Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Errepege

Suspeita de Malware: Chrome e Edge extremamente lentos

Recommended Posts

DESCOBRI!

 

 

Tem que entrar nas configurações de proxy em 'propriedades de internet' entrar em 'configurações da rede local' e desabilitar a caixa 'Detectar Automaticamente as Configurações'.

 

@Elias Pereira valeu a ajuda, mano! Sempre conto com vocês! 

Obrigado pelo esforço em resolver o problema e que a Força esteja com vocês!

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Errepege

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está no CODE abaixo:

CreateRestorePoint:
CloseProcesses:
File: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\DEFAULTS\PREF\DSENGINE.JS
File: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\DSENGINE.CFG
CMD: type C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\DEFAULTS\PREF\DSENGINE.JS
CMD: type C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\DSENGINE.CFG
CMD: ipconfig /flushdns
RemoveProxy:
EmptyTemp:
CreateRestorePoint:

Salve este arquivo na na sua área de trabalho com o nome fixlist

OBS: É de extrema importância que o arquivo "fixlist" seja salvo na sua Área de Trabalho/Desktop. Verifique também se o FRST.exe encontra-se na Área de Trabalho/Desktop.

** Usuários do Windows Vista, Windows 7, 8/8.1 e windows 10:
Clique com o direito sobre o arquivo FRST.EXE, depois clique em VRIfczU.png.

Clique no botão 0h0YlDEzRbKP9R7xLrUlzA.png

Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.

Anexe o log na sua próxima resposta

Compartilhar este post


Link para o post
Compartilhar em outros sites

Segue log.

 

Após clicar em corrigir, além do esperado, o problema voltou a aparecer e perdi vários itens do meu histórico. 

Executei os procedimentos que havia feito segundo meu último post e o problema desapareceu novamente

Fixlog.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Não

9 horas atrás, Elias Pereira disse:

@Errepege

 

Tu tem algum software instalado de nomenclatura "lavasoft"?

Não, pesquisei aqui e nada

Compartilhar este post


Link para o post
Compartilhar em outros sites

Não utilizo wi-fi. Existe a suspeita de onde vem a fonte desse erro. Na página do Facebook do meu provedor de internet consta um erro que tem ocorrido com alguns. Se quiser olhar, aqui está o link:

 

https://www.facebook.com/PandaNetworkInternet/

É a publicação de 25 de novembro de 2017. A ante-penúltima.

 

Segue o log do adwcleaner:

 

# AdwCleaner 7.0.7.0 - Logfile created on Fri Jan 19 05:05:20 2018
# Updated on 2018/18/01 by Malwarebytes 
# Database: 01-16-2018.1
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [1132 B] - [2017/11/29 19:44:24]
C:/AdwCleaner/AdwCleaner[C1].txt - [2247 B] - [2018/1/5 4:7:21]
C:/AdwCleaner/AdwCleaner[S0].txt - [945 B] - [2017/11/29 19:44:12]
C:/AdwCleaner/AdwCleaner[S1].txt - [1082 B] - [2017/12/2 9:0:42]
C:/AdwCleaner/AdwCleaner[S2].txt - [2207 B] - [2018/1/5 4:6:55]


########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt ##########

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Errepege

 

Execute novamente o FRST.exe

** Usuários do Windows Vista, Windows 7, 8/8.1 e windows 10:
Clique com o direito sobre o arquivo FRST64.EXE, depois clique em VRIfczU.png .
Aceite o contrato e depois clique no botão Scan/Examinar.

Aguarde e ao final, os logs FRST.txt e Addition.txt serão salvos no seu desktop.

Abra cada arquivo em separado, copie seu conteúdo e cole na sua próxima resposta.

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Seguem logs do FRST

 

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 21.01.2018
Executado por Rogério (23-01-2018 07:17:41)
Executando a partir de C:\Users\Rogério\Desktop
Windows 10 Home Versão 1709 16299.192 (X64) (2017-10-20 17:19:06)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-2442392909-140579935-1769747838-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2442392909-140579935-1769747838-1004 - Limited - Enabled)
Convidado (S-1-5-21-2442392909-140579935-1769747838-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-2442392909-140579935-1769747838-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2442392909-140579935-1769747838-1006 - Limited - Enabled)
Momar (S-1-5-21-2442392909-140579935-1769747838-1007 - Limited - Disabled)
rapha_000 (S-1-5-21-2442392909-140579935-1769747838-1003 - Limited - Enabled) => C:\Users\rapha_000
Rogério (S-1-5-21-2442392909-140579935-1769747838-1001 - Administrator - Enabled) => C:\Users\Rogério
WDAGUtilityAccount (S-1-5-21-2442392909-140579935-1769747838-504 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton Security (Enabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation)
Atualizações da NVIDIA 31.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.1.0 - NVIDIA Corporation) Hidden
Corsair Utility Engine (HKLM-x32\...\{016ED5C0-8A01-416B-9AC9-FE00EB01ACF1}) (Version: 2.21.67 - Corsair)
Curse (HKLM-x32\...\{A20BFF62-AE3C-42BD-9C52-841CAB96BC49}) (Version: 6.0.0.0 - Curse)
Discord (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Discord) (Version: 0.0.300 - Discord Inc.)
Dungeons & Dragons Online v2600.0045.9717.4070 (HKLM-x32\...\bc8a6440-918f-11dd-ad8b-0800200c9a66_is1) (Version: 2600.0045.9717.4070 - Standing Stone Games, LLC)
Epic Games Launcher (HKLM-x32\...\{96984372-A249-4BA0-AEE5-47362B350A42}) (Version: 1.1.135.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version:  - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2016) (Version: 1.3 - Receita Federal do Brasil)
IRPF2017 (HKLM-x32\...\IRPF2017) (Version: 1.1 - Receita Federal do Brasil)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{8CCCD0E7-56E4-45FB-B3FB-9F5183C2F4F0}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
LoLReplay2 (HKLM-x32\...\{9D5BAC5A-EDBF-4A34-AC2D-139C84B7E050}_is1) (Version: v2.8.2 - Aequus Gaming Ltd.)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 57.0.4 (x64 pt-BR) (HKLM\...\Mozilla Firefox 57.0.4 (x64 pt-BR)) (Version: 57.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3 - Mozilla)
MPC-HC 1.7.11 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.11 - MPC-HC Team)
Norton Security (HKLM-x32\...\NS) (Version: 22.11.2.7 - Symantec Corporation)
NVIDIA Driver de áudio HD 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Driver de controle do 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Driver de gráficos 388.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.71 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 388.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.71 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.8.17910 - Electronic Arts, Inc.)
Painel de controle da NVIDIA 388.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.71 - NVIDIA Corporation) Hidden
PBE (HKLM-x32\...\PBE 1.0) (Version: 1.0 - Riot Games, Inc)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.10 - Serpro - Serviço Federal de Processamento de Dados)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Software de dispositivo do Chipset Intel® (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Spotify (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Spotify) (Version: 1.0.68.407.g6864aaaf - Spotify AB)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Twitch (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 36.0 - Ubisoft)
VdhCoApp 1.1.1 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version:  - DownloadHelper)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\WhatsApp) (Version: 0.2.8082 - WhatsApp)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-15] (NVIDIA Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {03214716-56C0-49CF-869D-7EF8F06F0757} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-11-15] (NVIDIA Corporation)
Task: {037AEFEB-5D66-4EF9-B6C4-C4793FB932B0} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [2018-01-16] (Adobe Systems Incorporated)
Task: {04FD295A-E7E2-4DBB-9CF5-E8639BDA73C5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-11-15] (NVIDIA Corporation)
Task: {127B2546-4D19-4740-B9E2-24408205DD9C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-15] (NVIDIA Corporation)
Task: {13B73632-6084-4B4D-AC0B-4ED21DF68351} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
Task: {22D60B90-C7EA-4290-8A98-6DE268CFA0BD} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
Task: {6B290029-748C-41D8-80FD-AD53EF15F9A2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-15] (NVIDIA Corporation)
Task: {6B83EC29-CC43-473C-A4AF-2FCA65A4BC43} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {80D5ACF1-DB3B-4BD5-AB11-1FBC5F7C9BCD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-24] (Google Inc.)
Task: {8C36BB8E-6C4D-49D5-AF9A-2DAD1BF30354} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2442392909-140579935-1769747838-1003 => C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {9148A3CE-4670-4246-9B86-854BEA005418} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-15] (NVIDIA Corporation)
Task: {937620EF-3A3D-4E66-B45A-BE77585AE5EE} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2017-11-10] (Symantec Corporation)
Task: {9785E5D8-92F8-4F2F-A430-F9EBDD57342F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-24] (Google Inc.)
Task: {9CCB7E14-9012-4BC5-8983-7525E84DE981} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-11-15] (NVIDIA Corporation)
Task: {A144C735-0CC3-4A62-8607-06D084C16A0C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-11-15] (NVIDIA Corporation)
Task: {A68DAC04-3BCB-4FCE-9C70-930D1B607243} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-15] (NVIDIA Corporation)
Task: {BECFF8D3-95BC-4FC6-8499-B387044C5FD0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-16] (Adobe Systems Incorporated)
Task: {C575F8CD-B736-4649-8F61-49BACFFE2D04} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
Task: {E5A8BBB3-FDFB-4345-9A2E-6F92534CA64A} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\WSCStub.exe [2017-11-10] (Symantec Corporation)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)


