Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Errepege

Suspeita de Malware: Chrome e Edge extremamente lentos

Recommended Posts

Há uns dias os meus navegadores começaram a ter uma lentidão estranha. Uso o Google Chrome e Edge e ambos estão com o mesmo problema. Assim que inicio a navegação, ele abre normalmente, mas demora pra começar a carregar as páginas e demora muito. No Chrome parece no canto inferior esquerdo a seguinte mensagem: "fazendo o download do script de proxy" e às vezes passa um bom tempo e nada de carregar a página. Mas, de repente, em ambos os navegadores, tudo volta ao normal.

No Firefox está tudo bem, assim como no outro pc da casa, descartando-se assim um problema com minha internet. Esse PC problema está conectado pelo cabo de rede.

 

Sistema Windows 10 64 bits

 

Nota: Durante o scan do Za-Scan, ele 'parou de funcionar' e quando cliquei em 'fechar programa' ele abriu novamente, ficou uns segundos escaneando e gerou o 'ZA-Scan.txt'.

Segue print do erro, também.

ZA-Scan.txt

ZASCAN BUG.png

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Errepege

 

Por favor, atente para o seguinte:

  • Sobre o Fórum: Este é um espaço privado, não público. Seu uso é um privilégio, não um direito;
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • IMPORTANTE: Caso tenha programas de ativação do windows ou de compartilhamento de torrent, sugiro desinstalar. Só irei dar procedimento na analise após a remoção. Regras do forum;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Respeite a ordem das instruções passadas;
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Siga os passos abaixo:

ETAPA 1

Baixe o Malwarebytes Anti-Malware (MBAM) do link abaixo e salve no seu desktop.
https://downloads.malwarebytes.org/file/mbam_current/
 
Clique duas vezes no mbam-setup.exe e siga o solicitado para instalar o programa.

  • Na aba Análise > Analise Personalizada marque a opção Procurar rootkits e as entradas referente a instalação do sistema operacional. Normalmente é o drive C:;
  • Clique em Analisar Agora. Aguarde, pois o scan pode demorar;
  • Ao acabar o scan, se houver itens encontrados, certifique-se que estejam todas marcados e clique no botão Remover Selecionadas ou Colocar em Quarentena;
  • Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo);
  • Caso o mbam não seja executado automaticamente após a reinicialização, execute manualmente;
  • O log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Relatórios na janela principal do programa;
  • Clique duas vezes no log (Registro de verificação). Clique no botão Exportar e utilize o formato .txt para exportar o log. Salve na Área de Trabalho;
  • Abra o arquivo, selecione tudo, copie e cole o conteúdo deste log em sua próxima resposta.



NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

ETAPA 2

Faça o download do AdwCleaner de um dos links abaixo e salve no desktop.
https://toolslib.net/downloads/viewdownload/1-adwcleaner/
http://www.bleepingcomputer.com/download/adwcleaner/

Clique em DOWNLOAD NOW para baixar o arquivo.

Execute o adwcleaner.exe

OBS: Usuários do Windows Vista, 7, 8/8.1 e windows 10 clique com o direito sobre o arquivo AdwCleaner.exe, depois clique em VRIfczU.png

Clique em VERIFICAR. Após o termino clique em LIMPAR e aguarde.

Será aberto o bloco de notas com o resultado.

Selecione, copie e cole o seu conteúdo na próxima resposta.

ETAPA 3

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe jrt.exe do link abaixo e salve no desktop.
http://www.bleepingcomputer.com/download/junkware-removal-tool/

Dê um duplo-clique para executar o Junkware Removal Tool (JRT).

OBS: Usuários do Windows Vista, 7, 8/8.1 e windows 10 clique com o direito sobre o arquivo jrt.exe, depois clique em VRIfczU.png

A ferramenta comecará o exame do seu sistema. Tenha paciência pois pode demorar um pouco dependendo da quantidades de ítens a examinar.

Ao final, um log se abrirá. É salvo no desktop com o nome de JRT.txt.

Selecione, copie e cole o conteúdo deste log na sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites
  • Autor do tópico
  • Segue logs solicitados:

     

    Malwarebytes
    www.malwarebytes.com

    -Detalhes de registro-
    Data da análise: 01/12/17
    Hora da análise: 04:24
    Arquivo de registro: 439693e0-d660-11e7-979c-902b34ff64cf.json
    Administrador: Sim

    -Informação do software-
    Versão: 3.3.1.2183
    Versão de componentes: 1.0.236
    Versão do pacote de definições: 1.0.3387
    Licença: Versão de Avaliação

    -Informação do sistema-
    Sistema operacional: Windows 10 (Build 16299.64)
    CPU: x64
    Sistema de arquivos: NTFS
    Usuário: ROG\u00c3\u0089RIO\Rog\u00c3\u00a9rio

    -Resumo da análise-
    Tipo de análise: Análise Customizada
    Resultado: Concluído
    Objetos verificados: 428051
    Ameaças detectadas: 0
    (Nenhum item malicioso detectado)
    Ameaças em quarentena: 0
    (Nenhum item malicioso detectado)
    Tempo decorrido: 1 hr, 16 min, 38 seg

    -Opções da análise-
    Memória: Habilitado
    Inicialização: Habilitado
    Sistema de arquivos: Habilitado
    Arquivos compactados: Habilitado
    Rootkits: Habilitado
    Heurística: Habilitado
    PUP: Detectar
    PUM: Detectar

    -Detalhes da análise-
    Processo: 0
    (Nenhum item malicioso detectado)

    Módulo: 0
    (Nenhum item malicioso detectado)

