2017-10-04 13:26 - 2017-09-16 16:23 - 001755256 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
    2017-10-04 13:26 - 2017-09-16 16:23 - 001505912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
    2017-10-04 13:26 - 2017-09-16 16:23 - 001317496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
    2017-10-04 13:26 - 2017-09-16 16:23 - 000179320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
    2017-10-04 13:26 - 2017-09-16 16:23 - 000146552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
    2017-10-04 13:26 - 2017-09-16 16:23 - 000121464 _____ C:\Windows\system32\NvRtmpStreamer64.dll
    2017-10-04 13:26 - 2017-09-16 14:17 - 000135800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
    2017-10-04 13:26 - 2017-07-20 14:21 - 000905504 _____ C:\Windows\system32\vulkan-1.dll
    2017-10-04 13:26 - 2017-07-20 14:21 - 000776992 _____ C:\Windows\SysWOW64\vulkan-1.dll
    2017-10-04 13:26 - 2017-07-20 14:21 - 000578848 _____ C:\Windows\system32\vulkaninfo.exe
    2017-10-04 13:26 - 2017-07-20 14:21 - 000477472 _____ C:\Windows\SysWOW64\vulkaninfo.exe
    2017-10-04 13:25 - 2017-09-16 16:23 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
    2017-10-04 13:24 - 2017-09-16 16:23 - 000057976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
    2017-10-04 13:24 - 2017-09-16 16:23 - 000048248 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
    2017-10-04 13:11 - 2017-10-04 13:23 - 414921040 _____ (NVIDIA Corporation) C:\Users\Rone\Downloads\385.69-desktop-win8-win7-64bit-international-whql.exe
    2017-10-03 18:33 - 2017-09-16 16:23 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
    2017-10-03 18:32 - 2017-09-16 14:34 - 006463424 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
    2017-10-03 18:32 - 2017-09-16 14:34 - 002478528 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
    2017-10-03 18:32 - 2017-09-16 14:34 - 001762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
    2017-10-03 18:32 - 2017-09-16 14:34 - 000548472 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
    2017-10-03 18:32 - 2017-09-16 14:34 - 000392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
    2017-10-03 18:32 - 2017-09-16 14:34 - 000082040 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
    2017-10-03 18:32 - 2017-09-16 14:34 - 000069752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
    2017-10-03 18:32 - 2017-09-15 12:03 - 008248071 _____ C:\Windows\system32\nvcoproc.bin
    2017-10-03 18:31 - 2017-09-16 16:23 - 040240064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 035883640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 035314112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 028987512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 023132720 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 018849968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 018706120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 017808120 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 015427520 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
    2017-10-03 18:31 - 2017-09-16 16:23 - 014688256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 013782720 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 012241792 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 011692856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 010087504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 004188872 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 003793016 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 003692216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 003346368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 001988216 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438569.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 001615448 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 001606592 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438569.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 001067456 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 001005176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 000972920 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 000924096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 000690504 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 000609912 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 000578056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 000512672 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 000499136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 000491720 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 000429920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 000407064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 000218712 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
    2017-10-03 18:31 - 2017-09-16 16:23 - 000171384 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 000154392 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 000149040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 000132256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 000045976 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
    2017-10-03 18:31 - 2017-09-16 16:23 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
    2017-10-03 18:31 - 2017-09-16 16:23 - 000000669 _____ C:\Windows\system32\nv-vk64.json
    2017-10-03 13:53 - 2017-08-19 12:28 - 004121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
    2017-10-03 13:53 - 2017-08-19 12:28 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
    2017-10-03 13:53 - 2017-08-19 12:28 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
    2017-10-03 13:53 - 2017-08-19 12:10 - 003209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
    2017-10-03 13:53 - 2017-08-19 12:10 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
    2017-10-03 13:53 - 2017-08-19 12:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
    2017-10-03 13:53 - 2017-08-19 12:08 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
    2017-10-03 13:53 - 2017-08-19 12:08 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
    2017-10-03 13:53 - 2017-08-19 11:57 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
    2017-10-03 13:53 - 2017-08-19 11:57 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
    2017-10-03 13:53 - 2017-08-14 14:38 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2017-10-03 13:53 - 2017-08-14 14:38 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2017-10-03 13:53 - 2017-08-14 14:35 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2017-10-03 13:53 - 2017-08-14 14:35 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2017-10-03 13:53 - 2017-08-14 14:34 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2017-10-03 13:53 - 2017-08-14 14:34 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2017-10-03 13:53 - 2017-08-14 14:34 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
    2017-10-03 13:53 - 2017-08-13 18:45 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
    2017-10-03 13:53 - 2017-08-13 18:37 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2017-10-03 13:53 - 2017-08-13 18:31 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2017-10-03 13:53 - 2017-08-13 18:30 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2017-10-03 13:53 - 2017-08-13 18:30 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2017-10-03 13:53 - 2017-08-13 18:30 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
    2017-10-03 13:53 - 2017-08-13 18:30 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2017-10-03 13:53 - 2017-08-13 18:26 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
    2017-10-03 13:50 - 2017-10-03 13:50 - 000000118 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
    2017-10-03 13:44 - 2017-10-14 14:26 - 000000000 __SHD C:\Users\Rone\IntelGraphicsProfiles
    2017-10-03 13:44 - 2017-10-03 13:44 - 000000401 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
    2017-10-03 13:17 - 2017-04-27 19:50 - 003550208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
    2017-10-03 13:17 - 2017-04-12 10:05 - 004296704 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
    2017-10-03 13:15 - 2017-08-19 12:28 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
    2017-10-03 13:15 - 2017-08-19 12:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
    2017-10-03 13:15 - 2017-08-16 12:29 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
    2017-10-03 13:15 - 2017-08-16 12:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
    2017-10-03 13:15 - 2017-08-16 11:57 - 003224576 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2017-10-03 13:15 - 2017-08-15 22:10 - 000395976 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2017-10-03 13:15 - 2017-08-15 21:25 - 000347336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2017-10-03 13:15 - 2017-08-15 12:29 - 014182400 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2017-10-03 13:15 - 2017-08-15 12:29 - 001867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
    2017-10-03 13:15 - 2017-08-15 12:10 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2017-10-03 13:15 - 2017-08-15 12:10 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
    2017-10-03 13:15 - 2017-08-15 11:06 - 015260160 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2017-10-03 13:15 - 2017-08-15 11:01 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2017-10-03 13:15 - 2017-08-15 11:01 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2017-10-03 13:15 - 2017-08-15 11:01 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2017-10-03 13:15 - 2017-08-15 10:58 - 013673984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2017-10-03 13:15 - 2017-08-14 14:35 - 003203584 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
    2017-10-03 13:15 - 2017-08-14 14:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
    2017-10-03 13:15 - 2017-08-14 14:35 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
    2017-10-03 13:15 - 2017-08-14 14:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcbase.dll
    2017-10-03 13:15 - 2017-08-14 14:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cic.dll
    2017-10-03 13:15 - 2017-08-14 14:35 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
    2017-10-03 13:15 - 2017-08-14 14:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcshext.dll
    2017-10-03 13:15 - 2017-08-14 14:34 - 000211968 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
    2017-10-03 13:15 - 2017-08-13 18:37 - 002144256 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
    2017-10-03 13:15 - 2017-08-13 18:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
    2017-10-03 13:15 - 2017-08-13 15:58 - 025730560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2017-10-03 13:15 - 2017-08-13 14:24 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2017-10-03 13:15 - 2017-08-13 14:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2017-10-03 13:15 - 2017-08-13 14:06 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2017-10-03 13:15 - 2017-08-13 14:05 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2017-10-03 13:15 - 2017-08-13 14:05 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2017-10-03 13:15 - 2017-08-13 14:05 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2017-10-03 13:15 - 2017-08-13 14:05 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2017-10-03 13:15 - 2017-08-13 14:04 - 002899968 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2017-10-03 13:15 - 2017-08-13 13:56 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2017-10-03 13:15 - 2017-08-13 13:55 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2017-10-03 13:15 - 2017-08-13 13:54 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2017-10-03 13:15 - 2017-08-13 13:52 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2017-10-03 13:15 - 2017-08-13 13:51 - 005981696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2017-10-03 13:15 - 2017-08-13 13:51 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2017-10-03 13:15 - 2017-08-13 13:51 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2017-10-03 13:15 - 2017-08-13 13:50 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2017-10-03 13:15 - 2017-08-13 13:50 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2017-10-03 13:15 - 2017-08-13 13:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2017-10-03 13:15 - 2017-08-13 13:41 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2017-10-03 13:15 - 2017-08-13 13:38 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2017-10-03 13:15 - 2017-08-13 13:30 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2017-10-03 13:15 - 2017-08-13 13:29 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2017-10-03 13:15 - 2017-08-13 13:29 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2017-10-03 13:15 - 2017-08-13 13:29 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2017-10-03 13:15 - 2017-08-13 13:29 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2017-10-03 13:15 - 2017-08-13 13:29 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2017-10-03 13:15 - 2017-08-13 13:28 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2017-10-03 13:15 - 2017-08-13 13:27 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2017-10-03 13:15 - 2017-08-13 13:24 - 002291200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2017-10-03 13:15 - 2017-08-13 13:24 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2017-10-03 13:15 - 2017-08-13 13:23 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2017-10-03 13:15 - 2017-08-13 13:22 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2017-10-03 13:15 - 2017-08-13 13:21 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2017-10-03 13:15 - 2017-08-13 13:20 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2017-10-03 13:15 - 2017-08-13 13:19 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2017-10-03 13:15 - 2017-08-13 13:18 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2017-10-03 13:15 - 2017-08-13 13:17 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2017-10-03 13:15 - 2017-08-13 13:17 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2017-10-03 13:15 - 2017-08-13 13:17 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2017-10-03 13:15 - 2017-08-13 13:07 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2017-10-03 13:15 - 2017-08-13 13:04 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2017-10-03 13:15 - 2017-08-13 13:04 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2017-10-03 13:15 - 2017-08-13 13:02 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2017-10-03 13:15 - 2017-08-13 13:01 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2017-10-03 13:15 - 2017-08-13 13:01 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2017-10-03 13:15 - 2017-08-13 13:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2017-10-03 13:15 - 2017-08-13 13:00 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2017-10-03 13:15 - 2017-08-13 12:57 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2017-10-03 13:15 - 2017-08-13 12:53 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2017-10-03 13:15 - 2017-08-13 12:48 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2017-10-03 13:15 - 2017-08-13 12:46 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2017-10-03 13:15 - 2017-08-13 12:44 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2017-10-03 13:15 - 2017-08-13 12:43 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2017-10-03 13:15 - 2017-08-13 12:43 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2017-10-03 13:15 - 2017-08-13 12:40 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2017-10-03 13:15 - 2017-08-13 12:27 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2017-10-03 13:15 - 2017-08-13 12:18 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2017-10-03 13:15 - 2017-08-13 12:17 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2017-10-03 13:15 - 2017-08-13 12:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2017-10-03 13:15 - 2017-08-13 12:13 - 001314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2017-10-03 13:15 - 2017-08-11 03:42 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
    2017-10-03 13:15 - 2017-08-11 03:38 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2017-10-03 13:15 - 2017-08-11 03:38 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2017-10-03 13:15 - 2017-08-11 03:36 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2017-10-03 13:15 - 2017-08-11 03:35 - 002065408 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
    2017-10-03 13:15 - 2017-08-11 03:35 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
    2017-10-03 13:15 - 2017-08-11 03:35 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
    2017-10-03 13:15 - 2017-08-11 03:35 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2017-10-03 13:15 - 2017-08-11 03:35 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2017-10-03 13:15 - 2017-08-11 03:35 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
    2017-10-03 13:15 - 2017-08-11 03:35 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
    2017-10-03 13:15 - 2017-08-11 03:35 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2017-10-03 13:15 - 2017-08-11 03:35 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2017-10-03 13:15 - 2017-08-11 03:35 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
    2017-10-03 13:15 - 2017-08-11 03:35 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2017-10-03 13:15 - 2017-08-11 03:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
    2017-10-03 13:15 - 2017-08-11 03:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
    2017-10-03 13:15 - 2017-08-11 03:35 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
    2017-10-03 13:15 - 2017-08-11 03:35 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
    2017-10-03 13:15 - 2017-08-11 03:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2017-10-03 13:15 - 2017-08-11 03:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:24 - 004001000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2017-10-03 13:15 - 2017-08-11 03:24 - 003945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2017-10-03 13:15 - 2017-08-11 03:21 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2017-10-03 13:15 - 2017-08-11 03:20 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
    2017-10-03 13:15 - 2017-08-11 03:20 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