ShortcutWithArgument: C:\Users\Rogério\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Rogério\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5803ea45d7990e6f\WhatsChrome Extension.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kbhfoiaobflocffnclkigpkeoagheimn

==================== Módulos Carregados (Whitelisted) ==============

2017-09-29 11:41 - 2017-09-29 11:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-02-15 04:42 - 2017-11-15 23:41 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-12-13 07:57 - 2017-11-26 10:23 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-13 07:57 - 2017-11-26 10:01 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-04 18:03 - 2018-01-03 07:20 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libglesv2.dll
2018-01-04 18:03 - 2018-01-03 07:20 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libegl.dll
2017-02-15 04:42 - 2017-11-15 23:41 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-06-21 04:53 - 2017-11-29 03:09 - 000781088 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-06-21 04:53 - 2017-12-15 17:59 - 002558752 _____ () C:\Program Files (x86)\Steam\video.dll
2017-06-21 04:53 - 2016-08-31 23:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-12-20 21:49 - 2017-11-03 23:54 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2017-12-20 21:49 - 2017-11-03 23:54 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2017-12-20 21:49 - 2017-11-03 23:54 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2017-12-20 21:49 - 2017-11-03 23:54 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2017-12-20 21:49 - 2017-11-03 23:54 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2017-06-21 04:53 - 2016-08-31 23:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-06-21 04:53 - 2016-08-31 23:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-06-21 04:53 - 2017-12-15 17:59 - 000904992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-06-21 04:53 - 2016-07-04 20:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-06-21 04:54 - 2017-09-07 00:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-06-21 04:54 - 2017-10-31 02:44 - 071471904 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-06-21 04:53 - 2015-09-24 21:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2017-12-07 12:34 - 2017-12-07 12:34 - 000197120 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll
2017-12-07 12:26 - 2017-12-07 12:26 - 000044544 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\MacroRecording.dll
2017-12-07 12:49 - 2017-12-07 12:49 - 000151040 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairAudioDevice.dll
2017-12-07 12:26 - 2017-12-07 12:26 - 000097280 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\zlib.dll
2017-10-02 07:54 - 2017-10-02 07:54 - 000013312 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\libEGL.DLL
2017-10-02 07:54 - 2017-10-02 07:54 - 001950720 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\libGLESv2.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)


==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\localhost -> localhost

==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2015-10-30 05:24 - 2015-10-30 05:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) Security Assist => 3
MSCONFIG\Services: isaHelperSvc => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LBTServ => 3
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: SkypeUpdate => 2
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "IMSS"
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "uTorrent"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{6A3AEA4A-6C2F-4DCF-8CED-8BF24273F186}] => (Allow) D:\Vuze\Azureus.exe
FirewallRules: [{CCDC5F06-7575-4D7A-99D5-E547831D8D8D}] => (Allow) D:\Vuze\Azureus.exe
FirewallRules: [{66B60690-A84D-43C1-B3E5-7E6570A8C4CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{3BCEA9B6-9EB8-4654-9EA2-C5EE356494E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0F2D6EEE-D364-4F30-95DC-A268AEC7C69B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4F17C9A2-4132-49A1-9610-02940CED6742}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{212F812C-3DF1-4F06-80C3-AEB3E785C207}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{07DDE512-9CCC-474A-A45C-5F60E353E097}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe
FirewallRules: [{2C593F2A-99A0-4D01-8235-69F19632CA18}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe
FirewallRules: [{6B49B98F-A6AE-437C-8DC9-1C689F0E3B66}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe
FirewallRules: [{691A0892-A702-43D7-B2E4-AA3AC46BFC53}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe
FirewallRules: [{686B1685-0541-4F0D-9AB6-591228928201}] => (Allow) D:\Games\Origin\SimCity\SimCity\SimCity.exe
FirewallRules: [{3A0FD541-ED64-4CEB-9BC5-E4B07D240681}] => (Allow) D:\Games\Origin\SimCity\SimCity\SimCity.exe
FirewallRules: [{ACD7F6EE-AE74-4689-BE04-0FA721C1B0DD}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe
FirewallRules: [{7BE5F36D-4B47-4BFE-9E8E-6316A8F563BC}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe
FirewallRules: [{57E60006-667B-4127-8FFE-F0880A05772B}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe
FirewallRules: [{17046295-58D9-43D7-83BA-F78A3E2B76DC}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe
FirewallRules: [{587B0D03-84D1-4CF4-B824-125CD26D68BB}] => (Allow) D:\Games\steamapps\common\Sword Coast Legends\SwordCoast.exe
FirewallRules: [{D2A1E2FC-C7FD-4174-9921-518FAAF694AE}] => (Allow) D:\Games\steamapps\common\Sword Coast Legends\SwordCoast.exe
FirewallRules: [{A6E57C5E-A0EA-467B-BEB3-E9BB5AB9F786}] => (Allow) D:\Games\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe
FirewallRules: [{8504C1E4-6897-4FCD-A727-5FDE8E63293A}] => (Allow) D:\Games\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe
FirewallRules: [{88A614AE-D977-4267-B58F-F7AB8B991491}] => (Allow) D:\Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{708FDAC7-D9E8-44E4-BF33-F9A61FD7669B}] => (Allow) D:\Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{7505F984-C705-44A6-86E1-FF8079F671CE}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{977AB962-91B9-4EAD-8988-8796730D9C63}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{3B73638A-4E23-43D8-B02D-7E9F79215723}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{8B7D40A5-CA48-4CDF-8FF8-991E903B9EA3}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{E4FB541D-F96A-4DB0-B6B2-8016A0CC2632}] => (Allow) D:\Games\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{AE266EFE-5C69-4C32-9674-15855D489BED}] => (Allow) D:\Games\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{BD2B9DB2-8BB0-40D0-82E5-1D1A8DAA1998}] => (Allow) D:\Games\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{DE951DEB-87AE-4FF2-9F6D-7503C2ADC803}] => (Allow) D:\Games\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{910A18F5-1557-43A5-AD2E-3F6E2DA658B6}] => (Allow) D:\Games\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{A39BED4D-E47D-4C1A-B1CE-B5A3677A08F1}] => (Allow) D:\Games\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{79950C39-6643-4DE1-B59C-28CA25216DE1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1A3EFCCB-2809-4389-97A3-B3B818BACE03}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{627532CD-D967-4A6E-A8E0-1F63B7194A82}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AF0748BD-259C-4F8D-9520-B02EB4F06E2F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FFB1C619-937F-4820-9F4C-64418CE152A3}] => (Allow) C:\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe
FirewallRules: [{A3A70C65-01F3-486B-8B75-A980A69F6F66}] => (Allow) C:\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe
FirewallRules: [{765609D5-7494-4E93-9CA2-83A23540743E}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{AC0027CD-298C-4070-AA83-A7169A16F1D3}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{DC495A06-4183-476A-9DD4-69D43172CB0A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{71E0BAEE-872A-47A1-82E4-C978866389C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{992908C0-D632-462F-8B1B-660EA43AB307}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{562016B1-6276-47E4-89F4-0E7047913FA6}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{E5E99778-A929-415B-BBCA-B317AC521E27}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D2A938C8-9B98-4C5F-AFCC-AE593E4FEC3B}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D40BEE31-5F7B-4186-8BD4-9440D7D9A689}] => (Allow) E:\Steam\SteamApps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{D4085136-777D-487C-9614-59DC29C6E4BC}] => (Allow) E:\Steam\SteamApps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{671CFEB2-13D7-4C81-9F39-6B01F94DD4D3}] => (Allow) E:\Steam\SteamApps\common\Sword Coast Legends\SwordCoast.exe
FirewallRules: [{B5BB585F-3FAE-4B5C-8FDA-25C188E40F92}] => (Allow) E:\Steam\SteamApps\common\Sword Coast Legends\SwordCoast.exe
FirewallRules: [{0C0BEC0A-EBB1-46F2-8504-AA3D039071E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{5D366CB0-329E-4492-B892-FDD6F6424DBD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{23FD4592-0A1E-4ED7-B33B-84D9FF32ECE1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{6C0D5192-F0B3-496A-937B-95BF2C42A008}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{694775E2-71C6-4F92-95C1-CE30B7384F58}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D40465AA-A88C-4BC9-B2BA-2F51B20CF5D8}] => (Allow) E:\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{7522DCBD-351D-4CA9-932B-2085EE8331A7}] => (Allow) E:\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{11EA87D8-3820-499D-8D11-2E9F472F6283}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{80B75330-A2F8-4231-AB67-B6D52A03BDFD}] => (Allow) E:\Steam\SteamApps\common\TreeOfSavior\release\patch\tos.exe
FirewallRules: [{B4FDB7D3-8A77-46A8-8D8D-C21D9924C7E6}] => (Allow) E:\Steam\SteamApps\common\TreeOfSavior\release\patch\tos.exe
FirewallRules: [TCP Query User{D3E18C15-52A3-4096-B48A-B121EC01D840}C:\users\rogério\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\rogério\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{87E64EE3-FF2C-4D2F-844A-4A407623700A}C:\users\rogério\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\rogério\appdata\local\akamai\netsession_win.exe
FirewallRules: [{2D6CABFD-A41D-4EAF-B5FA-4B347A0D272A}] => (Allow) D:\FormatFactory\FormatFactory.exe
FirewallRules: [{AC0A28C6-20CB-4877-8457-2CF3F589BC38}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{C9F054A8-9EE4-4182-B9FE-CA93EFD8F3C6}] => (Allow) D:\FormatFactory\FormatFactory.exe
FirewallRules: [{D1EC6DFB-E4F2-42E3-8F06-3E7B73C6308A}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{5FEEDB86-69E0-4D54-A47B-3CD256347BBA}] => (Allow) D:\FormatFactory\FormatFactory.exe
FirewallRules: [{6FEC8C01-9A2E-4634-81BC-AC3E009090CA}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{783F3379-67BD-452B-B7E4-1BC3076A56A4}] => (Allow) D:\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [{2E2B5476-A7AB-4C63-B355-6A6F62ADDB4D}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CC2207F9-AC08-42A8-8A35-C04DB1E5B74A}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{848F86BE-40C1-496C-888C-37246F8EB469}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{76AD3729-4A86-4B60-A4CD-584D7D631589}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe
FirewallRules: [{7F019F32-7F2E-4476-8F41-B4B2A65B3714}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe

==================== Pontos de Restauração =========================

ATENÇÃO: A Restauração do Sistema está desabilitada

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (01/14/2018 01:55:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Client_tos.exe, versão: 1.8.1.1, carimbo de data/hora: 0x5a56f93a
Nome do módulo com falha: libtcmalloc_minimal.dll, versão: 0.0.0.0, carimbo de data/hora: 0x593015fc
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00009380
ID do processo com falha: 0x23f4
Hora de início do aplicativo com falha: 0x01d38d5012bae32a
Caminho do aplicativo com falha: C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\Client_tos.exe
Caminho do módulo com falha: C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\libtcmalloc_minimal.dll
ID do Relatório: f9493912-1365-47be-9b20-a37ea49d5c6a
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:

Error: (01/12/2018 10:10:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: svchost.exe_InstallService, versão: 10.0.16299.15, carimbo de data/hora: 0x9c786b9a
Nome do módulo com falha: ucrtbase.dll, versão: 10.0.16299.125, carimbo de data/hora: 0x70f70cc4
Código de exceção: 0xc0000409
Deslocamento da falha: 0x000000000006b70e
ID do processo com falha: 0x2bcc
Hora de início do aplicativo com falha: 0x01d38a8642a02b4b
Caminho do aplicativo com falha: C:\WINDOWS\System32\svchost.exe
Caminho do módulo com falha: C:\WINDOWS\System32\ucrtbase.dll
ID do Relatório: 23148c8e-b3ff-4448-b2c5-044c441c7dd5
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:

Error: (01/11/2018 03:34:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: dwm.exe, versão: 10.0.16299.15, carimbo de data/hora: 0x7f22d77c
Nome do módulo com falha: dwmcore.dll, versão: 10.0.16299.192, carimbo de data/hora: 0xa96f7b91
Código de exceção: 0xc0000602
Deslocamento da falha: 0x00000000000feff6
ID do processo com falha: 0x43c
Hora de início do aplicativo com falha: 0x01d38a863b796c00
Caminho do aplicativo com falha: C:\WINDOWS\system32\dwm.exe
Caminho do módulo com falha: C:\WINDOWS\system32\dwmcore.dll
ID do Relatório: ad02ddef-fb75-4610-9263-0aff95066af3
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:

Error: (01/04/2018 11:35:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa League of Legends.exe versão 7.24.211.7318 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.

ID do Processo: cd8

Hora de Início: 01d385c0a35b7484

Hora de Término: 4294967295

Caminho do Aplicativo: C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.198\deploy\League of Legends.exe

ID do Relatório: 8e02608d-30f3-429d-b387-f574da11cc61

Nome completo do pacote com falha: 

ID do aplicativo relativo ao pacote com falha:

Error: (01/04/2018 05:00:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: dwm.exe, versão: 10.0.16299.15, carimbo de data/hora: 0x7f22d77c
Nome do módulo com falha: dwmcore.dll, versão: 10.0.16299.125, carimbo de data/hora: 0x5eb910be
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000086ece
ID do processo com falha: 0x444
Hora de início do aplicativo com falha: 0x01d384fe8ed75982
Caminho do aplicativo com falha: C:\WINDOWS\system32\dwm.exe
Caminho do módulo com falha: C:\WINDOWS\system32\dwmcore.dll
ID do Relatório: bc220602-28c4-47ac-88b8-bff96a9ff5f1
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:

Error: (01/02/2018 09:23:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: dwm.exe, versão: 10.0.16299.15, carimbo de data/hora: 0x7f22d77c
Nome do módulo com falha: dwmcore.dll, versão: 10.0.16299.125, carimbo de data/hora: 0x5eb910be
Código de exceção: 0xc0000602
Deslocamento da falha: 0x00000000000ef0ea
ID do processo com falha: 0x241c
Hora de início do aplicativo com falha: 0x01d38291ee880c75
Caminho do aplicativo com falha: C:\WINDOWS\system32\dwm.exe
Caminho do módulo com falha: C:\WINDOWS\system32\dwmcore.dll
ID do Relatório: a2c9f3f9-b717-4a9f-8a44-aa9fd30711aa
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:

Error: (01/02/2018 08:13:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Origin.exe, versão: 10.5.8.17910, carimbo de data/hora: 0x5a39a35e
Nome do módulo com falha: Qt5WebEngineCore.dll, versão: 5.8.0.0, carimbo de data/hora: 0x59e17bf0
Código de exceção: 0x80000003
Deslocamento da falha: 0x01f77933
ID do processo com falha: 0x4990
Hora de início do aplicativo com falha: 0x01d3836784dba604
Caminho do aplicativo com falha: C:\Program Files (x86)\Origin\Origin.exe
Caminho do módulo com falha: C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
ID do Relatório: eac078d6-d8d7-4d84-b5e5-e3cedac4d44e
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:

Error: (01/02/2018 08:04:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Lavasoft.WCAssistant.WinService.exe, versão: 1.0.0.0, carimbo de data/hora: 0x59482a46
Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.16299.15, carimbo de data/hora: 0x4736733c
Código de exceção: 0xe0434f4d
Deslocamento da falha: 0x0000000000013fb8
ID do processo com falha: 0x34a4
Hora de início do aplicativo com falha: 0x01d383b102aa6050
Caminho do aplicativo com falha: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
Caminho do módulo com falha: C:\WINDOWS\System32\KERNELBASE.dll
ID do Relatório: a8c9df4a-026e-4a47-9029-1007bf4636c2
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:

Error: (01/02/2018 06:39:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Lavasoft.WCAssistant.WinService.exe, versão: 1.0.0.0, carimbo de data/hora: 0x59482a46
Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.16299.15, carimbo de data/hora: 0x4736733c
Código de exceção: 0xe0434f4d
Deslocamento da falha: 0x0000000000013fb8
ID do processo com falha: 0x4dd8
Hora de início do aplicativo com falha: 0x01d383a52efd13f2
Caminho do aplicativo com falha: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
Caminho do módulo com falha: C:\WINDOWS\System32\KERNELBASE.dll
ID do Relatório: 8340d82d-deda-4a77-8c8f-acc7881a2d8a
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:

Error: (01/02/2018 05:24:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Lavasoft.WCAssistant.WinService.exe, versão: 1.0.0.0, carimbo de data/hora: 0x59482a46
Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.16299.15, carimbo de data/hora: 0x4736733c
Código de exceção: 0xe0434f4d
Deslocamento da falha: 0x0000000000013fb8
ID do processo com falha: 0x49e4
Hora de início do aplicativo com falha: 0x01d3839ab77a737a
Caminho do aplicativo com falha: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
Caminho do módulo com falha: C:\WINDOWS\System32\KERNELBASE.dll
ID do Relatório: 94b4f7ec-9282-467a-8287-d13eeeec4f41
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:


Erros de Sistema:
=============
Error: (01/23/2018 07:09:06 AM) (Source: DCOM) (EventID: 10016) (User: ROGÉRIO)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 e APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 ao usuário Rogério\Rogério SID (S-1-5-21-2442392909-140579935-1769747838-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (01/23/2018 07:08:19 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9P086NHDNB9W-Microsoft.XboxSpeechtoTextOverlay.

Error: (01/23/2018 07:08:19 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH42THS-Microsoft.Microsoft3DViewer.

Error: (01/23/2018 07:08:12 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH537C2-Microsoft.XboxGameOverlay.

Error: (01/23/2018 07:08:12 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH5FV99-Microsoft.MSPaint.

Error: (01/22/2018 10:02:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9P086NHDNB9W-Microsoft.XboxSpeechtoTextOverlay.

Error: (01/22/2018 10:01:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH537C2-Microsoft.XboxGameOverlay.

Error: (01/22/2018 10:01:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH42THS-Microsoft.Microsoft3DViewer.

Error: (01/22/2018 10:01:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH5FV99-Microsoft.MSPaint.

Error: (01/22/2018 07:38:44 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH5FV99-Microsoft.MSPaint.


CodeIntegrity:
===================================
  Date: 2018-01-20 01:37:30.483
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20180119.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-19 02:00:56.995
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20180118.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-15 20:42:11.779
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20180115.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-11 01:06:19.398
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20180110.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-06 05:50:05.136
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20180106.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-05 22:15:06.110
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20180105.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-05 01:24:14.904
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20180104.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-03 21:39:19.972
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-03 08:22:04.982
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20180103.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-01 23:27:57.259
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20180101.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.


==================== Informações da Memória =========================== 

Processador: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentagem de memória em uso: 24%
RAM física total: 16329.73 MB
RAM física disponível: 12361.7 MB
Virtual Total: 18761.73 MB
Virtual disponível: 14127.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.46 GB) (Free:19.63 GB) NTFS
Drive d: (Rogério) (Fixed) (Total:2794.39 GB) (Free:1949.81 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 8A6487A7)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== Fim de Addition.txt ============================

 

*********************************************************************

 

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 21.01.2018
Executado por Rogério (administrador) em ROGÉRIO (23-01-2018 07:17:10)
Executando a partir de C:\Users\Rogério\Desktop
Perfis Carregados: Rogério (Perfis Disponíveis: Rogério & rapha_000)
Platform: Windows 10 Home Versão 1709 16299.192 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\ns.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\ns.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-07-11] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe [21098704 2017-12-07] (Corsair Components, Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation)
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545048 2017-03-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Rogério\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [uTorrent] => C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe [1985464 2018-01-02] (BitTorrent Inc.)
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Spotify Web Helper] => C:\Users\Rogério\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-11-27] (Spotify Ltd)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{1cccdaf1-4209-4f93-9225-dd69cf1164d9}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{1cccdaf1-4209-4f93-9225-dd69cf1164d9}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{2748ca79-bce9-4d38-959b-7b3cd42ef846}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180102__yaie
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)