    Chave de registro: 0
    (Nenhum item malicioso detectado)

    Valor de registro: 0
    (Nenhum item malicioso detectado)

    Dados de registro: 0
    (Nenhum item malicioso detectado)

    Fluxo de dados: 0
    (Nenhum item malicioso detectado)

    Pasta: 0
    (Nenhum item malicioso detectado)

    Arquivo: 0
    (Nenhum item malicioso detectado)

    Setor físico: 0
    (Nenhum item malicioso detectado)


    (end)

    -------------------------------------------------------------------------------------

     

    # AdwCleaner 7.0.5.0 - Logfile created on Sat Dec 02 09:00:42 2017
    # Updated on 2017/29/11 by Malwarebytes 
    # Database: 11-29-2017.1
    # Running on Windows 10 Home (X64)
    # Mode: scan
    # Support: https://www.malwarebytes.com/support

    ***** [ Services ] *****

    No malicious services found.

    ***** [ Folders ] *****

    No malicious folders found.

    ***** [ Files ] *****

    No malicious files found.

    ***** [ DLL ] *****

    No malicious DLLs found.

    ***** [ WMI ] *****

    No malicious WMI found.

    ***** [ Shortcuts ] *****

    No malicious shortcuts found.

    ***** [ Tasks ] *****

    No malicious tasks found.

    ***** [ Registry ] *****

    No malicious registry entries found.

    ***** [ Firefox (and derivatives) ] *****

    No malicious Firefox entries.

    ***** [ Chromium (and derivatives) ] *****

    No malicious Chromium entries.

    *************************

    C:/AdwCleaner/AdwCleaner[C0].txt - [1132 B] - [2017/11/29 19:44:24]
    C:/AdwCleaner/AdwCleaner[S0].txt - [945 B] - [2017/11/29 19:44:12]


    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt ##########

    --------------------------------------------------------

     

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.1.4 (07.09.2017)
    Operating System: Windows 10 Home x64 
    Ran by Rog‚rio (Administrator) on 02/12/2017 at  7:05:47,00
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


    File System: 0 


    Registry: 0 

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 02/12/2017 at  7:07:48,02
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     

    Nada encontrado, porém

    :/

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    @Errepege

     

    Faça o download do RogueKiller by Tigzy, e salve na sua área de trabalho (Desktop).
    roguekiller.exe (x64) << link

    • Feche todos os programas
    • Execute o RogueKiller.exe.
      ** Usuários do Windows Vista, Windows 7, 8, 8.1 e Windows 10:
      Clique com o direito sobre o arquivo rogueKiller.exe, depois clique em VRIfczU.png.
    • Quando a janela da Eula aparecer, clique em Accept.
    • Selecione a aba SCAN
    • Clique em START SCAN
    • Aguarde ate que o scan termine...
    • Clique no botão OPEN REPORT
    • Clique na opção EXPORT TXT e salve na Área de Trabalho com o nome de roguekiller.txt
    • Clique em OK e feche o RogueKiller.


    Atente para abrir o arquivo, copiar e colar todo o conteúdo na sua próxima resposta

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Segue log do RogueKiller:

    RogueKiller V12.11.27.0 (x64) [Dec  4 2017] (Free) por Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : https://forum.adlice.com
    Site : http://www.adlice.com/download/roguekiller/
    Blog : http://www.adlice.com

    Sistema Operacional : Windows 10 (10.0.16299) 64 bits version
    Iniciou : Modo normal
    Usuário : Rogério [Administrador]
    Started from : C:\Users\Rogério\Desktop\RogueKiller_portable64.exe
    Modo : Escanear -- Data : 12/05/2017 18:21:06 (Duration : 00:18:56)

    ¤¤¤ Processos : 0 ¤¤¤

    ¤¤¤ Registro : 4 ¤¤¤
    [PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve  -> Encontrado
    [PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve  -> Encontrado
    [PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> Encontrado
    [PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> Encontrado

    ¤¤¤ Tarefas : 0 ¤¤¤

    ¤¤¤ Arquivos : 5 ¤¤¤
    [PUP.uTorrentAds][Arquivo] C:\Users\Rogério\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe -> Encontrado
    [PUP.uTorrentAds][Arquivo] C:\Users\Rogério\AppData\Roaming\uTorrent\updates\3.5.0_43580\utorrentie.exe -> Encontrado
    [PUP.uTorrentAds][Arquivo] C:\Users\Rogério\AppData\Roaming\uTorrent\updates\3.5.0_43804\utorrentie.exe -> Encontrado
    [PUP.uTorrentAds][Arquivo] C:\Users\Rogério\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe -> Encontrado
    [PUP.uTorrentAds][Arquivo] C:\Users\Rogério\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe -> Encontrado