    2017-10-03 13:15 - 2017-08-11 03:19 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winnsi.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nsi.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 03:12 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
    2017-10-03 13:15 - 2017-08-11 03:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
    2017-10-03 13:15 - 2017-08-11 03:07 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
    2017-10-03 13:15 - 2017-08-11 03:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
    2017-10-03 13:15 - 2017-08-11 03:07 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
    2017-10-03 13:15 - 2017-08-11 03:03 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2017-10-03 13:15 - 2017-08-11 03:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
    2017-10-03 13:15 - 2017-08-11 03:02 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2017-10-03 13:15 - 2017-08-11 03:01 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
    2017-10-03 13:15 - 2017-08-11 03:00 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
    2017-10-03 13:15 - 2017-08-11 02:59 - 000460800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
    2017-10-03 13:15 - 2017-08-11 02:59 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
    2017-10-03 13:15 - 2017-08-11 02:59 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
    2017-10-03 13:15 - 2017-08-11 02:58 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2017-10-03 13:15 - 2017-08-11 02:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
    2017-10-03 13:15 - 2017-08-11 02:56 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2017-10-03 13:15 - 2017-08-11 02:56 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2017-10-03 13:15 - 2017-08-11 02:56 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2017-10-03 13:15 - 2017-08-11 02:56 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2017-10-03 13:15 - 2017-08-11 02:55 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 02:55 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 02:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2017-10-03 13:15 - 2017-08-11 02:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2017-10-03 13:15 - 2017-07-29 11:56 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
    2017-10-03 13:15 - 2017-07-21 11:26 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll
    2017-10-03 13:15 - 2017-07-21 11:26 - 000409600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexch40.dll
    2017-10-03 13:15 - 2017-07-21 11:26 - 000290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjtes40.dll
    2017-10-03 13:15 - 2017-07-21 11:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll
    2017-10-03 13:15 - 2017-07-14 12:29 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
    2017-10-03 13:15 - 2017-07-14 12:29 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
    2017-10-03 13:15 - 2017-07-14 12:29 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
    2017-10-03 13:15 - 2017-07-14 12:29 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
    2017-10-03 13:15 - 2017-07-14 12:29 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
    2017-10-03 13:15 - 2017-07-14 12:29 - 000486400 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
    2017-10-03 13:15 - 2017-07-14 12:29 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
    2017-10-03 13:15 - 2017-07-14 12:29 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
    2017-10-03 13:15 - 2017-07-14 12:29 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
    2017-10-03 13:15 - 2017-07-14 12:29 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
    2017-10-03 13:15 - 2017-07-14 12:29 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
    2017-10-03 13:15 - 2017-07-14 12:29 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
    2017-10-03 13:15 - 2017-07-14 12:12 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
    2017-10-03 13:15 - 2017-07-14 12:12 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
    2017-10-03 13:15 - 2017-07-14 12:11 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
    2017-10-03 13:15 - 2017-07-14 12:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
    2017-10-03 13:15 - 2017-07-14 12:10 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
    2017-10-03 13:15 - 2017-07-14 12:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
    2017-10-03 13:15 - 2017-07-14 12:10 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
    2017-10-03 13:15 - 2017-07-14 12:10 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
    2017-10-03 13:15 - 2017-07-14 12:10 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
    2017-10-03 13:15 - 2017-07-14 12:10 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
    2017-10-03 13:15 - 2017-07-14 12:10 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
    2017-10-03 13:15 - 2017-07-14 12:10 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
    2017-10-03 13:15 - 2017-07-14 12:10 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
    2017-10-03 13:15 - 2017-07-14 12:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
    2017-10-03 13:15 - 2017-07-14 12:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
    2017-10-03 13:15 - 2017-07-14 11:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
    2017-10-03 13:15 - 2017-07-14 11:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
    2017-10-03 13:15 - 2017-07-14 11:57 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
    2017-10-03 13:15 - 2017-07-14 11:50 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
    2017-10-03 13:15 - 2017-07-14 11:50 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
    2017-10-03 13:15 - 2017-07-08 12:34 - 000370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
    2017-10-03 13:15 - 2017-07-07 12:33 - 000363752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
    2017-10-03 13:15 - 2017-07-07 12:29 - 001143296 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
    2017-10-03 13:15 - 2017-07-07 12:29 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
    2017-10-03 13:15 - 2017-07-07 12:11 - 000109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
    2017-10-03 13:15 - 2017-07-07 12:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll
    2017-10-03 13:15 - 2017-07-01 10:05 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
    2017-10-03 13:15 - 2017-07-01 10:05 - 000866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswdat10.dll
    2017-10-03 13:15 - 2017-07-01 10:05 - 000641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
    2017-10-03 13:15 - 2017-07-01 10:05 - 000616448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl40.dll
    2017-10-03 13:15 - 2017-07-01 10:05 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
    2017-10-03 13:15 - 2017-07-01 10:05 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
    2017-10-03 13:15 - 2017-07-01 10:05 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
    2017-10-03 13:15 - 2017-07-01 10:05 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
    2017-10-03 13:15 - 2017-07-01 10:05 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
    2017-10-03 13:15 - 2017-07-01 10:05 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
    2017-10-03 13:15 - 2017-07-01 10:05 - 000144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
    2017-10-03 13:15 - 2017-07-01 10:05 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter40.dll
    2017-10-03 13:15 - 2017-06-15 17:23 - 000753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
    2017-10-03 13:15 - 2017-06-12 19:49 - 001363456 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
    2017-10-03 13:15 - 2017-06-12 19:49 - 000594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
    2017-10-03 13:15 - 2017-06-12 19:49 - 000475136 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
    2017-10-03 13:15 - 2017-06-12 19:49 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
    2017-10-03 13:15 - 2017-06-12 19:29 - 001227264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
    2017-10-03 13:15 - 2017-06-12 19:29 - 000444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
    2017-10-03 13:15 - 2017-06-12 19:29 - 000390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
    2017-10-03 13:15 - 2017-06-12 19:28 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
    2017-10-03 13:15 - 2017-06-12 19:14 - 000379392 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
    2017-10-03 13:15 - 2017-06-12 19:14 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
    2017-10-03 13:15 - 2017-06-12 19:14 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe
    2017-10-03 13:15 - 2017-06-12 19:06 - 000303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
    2017-10-03 13:15 - 2017-06-12 19:06 - 000157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
    2017-10-03 13:15 - 2017-06-12 19:06 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resmon.exe
    2017-10-03 13:15 - 2017-06-09 12:33 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
    2017-10-03 13:15 - 2017-06-02 05:10 - 000733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
    2017-10-03 13:15 - 2017-05-30 01:56 - 001895656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2017-10-03 13:15 - 2017-05-30 01:56 - 000377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
    2017-10-03 13:15 - 2017-05-30 01:56 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
    2017-10-03 13:15 - 2017-05-21 01:24 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2017-10-03 13:15 - 2017-05-21 01:06 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2017-10-03 13:15 - 2017-05-16 12:35 - 000986856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
    2017-10-03 13:15 - 2017-05-16 12:35 - 000265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
    2017-10-03 13:15 - 2017-05-16 12:30 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
    2017-10-03 13:15 - 2017-05-12 15:26 - 000382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2017-10-03 13:15 - 2017-05-12 15:22 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2017-10-03 13:15 - 2017-05-12 15:22 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
    2017-10-03 13:15 - 2017-05-12 15:22 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2017-10-03 13:15 - 2017-05-12 15:22 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
    2017-10-03 13:15 - 2017-05-12 15:22 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
    2017-10-03 13:15 - 2017-05-12 15:07 - 000308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2017-10-03 13:15 - 2017-05-12 15:03 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2017-10-03 13:15 - 2017-05-12 15:03 - 000070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
    2017-10-03 13:15 - 2017-05-12 15:03 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
    2017-10-03 13:15 - 2017-05-12 15:03 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
    2017-10-03 13:15 - 2017-05-12 14:43 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2017-10-03 13:15 - 2017-05-12 13:25 - 001251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2017-10-03 13:15 - 2017-05-12 12:58 - 001648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2017-10-03 13:15 - 2017-05-12 12:58 - 001180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2017-10-03 13:15 - 2017-05-10 12:33 - 000091368 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe
    2017-10-03 13:15 - 2017-05-10 12:29 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2017-10-03 13:15 - 2017-05-10 12:29 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2017-10-03 13:15 - 2017-05-10 12:29 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2017-10-03 13:15 - 2017-05-10 12:28 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
    2017-10-03 13:15 - 2017-05-10 12:16 - 000091368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MigAutoPlay.exe
    2017-10-03 13:15 - 2017-05-10 12:14 - 002651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2017-10-03 13:15 - 2017-05-10 12:13 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2017-10-03 13:15 - 2017-05-10 12:13 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2017-10-03 13:15 - 2017-05-10 12:13 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2017-10-03 13:15 - 2017-05-10 12:13 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2017-10-03 13:15 - 2017-05-10 12:13 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2017-10-03 13:15 - 2017-05-10 12:13 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
    2017-10-03 13:15 - 2017-05-10 12:12 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2017-10-03 13:15 - 2017-05-10 12:00 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2017-10-03 13:15 - 2017-05-10 12:00 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2017-10-03 13:15 - 2017-05-10 12:00 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2017-10-03 13:15 - 2017-05-10 12:00 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
    2017-10-03 13:15 - 2017-05-07 12:33 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
    2017-10-03 13:15 - 2017-05-07 12:29 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
    2017-10-03 13:15 - 2017-03-30 12:03 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\rundll32.exe
    2017-10-03 13:15 - 2017-03-30 11:58 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
    2017-10-03 12:06 - 2017-10-03 12:07 - 000284002 _____ C:\Windows\ntbtlog.txt
    2017-10-03 12:06 - 2017-10-03 12:06 - 638266007 _____ C:\Windows\MEMORY.DMP
    2017-10-03 12:06 - 2017-10-03 12:06 - 000601704 _____ C:\Windows\Minidump\100317-4243-01.dmp
    2017-10-02 19:17 - 2017-10-02 14:59 - 000001329 _____ C:\Users\Default.PC-Rone\Desktop\AdwCleaner[C0].txt
    2017-10-02 19:16 - 2017-10-02 19:16 - 000007813 _____ C:\Users\Default.PC-Rone\Desktop\ZHPCleaner.txt
    2017-10-02 19:05 - 2017-10-02 19:15 - 000000000 ____D C:\Users\Rone\AppData\Roaming\ZHP
    2017-10-02 19:05 - 2017-10-02 19:05 - 000000000 ____D C:\Users\Rone\AppData\Local\ZHP
    2017-10-02 19:04 - 2017-10-02 18:51 - 000000553 _____ C:\Users\Default.PC-Rone\Desktop\JRT.txt
    2017-09-30 11:28 - 2017-09-30 11:28 - 000015487 _____ C:\ZA-Scan.txt
    2017-09-30 10:59 - 2017-09-30 10:59 - 000000000 ____D C:\zoek_backup
    2017-09-29 18:43 - 2017-10-07 21:27 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
    2017-09-29 18:43 - 2017-09-30 11:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2017-09-29 18:43 - 2017-09-29 18:43 - 000000000 ____D C:\Users\Todos os Usuários\Malwarebytes
    2017-09-29 18:43 - 2017-09-29 18:43 - 000000000 ____D C:\ProgramData\Malwarebytes
    2017-09-29 18:43 - 2017-09-29 18:43 - 000000000 ____D C:\Program Files\Malwarebytes
    2017-09-29 13:15 - 2017-10-03 20:11 - 000000000 ____D C:\AdwCleaner
    2017-09-23 14:30 - 2017-09-23 14:30 - 000000000 ____D C:\Users\Rone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
    2017-09-23 13:27 - 2017-09-24 17:58 - 000006892 _____ C:\Users\Default.PC-Rone\Desktop\PUBG DEATHS.pmdx
    2017-09-23 13:27 - 2017-09-23 17:24 - 000006776 _____ C:\Users\Default.PC-Rone\Desktop\PUBG DEATHS.bak
    2017-09-21 14:47 - 2017-09-21 14:47 - 000000000 ____D C:\Users\Rone\AppData\Local\ElevatedDiagnostics
    2017-09-21 11:12 - 2017-09-21 11:12 - 000000000 ____D C:\Users\Rone\AppData\Local\UnrealEngine
    2017-09-21 11:12 - 2017-09-21 11:12 - 000000000 ____D C:\Users\Rone\AppData\Local\TslGame
    2017-09-15 10:04 - 2017-09-15 10:05 - 000000062 _____ C:\Users\Default.PC-Rone\Desktop\vivo fibra.txt
    2017-09-14 11:59 - 2017-09-14 11:59 - 000061761 _____ C:\Users\Default.PC-Rone\Desktop\comprovante_detran_pr_2017.pdf
    2017-09-12 13:36 - 2017-09-12 13:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAMMon
    2017-09-12 13:36 - 2017-09-12 13:36 - 000000000 ____D C:\Program Files\RAMMon
    2017-09-08 10:28 - 2017-09-08 10:28 - 000000027 _____ C:\Users\Default.PC-Rone\Desktop\vivo4.txt
    2017-09-07 17:20 - 2017-09-07 17:20 - 000000000 ____D C:\Users\Default.PC-Rone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
    2017-08-30 13:23 - 2017-08-30 13:23 - 000993632 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
    2017-08-30 13:23 - 2017-08-30 13:23 - 000987840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
    2017-08-30 13:23 - 2017-08-30 13:23 - 000690008 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
    2017-08-30 13:23 - 2017-08-30 13:23 - 000485576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
    2017-08-26 10:44 - 2017-08-26 10:44 - 000000060 _____ C:\Users\Default.PC-Rone\Desktop\VIVO3.txt
    2017-08-22 16:15 - 2017-08-22 16:15 - 000000031 _____ C:\Users\Default.PC-Rone\Desktop\VIVO2.txt
    2017-08-21 13:08 - 2017-08-21 13:10 - 000000014 _____ C:\Users\Default.PC-Rone\Desktop\telefone mae,txt.txt
    2017-08-21 09:33 - 2017-08-21 12:34 - 000000060 _____ C:\Users\Default.PC-Rone\Desktop\VIVO.txt
    2017-08-13 02:46 - 2017-08-13 02:46 - 000000044 _____ C:\Users\Rone\Documents\ts.txt
    2017-08-13 02:44 - 2017-08-13 08:36 - 000000000 ____D C:\Users\Rone\AppData\Roaming\TS3Client
    2017-08-13 02:44 - 2017-08-13 02:44 - 000000829 _____ C:\Users\Rone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
    2017-08-13 02:44 - 2017-08-13 02:44 - 000000000 ____D C:\Program Files\TS
    2017-08-12 20:39 - 2017-09-15 12:32 - 000000000 ____D C:\Users\Default.PC-Rone\AppData\Local\CrashDumps
    2017-07-31 20:43 - 2017-07-31 20:43 - 000000000 ____D C:\Users\Rone\Documents\The Witcher
    2017-07-31 20:43 - 2017-07-31 20:43 - 000000000 ____D C:\Users\Rone\Documents\NBGI
    2017-07-31 20:42 - 2017-07-31 20:55 - 000000000 ____D C:\Games
    2017-07-29 21:27 - 2017-07-29 21:27 - 000806424 _____ C:\Windows\Minidump\072917-6583-01.dmp
    2017-07-29 21:05 - 2017-07-29 21:05 - 000000000 ____D C:\Users\Default.PC-Rone\.QtWebEngineProcess
    2017-07-29 21:05 - 2017-07-29 21:05 - 000000000 ____D C:\Users\Default.PC-Rone\.Plays.tv
    2017-07-29 21:04 - 2017-07-29 21:05 - 000000000 ____D C:\Users\Default.PC-Rone\AppData\Roaming\Raptr
    2017-07-29 21:04 - 2017-07-29 21:05 - 000000000 ____D C:\Users\Default.PC-Rone\AppData\Roaming\PlaysTV
    2017-07-29 21:04 - 2017-07-29 21:04 - 000000000 ____D C:\Users\Rone\AppData\Roaming\library_dir
    2017-07-20 14:21 - 2017-07-20 14:21 - 000905504 _____ C:\Windows\system32\vulkan-1-1-0-54-1.dll
    2017-07-20 14:21 - 2017-07-20 14:21 - 000776992 _____ C:\Windows\SysWOW64\vulkan-1-1-0-54-1.dll
    2017-07-20 14:21 - 2017-07-20 14:21 - 000578848 _____ C:\Windows\system32\vulkaninfo-1-1-0-54-1.exe
    2017-07-20 14:21 - 2017-07-20 14:21 - 000477472 _____ C:\Windows\SysWOW64\vulkaninfo-1-1-0-54-1.exe