FireFox:
========
FF DefaultProfile: ycdepkaz.default
FF ProfilePath: C:\Users\Rogério\AppData\Roaming\Mozilla\Firefox\Profiles\ycdepkaz.default [2018-01-19]
FF Homepage: Mozilla\Firefox\Profiles\ycdepkaz.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\ycdepkaz.default -> hxxps://br.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180102__yaff
FF Session Restore: Mozilla\Firefox\Profiles\ycdepkaz.default -> está habilitado.
FF Extension: (Video DownloadHelper) - C:\Users\Rogério\AppData\Roaming\Mozilla\Firefox\Profiles\ycdepkaz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-01-19]
FF Extension: (Flash and Video Download) - C:\Users\Rogério\AppData\Roaming\Mozilla\Firefox\Profiles\ycdepkaz.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}.xpi [2018-01-19]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2017-04-01] [Legacy] [não assinado]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> D:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-28] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-12-15] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-12-15] (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-24] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://www.metroweb.sp.gov.br/
CHR StartupUrls: Profile 1 -> "hxxps://www.oculus.com/en-us/rift/","hxxp://www.shoptime.com.br/produto/124255321/geladeira-refrigerador-frost-free-brastemp-ative-brm50-429-litros-platinum?epar=9381&opn=COMPARADORES","hxxp://www.shoptime.com.br/produto/124255291/geladeira-refrigerador-frost-free-brastemp-ative-brm48-403-litros-platinum?opn=GOOGLEXML&loja=01&WT.srch=1&epar=bp_pl_00_go_pla-ed-refrigerador-todas-geral","hxxps://www.balaodainformatica.com.br/Cliente/MinhaConta","hxxp://carinhas.com.br/produto/caneca-personalizada-3/","hxxp://www.bastter.com/Mercado/BastterBlue/como-obter-acesso.aspx","hxxp://www.bastter.com/Mercado/Loja/Categoria/5/Revista-Bastter-Com.aspx","hxxp://guides.gamepressure.com/batmanarkhamasylum/guide.asp?ID=8059","hxxp://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns&p=4038291&viewfull=1#post4038291","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4038291&postcount=19","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063665&postcount=24","hxxp://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4038363&postcount=20","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063639&postcount=22","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063650&postcount=23","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4077985&postcount=60","hxxps://pitzi.com.br/","hxxp://produto.mercadolivre.com.br/MLB-729972915-mata-insetos-pernilongos-moscas-e-mosquitos-zika-dengue-_JM","hxxp://www.probuilds.net/guide/show/KR/2214984472/1561528","hxxp://www.probuilds.net/guide/show/KR/2217666300/1268315","hxxp://www.procon.sp.gov.br/","hxxp://www.leagueoflegendsmath.com/Articles/Common_Build_Mistakes.html","hxxp://www.probuilds.net/guide/show/EUW/2453503356/19806326","hxxp://ddowiki.com/page/Adventure_Packs","hxxp://ddowiki.com/page/Vault_of_Night_(story_arc)","hxxp://ddowiki.com/page/Litany_of_the_Dead_Part_3","hxxp://ddowiki.com/page/The_Shadow_Crypt","hxxps://www.ddo.com/forums/archive/index.php/t-442813.html?s=349b7415d277efc7c0b7e3469ac30f9d","hxxp://ddowiki.com/page/Talk:Augment_Slot","hxxp://ddowiki.com/page/Augment_Slot","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Level_12","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Ruskin_Blackboot_.28Level_12.29","hxxp://ddowiki.com/page/Devil_Assault_(quest)","hxxp://ddowiki.com/page/Astral_Diamond","hxxp://ddowiki.com/page/Item:Shard_of_Great_Power","hxxp://ddowiki.com/page/Pure_Shavarath_Iron","hxxp://crafting.cubicleninja.com/","hxxps://www.ddo.com/en/U29","hxxp://speedtest.copel.net/"
CHR Session Restore: Profile 1 -> está habilitado.
CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default [2018-01-02]
CHR Extension: (Apresentações) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-25]
CHR Extension: (Documentos) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-25]
CHR Extension: (Google Drive) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-25]
CHR Extension: (YouTube) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-25]
CHR Extension: (Norton Security Toolbar) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-11-25]
CHR Extension: (Adobe Acrobat) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-11-25]
CHR Extension: (Planilhas) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-25]
CHR Extension: (SearchVZ) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhmeggicckjohfhgocjieomdmmanmocd [2017-11-25]
CHR Extension: (Documentos Google off-line) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-25]
CHR Extension: (Norton Identity Safe) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2017-11-25]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-25]
CHR Extension: (Gmail) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-25]
CHR Extension: (Chrome Media Router) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-25]
CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-12-16]
CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-01-23]
CHR Extension: (Duolingo na Web) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2017-11-24]
CHR Extension: (Google Drive) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-24]
CHR Extension: (YouTube) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-24]
CHR Extension: (Facebook) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2017-11-24]
CHR Extension: (Adblock Plus) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-11-24]
CHR Extension: (Google Agenda) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-11-24]
CHR Extension: (Video Downloader professional) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2017-12-27]
CHR Extension: (CastBuddy) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghagedffjalchgcgdgfindabkpnmalel [2018-01-03]
CHR Extension: (hxxp://www.netflix.com/browse) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hjaaapkoiljkjpgpfgckfielajkdjhik [2017-11-24]
CHR Extension: (X-Men Blog - PASSA PRO BABAÇO!) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\miaklnakbdehkcfhmoohcocbifodpebf [2017-11-24]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-24]
CHR Extension: (Gmail) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-24]
CHR Extension: (Chrome Media Router) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-16]
CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\System Profile [2017-12-16]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\Exts\Chrome.crx <não encontrado (a)>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fhmeggicckjohfhgocjieomdmmanmocd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\Exts\Chrome.crx <não encontrado (a)>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-12-18] ()
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S4 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Arquivo não assinado]
S4 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Arquivo não assinado]
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-11] (Intel Corporation)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [343544 2017-12-06] (McAfee, Inc.)
R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NS.exe [326144 2017-11-11] (Symantec Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-15] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-15] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2155328 2018-01-01] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3025224 2018-01-01] (Electronic Arts)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\BASHDefs\20180117.007\BHDrvx64.sys [1872024 2017-10-11] (Symantec Corporation)
R1 ccSet_NS; C:\WINDOWS\system32\drivers\NSx64\160B020.007\ccSetx64.sys [187544 2017-11-10] (Symantec Corporation)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45528 2017-07-31] (Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21968 2017-07-31] (Corsair)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [507984 2018-01-03] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [152656 2018-01-03] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20180119.001\IDSvia64.sys [1056920 2017-10-13] (Symantec Corporation)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [917008 2017-12-06] (McAfee, Inc.)
S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [124432 2017-12-06] (McAfee, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d37ca5c2cde53609\nvlddmkm.sys [17028552 2017-12-18] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-10] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-11-27] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2017-03-10] (Realtek )
R1 SRTSP; C:\WINDOWS\System32\Drivers\NSx64\160B020.007\SRTSP64.SYS [812696 2017-11-10] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NSx64\160B020.007\SRTSPX64.SYS [49304 2017-11-10] (Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NSx64\160B020.007\SYMEFASI64.SYS [1938584 2017-11-10] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NSx64\160B020.007\SymELAM.sys [24608 2017-11-10] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102600 2017-11-17] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NSx64\160B020.007\Ironx64.SYS [309984 2017-11-10] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\Drivers\NSx64\160B020.007\SYMNETS.SYS [566936 2017-11-10] (Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2018-01-23 07:17 - 2018-01-23 07:17 - 000024698 _____ C:\Users\Rogério\Desktop\FRST.txt
2018-01-21 03:26 - 2018-01-21 03:26 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2018-01-19 01:58 - 2018-01-19 01:58 - 008206624 _____ (Malwarebytes) C:\Users\Rogério\Desktop\adwcleaner_7.0.7.0.exe
2018-01-15 14:11 - 2018-01-23 07:16 - 000000000 ____D C:\Users\Rogério\Desktop\FRST-OlderVersion
2018-01-15 14:11 - 2018-01-15 14:12 - 000003606 _____ C:\Users\Rogério\Desktop\Fixlog.txt
2018-01-06 05:24 - 2018-01-06 05:24 - 004209653 _____ C:\Users\Rogério\Desktop\cemu_1.11.3.zip
2018-01-05 02:55 - 2018-01-05 02:55 - 000286341 _____ C:\Users\Rogério\Desktop\Lmao - Coub - GIFs with sound.mp4
2018-01-05 02:49 - 2018-01-05 02:49 - 000000681 _____ C:\Users\Rogério\Desktop\JRT.txt
2018-01-05 02:17 - 2018-01-01 15:15 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-01-05 02:17 - 2018-01-01 10:54 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-01-05 02:17 - 2018-01-01 10:53 - 001090984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-01-05 02:17 - 2018-01-01 10:52 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2018-01-05 02:17 - 2018-01-01 10:51 - 001414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-01-05 02:17 - 2018-01-01 10:51 - 001209240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-01-05 02:17 - 2018-01-01 10:51 - 001055128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-01-05 02:17 - 2018-01-01 10:51 - 000191816 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-01-05 02:17 - 2018-01-01 10:51 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2018-01-05 02:17 - 2018-01-01 10:50 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-01-05 02:17 - 2018-01-01 10:50 - 000780464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-01-05 02:17 - 2018-01-01 10:50 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-01-05 02:17 - 2018-01-01 10:50 - 000077208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-01-05 02:17 - 2018-01-01 10:49 - 008605080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-01-05 02:17 - 2018-01-01 10:49 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-01-05 02:17 - 2018-01-01 10:49 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-01-05 02:17 - 2018-01-01 10:49 - 000292376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-01-05 02:17 - 2018-01-01 10:48 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-01-05 02:17 - 2018-01-01 10:48 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-01-05 02:17 - 2018-01-01 10:48 - 000382360 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-01-05 02:17 - 2018-01-01 10:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-01-05 02:17 - 2018-01-01 10:47 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-01-05 02:17 - 2018-01-01 10:46 - 002709704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-01-05 02:17 - 2018-01-01 10:46 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-01-05 02:17 - 2018-01-01 10:46 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-01-05 02:17 - 2018-01-01 10:46 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-01-05 02:17 - 2018-01-01 10:45 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-01-05 02:17 - 2018-01-01 10:45 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-01-05 02:17 - 2018-01-01 10:45 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-01-05 02:17 - 2018-01-01 10:43 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-01-05 02:17 - 2018-01-01 10:43 - 000367336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-01-05 02:17 - 2018-01-01 10:43 - 000062872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2018-01-05 02:17 - 2018-01-01 10:42 - 001029016 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-01-05 02:17 - 2018-01-01 10:42 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-01-05 02:17 - 2018-01-01 10:42 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-01-05 02:17 - 2018-01-01 10:42 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-01-05 02:17 - 2018-01-01 10:42 - 000109976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-01-05 02:17 - 2018-01-01 10:41 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-01-05 02:17 - 2018-01-01 10:41 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-01-05 02:17 - 2018-01-01 10:41 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2018-01-05 02:17 - 2018-01-01 10:40 - 001206680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-01-05 02:17 - 2018-01-01 10:39 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-01-05 02:17 - 2018-01-01 10:39 - 000677784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-01-05 02:17 - 2018-01-01 10:39 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-01-05 02:17 - 2018-01-01 10:39 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-01-05 02:17 - 2018-01-01 10:39 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-01-05 02:17 - 2018-01-01 10:38 - 003904808 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-01-05 02:17 - 2018-01-01 10:38 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-01-05 02:17 - 2018-01-01 10:38 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-01-05 02:17 - 2018-01-01 10:38 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-01-05 02:17 - 2018-01-01 10:38 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2018-01-05 02:17 - 2018-01-01 10:37 - 001426664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-01-05 02:17 - 2018-01-01 10:37 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-01-05 02:17 - 2018-01-01 10:36 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-01-05 02:17 - 2018-01-01 10:36 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-01-05 02:17 - 2018-01-01 10:36 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-01-05 02:17 - 2018-01-01 10:36 - 000113560 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-01-05 02:17 - 2018-01-01 10:36 - 000057752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-01-05 02:17 - 2018-01-01 10:35 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-01-05 02:17 - 2018-01-01 10:35 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-01-05 02:17 - 2018-01-01 10:34 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-01-05 02:17 - 2018-01-01 10:34 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-01-05 02:17 - 2018-01-01 10:34 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-01-05 02:17 - 2018-01-01 10:34 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-01-05 02:17 - 2018-01-01 10:33 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-01-05 02:17 - 2018-01-01 10:33 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-01-05 02:17 - 2018-01-01 10:32 - 004481240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-01-05 02:17 - 2018-01-01 10:32 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-01-05 02:17 - 2018-01-01 10:27 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-01-05 02:17 - 2018-01-01 10:27 - 000163736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-01-05 02:17 - 2018-01-01 10:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-01-05 02:17 - 2018-01-01 10:26 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2018-01-05 02:17 - 2018-01-01 10:25 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-01-05 02:17 - 2018-01-01 10:25 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-01-05 02:17 - 2018-01-01 10:23 - 021352144 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-01-05 02:17 - 2018-01-01 10:21 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-01-05 02:17 - 2018-01-01 10:21 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-01-05 02:17 - 2018-01-01 10:06 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-01-05 02:17 - 2018-01-01 10:03 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-01-05 02:17 - 2018-01-01 10:03 - 000650328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-01-05 02:17 - 2018-01-01 10:03 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-01-05 02:17 - 2018-01-01 10:03 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-01-05 02:17 - 2018-01-01 09:53 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-01-05 02:17 - 2018-01-01 09:49 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-01-05 02:17 - 2018-01-01 09:49 - 000258808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2018-01-05 02:17 - 2018-01-01 09:46 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-01-05 02:17 - 2018-01-01 09:46 - 000289816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-01-05 02:17 - 2018-01-01 09:45 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-01-05 02:17 - 2018-01-01 09:45 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-01-05 02:17 - 2018-01-01 09:45 - 002192624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-01-05 02:17 - 2018-01-01 09:45 - 000450928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2018-01-05 02:17 - 2018-01-01 09:43 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-01-05 02:17 - 2018-01-01 09:42 - 006479552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-01-05 02:17 - 2018-01-01 09:42 - 004644912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-01-05 02:17 - 2018-01-01 09:42 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-01-05 02:17 - 2018-01-01 09:42 - 001003152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-01-05 02:17 - 2018-01-01 09:42 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-01-05 02:17 - 2018-01-01 09:42 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2018-01-05 02:17 - 2018-01-01 09:42 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-01-05 02:17 - 2018-01-01 09:42 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2018-01-05 02:17 - 2018-01-01 09:37 - 025247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-01-05 02:17 - 2018-01-01 09:34 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-01-05 02:17 - 2018-01-01 09:25 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-01-05 02:17 - 2018-01-01 09:25 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-01-05 02:17 - 2018-01-01 09:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-01-05 02:17 - 2018-01-01 09:25 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-01-05 02:17 - 2018-01-01 09:25 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2018-01-05 02:17 - 2018-01-01 09:24 - 003668480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-01-05 02:17 - 2018-01-01 09:24 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll
2018-01-05 02:17 - 2018-01-01 09:24 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-01-05 02:17 - 2018-01-01 09:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-01-05 02:17 - 2018-01-01 09:24 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2018-01-05 02:17 - 2018-01-01 09:23 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-01-05 02:17 - 2018-01-01 09:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-01-05 02:17 - 2018-01-01 09:23 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-01-05 02:17 - 2018-01-01 09:23 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-01-05 02:17 - 2018-01-01 09:23 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-01-05 02:17 - 2018-01-01 09:23 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2018-01-05 02:17 - 2018-01-01 09:23 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-01-05 02:17 - 2018-01-01 09:23 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2018-01-05 02:17 - 2018-01-01 09:23 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-01-05 02:17 - 2018-01-01 09:22 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-01-05 02:17 - 2018-01-01 09:22 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-01-05 02:17 - 2018-01-01 09:22 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-01-05 02:17 - 2018-01-01 09:21 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-01-05 02:17 - 2018-01-01 09:21 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2018-01-05 02:17 - 2018-01-01 09:21 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-01-05 02:17 - 2018-01-01 09:21 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2018-01-05 02:17 - 2018-01-01 09:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2018-01-05 02:17 - 2018-01-01 09:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys
2018-01-05 02:17 - 2018-01-01 09:21 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-01-05 02:17 - 2018-01-01 09:21 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2018-01-05 02:17 - 2018-01-01 09:20 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-01-05 02:17 - 2018-01-01 09:20 - 018917888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-01-05 02:17 - 2018-01-01 09:20 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-01-05 02:17 - 2018-01-01 09:20 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-01-05 02:17 - 2018-01-01 09:20 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-01-05 02:17 - 2018-01-01 09:20 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-01-05 02:17 - 2018-01-01 09:20 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-01-05 02:17 - 2018-01-01 09:20 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2018-01-05 02:17 - 2018-01-01 09:20 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-01-05 02:17 - 2018-01-01 09:20 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-01-05 02:17 - 2018-01-01 09:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-01-05 02:17 - 2018-01-01 09:20 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-01-05 02:17 - 2018-01-01 09:20 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-01-05 02:17 - 2018-01-01 09:20 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2018-01-05 02:17 - 2018-01-01 09:20 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2018-01-05 02:17 - 2018-01-01 09:20 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-01-05 02:17 - 2018-01-01 09:20 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2018-01-05 02:17 - 2018-01-01 09:19 - 008014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-01-05 02:17 - 2018-01-01 09:19 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
2018-01-05 02:17 - 2018-01-01 09:19 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-01-05 02:17 - 2018-01-01 09:19 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-01-05 02:17 - 2018-01-01 09:19 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-01-05 02:17 - 2018-01-01 09:19 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2018-01-05 02:17 - 2018-01-01 09:19 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-01-05 02:17 - 2018-01-01 09:19 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-01-05 02:17 - 2018-01-01 09:19 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-01-05 02:17 - 2018-01-01 09:19 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-01-05 02:17 - 2018-01-01 09:19 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-01-05 02:17 - 2018-01-01 09:19 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-01-05 02:17 - 2018-01-01 09:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-01-05 02:17 - 2018-01-01 09:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2018-01-05 02:17 - 2018-01-01 09:19 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2018-01-05 02:17 - 2018-01-01 09:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2018-01-05 02:17 - 2018-01-01 09:19 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-01-05 02:17 - 2018-01-01 09:19 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msoert2.dll
2018-01-05 02:17 - 2018-01-01 09:19 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-01-05 02:17 - 2018-01-01 09:19 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-01-05 02:17 - 2018-01-01 09:19 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2018-01-05 02:17 - 2018-01-01 09:19 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-01-05 02:17 - 2018-01-01 09:19 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2018-01-05 02:17 - 2018-01-01 09:18 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2018-01-05 02:17 - 2018-01-01 09:18 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-01-05 02:17 - 2018-01-01 09:18 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2018-01-05 02:17 - 2018-01-01 09:18 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-01-05 02:17 - 2018-01-01 09:18 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-01-05 02:17 - 2018-01-01 09:18 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-01-05 02:17 - 2018-01-01 09:18 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-01-05 02:17 - 2018-01-01 09:18 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-01-05 02:17 - 2018-01-01 09:18 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2018-01-05 02:17 - 2018-01-01 09:18 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-01-05 02:17 - 2018-01-01 09:18 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2018-01-05 02:17 - 2018-01-01 09:18 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-01-05 02:17 - 2018-01-01 09:18 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2018-01-05 02:17 - 2018-01-01 09:18 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-01-05 02:17 - 2018-01-01 09:18 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2018-01-05 02:17 - 2018-01-01 09:18 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-01-05 02:17 - 2018-01-01 09:18 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-01-05 02:17 - 2018-01-01 09:18 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-01-05 02:17 - 2018-01-01 09:18 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2018-01-05 02:17 - 2018-01-01 09:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-01-05 02:17 - 2018-01-01 09:18 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-01-05 02:17 - 2018-01-01 09:17 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-01-05 02:17 - 2018-01-01 09:17 - 006564864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-01-05 02:17 - 2018-01-01 09:17 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-01-05 02:17 - 2018-01-01 09:17 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-01-05 02:17 - 2018-01-01 09:17 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-01-05 02:17 - 2018-01-01 09:17 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-01-05 02:17 - 2018-01-01 09:17 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-01-05 02:17 - 2018-01-01 09:17 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-01-05 02:17 - 2018-01-01 09:17 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-01-05 02:17 - 2018-01-01 09:17 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2018-01-05 02:17 - 2018-01-01 09:17 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-01-05 02:17 - 2018-01-01 09:17 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-01-05 02:17 - 2018-01-01 09:17 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-01-05 02:17 - 2018-01-01 09:17 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-01-05 02:17 - 2018-01-01 09:17 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-01-05 02:17 - 2018-01-01 09:17 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoert2.dll
2018-01-05 02:17 - 2018-01-01 09:16 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-01-05 02:17 - 2018-01-01 09:16 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-01-05 02:17 - 2018-01-01 09:16 - 003676672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-01-05 02:17 - 2018-01-01 09:16 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2018-01-05 02:17 - 2018-01-01 09:16 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-01-05 02:17 - 2018-01-01 09:16 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-01-05 02:17 - 2018-01-01 09:16 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-01-05 02:17 - 2018-01-01 09:16 - 000812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-01-05 02:17 - 2018-01-01 09:16 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-01-05 02:17 - 2018-01-01 09:16 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-01-05 02:17 - 2018-01-01 09:16 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-01-05 02:17 - 2018-01-01 09:16 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2018-01-05 02:17 - 2018-01-01 09:16 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-01-05 02:17 - 2018-01-01 09:16 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-01-05 02:17 - 2018-01-01 09:16 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-01-05 02:17 - 2018-01-01 09:16 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-01-05 02:17 - 2018-01-01 09:16 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-01-05 02:17 - 2018-01-01 09:16 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-01-05 02:17 - 2018-01-01 09:15 - 012687872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-01-05 02:17 - 2018-01-01 09:15 - 006029312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-01-05 02:17 - 2018-01-01 09:15 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-01-05 02:17 - 2018-01-01 09:15 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-01-05 02:17 - 2018-01-01 09:15 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2018-01-05 02:17 - 2018-01-01 09:15 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-01-05 02:17 - 2018-01-01 09:15 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2018-01-05 02:17 - 2018-01-01 09:15 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-01-05 02:17 - 2018-01-01 09:15 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-01-05 02:17 - 2018-01-01 09:15 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2018-01-05 02:17 - 2018-01-01 09:15 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-01-05 02:17 - 2018-01-01 09:15 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-01-05 02:17 - 2018-01-01 09:14 - 023655936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-01-05 02:17 - 2018-01-01 09:14 - 002465280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-01-05 02:17 - 2018-01-01 09:14 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-01-05 02:17 - 2018-01-01 09:14 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-01-05 02:17 - 2018-01-01 09:14 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-01-05 02:17 - 2018-01-01 09:14 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-01-05 02:17 - 2018-01-01 09:14 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-01-05 02:17 - 2018-01-01 09:14 - 000870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-01-05 02:17 - 2018-01-01 09:13 - 013657600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-01-05 02:17 - 2018-01-01 09:13 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-01-05 02:17 - 2018-01-01 09:13 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-01-05 02:17 - 2018-01-01 09:13 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-01-05 02:17 - 2018-01-01 09:13 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-01-05 02:17 - 2018-01-01 09:13 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-01-05 02:17 - 2018-01-01 09:13 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-01-05 02:17 - 2018-01-01 09:13 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-01-05 02:17 - 2018-01-01 09:12 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-01-05 02:17 - 2018-01-01 09:12 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-01-05 02:17 - 2018-01-01 09:12 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2018-01-05 02:17 - 2018-01-01 09:12 - 001547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-01-05 02:17 - 2018-01-01 09:12 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-01-05 02:17 - 2018-01-01 09:12 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-01-05 02:17 - 2018-01-01 09:12 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-01-05 02:17 - 2018-01-01 09:11 - 008108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-01-05 02:17 - 2018-01-01 09:11 - 004748288 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-01-05 02:17 - 2018-01-01 09:11 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-01-05 02:17 - 2018-01-01 09:11 - 003165696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-01-05 02:17 - 2018-01-01 09:11 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-01-05 02:17 - 2018-01-01 09:11 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-01-05 02:17 - 2018-01-01 09:11 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-01-05 02:17 - 2018-01-01 09:11 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-01-05 02:17 - 2018-01-01 09:11 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-01-05 02:17 - 2018-01-01 09:11 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2018-01-05 02:17 - 2018-01-01 09:11 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-01-05 02:17 - 2018-01-01 09:11 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-01-05 02:17 - 2018-01-01 09:11 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-01-05 02:17 - 2018-01-01 09:11 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-01-05 02:17 - 2018-01-01 09:10 - 003126272 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-01-05 02:17 - 2018-01-01 09:10 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-01-05 02:17 - 2018-01-01 09:10 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll
2018-01-05 02:17 - 2018-01-01 09:09 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-01-05 02:17 - 2018-01-01 09:09 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-01-05 02:17 - 2018-01-01 09:09 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-01-05 02:17 - 2018-01-01 09:09 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-01-05 02:17 - 2018-01-01 09:08 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-01-05 02:17 - 2018-01-01 09:08 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-01-05 02:17 - 2018-01-01 09:08 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-01-05 02:17 - 2018-01-01 09:08 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2018-01-05 02:17 - 2018-01-01 09:06 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2018-01-05 02:17 - 2018-01-01 09:05 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-01-05 02:17 - 2018-01-01 09:05 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-01-05 02:17 - 2018-01-01 09:05 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-01-02 00:31 - 2018-01-02 00:31 - 000014602 _____ C:\Users\rapha_000\Downloads\O.Castelo.Animado.2004.1080p.WWW.BLUDV.COM.torrent
2018-01-02 00:30 - 2018-01-05 02:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2018-01-02 00:28 - 2018-01-02 00:28 - 002848936 _____ (BitTorrent Inc.) C:\Users\rapha_000\Downloads\uTorrent.exe
2017-12-30 02:31 - 2017-12-30 02:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine
2017-12-30 00:04 - 2017-12-30 00:04 - 000000914 _____ C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WiiBackupManager_Win64.lnk