    ¤¤¤ WMI : 0 ¤¤¤

    ¤¤¤ Arquivos de hosts : 0 ¤¤¤

    ¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤

    ¤¤¤ Navegadores : 3 ¤¤¤
    [PUP.Gen0][Chrome:Addon] Profile 1 : Video Downloader professional [elicpjhcidhpjomhibiffojpinpmmpil] -> Encontrado
    [PUM.HomePage][Chrome:Config] Profile 1 [SecurePrefs] : homepage [http://192.168.2.1/] -> Encontrado
    [PUM.HomePage][Chrome:Config] Profile 1 [SecurePrefs] : session.startup_urls [https://www.oculus.com/en-us/rift/|http://www.shoptime.com.br/produto/124255321/geladeira-refrigerador-frost-free-brastemp-ative-brm50-429-litros-platinum?epar=9381&opn=COMPARADORES|http://www.shoptime.com.br/produto/124255291/geladeira-refrigerador-frost-free-brastemp-ative-brm48-403-litros-platinum?opn=GOOGLEXML&loja=01&WT.srch=1&epar=bp_pl_00_go_pla-ed-refrigerador-todas-geral|https://www.balaodainformatica.com.br/Cliente/MinhaConta|http://carinhas.com.br/produto/caneca-personalizada-3/|http://www.bastter.com/Mercado/BastterBlue/como-obter-acesso.aspx|http://www.bastter.com/Mercado/Loja/Categoria/5/Revista-Bastter-Com.aspx|http://guides.gamepressure.com/batmanarkhamasylum/guide.asp?ID=8059|http://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns&p=4038291&viewfull=1#post4038291|http://www.giantitp.com/forums/showsinglepost.php?p=4038291&postcount=19|http://www.giantitp.com/forums/showsinglepost.php?p=4063665&postcount=24|http://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns|http://www.giantitp.com/forums/showsinglepost.php?p=4038363&postcount=20|http://www.giantitp.com/forums/showsinglepost.php?p=4063639&postcount=22|http://www.giantitp.com/forums/showsinglepost.php?p=4063650&postcount=23|http://www.giantitp.com/forums/showsinglepost.php?p=4077985&postcount=60|https://pitzi.com.br/|http://produto.mercadolivre.com.br/MLB-729972915-mata-insetos-pernilongos-moscas-e-mosquitos-zika-dengue-_JM|http://www.probuilds.net/guide/show/KR/2214984472/1561528|http://www.probuilds.net/guide/show/KR/2217666300/1268315|http://www.procon.sp.gov.br/|http://www.leagueoflegendsmath.com/Articles/Common_Build_Mistakes.html|http://www.probuilds.net/guide/show/EUW/2453503356/19806326|http://ddowiki.com/page/Adventure_Packs|http://ddowiki.com/page/Vault_of_Night_(story_arc)|http://ddowiki.com/page/Litany_of_the_Dead_Part_3|http://ddowiki.com/page/The_Shadow_Crypt|https://www.ddo.com/forums/archive/index.php/t-442813.html?s=349b7415d277efc7c0b7e3469ac30f9d|http://ddowiki.com/page/Talk:Augment_Slot|http://ddowiki.com/page/Augment_Slot|http://ddowiki.com/page/Augment_Slot/Purchasable_Augments|http://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Level_12|http://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Ruskin_Blackboot_.28Level_12.29|http://ddowiki.com/page/Devil_Assault_(quest)|http://ddowiki.com/page/Astral_Diamond|http://ddowiki.com/page/Item:Shard_of_Great_Power|http://ddowiki.com/page/Pure_Shavarath_Iron|http://crafting.cubicleninja.com/|https://www.ddo.com/en/U29|http://speedtest.copel.net/] -> Encontrado

    ¤¤¤ Verificação da MBR : ¤¤¤
    +++++ PhysicalDrive0: Corsair Force GS ATA Device +++++
    --- User ---
    [MBR] ece1d71cf0e7032862379e5b8a72f916
    [BSP] 5e1e0b148adde99563fda14f6e5841e3 : Windows Vista/7/8|VT.Unknown MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 121302 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 249145344 | Size: 450 MB
    User = LL1 ... OK
    User = LL2 ... OK

    +++++ PhysicalDrive1: ST33000651NS ATA Device +++++
    --- User ---
    [MBR] c04a40d3a6a527a8f4dbc5de124b09e2
    [BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
    Partition table:
    0 - Microsoft reserved partition | Offset (sectors): 34 | Size: 128 MB
    1 - Basic data partition | Offset (sectors): 264192 | Size: 2861459 MB
    User = LL1 ... OK
    User = LL2 ... OK

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    @Errepege

     

    Feche todos os programas

    • Execute RogueKiller.exe.
      ** Usuários do Windows Vista, 7, 8/8.1 e windows 10:
      Clique com o direito sobre o arquivo rogueKiller.exe, depois clique em VRIfczU.png
    • Quando a Eula aparecer, clique em Accept.
    • Selecione a aba SCAN e clique em START SCAN
    • Aguarde ate que o scan termine.
    • >>>>>>> Navegue entre as abas e marque todas as entradas encontradas <<<<<<<
    • Clique em REMOVE SELECTED
    • Aguarde ate que o programa termine de deletar as infecções.
    • Clique no botão OPEN REPORT e depois em EXPORT TXT
    • Salve como report.txt na sua Área de Trabalho

    Abra o arquivo report.txt salvo no sua Área de Trabalho, copie e cole todo o conteudo na sua próxima resposta.

     

    PRÓXIMA ETAPA

     

    Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

    Baixe o Stinger e salve em sua Área de trabalho (Desktop).
    32 bit (x86) ou 64 bit (x64)

    • Execute o arquivo Stinger.exe como Administrador.
    • Clique no botão “I Accept”


    Stinger%20a.png

    Na nova janela clique em “Advanced” e depois “Settings”

    Stinger%20b.png

    Na janela configurações deixe conforme imagem abaixo e clique no botão “Save”

    9hnsyu.png

    Clique em “Customize my Scan”

    Stinger%20f.png

    Selecione as unidades do sistema e em seguida clique no botão “Scan”

    Stinger%20g.png

    Ao final clique em “View log”, será aberto uma janela com o log em seu navegador.

    Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Segue logs do RogueKiller e do Stinger:

     

    RogueKiller V12.11.27.0 (x64) [Dec  4 2017] (Free) por Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : https://forum.adlice.com
    Site : http://www.adlice.com/download/roguekiller/
    Blog : http://www.adlice.com

    Sistema Operacional : Windows 10 (10.0.16299) 64 bits version
    Iniciou : Modo normal
    Usuário : Rogério [Administrador]
    Started from : C:\Users\Rogério\Desktop\RogueKiller_portable64.exe
    Modo : Deletar -- Data : 12/06/2017 07:22:44 (Duration : 00:17:56)

    ¤¤¤ Processos : 0 ¤¤¤

    ¤¤¤ Registro : 0 ¤¤¤

    ¤¤¤ Tarefas : 0 ¤¤¤

    ¤¤¤ Arquivos : 0 ¤¤¤

    ¤¤¤ WMI : 0 ¤¤¤

    ¤¤¤ Arquivos de hosts : 0 ¤¤¤

    ¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤

    ¤¤¤ Navegadores : 2 ¤¤¤
    [PUM.HomePage][Chrome:Config] Profile 1 [SecurePrefs] : homepage [http://192.168.2.1/] -> Deletado
    [PUM.HomePage][Chrome:Config] Profile 1 [SecurePrefs] : session.startup_urls [https://www.oculus.com/en-us/rift/|http://www.shoptime.com.br/produto/124255321/geladeira-refrigerador-frost-free-brastemp-ative-brm50-429-litros-platinum?epar=9381&opn=COMPARADORES|http://www.shoptime.com.br/produto/124255291/geladeira-refrigerador-frost-free-brastemp-ative-brm48-403-litros-platinum?opn=GOOGLEXML&loja=01&WT.srch=1&epar=bp_pl_00_go_pla-ed-refrigerador-todas-geral|https://www.balaodainformatica.com.br/Cliente/MinhaConta|http://carinhas.com.br/produto/caneca-personalizada-3/|http://www.bastter.com/Mercado/BastterBlue/como-obter-acesso.aspx|http://www.bastter.com/Mercado/Loja/Categoria/5/Revista-Bastter-Com.aspx|http://guides.gamepressure.com/batmanarkhamasylum/guide.asp?ID=8059|http://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns&p=4038291&viewfull=1#post4038291|http://www.giantitp.com/forums/showsinglepost.php?p=4038291&postcount=19|http://www.giantitp.com/forums/showsinglepost.php?p=4063665&postcount=24|http://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns|http://www.giantitp.com/forums/showsinglepost.php?p=4038363&postcount=20|http://www.giantitp.com/forums/showsinglepost.php?p=4063639&postcount=22|http://www.giantitp.com/forums/showsinglepost.php?p=4063650&postcount=23|http://www.giantitp.com/forums/showsinglepost.php?p=4077985&postcount=60|https://pitzi.com.br/|http://produto.mercadolivre.com.br/MLB-729972915-mata-insetos-pernilongos-moscas-e-mosquitos-zika-dengue-_JM|http://www.probuilds.net/guide/show/KR/2214984472/1561528|http://www.probuilds.net/guide/show/KR/2217666300/1268315|http://www.procon.sp.gov.br/|http://www.leagueoflegendsmath.com/Articles/Common_Build_Mistakes.html|http://www.probuilds.net/guide/show/EUW/2453503356/19806326|http://ddowiki.com/page/Adventure_Packs|http://ddowiki.com/page/Vault_of_Night_(story_arc)|http://ddowiki.com/page/Litany_of_the_Dead_Part_3|http://ddowiki.com/page/The_Shadow_Crypt|https://www.ddo.com/forums/archive/index.php/t-442813.html?s=349b7415d277efc7c0b7e3469ac30f9d|http://ddowiki.com/page/Talk:Augment_Slot|http://ddowiki.com/page/Augment_Slot|http://ddowiki.com/page/Augment_Slot/Purchasable_Augments|http://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Level_12|http://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Ruskin_Blackboot_.28Level_12.29|http://ddowiki.com/page/Devil_Assault_(quest)|http://ddowiki.com/page/Astral_Diamond|http://ddowiki.com/page/Item:Shard_of_Great_Power|http://ddowiki.com/page/Pure_Shavarath_Iron|http://crafting.cubicleninja.com/|https://www.ddo.com/en/U29|http://speedtest.copel.net/] -> Deletado

    ¤¤¤ Verificação da MBR : ¤¤¤
    +++++ PhysicalDrive0: ST33000651NS ATA Device +++++
    --- User ---
    [MBR] c04a40d3a6a527a8f4dbc5de124b09e2
    [BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
    Partition table:
    0 - Microsoft reserved partition | Offset (sectors): 34 | Size: 128 MB
    1 - Basic data partition | Offset (sectors): 264192 | Size: 2861459 MB
    User = LL1 ... OK
    User = LL2 ... OK

    +++++ PhysicalDrive1: Corsair Force GS ATA Device +++++
    --- User ---
    [MBR] ece1d71cf0e7032862379e5b8a72f916
    [BSP] 5e1e0b148adde99563fda14f6e5841e3 : Windows Vista/7/8 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 121302 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 249145344 | Size: 450 MB
    User = LL1 ... OK
    User = LL2 ... OK

     

    -----------------------------------------------------------------------------------------

     

    McAfee Stinger Scan Results


    McAfee® Labs Stinger™ Version 12.1.0.2599 built on Dec  5 2017 at 23:30:41
    Copyright© 2015, McAfee, Inc. All Rights Reserved.

    AV Engine version v5900.7806 for Windows.
    Virus data file v1000.0 created on Dec 6, 2017
    Ready to scan for 10272 viruses, trojans and variants.