    ==================== Três Meses Modificados arquivos e pastas ========

    (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

    2017-10-14 14:30 - 2015-08-26 22:22 - 000028888 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddfac64.sys
    2017-10-14 14:29 - 2011-04-12 10:40 - 006103816 _____ C:\Windows\system32\prfh0416.dat
    2017-10-14 14:29 - 2011-04-12 10:40 - 005307266 _____ C:\Windows\system32\prfc0416.dat
    2017-10-14 14:29 - 2009-07-14 02:13 - 000006472 _____ C:\Windows\system32\PerfStringBackup.INI
    2017-10-14 14:28 - 2014-04-30 00:52 - 000000000 ____D C:\Users\Rone\AppData\Local\NVIDIA Corporation
    2017-10-14 14:28 - 2014-04-26 02:52 - 000000000 ____D C:\Users\Todos os Usuários\NVIDIA
    2017-10-14 14:28 - 2014-04-26 02:52 - 000000000 ____D C:\ProgramData\NVIDIA
    2017-10-14 14:26 - 2014-04-26 02:48 - 000025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
    2017-10-14 14:24 - 2016-12-27 13:23 - 000028376 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
    2017-10-14 14:24 - 2014-04-29 00:32 - 000000000 ____D C:\Program Files (x86)\GbPlugin
    2017-10-14 14:23 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
    2017-10-13 22:54 - 2009-07-14 01:45 - 000020688 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2017-10-13 22:54 - 2009-07-14 01:45 - 000020688 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2017-10-09 23:48 - 2017-06-11 02:11 - 000000000 ____D C:\Users\Default.PC-Rone\AppData\Roaming\obs-studio
    2017-10-08 16:46 - 2015-07-19 00:28 - 000000000 ____D C:\Program Files\Common Files\AV
    2017-10-08 16:13 - 2016-10-24 17:43 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
    2017-10-08 16:13 - 2016-07-24 01:24 - 000000000 ____D C:\Windows\system32\Drivers\NSx64
    2017-10-04 13:28 - 2009-07-14 02:08 - 000032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
    2017-10-04 13:28 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
    2017-10-04 13:27 - 2015-12-01 09:58 - 000000000 ____D C:\Users\Rone\AppData\Local\NVIDIA
    2017-10-04 13:27 - 2014-04-26 02:51 - 000000000 ____D C:\Users\Todos os Usuários\NVIDIA Corporation
    2017-10-04 13:27 - 2014-04-26 02:51 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
    2017-10-04 13:26 - 2014-04-26 02:51 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2017-10-04 13:26 - 2014-04-26 02:50 - 000000000 ____D C:\Program Files\NVIDIA Corporation
    2017-10-04 13:09 - 2014-04-26 02:11 - 000000000 ____D C:\Users\Rone
    2017-10-03 22:34 - 2016-05-10 13:44 - 000000000 ____D C:\Users\Default.PC-Rone\AppData\Roaming\vlc
    2017-10-03 20:55 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\rescache
    2017-10-03 18:32 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\Help
    2017-10-03 17:36 - 2014-05-22 17:38 - 000000000 ____D C:\Users\Default.PC-Rone\AppData\Local\NVIDIA
    2017-10-03 13:25 - 2009-07-14 01:45 - 000291432 _____ C:\Windows\system32\FNTCACHE.DAT
    2017-10-03 13:24 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\SysWOW64\migwiz
    2017-10-03 13:24 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\system32\migwiz
    2017-10-03 13:23 - 2014-04-27 05:16 - 000000000 ____D C:\Windows\system32\MRT
    2017-10-03 13:18 - 2014-04-27 05:16 - 138202976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2017-10-03 12:18 - 2017-03-04 00:40 - 000000000 ____D C:\Users\Rone\AppData\Roaming\discord
    2017-10-03 12:03 - 2017-06-11 02:51 - 000000000 ____D C:\Users\Rone\AppData\Local\CrashDumps
    2017-10-03 12:01 - 2014-04-29 00:31 - 000000000 ____D C:\Users\Todos os Usuários\GAS Tecnologia
    2017-10-03 12:01 - 2014-04-29 00:31 - 000000000 ____D C:\ProgramData\GAS Tecnologia
    2017-10-02 15:02 - 2014-05-22 17:35 - 000000008 __RSH C:\Users\Rone\ntuser.pol
    2017-10-02 14:59 - 2014-05-22 17:38 - 000000008 __RSH C:\Users\Default.PC-Rone\ntuser.pol
    2017-10-02 14:59 - 2014-05-22 17:38 - 000000000 ____D C:\Users\Default.PC-Rone
    2017-09-30 11:10 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\system32\NDF
    2017-09-30 11:10 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\registration
    2017-09-27 15:37 - 2014-04-26 02:20 - 000002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2017-09-24 17:47 - 2016-11-28 17:23 - 000000000 ____D C:\Users\Todos os Usuários\SoftMaker
    2017-09-24 17:47 - 2016-11-28 17:23 - 000000000 ____D C:\ProgramData\SoftMaker
    2017-09-24 16:31 - 2014-04-30 00:42 - 000000000 ____D C:\Program Files\Microsoft Silverlight
    2017-09-24 16:31 - 2014-04-30 00:42 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
    2017-09-23 15:37 - 2016-11-28 17:23 - 000000000 ____D C:\Users\Default.PC-Rone\AppData\Roaming\SoftMaker
    2017-09-23 14:31 - 2014-04-30 00:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2017-09-23 14:30 - 2017-03-04 00:40 - 000000000 ____D C:\Users\Rone\AppData\Local\Discord
    2017-09-16 16:23 - 2017-06-11 03:25 - 021407000 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
    2017-09-16 16:23 - 2017-06-11 03:25 - 000044180 _____ C:\Windows\system32\nvinfo.pb
    2017-09-16 16:23 - 2014-04-26 02:27 - 000512960 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
    2017-09-16 16:23 - 2014-04-26 02:27 - 000418752 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL

    ==================== Arquivos na raiz de alguns diretórios =======

    2014-04-29 00:31 - 2015-04-19 13:20 - 000033487 _____ () C:\Users\Rone\AppData\Roaming\unins000.dat
    2014-04-26 02:28 - 2014-04-26 02:28 - 000000000 ____H () C:\ProgramData\DP45977C.lfl

    Alguns arquivos em TEMP:
    ====================
    2006-05-24 01:10 - 2006-05-24 01:10 - 000455600 ____R (Macrovision Corporation) C:\Users\Rone\AppData\Local\Temp\_isE1A7.exe

    ==================== Bamital & volsnap ======================

    (Não há correção automática para arquivos que não passaram na verificação.)

    C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
    C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
    C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
    C:\Windows\explorer.exe => O arquivo é assinado digitalmente
    C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
    C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
    C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
    C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
    C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
    C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
    C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
    C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
    C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
    C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
    C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
    C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

    LastRegBack: 2017-10-10 12:59

    ==================== Fim de FRST.txt ============================

     

     

     

    Log Addition:

    Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 14-10-2017
    Executado por Rone (14-10-2017 14:30:38)
    Executando a partir de C:\Users\Default.PC-Rone\Downloads
    Windows 7 Home Premium Service Pack 1 (X64) (2014-04-26 05:11:16)
    Modo da Inicialização: Normal
    ==========================================================


    ==================== Contas: =============================

    Administrador (S-1-5-21-3545941749-2031850882-1986805429-500 - Administrator - Disabled)
    Convidado (S-1-5-21-3545941749-2031850882-1986805429-501 - Limited - Disabled)
    Default (S-1-5-21-3545941749-2031850882-1986805429-1002 - Limited - Enabled) => C:\Users\Default.PC-Rone
    HomeGroupUser$ (S-1-5-21-3545941749-2031850882-1986805429-1004 - Limited - Enabled)
    Rone (S-1-5-21-3545941749-2031850882-1986805429-1000 - Administrator - Enabled) => C:\Users\Rone

    ==================== Central de Segurança ========================

    (Se uma entrada for incluída na fixlist, será removida.)

    AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
    AV: Norton Security (Disabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
    AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Norton Security (Disabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
    FW: Norton Security (Disabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}

    ==================== Programas Instalados ======================

    (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

    @BIOS B13.1112.1 (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE) Hidden
    @BIOS B13.1112.1 (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE)
    µTorrent (HKU\S-1-5-21-3545941749-2031850882-1986805429-1000\...\uTorrent) (Version: 3.4.2.31893 - BitTorrent Inc.)
    Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
    Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
    Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.69 - NVIDIA Corporation) Hidden
    Antichamber (HKLM-x32\...\Steam App 219890) (Version:  - Alexander Bruce)
    App Center (HKLM-x32\...\{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.13.1009 - Gigabyte) Hidden
    App Center (HKLM-x32\...\InstallShield_{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.13.1009 - Gigabyte)
    Assassin's Creed (HKLM-x32\...\Steam App 15100) (Version:  - Ubisoft Montreal)
    Assassin's Creed II (HKLM-x32\...\Steam App 33230) (Version:  - Ubisoft Montreal)
    Assassin's Creed® III (HKLM-x32\...\Steam App 208480) (Version:  - Ubisoft Montreal)
    Atualizações da NVIDIA 28.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 28.0.0.0 - NVIDIA Corporation) Hidden
    Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
    Baldur's Gate II: Enhanced Edition (HKLM-x32\...\Steam App 257350) (Version:  - Beamdog)
    Baldur's Gate: Enhanced Edition (HKLM-x32\...\Steam App 228280) (Version:  - Overhaul Games)
    Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
    Besiege (HKLM-x32\...\Steam App 346010) (Version:  - Spiderling Studios)
    BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
    BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Marin)
    BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
    BioWare Premium Module: Neverwinter Nights(TM) Kingmaker (HKLM-x32\...\Neverwinter Nights(TM) Kingmaker) (Version:  - BioWare Corp.)
    BitTorrent (HKU\S-1-5-21-3545941749-2031850882-1986805429-1000\...\BitTorrent) (Version: 7.9.9.42974 - BitTorrent Inc.)
    BitTorrent (HKU\S-1-5-21-3545941749-2031850882-1986805429-1002\...\BitTorrent) (Version: 7.9.6.42179 - BitTorrent Inc.)
    Brothers - A Tale of Two Sons (HKLM-x32\...\Steam App 225080) (Version:  - Starbreeze Studios AB)
    BUSB (HKLM-x32\...\{0AADC50C-C4F8-49A7-8699-AFE46875CA67}) (Version: 1.13.0911.1 -  GIGABYTE)
    Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.13.50.1 - Canon Inc.)
    Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.3.0.1 - Canon Inc.)
    Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.)
    Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.)
    Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.2.10.0 - Canon Inc.)
    Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.2.8 - Canon Inc.)
    Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
    Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.13.30.0 - Canon Inc.)
    Central de Mouse e Teclado da Microsoft (HKLM\...\{23D2AFC7-C01E-4413-9D9A-0BABF52569BF}) (Version: 2.3.188.0 - Microsoft Corporation) Hidden
    Central de Mouse e Teclado da Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
    Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
    Dark Souls: Prepare to Die Edition (HKLM\...\Steam App 211420) (Version:  - FromSoftware)
    Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
    Discord (HKU\S-1-5-21-3545941749-2031850882-1986805429-1000\...\Discord) (Version: 0.0.298 - Discord Inc.)
    Discord (HKU\S-1-5-21-3545941749-2031850882-1986805429-1002\...\Discord) (Version: 0.0.298 - Discord Inc.)
    doPDF (HKLM\...\{9B1E15D7-36F6-4BFD-8D51-A4762E31B19F}) (Version: 8.5.937 - Softland) Hidden
    doPDF 8 (HKLM-x32\...\{314c4f89-1ad6-4ab8-8896-39f36c2bb2b6}) (Version: 8.5.937 - Softland)
    Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
    EasyTune (HKLM-x32\...\{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.00.0002 - GIGABYTE) Hidden
    EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.00.0002 - GIGABYTE)
    EZSetupN B13.1114.1 (HKLM-x32\...\{9EAB60B6-70FE-4EC7-8DF4-54773E4EAC05}) (Version: 1.00.0000 - GIGABYTE) Hidden
    EZSetupN B13.1114.1 (HKLM-x32\...\InstallShield_{9EAB60B6-70FE-4EC7-8DF4-54773E4EAC05}) (Version: 1.00.0000 - GIGABYTE)
    Fast Boot (HKLM-x32\...\{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.00.0000 - GIGABYTE) Hidden
    Fast Boot (HKLM-x32\...\InstallShield_{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.00.0000 - GIGABYTE)
    FINAL FANTASY VIII (HKLM-x32\...\Steam App 39150) (Version:  - SQUARE ENIX)
    Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.8.1124 - Foxit Software Inc.)
    GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
    Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
    Hammerwatch (HKLM-x32\...\Steam App 239070) (Version:  - )
    Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
    Ichi (HKLM-x32\...\Steam App 300300) (Version:  - Stolen Couch Games)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
    Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
    IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
    IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2015) (Version: 1.0 - Receita Federal do Brasil)
    IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2016) (Version: 1.2 - Receita Federal do Brasil)
    IRPF2017 (HKLM-x32\...\IRPF2017) (Version: 1.1 - Receita Federal do Brasil)
    Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
    K-Lite Codec Pack 12.1.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.1.0 - KLCP)
    Kung Fury: Street Rage (HKLM-x32\...\Steam App 373180) (Version:  - )
    Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 14.0.0.0 - EditShare)
    Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
    Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
    Logitech Gaming Software 8.91 (HKLM\...\Logitech Gaming Software) (Version: 8.91.48 - Logitech Inc.)
    Malwarebytes versão 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
    Mesa Gráfica Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.11-4 - Wacom Technology Corp.)
    Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
    Microsoft .NET Framework 4.7 (Português (Brasil)) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.7.02053 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Might & Magic: Heroes VI (HKLM-x32\...\Steam App 48220) (Version:  - Blackhole)
    Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version:  - DICE)
    Módulo de Segurança - Banco do Brasil (HKLM-x32\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.12.1.2 - )
    Módulo de Segurança - Banco do Brasil (HKU\S-1-5-21-3545941749-2031850882-1986805429-1002\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.12.1.2 - )
    Neverwinter Nights Diamond Edition (HKLM-x32\...\1207658890_is1) (Version: 2.1.0.21 - GOG.com)
    Norton Security (HKLM-x32\...\NS) (Version: 22.11.0.41 - Symantec Corporation)
    novaPDF 8 Printer Driver (HKLM\...\{B4C792FC-0364-43B7-92DE-864B4F5EC982}) (Version: 8.5.937 - Softland)
    novaPDF 8 SDK COM (x64) (HKLM\...\{F0A1FC93-B861-4300-B5B3-1F54B08916C8}) (Version: 8.5.937 - Softland)
    novaPDF 8 SDK COM (x86) (HKLM-x32\...\{F1404F42-DC02-4AE9-A02F-0E03B16E8AC4}) (Version: 8.5.937 - Softland)
    NVIDIA Driver de áudio HD 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
    NVIDIA Driver de controle do 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
    NVIDIA Driver de gráficos 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.69 - NVIDIA Corporation)
    NVIDIA Driver do 3D Vision 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.69 - NVIDIA Corporation)
    NVIDIA GeForce Experience 3.9.0.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.61 - NVIDIA Corporation)
    NVIDIA Software do sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
    OBS Studio (HKLM-x32\...\OBS Studio) (Version: 19.0.2 - OBS Project)
    ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE) Hidden
    ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
    OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
    Painel de controle da NVIDIA 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 385.69 - NVIDIA Corporation) Hidden
    Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
    PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version:  - Bluehole, Inc.)
    RAMMon V1.0 (HKLM\...\{D0E36B69-687C-43B3-93BA-5E4B6E531023}_is1) (Version: 1.0 - PassMark Software)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
    Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados)
    Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
    Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
    Smart Recovery 2 B13.1007.1  (x64) (HKLM-x32\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 1.00.0001 - GIGABYTE)
    Smart TimeLock B13.0910.1 (HKLM-x32\...\{5D93E30A-78A3-4890-962F-56B61A5873DD}) (Version: 1.00.0001 - GIGABYTE) Hidden
    Smart TimeLock B13.0910.1 (HKLM-x32\...\InstallShield_{5D93E30A-78A3-4890-962F-56B61A5873DD}) (Version: 1.00.0001 - GIGABYTE)
    SoftMaker FreeOffice 2016 (HKLM-x32\...\{8EBB8452-274B-465D-8324-00B0832FBB05}) (Version: 1.0.3790 - SoftMaker Software GmbH)
    South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version:  - Obsidian Entertainment)
    Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
    TeamSpeak 3 Client (HKU\S-1-5-21-3545941749-2031850882-1986805429-1000\...\TeamSpeak 3 Client) (Version: 3.1.5 - TeamSpeak Systems GmbH)
    The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version:  - Galactic Cafe)
    The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD Projekt RED)
    The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD Projekt RED)
    TL-WN751ND Driver (HKLM-x32\...\{14770694-6C1C-4137-95F9-6F934D8491B4}) (Version: 1.00.0000 - TP-LINK)
    Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
    Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
    Warsaw 2.0.3.2 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.0.3.2 - GAS Tecnologia)
    WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
    WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
    Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
    Winamp Detectar Aplicação (HKU\S-1-5-21-3545941749-2031850882-1986805429-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
    WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
    World of Guns: Gun Disassembly (HKLM\...\Steam App 262410) (Version:  - Noble Empire Corp.)

    ==================== Exame Personalizado CLSID (Whitelisted): ==========================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    CustomCLSID: HKU\S-1-5-21-3545941749-2031850882-1986805429-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Rone\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
    CustomCLSID: HKU\S-1-5-21-3545941749-2031850882-1986805429-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Rone\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
    CustomCLSID: HKU\S-1-5-21-3545941749-2031850882-1986805429-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
    CustomCLSID: HKU\S-1-5-21-3545941749-2031850882-1986805429-1002_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Default.PC-Rone\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
    CustomCLSID: HKU\S-1-5-21-3545941749-2031850882-1986805429-1002_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Default.PC-Rone\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
    ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-04] (Symantec Corporation)
    ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-04] (Symantec Corporation)
    ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-04] (Symantec Corporation)
    ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-04] (Symantec Corporation)
    ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-04] (Symantec Corporation)
    ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-04] (Symantec Corporation)
    ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-04] (Symantec Corporation)
    ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
    ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2015-08-31] (Foxit Software Inc.)
    ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\NavShExt.dll [2017-10-04] (Symantec Corporation)
    ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-03] (Alexander Roshal)
    ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-03] (Alexander Roshal)
    ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
    ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\NavShExt.dll [2017-10-04] (Symantec Corporation)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
    ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll -> Nenhum Arquivo
    ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-08-09] (Intel Corporation)
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-09-16] (NVIDIA Corporation)
    ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-04] (Symantec Corporation)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
    ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\NavShExt.dll [2017-10-04] (Symantec Corporation)
    ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-03] (Alexander Roshal)
    ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-03] (Alexander Roshal)

    ==================== Tarefas Agendadas (Whitelisted) =============

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    Task: {08CF7D86-EC23-4931-ACC2-36E44AC40C97} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
    Task: {0CB24866-D042-41D7-9379-B3DCF946CA70} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
    Task: {1E10628B-7CAB-46A7-AD7C-316A6D69F324} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-04-18] ()
    Task: {1E219191-576C-4137-98A9-83725F990BD1} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2017-10-04] (Symantec Corporation)
    Task: {21A0D439-A937-4DC1-8EA6-92C82C164BD0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-16] (NVIDIA Corporation)
    Task: {2BCCF35F-D566-4694-94C5-D92F6F2AFE51} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
    Task: {30ABC753-EC1D-4E60-AC35-74048240F5E8} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {31FAEA3D-4F98-4B8E-84EB-2A5956D3036A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-16] (NVIDIA Corporation)
    Task: {5955BFBE-BC81-430F-9068-045B1154EEFD} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-09-16] (NVIDIA Corporation)
    Task: {66F9712D-21DB-402E-B426-75023ECE3574} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [2015-10-13] ()
    Task: {70E3DC80-6998-456C-A50A-752E6A2CE2B7} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-09-16] (NVIDIA Corporation)
    Task: {7EDE6883-C0D0-4B6F-998F-3F0710293227} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\SymErr.exe [2017-10-04] (Symantec Corporation)
    Task: {84490020-B263-4494-BD34-4F70AE62D56C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-16] (NVIDIA Corporation)
    Task: {88D1B86F-BFCD-4837-9A15-F7BC04999EF4} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\SymErr.exe [2017-10-04] (Symantec Corporation)
    Task: {8C98DB6A-B32B-4C21-9800-4460786829BD} - System32\Tasks\{C0B279FC-063C-451E-B783-99EFB1AA0DA0} => "C:\Program Files\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.21.0.100/en/abandoninstall?source=lightinstaller&page=tsInstall
    Task: {96CC08F9-A6F4-42DD-9310-94D2A9981E86} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-09-16] (NVIDIA Corporation)
    Task: {9C072489-709B-4607-B722-C1D6481EFD71} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\WSCStub.exe [2017-10-04] (Symantec Corporation)
    Task: {9F6D46CA-71E4-489F-A3A0-93CE3747260C} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {A1FD2005-4DE8-410C-9109-E75A9A862C55} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
    Task: {C1049117-E373-4EE8-B47B-2E8BE7A9C27F} - System32\Tasks\{7E9DD33F-8628-4A33-9266-9B17E071ECCF} => "C:\Program Files\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.10.64.101/en/abandoninstall?page=tsProgressBar
    Task: {C2AB6F4E-7884-48CC-88CF-F43168AB7012} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-16] (NVIDIA Corporation)
    Task: {DA2AE876-AE86-455D-AF8D-A29A9B47B2E7} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {DB3A97BE-5BEE-4792-846A-CE96732DF42D} - System32\Tasks\Tampa
    Task: {EF1D25FA-BB43-439E-8561-8AA98B237901} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {F95EB30F-E456-4397-807D-CA327D28ECAE} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-16] (NVIDIA Corporation)

    (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)


    ==================== Atalhos & WMI ========================

    (As entradas podem ser listadas para serem restauradas ou removidas.)