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2018-01-23 07:17 - 2017-12-12 05:46 - 000000000 ____D C:\FRST
2018-01-23 07:16 - 2017-12-12 05:45 - 002393088 _____ (Farbar) C:\Users\Rogério\Desktop\FRST64.exe
2018-01-23 07:13 - 2017-10-20 15:22 - 003263532 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-23 07:13 - 2017-09-30 12:34 - 001142224 _____ C:\WINDOWS\system32\prfh0416.dat
2018-01-23 07:13 - 2017-09-30 12:34 - 000491534 _____ C:\WINDOWS\system32\prfc0416.dat
2018-01-23 07:12 - 2017-10-20 15:15 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security
2018-01-23 07:09 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-01-23 07:08 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-23 07:08 - 2017-06-21 04:51 - 000000000 ____D C:\Program Files (x86)\Steam
2018-01-23 07:08 - 2017-05-08 16:26 - 000000000 ____D C:\Users\Todos os Usuários\NVIDIA
2018-01-23 07:08 - 2017-05-08 16:26 - 000000000 ____D C:\ProgramData\NVIDIA
2018-01-23 07:07 - 2017-10-20 15:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-22 22:12 - 2017-09-29 06:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-01-22 22:01 - 2017-09-29 06:45 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2018-01-22 21:59 - 2017-06-17 09:39 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\WhatsApp
2018-01-22 19:38 - 2017-09-29 11:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-22 19:35 - 2017-08-17 09:18 - 000000000 ____D C:\Dungeons & Dragons Online
2018-01-21 21:30 - 2017-10-20 15:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-01-20 00:15 - 2017-06-17 09:39 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2018-01-20 00:15 - 2017-06-17 09:39 - 000000000 ____D C:\Users\Rogério\AppData\Local\WhatsApp
2018-01-20 00:15 - 2017-05-02 15:47 - 000000000 ____D C:\Users\Rogério\AppData\Local\SquirrelTemp
2018-01-19 03:05 - 2017-11-29 17:42 - 000000000 ____D C:\AdwCleaner
2018-01-19 02:02 - 2017-05-22 14:54 - 000000000 ____D C:\Users\Rogério\AppData\LocalLow\Mozilla
2018-01-18 19:10 - 2016-10-14 20:18 - 000000000 ____D C:\Users\Rogério\Desktop\Panda Network
2018-01-18 06:00 - 2017-12-18 00:28 - 000000000 ____D C:\Users\Rogério\AppData\Local\ElevatedDiagnostics
2018-01-16 21:18 - 2017-03-07 04:08 - 000000000 ____D C:\Users\Rogério\AppData\Local\Spotify
2018-01-16 20:34 - 2017-03-07 04:08 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Spotify
2018-01-16 19:51 - 2017-03-10 07:47 - 000000000 ____D C:\Users\Rogério\AppData\Local\Adobe
2018-01-16 14:51 - 2017-10-20 15:15 - 000004672 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-01-16 14:50 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-01-16 14:50 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-01-15 15:04 - 2017-02-10 19:17 - 000000000 ____D C:\Users\Rogério\Desktop\LOL
2018-01-15 15:00 - 2017-02-19 03:35 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\uTorrent
2018-01-14 13:55 - 2017-02-10 07:51 - 000000000 ____D C:\Users\Rogério\AppData\Local\CrashDumps
2018-01-14 09:35 - 2017-05-02 15:47 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\discord
2018-01-14 09:35 - 2017-05-02 15:47 - 000000000 ____D C:\Users\Rogério\AppData\Local\Discord
2018-01-11 01:11 - 2017-12-18 12:27 - 000000000 ____D C:\Users\rapha_000\AppData\LocalLow\Mozilla
2018-01-11 00:53 - 2017-02-10 13:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-11 00:51 - 2017-10-10 22:50 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-11 00:51 - 2017-09-29 11:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-11 00:51 - 2017-02-10 13:35 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-11 00:46 - 2017-10-23 00:09 - 000000000 ___RD C:\Users\rapha_000\3D Objects
2018-01-11 00:46 - 2017-02-10 07:40 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-01-09 23:33 - 2017-05-22 14:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-07 15:58 - 2017-05-22 14:54 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2018-01-07 15:58 - 2017-05-22 14:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-01-07 05:12 - 2017-10-20 15:12 - 000000000 ____D C:\Users\Rogério
2018-01-07 04:59 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\rescache
2018-01-05 17:53 - 2017-09-29 11:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-05 17:47 - 2017-10-20 15:48 - 000000000 ___RD C:\Users\Rogério\3D Objects
2018-01-05 17:47 - 2017-10-20 15:11 - 000230616 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-01-05 02:57 - 2017-09-29 11:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-01-05 02:57 - 2017-09-29 11:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-01-05 02:57 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-01-05 02:57 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-01-05 02:57 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-01-05 02:57 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-01-05 02:57 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-01-05 02:57 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\Provisioning
2018-01-05 02:57 - 2017-09-29 06:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-01-05 02:18 - 2017-09-29 11:41 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-01-05 02:18 - 2017-09-29 11:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-01-05 02:18 - 2017-09-29 11:41 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-01-04 18:03 - 2017-11-24 08:58 - 000002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-04 06:45 - 2015-05-21 19:37 - 000000000 ____D C:\Users\Rogério\dwhelper
2018-01-02 08:13 - 2017-02-15 04:51 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Origin
2018-01-01 23:35 - 2017-02-15 08:04 - 000000000 ____D C:\Program Files (x86)\Origin
2018-01-01 23:19 - 2017-02-15 04:47 - 000000000 ____D C:\Users\Todos os Usuários\Origin
2018-01-01 23:19 - 2017-02-15 04:47 - 000000000 ____D C:\ProgramData\Origin