    Custom scan initiated on quarta-feira, dezembro 06, 2017 19:20:23


    Rootkit scan result : Clean.

    Summary Report on C:
    D:
    H:
    File(s)
        TotalFiles:............    862475
        Clean:.................    346188
        Not Scanned:........... 516287
        Possibly Infected:.....    0

    Time: 01:10:59

    Scan completed on quarta-feira, dezembro 06, 2017 20:31:22
     

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    @Errepege

     

    Pressione as teclas Windows tecla-windows.gif + R e digite: msconfig
     
    - Clique na guia Serviços, marque a opção Ocultar todos os serviços Microsoft e depois clique em Desativar tudo
    - Clique na guia Inicialização de Programas e clique em Abrir Gerenciador de Tarefas
    - Clique com o botão direito em cada entrada da inicialização e clique em Desabilitar/Desativar.

    Volte para a tela de Configurações do Sistema e clique em Aplicar e depois em OK.
     
    Siga as mensagens ate que seja solicitado a reiniciar.

    Após isso me informe se os problemas em relação a malwares ainda persistem.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Olá. Desativei tudo como solicitado. Sem melhora, porém.

     

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    @Errepege

     

    Baixe o Farbar Recovery Scan do link abaixo e salve na sua área de trabalho.
    https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

    ** Usuários do Windows Vista, Windows 7, 8/8.1 e windows 10:
    Clique com o direito sobre o arquivo FRST64.EXE, depois clique em VRIfczU.png .
    Aceite o contrato e depois clique no botão Scan/Examinar.

    Aguarde e ao final, os logs FRST.txt e Addition.txt serão salvos no seu desktop.

    Selecione, copie e cole o conteúdo do FRST.txt em sua próxima resposta e anexe o Addition.txt

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Olá, segue logs do Farbar Recovery Scan:

     

     

    Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 11-12-2017
    Executado por Rogério (administrador) em ROGÉRIO (12-12-2017 05:48:19)
    Executando a partir de C:\Users\Rogério\Desktop
    Perfis Carregados: Rogério (Perfis Disponíveis: Rogério & rapha_000)
    Platform: Windows 10 Home Versão 1709 16299.64 (X64) Idioma: Português (Brasil)
    Internet Explorer Versão 11 (Navegador padrão: Chrome)
    Modo da Inicialização: Normal
    Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processos (Whitelisted) =================

    (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

    (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\ns.exe
    (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\ns.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
    (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
    () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1710.2791.0_x64__8wekyb3d8bbwe\Calculator.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
    (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe
    (Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_151\bin\javaw.exe

    ==================== Registro (Whitelisted) ===========================

    (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

    HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
    HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech, Inc.)
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-07-11] (Intel Corporation)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
    HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe [20763320 2017-11-03] (Corsair Components, Inc.)
    HKLM\...\RunOnce: [RealProtect] => C:\Program Files\McAfee\Real Protect\RealProtect.exe [7214800 2017-12-06] (McAfee, Inc.)
    Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545048 2017-03-14] (Skype Technologies S.A.)
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Rogério\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Spotify Web Helper] => C:\Users\Rogério\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-11-27] (Spotify Ltd)
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\MountPoints2: {79afff2b-bb4e-11e7-ad9a-902b34ff64cf} - "F:\iStudio.exe" 

    ==================== Internet (Whitelisted) ====================

    (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

    Tcpip\Parameters: [DhcpNameServer] 189.38.95.95 189.38.95.96
    Tcpip\..\Interfaces\{1cccdaf1-4209-4f93-9225-dd69cf1164d9}: [NameServer] 8.8.8.8,8.8.4.4
    Tcpip\..\Interfaces\{1cccdaf1-4209-4f93-9225-dd69cf1164d9}: [DhcpNameServer] 189.38.95.95 189.38.95.96
    Tcpip\..\Interfaces\{2748ca79-bce9-4d38-959b-7b3cd42ef846}: [DhcpNameServer] 8.8.8.8 8.8.4.4

    Internet Explorer:
    ==================
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
    SearchScopes: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
    SearchScopes: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
    BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
    BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
    BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-28] (Oracle Corporation)
    BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-28] (Oracle Corporation)
    Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
    Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)

    Edge: 
    ======
    Edge Session Restore: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> está habilitado.

    FireFox:
    ========
    FF DefaultProfile: ycdepkaz.default
    FF ProfilePath: C:\Users\Rogério\AppData\Roaming\Mozilla\Firefox\Profiles\ycdepkaz.default [2017-12-07]
    FF Homepage: Mozilla\Firefox\Profiles\ycdepkaz.default -> about:home
    FF Session Restore: Mozilla\Firefox\Profiles\ycdepkaz.default -> está habilitado.
    FF Extension: (Video DownloadHelper) - C:\Users\Rogério\AppData\Roaming\Mozilla\Firefox\Profiles\ycdepkaz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-11-24]
    FF Extension: (Flash and Video Download) - C:\Users\Rogério\AppData\Roaming\Mozilla\Firefox\Profiles\ycdepkaz.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}.xpi [2017-12-01]
    FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
    FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2017-04-01] [Legacy] [não assinado]
    FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> D:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google, Inc.)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-28] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-28] (Oracle Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-11-27] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-11-27] (NVIDIA Corporation)
    FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-24] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-24] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