    ==================== Módulos Carregados (Whitelisted) ==============

    2017-10-03 18:32 - 2017-09-16 14:34 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2015-10-13 13:16 - 2015-10-13 13:16 - 000137368 _____ () C:\Program Files\Softland\novaPDF 8\Server\AgileDotNetRT64.dll
    2017-10-04 13:26 - 2017-09-16 16:23 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
    2014-04-26 02:36 - 2014-04-26 02:36 - 000008704 _____ () C:\Windows\assembly\GAC_64\GBHO\1.0.0.0__709f1911357dc329\GBHO.dll
    2015-03-06 21:07 - 2015-03-06 21:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
    2017-01-23 19:19 - 2017-01-23 19:19 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
    2015-03-06 21:07 - 2015-03-06 21:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
    2017-01-23 19:19 - 2017-01-23 19:19 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
    2016-10-24 17:19 - 2015-02-10 14:08 - 000069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
    2017-09-27 15:37 - 2017-09-21 04:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll
    2017-09-27 15:37 - 2017-09-21 04:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll
    2015-07-05 02:44 - 2015-02-26 19:16 - 001356568 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
    2016-10-24 17:19 - 2015-02-18 13:11 - 000112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
    2015-07-21 08:35 - 2015-07-21 08:35 - 000512000 _____ () C:\Program Files (x86)\Canon\EOS Utility\EDSDK.dll
    2017-10-03 13:15 - 2017-07-21 11:26 - 000518144 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
    2014-04-26 02:24 - 2013-09-16 12:17 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
    2017-10-04 13:26 - 2017-09-16 16:23 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
    2017-10-04 13:26 - 2017-09-16 16:23 - 069807736 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (Se uma entrada for incluída na fixlist, somente o ADS será removido.)

    AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
    AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
    AlternateDataStreams: C:\Windows\System32:413D80D8_Bb.gbp [2]
    AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [2022]
    AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
    AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
    AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]

    ==================== Modo de Segurança (Whitelisted) ===================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Associação (Whitelisted) ===============

    (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


    ==================== Internet Explorer confiável/restrito ===============

    (Se uma entrada for incluída na fixlist, será removida do Registro.)

    IE trusted site: HKU\S-1-5-21-3545941749-2031850882-1986805429-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br
    IE trusted site: HKU\S-1-5-21-3545941749-2031850882-1986805429-1000\...\bb.com.br -> hxxps://seg.bb.com.br
    IE trusted site: HKU\S-1-5-21-3545941749-2031850882-1986805429-1002\...\bancobrasil.com.br -> www.bancobrasil.com.br
    IE trusted site: HKU\S-1-5-21-3545941749-2031850882-1986805429-1002\...\bb.com.br -> hxxps://seg.bb.com.br

    ==================== Hosts Conteúdo: ===============================

    (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

    2009-07-13 23:34 - 2009-06-10 18:00 - 000000824 ____N C:\Windows\system32\Drivers\etc\hosts


    ==================== Outras Áreas ============================

    (Atualmente não há nenhuma correção automática para esta seção.)

    HKU\S-1-5-21-3545941749-2031850882-1986805429-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Rone\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    HKU\S-1-5-21-3545941749-2031850882-1986805429-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Default.PC-Rone\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: O Suporte não está conectado à internet.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Firewall do Windows está habilitado.