==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

LastRegBack: 2018-01-13 08:52

==================== Fim de FRST.txt ============================

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Errepege

 

Siga os procedimentos do link abaixo para mostrar as pastas ocultas.
Windows xp/7/vista: http://windows.microsoft.com/pt-br/windows/show-hidden-files#show-hidden-files=windows-7
Windows 8/8.1/10: http://www.tecmundo.com.br/como-fazer/26558-windows-8-como-exibir-arquivos-e-extensoes-ocultos.htm

Agora faça o download do SystemLook.exe de acordo com sua arquitetura e salve no seu desktop.
>>>>>>>>>>>> X64
>>>>>>>>>>>> X86

*** Usuários do Windows Vista, Windows 7 ou Windows 8 Clique com o direito sobre o arquivo SystemLook.exe, depois clique em VRIfczU.png.

Clique duas vezes no SystemLook.exe. Selecione, copie e cole o que está dentro do CODE na caixa de texto da ferramenta.

:filefind
WCAssistantService
:folderfind
WCAssistantService
:regfind
WCAssistantService

Clique no botão Look e ao fim do exame um log se abrirá. Ele é salvo como SystemLook.txt no desktop.

Selecione, copie e cole o conteúdo deste log na sua próxima resposta.

Editado por Elias Pereira

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ok

Segue log:

 

SystemLook 30.07.11 by jpshortstuff
Log created at 03:48 on 28/01/2018 by Rogério
Administrator - Elevation successful

========== filefind ==========

Searching for "WCAssistantService"
No files found.

========== folderfind ==========

Searching for "WCAssistantService"
No folders found.

========== regfind ==========

Searching for "WCAssistantService"
No data found.

-= EOF =-

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Errepege

 

Baixe o programa Process Monitor do link abaixo e salve no seu desktop.
https://download.sysinternals.com/files/ProcessMonitor.zip

  1. Descompacte o ProcessMonitor.zip para uma pasta própria.
  2. Execute o arquivo Procmon.exe

  3. Clique no menu Filter > Filter... Uma tela como a imagem abaixo irá aparecer;

    m2u9HH4.png

  4. Deixe as opções como na imagem. No campo de numero 3 você vai adicionar as entradas do CODE abaixo, uma a uma.

    HKLM\SOFTWARE\Lavasoft\Web Companion
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Lavasoft\Web Companion
    HKCU\Software\Lavasoft\Web Companion
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
    HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
    HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store
    C:\Program Files (x86)\Lavasoft
    C:\ProgramData\Application Data\lavasoft\web companion
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft

    OBS: Após inserir cada linha no campo 3, clique em "Add", Apply e Ok.

  5. Clique na aba Options e marque a opção Enable Boot Logging, caso não esteja marcada;

Execute o Adwcleaner e após o scan, clique em remover. Caso seja solicitado a reinicialização do computador, aceite. Caso não, reinicie manualmente.

Quando seu computador reiniciar por completo, execute novamente o Procmon.exe. Uma mensagem irá aparecer como mostra a imagem abaixo:
vicl7t.png
Clique em Sim e uma tela de salvamento irá surgir. Salve o arquivo de nome Bootlog.pml na pasta ProcessMonitor.

Abra esse arquivo, copie e cole o conteúdo na sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Completo fracasso. 
Tentei fazer os procedimentos do Process Monitor, mas deu erro e fechou várias vezes. Quando conseguir fazer todo o procedimento, me deparei com meu ssd com 2 MB de espaço! O process Monitor criou um arquivo em ...\Windows com mais de 27GB! Ainda assim, gerei o arquivo, mas ele tem mais de 300 MB e cheio de caracteres ilegíveis. Anexo aqui? (se é que é possível anexar algo desse tamanho)

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Elias Pereira , cara. na moral,  na certeza que esse arquivo não seria útil, deletei ele, meu problema foi resolvido lá atrás, esse último log me custou um grande tempo removendo os arquivos imensos que ele criou, causou lentidão no meu pc.
Pode encerrar o tópico, por gentileza? 

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×