    Chrome: 
    =======
    CHR DefaultProfile: Profile 1
    CHR HomePage: Profile 1 -> hxxp://192.168.2.1/
    CHR StartupUrls: Profile 1 -> "hxxps://www.oculus.com/en-us/rift/","hxxp://www.shoptime.com.br/produto/124255321/geladeira-refrigerador-frost-free-brastemp-ative-brm50-429-litros-platinum?epar=9381&opn=COMPARADORES","hxxp://www.shoptime.com.br/produto/124255291/geladeira-refrigerador-frost-free-brastemp-ative-brm48-403-litros-platinum?opn=GOOGLEXML&loja=01&WT.srch=1&epar=bp_pl_00_go_pla-ed-refrigerador-todas-geral","hxxps://www.balaodainformatica.com.br/Cliente/MinhaConta","hxxp://carinhas.com.br/produto/caneca-personalizada-3/","hxxp://www.bastter.com/Mercado/BastterBlue/como-obter-acesso.aspx","hxxp://www.bastter.com/Mercado/Loja/Categoria/5/Revista-Bastter-Com.aspx","hxxp://guides.gamepressure.com/batmanarkhamasylum/guide.asp?ID=8059","hxxp://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns&p=4038291&viewfull=1#post4038291","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4038291&postcount=19","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063665&postcount=24","hxxp://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4038363&postcount=20","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063639&postcount=22","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063650&postcount=23","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4077985&postcount=60","hxxps://pitzi.com.br/","hxxp://produto.mercadolivre.com.br/MLB-729972915-mata-insetos-pernilongos-moscas-e-mosquitos-zika-dengue-_JM","hxxp://www.probuilds.net/guide/show/KR/2214984472/1561528","hxxp://www.probuilds.net/guide/show/KR/2217666300/1268315","hxxp://www.procon.sp.gov.br/","hxxp://www.leagueoflegendsmath.com/Articles/Common_Build_Mistakes.html","hxxp://www.probuilds.net/guide/show/EUW/2453503356/19806326","hxxp://ddowiki.com/page/Adventure_Packs","hxxp://ddowiki.com/page/Vault_of_Night_(story_arc)","hxxp://ddowiki.com/page/Litany_of_the_Dead_Part_3","hxxp://ddowiki.com/page/The_Shadow_Crypt","hxxps://www.ddo.com/forums/archive/index.php/t-442813.html?s=349b7415d277efc7c0b7e3469ac30f9d","hxxp://ddowiki.com/page/Talk:Augment_Slot","hxxp://ddowiki.com/page/Augment_Slot","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Level_12","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Ruskin_Blackboot_.28Level_12.29","hxxp://ddowiki.com/page/Devil_Assault_(quest)","hxxp://ddowiki.com/page/Astral_Diamond","hxxp://ddowiki.com/page/Item:Shard_of_Great_Power","hxxp://ddowiki.com/page/Pure_Shavarath_Iron","hxxp://crafting.cubicleninja.com/","hxxps://www.ddo.com/en/U29","hxxp://speedtest.copel.net/"
    CHR Session Restore: Profile 1 -> está habilitado.
    CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default [2017-11-25]
    CHR Extension: (Apresentações) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-25]
    CHR Extension: (Documentos) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-25]
    CHR Extension: (Google Drive) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-25]
    CHR Extension: (YouTube) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-25]
    CHR Extension: (Norton Security Toolbar) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-11-25]
    CHR Extension: (Adobe Acrobat) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-11-25]
    CHR Extension: (Planilhas) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-25]
    CHR Extension: (SearchVZ) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhmeggicckjohfhgocjieomdmmanmocd [2017-11-25]
    CHR Extension: (Documentos Google off-line) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-25]
    CHR Extension: (Norton Identity Safe) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2017-11-25]
    CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-25]
    CHR Extension: (Gmail) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-25]
    CHR Extension: (Chrome Media Router) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-25]
    CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-11-24]
    CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-12-12]
    CHR Extension: (Apresentações) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-24]
    CHR Extension: (Duolingo na Web) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2017-11-24]
    CHR Extension: (Documentos) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-24]
    CHR Extension: (Google Drive) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-24]
    CHR Extension: (YouTube) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-24]
    CHR Extension: (Facebook) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2017-11-24]
    CHR Extension: (Adblock Plus) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-11-24]
    CHR Extension: (Norton Security Toolbar) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-11-24]
    CHR Extension: (Adobe Acrobat) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-11-24]
    CHR Extension: (Google Agenda) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-11-24]
    CHR Extension: (Video Downloader professional) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2017-12-05]
    CHR Extension: (Planilhas) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-24]
    CHR Extension: (Documentos Google off-line) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-24]
    CHR Extension: (hxxp://www.netflix.com/browse) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hjaaapkoiljkjpgpfgckfielajkdjhik [2017-11-24]
    CHR Extension: (Google Keep - notas e listas) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-12-11]
    CHR Extension: (Norton Identity Safe) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iikflkcanblccfahdhdonehdalibjnif [2017-11-24]
    CHR Extension: (X-Men Blog - PASSA PRO BABAÇO!) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\miaklnakbdehkcfhmoohcocbifodpebf [2017-11-24]
    CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-24]
    CHR Extension: (Gmail) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-24]
    CHR Extension: (Chrome Media Router) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-24]
    CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\System Profile [2017-11-24]
    CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\Exts\Chrome.crx <não encontrado (a)>
    CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fhmeggicckjohfhgocjieomdmmanmocd] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\Exts\Chrome.crx <não encontrado (a)>
    CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