    ==================== MSCONFIG/TASK MANAGER ítens desabilitados ==


    ==================== Regras do Firewall (Whitelisted) ===============

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    FirewallRules: [{07A1FCC7-1D95-46EF-A6BF-43682AA3D47A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
    FirewallRules: [{59605D7A-F005-48B9-BE01-DA6F8EF61E19}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
    FirewallRules: [{F0C6E293-466E-460D-8BAC-FAAF99E8F98A}] => (Allow) E:\Games\Battle.net\Battle.net.exe
    FirewallRules: [{DF0A9F86-6222-4727-A0B7-5BD6F738366D}] => (Allow) E:\Games\Battle.net\Battle.net.exe
    FirewallRules: [{22228C52-4EF3-467B-9580-7B4C448DDAA8}] => (Allow) E:\Games\Diablo III\Diablo III.exe
    FirewallRules: [{E7C2A716-68E5-4EA3-AD40-5DD051655817}] => (Allow) E:\Games\Diablo III\Diablo III.exe
    FirewallRules: [{4350DF9D-DF74-4302-A1D1-AA5517EEA719}] => (Allow) E:\Games\Steam\Steam.exe
    FirewallRules: [{9C4F0C1D-0057-4762-A4A0-508BF0EFB1F7}] => (Allow) E:\Games\Steam\Steam.exe
    FirewallRules: [{3C0573F3-A650-4DBD-8998-C044A26F52B8}] => (Allow) E:\Games\Steam\SteamApps\common\dota 2 beta\dota.exe
    FirewallRules: [{41BE25EC-B6C0-4E06-818B-F2C778359112}] => (Allow) E:\Games\Steam\SteamApps\common\dota 2 beta\dota.exe
    FirewallRules: [{D5F21046-E7F1-4F74-920E-3BA43CFB3D07}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
    FirewallRules: [{7E81ADE8-F5FA-45CA-822F-2D8DCCF3698C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
    FirewallRules: [{704E79A4-A619-482E-8457-662F985DB089}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
    FirewallRules: [{BDBB37DC-4E44-451E-BC56-B83717C24790}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
    FirewallRules: [{DCC184C4-43C2-4BBB-BA01-A5613337B8FF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{1D073FC6-C368-4266-8BA9-9AC9C0234D56}] => (Allow) E:\Games\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
    FirewallRules: [{02CBA7DE-A411-43D5-8E52-8003B0450923}] => (Allow) E:\Games\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
    FirewallRules: [{5A1AC952-A71B-42FA-87F8-9A623F219235}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
    FirewallRules: [{67BA355B-24CA-41BD-BE9D-2888614A3A78}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
    FirewallRules: [{AF72F0AD-85F8-4488-B770-194CB2F37CA1}] => (Allow) C:\Users\Default.PC-Rone\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{BF80A243-D94F-42B1-84EC-A11B136B5967}] => (Allow) C:\Users\Default.PC-Rone\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{E80DC63D-0697-41D6-B4CC-7F8C63D2BF95}] => (Allow) E:\Games\Steam\SteamApps\common\Assassins Creed\AssassinsCreed_Game.exe
    FirewallRules: [{FF890B67-B006-48A4-B9B4-5EB05A687411}] => (Allow) E:\Games\Steam\SteamApps\common\Assassins Creed\AssassinsCreed_Game.exe
    FirewallRules: [{02CD6C81-D6DD-4DC8-86DD-374FA4D0DF17}] => (Allow) E:\Games\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
    FirewallRules: [{572A7779-4E7E-4BA9-86A4-9F693A72AC8C}] => (Allow) E:\Games\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
    FirewallRules: [{E81C2796-BF0A-4DAE-8E6A-139160DE1F56}] => (Allow) E:\Games\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
    FirewallRules: [{DC286BCF-FA20-4F79-9247-25E97F9F4EF5}] => (Allow) E:\Games\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
    FirewallRules: [{AF1B8EE0-2898-4BDD-94A7-7738CAFBDA71}] => (Allow) E:\Games\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe
    FirewallRules: [{774A6794-4DC7-4ABB-BFA4-42477277ED35}] => (Allow) E:\Games\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe
    FirewallRules: [{3A940150-3634-4E18-8960-6F3700F871A5}] => (Allow) E:\Games\Steam\SteamApps\common\Baldur's Gate Enhanced Edition\BGEE.exe
    FirewallRules: [{6CAA4D01-832F-4584-AF6F-81EAA2F0621F}] => (Allow) E:\Games\Steam\SteamApps\common\Baldur's Gate Enhanced Edition\BGEE.exe
    FirewallRules: [{8D5D434B-6CE5-41FE-BDD4-9DCB47087E13}] => (Allow) E:\Games\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
    FirewallRules: [{83520F33-F1EE-409D-8442-E6458B01F958}] => (Allow) E:\Games\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
    FirewallRules: [{32FF87C5-EA3F-4C30-A3EB-1365AFE9F0DE}] => (Allow) E:\Games\Steam\SteamApps\common\Age2HD\Launcher.exe
    FirewallRules: [{660EF403-3909-49E8-AF09-B951AF672DA4}] => (Allow) E:\Games\Steam\SteamApps\common\Age2HD\Launcher.exe
    FirewallRules: [{2A22855C-9C1B-4D2B-A973-5B2859608690}] => (Allow) E:\Games\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
    FirewallRules: [{2C7A8394-F045-4F1D-AADD-4DAE92C668F1}] => (Allow) E:\Games\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
    FirewallRules: [{3E5D7FBC-9743-4133-A6E7-D2EBA2A0C353}] => (Allow) E:\Games\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
    FirewallRules: [{64EC3729-4E58-4816-A345-C2DD2F83EE9B}] => (Allow) E:\Games\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
    FirewallRules: [{F2EC728E-16DD-464F-87AB-42405C88E3CA}] => (Allow) E:\Games\Steam\SteamApps\common\The Stanley Parable\stanley.exe
    FirewallRules: [{3A048B22-8CA5-49A5-8F62-8C54522AE0F1}] => (Allow) E:\Games\Steam\SteamApps\common\The Stanley Parable\stanley.exe
    FirewallRules: [{515D3B67-4384-463E-98CB-24956CA8EAE3}] => (Allow) E:\Games\Steam\SteamApps\common\Ichi\Ichi.exe
    FirewallRules: [{54F0F3BF-C29E-469C-B0E6-E95A88AE6BD9}] => (Allow) E:\Games\Steam\SteamApps\common\Ichi\Ichi.exe
    FirewallRules: [{7A1FA070-C2FF-47D6-B874-AAFE9000CCF0}] => (Allow) E:\Games\Steam\SteamApps\common\Antichamber\Binaries\Win32\UDK.exe
    FirewallRules: [{B9DFBE21-627E-4296-8700-F6ABEF189376}] => (Allow) E:\Games\Steam\SteamApps\common\Antichamber\Binaries\Win32\UDK.exe
    FirewallRules: [{30CBA5A5-87EA-4218-B0D5-29D4387AC837}] => (Allow) E:\Games\Steam\SteamApps\common\mirrors edge\Binaries\MirrorsEdge.exe
    FirewallRules: [{68866222-7D58-476C-B0A9-427914B3AC95}] => (Allow) E:\Games\Steam\SteamApps\common\mirrors edge\Binaries\MirrorsEdge.exe
    FirewallRules: [{D0413931-F528-46AB-98B2-B1BCCF0EB207}] => (Allow) E:\Games\Steam\SteamApps\common\Assassin's Creed 2\AssassinsCreedIIGame.exe
    FirewallRules: [{C66D6D69-FC3B-441C-9E2C-FE888DCA509D}] => (Allow) E:\Games\Steam\SteamApps\common\Assassin's Creed 2\AssassinsCreedIIGame.exe
    FirewallRules: [{8BABA92F-ED62-4E1A-9F55-7626E64DC78A}] => (Allow) E:\Games\Steam\SteamApps\common\Hammerwatch\Hammerwatch.exe
    FirewallRules: [{8051AEEE-6F57-41C9-842C-85E7C766B3B2}] => (Allow) E:\Games\Steam\SteamApps\common\Hammerwatch\Hammerwatch.exe
    FirewallRules: [{9C238865-BA1F-4823-A328-2DAAF434FC2B}] => (Allow) E:\Games\Steam\SteamApps\common\Loadout\Loadout.exe
    FirewallRules: [{31DFBDB7-074D-4A74-9B71-B7267BEC1C9D}] => (Allow) E:\Games\Steam\SteamApps\common\Loadout\Loadout.exe
    FirewallRules: [{E9187E7A-046D-411A-921E-6FE601EAF023}] => (Allow) E:\Games\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
    FirewallRules: [{4131118A-8120-4965-999F-2672F8FA8FF3}] => (Allow) E:\Games\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
    FirewallRules: [{9AA43C56-5824-48F2-A641-D5D29AB9B748}] => (Allow) E:\Games\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
    FirewallRules: [{4B63B876-C218-4971-A528-470A23673B9E}] => (Allow) E:\Games\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
    FirewallRules: [{02C5D00F-3591-4607-82AB-EFF6B992B937}] => (Allow) E:\Games\Steam\SteamApps\common\FINAL FANTASY VIII\FF8_Launcher.exe
    FirewallRules: [{C053EEAA-80AB-4169-A944-8935E4F360C9}] => (Allow) E:\Games\Steam\SteamApps\common\FINAL FANTASY VIII\FF8_Launcher.exe
    FirewallRules: [{4911A3C7-3351-440D-95C5-5B1AAD9F4DE3}] => (Allow) E:\Games\Steam\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
    FirewallRules: [{2F67DBD5-2F9F-4575-ABCF-3C9DE3CBFCA1}] => (Allow) E:\Games\Steam\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
    FirewallRules: [{DD2CA2B5-2621-4AD6-9B8B-9E0B1B583B79}] => (Allow) E:\Games\Steam\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
    FirewallRules: [{097F4506-BC2B-4848-8EF8-A07F8ED6D068}] => (Allow) E:\Games\Steam\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
    FirewallRules: [{7591B313-EB18-4C4E-B8E3-C1C44EF2AF4C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
    FirewallRules: [{48A22FC2-BAB6-417B-9D0A-85160E89FA03}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
    FirewallRules: [{AB321F99-AC19-44A2-B8A1-574E44F8DB7F}] => (Allow) E:\Games\Steam\SteamApps\common\Baldur's Gate II Enhanced Edition\Baldur.exe
    FirewallRules: [{0E7AE9F4-1D5B-40C4-8A91-B3B39717A83A}] => (Allow) E:\Games\Steam\SteamApps\common\Baldur's Gate II Enhanced Edition\Baldur.exe
    FirewallRules: [TCP Query User{3D89DEDE-81C3-44E8-AB6C-27754513948C}E:\games\hearthstone\hearthstone.exe] => (Allow) E:\games\hearthstone\hearthstone.exe
    FirewallRules: [UDP Query User{84580F4C-67DE-4025-A235-7A38B3A5B435}E:\games\hearthstone\hearthstone.exe] => (Allow) E:\games\hearthstone\hearthstone.exe
    FirewallRules: [{F3EA3398-75DF-442A-9F33-5541E1703985}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
    FirewallRules: [{C1F24ADD-81E7-49F9-8305-9B3B1015AE9C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
    FirewallRules: [{7C68903A-2539-46AF-990B-7B3E39BB2A1E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
    FirewallRules: [{BBB0C981-08F6-4D7B-874F-A0403D3D12D9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
    FirewallRules: [{85F31C8F-D0B7-415E-A762-AAC8D3D5708F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
    FirewallRules: [{5621F3BC-458D-4861-89A7-660B566DAE18}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
    FirewallRules: [{244083D6-86E6-48FF-B708-5A25A0966096}] => (Allow) E:\Games\Steam\SteamApps\common\Assassin's Creed 3\AC3SP.exe
    FirewallRules: [{A2BD1366-D94E-4395-9627-BF2AA7280189}] => (Allow) E:\Games\Steam\SteamApps\common\Assassin's Creed 3\AC3SP.exe
    FirewallRules: [{36668603-F4CD-4143-A632-2485A70FFA5F}] => (Allow) E:\Games\Steam\SteamApps\common\the witcher 2\Launcher.exe
    FirewallRules: [{37AB3E48-9689-4619-B05A-9390D87622C4}] => (Allow) E:\Games\Steam\SteamApps\common\the witcher 2\Launcher.exe
    FirewallRules: [{D02EC812-496D-4270-8DAA-7F02371A6443}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
    FirewallRules: [{40754858-30CF-4959-80B4-5359A1F68F17}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
    FirewallRules: [{C2CEB979-9B35-45F4-97CC-DBE490DA97A8}] => (Allow) E:\Games\Steam\bin\steamwebhelper.exe
    FirewallRules: [{50A2F514-2B01-4631-B8CE-361475EB9244}] => (Allow) E:\Games\Steam\bin\steamwebhelper.exe
    FirewallRules: [{8F389A34-4575-44C0-A631-A0E54E76B288}] => (Allow) E:\Games\Steam\SteamApps\common\Baldur's Gate Enhanced Edition\Baldur.exe
    FirewallRules: [{90FEC883-19DC-4602-BE88-2FF43D0FCBDE}] => (Allow) E:\Games\Steam\SteamApps\common\Baldur's Gate Enhanced Edition\Baldur.exe
    FirewallRules: [{1B8C8EF9-2460-4D84-95E8-1262B860B5BA}] => (Allow) E:\Games\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
    FirewallRules: [{01793C03-7740-4130-825B-A1A5E7DC18CB}] => (Allow) E:\Games\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
    FirewallRules: [{E040A1F2-D45E-4D7A-B5BB-8B09B9378386}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
    FirewallRules: [{4663AF51-E562-4C6C-BE8A-71F1AF000FF8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
    FirewallRules: [{AF1BA10F-0CE1-4E0C-9DA2-704005FF04CC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
    FirewallRules: [{D470E648-CE65-4049-AA91-207E4647642E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
    FirewallRules: [{209C0CCE-92BF-49D8-9B09-20E68E894313}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
    FirewallRules: [{ED3020B1-E5A7-4D8C-B8D5-E8A9DE4AE246}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
    FirewallRules: [{D55A615B-E0BD-49C9-93B9-32F227580156}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
    FirewallRules: [{335319F6-512D-4974-ACC9-39A5FD1B2801}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
    FirewallRules: [{A8105497-C71D-40AA-97D9-48B3398F4670}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
    FirewallRules: [{4D8ED09D-787A-424D-9F95-3CA839C5EAAE}] => (Allow) E:\Games\Steam\SteamApps\common\Assassin's Creed 3\AC3MP.exe
    FirewallRules: [{D8DDEA70-7EA7-4487-B156-380BC0F3DBAF}] => (Allow) E:\Games\Steam\SteamApps\common\Assassin's Creed 3\AC3MP.exe
    FirewallRules: [{9442F317-D832-4775-8CE9-C9D707B920A8}] => (Allow) E:\Games\Steam\SteamApps\common\Kung Fury Street Rage\KungFury.exe
    FirewallRules: [{1875680C-F359-4528-AE45-FC88BB03CD59}] => (Allow) E:\Games\Steam\SteamApps\common\Kung Fury Street Rage\KungFury.exe
    FirewallRules: [{B05E0E61-7306-45F8-9ED9-52FB8EC1C1A5}] => (Allow) E:\Games\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
    FirewallRules: [{0C1220F7-182F-426F-99E1-1D783689E97C}] => (Allow) E:\Games\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
    FirewallRules: [{22C5AA25-62E6-4DF0-9C1E-66D74FD7C9BA}] => (Allow) E:\Games\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
    FirewallRules: [{0E3C9643-7250-46DD-924C-6B1F832E3FBE}] => (Allow) E:\Games\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
    FirewallRules: [{85C58F1D-358A-4F17-8AEF-11884EF5DE18}] => (Allow) E:\Games\Steam\SteamApps\common\Besiege\Besiege.exe
    FirewallRules: [{C6EF26CB-64E8-4AE3-96C2-E35036FDC5AD}] => (Allow) E:\Games\Steam\SteamApps\common\Besiege\Besiege.exe
    FirewallRules: [{A50D130E-3016-414E-9683-81CCC23B8D26}] => (Allow) E:\Games\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
    FirewallRules: [{DF7F0A9C-7B20-4E02-93F3-A1E6DEFDB83E}] => (Allow) E:\Games\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
    FirewallRules: [{D0F8CAEF-BB82-4037-89BC-722CE0152154}] => (Allow) LPort=8501
    FirewallRules: [{6DFD7852-7210-4BDA-984B-ABF6213B4AE3}] => (Allow) LPort=8501
    FirewallRules: [{008904E3-1C8E-45BE-8911-9912D4BD8324}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    FirewallRules: [{AED645DC-7121-4FAB-8619-04F9464790AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
    FirewallRules: [{1D0D4536-2DAF-4FB2-AC74-E07FCE2B8629}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{6ED82A08-55DB-4405-9F7B-A8F5DA25B05F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{F1AE7B3B-442F-4522-A3CA-C3E7361A1B44}] => (Allow) E:\Games\Steam\SteamApps\common\Double Action\bin\hammer.exe
    FirewallRules: [{EB1DE340-DCBA-4262-AEC1-FE1974A02EA5}] => (Allow) E:\Games\Steam\SteamApps\common\Double Action\bin\hammer.exe
    FirewallRules: [{96B07436-D138-44CF-8810-0E6050735085}] => (Allow) E:\Games\Steam\SteamApps\common\Double Action\bin\hlmv.exe
    FirewallRules: [{9BFDEA6A-4EFD-40CE-A8BB-490543B2E0B3}] => (Allow) E:\Games\Steam\SteamApps\common\Double Action\bin\hlmv.exe
    FirewallRules: [{13BA316E-A576-4672-9838-E083A021415D}] => (Allow) E:\Games\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
    FirewallRules: [{82512BFE-67AC-4AF0-9E5C-56BCD56C94DD}] => (Allow) E:\Games\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
    FirewallRules: [{1BB7242A-9EA2-4B9C-B7B1-9C56D517D514}] => (Allow) E:\Games\Steam\SteamApps\common\Hammerwatch\editor\HammerEditor.exe
    FirewallRules: [{35898ABA-E0DA-4FAE-9753-33B8797A22D0}] => (Allow) E:\Games\Steam\SteamApps\common\Hammerwatch\editor\HammerEditor.exe
    FirewallRules: [{A0B4AD75-FE50-4704-B6BB-8575EF9831AE}] => (Allow) C:\Users\Rone\AppData\Roaming\BitTorrent\BitTorrent.exe
    FirewallRules: [{4A4270FF-B713-4037-992D-BDE67CBCC8A9}] => (Allow) C:\Users\Rone\AppData\Roaming\BitTorrent\BitTorrent.exe
    FirewallRules: [{DDB7A1C8-D615-414B-8619-6EF09DB7F5A8}] => (Allow) C:\Users\Default\AppData\Roaming\BitTorrent\BitTorrent.exe
    FirewallRules: [{4FD1B5D9-4689-408F-8F07-2F9C179BE41C}] => (Allow) C:\Users\Default\AppData\Roaming\BitTorrent\BitTorrent.exe
    FirewallRules: [{F91D53BB-26BE-41B5-8E2C-C5BD235088B5}] => (Allow) C:\Users\Default\AppData\Roaming\BitTorrent\BitTorrent.exe
    FirewallRules: [{9EF64A32-EDEF-4F97-B518-79654BF00C22}] => (Allow) C:\Users\Default\AppData\Roaming\BitTorrent\BitTorrent.exe
    FirewallRules: [{70AE5C62-3980-47F1-9384-583D05CA9277}] => (Allow) C:\Users\Default\AppData\Roaming\BitTorrent\BitTorrent.exe
    FirewallRules: [{E252B4AC-D2FA-4D0C-998D-699A537A8608}] => (Allow) C:\Users\Default\AppData\Roaming\BitTorrent\BitTorrent.exe
    FirewallRules: [{51BF6CCA-4D45-4846-914E-F9F5FD897EAF}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe
    FirewallRules: [{85CA0623-8E83-4DF6-A75E-61D75637457D}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe
    FirewallRules: [{DF5BED73-7FF9-4636-8F6D-A9C97E601DEC}] => (Allow) E:\Games\Steam\SteamApps\common\WOG\disasm.exe
    FirewallRules: [{78A9D8AA-D854-444B-905B-24EEA65AAA0D}] => (Allow) E:\Games\Steam\SteamApps\common\WOG\disasm.exe
    FirewallRules: [{50213D7D-09D5-44FB-B8BA-FA22B32D45F9}] => (Allow) E:\Games\Steam\SteamApps\common\Path of Exile\PathOfExile_x64Steam.exe
    FirewallRules: [{00F053B8-D79D-43CD-8E51-ACAC1661987F}] => (Allow) E:\Games\Steam\SteamApps\common\Path of Exile\PathOfExile_x64Steam.exe
    FirewallRules: [{59E964FF-7917-4909-90E9-BD56527B047C}] => (Allow) E:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [{F70FA315-BDA3-4856-A6EA-A8CC230F5BA3}] => (Allow) E:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [{21B06EAD-519B-461F-8E99-0BE3943281C0}] => (Allow) E:\Games\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
    FirewallRules: [{D486F222-AC5D-40F8-9162-FAD36CBDC2E6}] => (Allow) E:\Games\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
    FirewallRules: [{CEA6B377-71C7-4AB8-B53C-9ECA87AC1640}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe
    FirewallRules: [{91761C32-CC80-45EB-91B6-1931FF805B5F}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe
    FirewallRules: [{E7BA0975-A653-4DB0-BC9F-FB257D08DC5D}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe
    FirewallRules: [{BFC1FE5A-688B-4520-A1A4-4B8590CB6129}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe
    FirewallRules: [{C78B71DD-2FE2-48F7-94F1-648FA11220BA}] => (Allow) C:\Program Files\Lightworks\Lightworks.exe
    FirewallRules: [{F0E5408B-EFA5-4ED6-9BD9-CF5B1E4460F9}] => (Allow) C:\Program Files\Lightworks\Lightworks.exe
    FirewallRules: [{5BED534A-A679-4D10-A0E4-79062545B954}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
    FirewallRules: [{A6C148C5-A5E9-463F-8B13-6693736DD238}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
    FirewallRules: [{F26D09B9-D3CF-4F03-B2DA-97D200AF5E66}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    FirewallRules: [{74B2C427-96E1-4BC8-B081-035EB36F8C80}] => (Allow) C:\Users\Rone\AppData\Roaming\ACEStream\engine\ace_engine.exe
    FirewallRules: [{8F1F2744-2C4A-40D9-ADE4-2340DEF2DF03}] => (Allow) C:\Users\Rone\AppData\Roaming\ACEStream\engine\ace_engine.exe
    FirewallRules: [{F94201EE-337C-43E5-AB4C-5485020F1F73}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
    FirewallRules: [{50E02516-4B74-4176-AA71-5B35595FD1E3}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
    FirewallRules: [{CCEFD7B4-AFD8-4CC1-9D6A-1D4711A5BF20}] => (Allow) C:\Games\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
    FirewallRules: [{31BC18B3-59AD-45DF-94C8-0BBF0BCB0C5A}] => (Allow) C:\Games\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
    FirewallRules: [{B75940F1-C25D-4CCB-B86A-8BC8D6857213}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{EF5198E7-1002-4311-84E4-3BF92B6C22D2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    FirewallRules: [{E6BA2008-ED8E-4657-89A4-D1718EE116E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    FirewallRules: [{A268DA13-74EC-47DA-9609-179585A33C58}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    FirewallRules: [{BF31EE90-0932-4F6D-A8EB-68244B7C6620}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{A01BC231-4F38-477B-B95F-1909A29B2FF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