    ==================== Serviços (Whitelisted) ====================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530888 2017-08-25] ()
    S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
    S4 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Arquivo não assinado]
    S4 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Arquivo não assinado]
    S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-11] (Intel Corporation)
    R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [343544 2017-12-06] (McAfee, Inc.)
    R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NS.exe [326144 2017-11-11] (Symantec Corporation)
    S4 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-15] (NVIDIA Corporation)
    S4 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-15] (NVIDIA Corporation)
    S4 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [463664 2017-11-27] (NVIDIA Corporation)
    S4 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-11-15] (NVIDIA Corporation)
    S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2134848 2017-11-22] (Electronic Arts)
    R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3014472 2017-11-22] (Electronic Arts)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ======================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\BASHDefs\20171206.001\BHDrvx64.sys [1872024 2017-10-11] (Symantec Corporation)
    R1 ccSet_NS; C:\WINDOWS\system32\drivers\NSx64\160B020.007\ccSetx64.sys [187544 2017-11-10] (Symantec Corporation)
    R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45528 2017-07-31] (Corsair)
    R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21968 2017-07-31] (Corsair)
    R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [508056 2017-10-18] (Symantec Corporation)
    R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [158360 2017-10-18] (Symantec Corporation)
    R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171211.001\IDSvia64.sys [1056920 2017-10-13] (Symantec Corporation)
    R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [917008 2017-12-06] (McAfee, Inc.)
    S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [124432 2017-12-06] (McAfee, Inc.)
    R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2d65b7647eff8c45\nvlddmkm.sys [17020720 2017-11-28] (NVIDIA Corporation)
    S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-15] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-10] (NVIDIA Corporation)
    R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-11-27] (NVIDIA Corporation)
    R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2017-03-10] (Realtek )
    R1 SRTSP; C:\WINDOWS\System32\Drivers\NSx64\160B020.007\SRTSP64.SYS [812696 2017-11-10] (Symantec Corporation)
    R1 SRTSPX; C:\WINDOWS\system32\drivers\NSx64\160B020.007\SRTSPX64.SYS [49304 2017-11-10] (Symantec Corporation)
    R0 SymEFASI; C:\WINDOWS\System32\drivers\NSx64\160B020.007\SYMEFASI64.SYS [1938584 2017-11-10] (Symantec Corporation)
    S0 SymELAM; C:\WINDOWS\System32\drivers\NSx64\160B020.007\SymELAM.sys [24608 2017-11-10] (Symantec Corporation)
    R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102600 2017-11-17] (Symantec Corporation)
    R1 SymIRON; C:\WINDOWS\system32\drivers\NSx64\160B020.007\Ironx64.SYS [309984 2017-11-10] (Symantec Corporation)
    R1 SymNetS; C:\WINDOWS\System32\Drivers\NSx64\160B020.007\SYMNETS.SYS [566936 2017-11-10] (Symantec Corporation)
    S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
    S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
    S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