    ==================== Pontos de Restauração =========================

    11-10-2017 00:00:06 Backup do Windows
    13-10-2017 22:55:32 Windows Update

    ==================== Dispositivos Apresentando Falhas No Gerenciador =============


    ==================== Erros no Log de eventos: =========================

    Erros em Aplicativos:
    ==================
    Error: (10/14/2017 02:29:52 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT)
    Description: Falha ao descarregar as cadeias de caracteres do contador de desempenho do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código de erro.

    Error: (10/14/2017 02:29:52 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
    Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.

    Error: (10/14/2017 02:29:52 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
    Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.

    Error: (10/14/2017 02:23:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

    Error: (10/13/2017 10:50:40 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT)
    Description: Falha ao descarregar as cadeias de caracteres do contador de desempenho do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código de erro.

    Error: (10/13/2017 10:50:40 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
    Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.

    Error: (10/13/2017 10:50:40 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORIDADE NT)
    Description: As cadeias de caracteres de desempenho no valor do Registro de desempenho foram corrompidas durante o processamento do provedor do contador de extensões Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp é o terceiro DWORD na seção de dados.

    Error: (10/13/2017 10:47:50 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Audacity\audacity.exe".Erro no arquivo de manifesto ou de diretiva "", na linha.
    Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
    Os componentes conflitantes são:.
    Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
    Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

    Error: (10/13/2017 10:44:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

    Error: (10/11/2017 10:09:56 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORIDADE NT)
    Description: Falha ao descarregar as cadeias de caracteres do contador de desempenho do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código de erro.


    Erros de Sistema:
    =============
    Error: (10/14/2017 02:26:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: 
    O sistema não pode encontrar o arquivo especificado.

    Error: (10/14/2017 02:24:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: 
    O sistema não pode encontrar o arquivo especificado.

    Error: (10/14/2017 02:24:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: 
    O sistema não pode encontrar o arquivo especificado.

    Error: (10/14/2017 02:24:00 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: 
    gbpddreg
    UsbCharger

    Error: (10/13/2017 10:44:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: 
    O sistema não pode encontrar o arquivo especificado.

    Error: (10/13/2017 10:44:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: 
    O sistema não pode encontrar o arquivo especificado.

    Error: (10/13/2017 10:44:48 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: 
    gbpddreg
    UsbCharger

    Error: (10/11/2017 10:04:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: 
    O sistema não pode encontrar o arquivo especificado.

    Error: (10/11/2017 10:04:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: 
    O sistema não pode encontrar o arquivo especificado.

    Error: (10/11/2017 10:04:04 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: 
    gbpddreg
    UsbCharger


    ==================== Informações da Memória =========================== 

    Processador: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
    Percentagem de memória em uso: 45%
    RAM física total: 8067.75 MB
    RAM física disponível: 4369.48 MB
    Virtual Total: 16133.69 MB
    Virtual disponível: 11656.39 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:111.69 GB) (Free:17.01 GB) NTFS
    Drive e: (Disco Local) (Fixed) (Total:488.28 GB) (Free:75.72 GB) NTFS
    Drive f: (Disco Local) (Fixed) (Total:443.23 GB) (Free:35.94 GB) NTFS

    ==================== MBR & Tabela de Partições ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 86A3ECD7)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2D79A5FF)
    Partition 1: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=443.2 GB) - (Type=07 NTFS)

    ==================== Fim de Addition.txt ============================

     

     

    Meu computador continua acessando normalmente qualquer página, aparentemente.

     

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro @Barkhamn

     

    Citação


    Meu computador continua acessando normalmente qualquer página, aparentemente.

     

     

    Maravilha... se quiser podemos pular direto para o final, caso contrário terá que refazer o scan acima. Seguindo as instruções abaixo: ;)

     

    O FRST deve ser executado diretamente da Área de Trabalho (Desktop), no entanto você executou da pasta:

     

    Executando a partir de C:\Users\Default.PC-Rone\Downloads

     

    Delete-o daí, baixe um novo para o Desktop, execute o FRST, marque a opção Addition e clique no botão Examinar.

     

    Anexe os logs.

     

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro @Barkhamn

     

    Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

     

    Baixe o arquivo (fixlist.txt) no anexo deste post e salve-o na Área de Trabalho (Desktop).

    Execute o FRST.exe (ou FRST64.exe) e clique no botão Corrigir.

    Aguarde... ao final será gerado o log Fixlog.txt  salvo em sua Área de Trabalho (Desktop).

    Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

     

    Abraços :D

    fixlist.txt

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Desabilitei o antivírus e executei como administrador.

    Segue o conteúdo do log:

     

    Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 20-10-2017
    Executado por Rone (23-10-2017 14:46:25) Run:1
    Executando a partir de C:\Users\Default.PC-Rone\Desktop
    Perfis Carregados: Rone & Default (Perfis Disponíveis: Rone & Default)
    Modo da Inicialização: Normal
    ==============================================

    fixlist Conteúdo:
    *****************
    CreateRestorePoint:
    CloseProcesses:
    HKU\S-1-5-21-3545941749-2031850882-1986805429-1000\...\MountPoints2: {9153d827-cd5b-11e3-a7ac-806e6f6e6963} - D:\Run.exe
    HKU\S-1-5-21-3545941749-2031850882-1986805429-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:tabs
    SearchScopes: HKU\S-1-5-21-3545941749-2031850882-1986805429-1002 -> DefaultScope {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NS&chn=1000&geo=BR&ver=22&locale=pt_BR&gct=kwd&qsrc=2869
    SearchScopes: HKU\S-1-5-21-3545941749-2031850882-1986805429-1002 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NS&chn=1000&geo=BR&ver=22&locale=pt_BR&gct=kwd&qsrc=2869
    FF HKU\S-1-5-21-3545941749-2031850882-1986805429-1000\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Rone\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => não encontrado (a)
    FF Plugin HKU\S-1-5-21-3545941749-2031850882-1986805429-1000: @acestream.net/acestreamplugin,version=3.1.16.1 -> C:\Users\Rone\AppData\Roaming\ACEStream\player\npace_plugin.dll [Nenhum Arquivo]
    FF Plugin HKU\S-1-5-21-3545941749-2031850882-1986805429-1002: gastecnologia.com.br/sf/gas64 -> C:\Users\Default.PC-Rone\AppData\Local\GAS Tecnologia\GBBD\npsf_gas_64.dll [Nenhum Arquivo]
    CHR DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11908
    S3 NvStreamNetworkSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" [X]
    S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
    S3 NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.8.0.50\Definitions\SDSDefs\20161024.009\ENG64.SYS [X]
    S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.8.0.50\Definitions\SDSDefs\20161024.009\EX64.SYS [X]
    2014-04-26 03:28 - 2014-04-26 03:28 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
    2006-05-24 02:10 - 2006-05-24 02:10 - 000455600 ____R (Macrovision Corporation) C:\Users\Rone\AppData\Local\Temp\_isE1A7.exe
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll -> Nenhum Arquivo
    AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [2022]
    AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
    CMD: ipconfig /flushdns
    EmptyTemp:

    *****************

    Ponto de Restauração criado com sucesso.
    Processos fechados com sucesso.
    HKU\S-1-5-21-3545941749-2031850882-1986805429-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9153d827-cd5b-11e3-a7ac-806e6f6e6963} => chave removido (a) com sucesso.
    HKLM\Software\Classes\CLSID\{9153d827-cd5b-11e3-a7ac-806e6f6e6963} => chave não encontrado (a). 
    HKU\S-1-5-21-3545941749-2031850882-1986805429-1002\Software\Microsoft\Internet Explorer\Main\\Start Page => valor restaurado com sucesso
    HKU\S-1-5-21-3545941749-2031850882-1986805429-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor removido (a) com sucesso.
    HKU\S-1-5-21-3545941749-2031850882-1986805429-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} => chave removido (a) com sucesso.
    HKLM\Software\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} => chave não encontrado (a). 
    HKU\S-1-5-21-3545941749-2031850882-1986805429-1000\Software\Mozilla\Firefox\Extensions\\acewebextension_unlisted@acestream.org => valor removido (a) com sucesso.
    HKU\S-1-5-21-3545941749-2031850882-1986805429-1000\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=3.1.16.1 => chave removido (a) com sucesso.
    C:\Users\Rone\AppData\Roaming\ACEStream\player\npace_plugin.dll => não encontrado (a).
    HKU\S-1-5-21-3545941749-2031850882-1986805429-1002\Software\MozillaPlugins\gastecnologia.com.br/sf/gas64 => chave removido (a) com sucesso.
    C:\Users\Default.PC-Rone\AppData\Local\GAS Tecnologia\GBBD\npsf_gas_64.dll => não encontrado (a).
    Chrome DefaultSearchURL => removido (a) com sucesso.
    HKLM\System\CurrentControlSet\Services\NvStreamNetworkSvc => chave removido (a) com sucesso.
    NvStreamNetworkSvc => serviço removido (a) com sucesso.
    HKLM\System\CurrentControlSet\Services\gbpddreg => chave removido (a) com sucesso.
    gbpddreg => serviço removido (a) com sucesso.
    HKLM\System\CurrentControlSet\Services\NAVENG => chave Não pode ser removido. Acesso Negado.
    HKLM\System\CurrentControlSet\Services\NAVEX15 => chave Não pode ser removido. Acesso Negado.
    C:\ProgramData\DP45977C.lfl => movido com sucesso
    C:\Users\Rone\AppData\Local\Temp\_isE1A7.exe => movido com sucesso
    HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => chave removido (a) com sucesso.
    HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => chave removido (a) com sucesso.
    C:\Windows\system32\Drivers\gbpddfac64.sys => ":X5ZN8aGvT4" ADS removido (a) com sucesso..
    C:\Windows\system32\Drivers\wsddfac.sys => ":X5ZN8aGXs4" ADS removido (a) com sucesso..

    ========= ipconfig /flushdns =========


    Configura‡Æo de IP do Windows

    Libera‡Æo do Cache do DNS Resolver bem-sucedida.

    ========= Fim de CMD: =========


    =========== EmptyTemp: ==========

    BITS transfer queue => 8388608 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 46391820 B
    Java, Flash, Steam htmlcache => 12906951 B
    Windows/system/drivers => 12245505 B
    Edge => 0 B
    Chrome => 336740123 B
    Firefox => 0 B
    Opera => 0 B

    Temp, IE cache, history, cookies, recent:
    Users => 0 B
    Public => 0 B
    ProgramData => 0 B
    systemprofile => 11415812 B
    systemprofile32 => 66088 B
    LocalService => 66228 B
    NetworkService => 9513546 B
    Rone => 2441337 B
    UpdatusUser => 0 B
    Default.PC-Rone => 259674483 B

    RecycleBin => 94983587 B
    EmptyTemp: => 758 MB de dados temporários Removidos.

    ================================

    Resultado dos arquivos que foram agendados para serem movidos (Modo de Inicialização: Normal) (Data&Hora: 23-10-2017 14:50:30)


    Resultado dos registros marcados para excluir será exibido após a reinicialização:

    HKLM\System\CurrentControlSet\Services\NAVENG => chave Não pode ser removido. Acesso Negado.
    HKLM\System\CurrentControlSet\Services\NAVEX15 => chave Não pode ser removido. Acesso Negado.

    ==== Fim de Fixlog 14:50:31 ====

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro @Barkhamn

     

    Mantenha somente um antivírus e um antispyware instalado/ativado no Windows.

     

    Citação

    AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
    AV: Norton Security (Disabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
    AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Norton Security (Disabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
    FW: Norton Security (Disabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}

     

    Acesse o site Malwarebytes, clique em Download Gratuito e baixe o arquivo para sua Área de Trabalho (Desktop).

     

    Desative antivírus, antispywares, enfim, programas de prevenção para não causar conflitos.

     

    Clique com o botão direito do mouse no arquivo setup.exe e escolha: Executar como Administrador

     

    • Siga os passos para a instalação;
    • Ao clicar em Concluir aguarde o programa ser aberto;
    • No alto à direita clique em Atualizar agora;
    • O navegador irá abrir, pode fechá-lo e aguarde o término das atualizações;
    • No painel à esquerda clique em Configurações;
    • Na aba Proteção ative Procurar rootkits;
    • Depois clique em Análise no painel à esquerda;
    • Então clique no botão Iniciar Análise e aguarde;
    • Quando o scan terminar uma janela irá se abrir próximo ao relógio;
    • Nela clique em Ver Resultado;
    • Deixe todas as entradas marcadas e clique no botão Colocar em Quarentena;
    • Na janela que abrir clique em Sim para que o computador seja reiniciado;
    • Uma vez reiniciado, abra novamente o Malwarebytes e clique em Histórico e cliquem em Excluir Tudo (opcional);
    • O log será salvo automaticamente pelo programa.
    • Para exportá-lo, clique na aba Histórico > Registros do aplicativo na janela principal do programa;
    • Clique duas vezes em cima do log mais atual e exporte em .TXT;
    • Poste em sua próxima resposta.

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Não achei um menu Histórico, mas achei o relatório da análise do MB. Espero que seja isso. Segue anexo.

     

     

    mb.txt

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro @Barkhamn

     

    Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

    Baixe o Stinger e salve em sua Área de trabalho (Desktop).
    32 bit (x86) ou 64 bit (x64)

    • Execute o arquivo Stinger.exe como Administrador.
    • Clique no botão “I Accept”


    Stinger%20a.png

    Na nova janela clique em “Advanced” e depois “Settings”

    Stinger%20b.png

    Na janela configurações deixe conforme imagem abaixo e clique no botão “Save”

    9hnsyu.png

    Clique em “Customize my Scan”

    Stinger%20f.png

    Selecione as unidades do sistema e em seguida clique no botão “Scan”

    Stinger%20g.png

    Ao final clique em “View log”, será aberto uma janela com o log em seu navegador.
    Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

     

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Segue log do Stinger:

    McAfee® Labs Stinger™ Version 12.1.0.2543 built on Oct 30 2017 at 02:23:56
    Copyright© 2015, McAfee, Inc. All Rights Reserved.

    AV Engine version v5900.7806 for Windows.
    Virus data file v1000.0 created on Oct 30, 2017
    Ready to scan for 10252 viruses, trojans and variants.

    Custom scan initiated on terça-feira, outubro 31, 2017 12:22:57


    Rootkit scan result : Clean.


    C:\Users\Default.PC-Rone\AppData\Roaming\unins000.exe [MD5:9b993bbff6ce802d35e4ab0a0178560c] is infected with Win32/Heur.c!sti
    C:\Users\Default.PC-Rone\AppData\Roaming\unins000.exe has been Deleted

    Summary Report on C:
    E:
    F:
    File(s)
        TotalFiles:............    1651728
        Clean:.................    403307
        Not Scanned:........... 1248420
        Possibly Infected:.....    1

    Time: 03:37:24

    Scan completed on terça-feira, outubro 31, 2017 16:00:21

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro @Barkhamn

     

    Baixe Security Check, by glax24 e salve em sua Área de trabalho (Desktop).

     

    Execute o arquivo como Administrador

    • Aguarde enquanto a ferramenta faz o exame.
    • Ao final salve log como SecurityCheck.html
    • Abra o arquivo com o bloco de notas;
    • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Segue log do SecurityCheck:

    SecurityCheck by glax24 & Severnyj v.1.4.0.53 [27.10.17]
    WebSite: www.safezone.cc
    DateLog: 01.11.2017 16:57:24
    Path starting: C:\Users\Rone\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
    Log directory: C:\SecurityCheck\
    IsAdmin: True
    User: Rone
    VersionXML: 4.73is-27.10.2017
    ___________________________________________________________________________

    Windows 7(6.1.7601) Service Pack 1 (x64) HomePremium Lang: Portuguese(0416)
    Installation date OS: 26.04.2014 05:11:16
    LicenseStatus: Windows(R) 7, HomePremium edition The machine is permanently activated.
    Boot Mode: Normal
    Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    SystemDrive: C: FS: [NTFS] Capacity: [111.7 Gb] Used: [92.9 Gb] Free: [18.8 Gb]
    ------------------------------- [ Windows ] -------------------------------
    Internet Explorer 11.0.9600.18816
    User Account Control enabled (Level 3)
    Notify before download
    Date install updates: 2017-10-14 18:19:21
    Windows Update (wuauserv) - The service is running
    Central de Segurança (wscsvc) - The service is running
    Registro remoto (RemoteRegistry) - The service has stopped
    Descoberta SSDP (SSDPSRV) - The service is running
    Serviços de Área de Trabalho Remota (TermService) - The service has stopped
    Windows Remote Management (WS-Management) (WinRM) - The service has stopped
    ---------------------------- [ Antivirus_WMI ] ----------------------------
    Norton Security (disabled)
    Malwarebytes (enabled and up to date)
    ---------------------------- [ Firewall_WMI ] -----------------------------
    Norton Security
    --------------------------- [ AntiSpyware_WMI ] ---------------------------
    Malwarebytes (enabled and up to date)
    Windows Defender (disabled and out of date)
    Norton Security (disabled)
    ---------------------- [ AntiVirusFirewallInstall ] -----------------------
    Norton Security v.22.11.0.41
    -------------------------- [ SecurityUtilities ] --------------------------
    Malwarebytes versão 3.2.2.2029 v.3.2.2.2029
    --------------------------- [ OtherUtilities ] ----------------------------
    WinRAR 5.01 (64-bit) v.5.01.0 Warning! Download Update
    Microsoft Silverlight v.5.1.50907.0
    Foxit Reader v.7.2.8.1124 Warning! Download Update
    VLC media player v.2.2.6
    --------------------------------- [ IM ] ----------------------------------
    Skype™ 7.26 v.7.26.101 Warning! Download Update
    --------------------------------- [ P2P ] ---------------------------------
    BitTorrent v.7.9.9.42974 Warning! P2P-client.
    µTorrent v.3.4.2.31893 Warning! P2P-client.
    -------------------------------- [ Java ] ---------------------------------
    Java 8 Update 45 v.8.0.450 Warning! Download Update
    Uninstall old version and install new one (jre-8u152-windows-i586.exe).
    --------------------------- [ AdobeProduction ] ---------------------------
    Adobe Flash Player 16 NPAPI v.16.0.0.296 Warning! Download Update
    ------------------------------- [ Browser ] -------------------------------
    Google Chrome v.61.0.3163.100 Warning! Download Update
    --------------------------- [ RunningProcess ] ----------------------------
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.61.0.3163.100
    ------------------ [ AntivirusFirewallProcessServices ] -------------------
    C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe v.3.0.0.1208
    Malwarebytes Service (MBAMService) - The service is running
    C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe v.3.1.0.556
    McAfee Validation Trust Protection Service (mfevtp) - The service is running
    C:\Windows\System32\mfevtps.exe
    C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\conathst.exe v.2015.12.0.5
    Windows Defender (WinDefend) - The service has stopped
    ----------------------------- [ End of Log ] ------------------------------

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro  @Barkhamn

     

    # Etapa nº 1 #

     

    Baixe o Delfix by Xplode e salve na sua área de trabalho.

     

    Clique duas vezes no delfix.exe para executá-lo. Marque as caixas conforme imagem.

     

    ** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo delfix.exe, depois clique em execadmin.png.

     

    2mez6ld.png

     

    Clique no botão Executar.

     

    Ao final será gerado um log, mas não é necessário postar.

    # Etapa nº 2 #

    imageproxy.php?img=http%3A%2F%2Fi65.tiny Versões antigas de programas têm vulnerabilidades que alguns malwares podem usar para infectar o seu sistema.

    Por isso, é recomendável atualizar os programas que o Security Check apontou como desatualizados (os updates opcionais ficam ao seu critério).

    Basta clicar no Download Update de cada aviso (post acima), que irá para o site do desenvolvedor.

    <<@>> Mantenha sempre seu Windows atualizado; mantenha uma vigilância constante com o firewall e antivírus e por fim, lembre-se que, a melhor forma de prevenir começa pelas nossas atitudes!

     

    # Etapa nº 3 #

     

    O Ccleaner é um excelente utilitário de limpeza para o computador.

     

    Faça o download dele aqui Ccleaner

     

    • Após a instalação vá até o local onde o programa foi instalado, geralmente em C:\Arquivos de programas\CCleaner.
    • Clique duas vezes nesta pasta;
    • Numa área vazia desta janela, clique com o botão direito do mouse e escolha Novo > pasta e crie uma nova pasta;
    • Coloque o nome de backups.
    • Abra o programa e clique em Executar Limpeza;
    • Clique no botão Registro > Procurar Erros > Corrigir erro(s) seleciona(s)...
    • Observação: Não se esqueça de aceitar o backup das correções, e salvá-los nas pasta criada acima!

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Atualizei todos os programas, o Windows, rodei o CCleaner (algumas vezes), acho que está tudo ok agora.

    Obrigado pelo help!

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    Visitante
    Este tópico está impedido de receber novos posts.





    Sobre o Clube do Hardware

    No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

    Direitos autorais

    Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

    ×