    ==================== Um Mês Criados arquivos e pastas ========

    (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

    2017-12-12 05:47 - 2017-12-12 05:47 - 000051348 _____ C:\Users\Rogério\Desktop\Addition.txt
    2017-12-12 05:46 - 2017-12-12 05:48 - 000026240 _____ C:\Users\Rogério\Desktop\FRST.txt
    2017-12-12 05:46 - 2017-12-12 05:48 - 000000000 ____D C:\FRST
    2017-12-12 05:45 - 2017-12-12 05:45 - 002392064 _____ (Farbar) C:\Users\Rogério\Desktop\FRST64.exe
    2017-12-12 05:44 - 2017-12-12 05:44 - 000000000 ____D C:\Users\Rogério\AppData\Local\PlaceholderTileLogoFolder
    2017-12-11 22:25 - 2017-12-11 22:25 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
    2017-12-07 03:42 - 2017-12-07 03:42 - 000000000 ____D C:\Program Files (x86)\VulkanRT
    2017-12-07 03:42 - 2017-11-27 22:16 - 000137200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
    2017-12-07 03:42 - 2017-09-13 21:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
    2017-12-07 03:42 - 2017-09-13 21:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
    2017-12-07 03:42 - 2017-09-13 21:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
    2017-12-07 03:42 - 2017-09-13 21:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
    2017-12-07 03:40 - 2017-11-27 23:56 - 040238576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 036348400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 035159072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 029378960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 023266584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 019039304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 013866792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 013255032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 011780888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 010883744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 004202808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 003615024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 001991016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438843.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 001674552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438843.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 001331016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 001321264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 001135464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 001101296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 001044848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 001038680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 001032688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 000982000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 000932424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 000794392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 000740152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 000634224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 000618744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 000616240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 000599536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 000506864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 000045496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
    2017-12-06 19:20 - 2017-12-06 19:20 - 000917008 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfehidk.sys
    2017-12-06 19:20 - 2017-12-06 19:20 - 000343544 _____ (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
    2017-12-06 19:20 - 2017-12-06 19:20 - 000124432 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mferkdet.sys
    2017-12-06 19:16 - 2017-12-06 22:11 - 000000000 ____D C:\Program Files\stinger
    2017-12-06 19:16 - 2017-12-06 19:16 - 000000000 ____D C:\Program Files\McAfee
    2017-12-06 19:14 - 2017-12-06 19:14 - 000009018 _____ C:\Users\Rogério\Desktop\ROGUEKILLER.txt
    2017-12-06 17:59 - 2017-12-06 17:59 - 000000000 ____D C:\Users\rapha_000\Desktop\Backup
    2017-12-05 18:21 - 2017-12-06 07:22 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
    2017-12-05 18:20 - 2017-12-05 18:46 - 000000000 ____D C:\Users\Todos os Usuários\RogueKiller
    2017-12-05 18:20 - 2017-12-05 18:46 - 000000000 ____D C:\ProgramData\RogueKiller
    2017-12-04 20:00 - 2017-12-04 20:00 - 026851912 _____ (Adlice Software) C:\Users\Rogério\Desktop\RogueKiller_portable64.exe
    2017-11-29 19:28 - 2017-11-29 19:28 - 000015578 _____ C:\ZA-Scan.txt
    2017-11-29 18:06 - 2017-11-29 18:06 - 000000000 ____D C:\zoek_backup
    2017-11-29 17:55 - 2017-11-29 17:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine
    2017-11-29 17:55 - 2017-11-29 17:55 - 000000000 ____D C:\Program Files (x86)\Corsair
    2017-11-29 17:42 - 2017-12-02 07:00 - 000000000 ____D C:\AdwCleaner
    2017-11-24 09:16 - 2017-12-07 03:42 - 000000000 ____D C:\WINDOWS\LastGood
    2017-11-24 09:04 - 2017-11-24 09:04 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome
    2017-11-24 08:58 - 2017-11-24 08:58 - 000003586 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2017-11-24 08:58 - 2017-11-24 08:58 - 000003462 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2017-11-24 08:58 - 2017-11-24 08:58 - 000002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2017-11-20 15:08 - 2017-11-20 16:54 - 715231211 _____ C:\Users\rapha_000\Downloads\dragon_ball_super_116_FULLHD_fast.mp4
    2017-11-17 23:30 - 2017-11-17 23:32 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
    2017-11-17 23:30 - 2017-11-09 04:43 - 000540784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
    2017-11-17 23:30 - 2017-11-09 04:43 - 000446392 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
    2017-11-17 18:24 - 2017-11-17 18:24 - 000001603 _____ C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\release.lnk
    2017-11-17 12:29 - 2017-11-17 12:29 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
    2017-11-17 10:31 - 2017-11-17 10:31 - 000003386 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
    2017-11-15 10:47 - 2017-10-25 07:11 - 017083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
    2017-11-15 10:47 - 2017-10-25 07:11 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
    2017-11-15 10:47 - 2017-10-25 07:09 - 021753344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
    2017-11-15 10:47 - 2017-10-25 06:57 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
    2017-11-15 10:47 - 2017-10-25 06:57 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
    2017-11-15 10:47 - 2017-10-25 06:56 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
    2017-11-15 10:47 - 2017-10-25 04:36 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
    2017-11-15 10:47 - 2017-10-25 02:41 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
    2017-11-15 10:47 - 2017-10-25 02:40 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
    2017-11-15 10:47 - 2017-10-25 02:40 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2017-11-15 10:47 - 2017-10-25 02:40 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
    2017-11-15 10:47 - 2017-10-25 02:39 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
    2017-11-15 10:47 - 2017-10-25 02:39 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
    2017-11-15 10:47 - 2017-10-25 02:39 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
    2017-11-15 10:47 - 2017-10-25 02:37 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2017-11-15 10:47 - 2017-10-25 02:37 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2017-11-15 10:47 - 2017-10-25 02:36 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2017-11-15 10:47 - 2017-10-25 02:36 - 002400664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
    2017-11-15 10:47 - 2017-10-25 02:36 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
    2017-11-15 10:47 - 2017-10-25 02:34 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2017-11-15 10:47 - 2017-10-25 02:34 - 000839928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
    2017-11-15 10:47 - 2017-10-25 02:34 - 000710920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
    2017-11-15 10:47 - 2017-10-25 02:32 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
    2017-11-15 10:47 - 2017-10-25 02:32 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
    2017-11-15 10:47 - 2017-10-25 02:31 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
    2017-11-15 10:47 - 2017-10-25 02:31 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
    2017-11-15 10:47 - 2017-10-25 02:30 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2017-11-15 10:47 - 2017-10-25 02:30 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
    2017-11-15 10:47 - 2017-10-25 02:29 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
    2017-11-15 10:47 - 2017-10-25 02:29 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
    2017-11-15 10:47 - 2017-10-25 02:29 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
    2017-11-15 10:47 - 2017-10-25 02:28 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
    2017-11-15 10:47 - 2017-10-25 02:27 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
    2017-11-15 10:47 - 2017-10-25 02:27 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
    2017-11-15 10:47 - 2017-10-25 02:27 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
    2017-11-15 10:47 - 2017-10-25 02:27 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
    2017-11-15 10:47 - 2017-10-25 02:24 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
    2017-11-15 10:47 - 2017-10-25 02:20 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
    2017-11-15 10:47 - 2017-10-25 01:52 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2017-11-15 10:47 - 2017-10-25 01:50 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
    2017-11-15 10:47 - 2017-10-25 01:36 - 025246208 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2017-11-15 10:47 - 2017-10-25 01:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
    2017-11-15 10:47 - 2017-10-25 01:30 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
    2017-11-15 10:47 - 2017-10-25 01:28 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2017-11-15 10:47 - 2017-10-25 01:28 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
    2017-11-15 10:47 - 2017-10-25 01:28 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2017-11-15 10:47 - 2017-10-25 01:27 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
    2017-11-15 10:47 - 2017-10-25 01:27 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
    2017-11-15 10:47 - 2017-10-25 01:27 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
    2017-11-15 10:47 - 2017-10-25 01:24 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
    2017-11-15 10:47 - 2017-10-25 01:22 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
    2017-11-15 10:47 - 2017-10-25 01:22 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
    2017-11-15 10:47 - 2017-10-25 01:19 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2017-11-15 10:47 - 2017-10-25 01:19 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
    2017-11-15 10:47 - 2017-10-25 01:18 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
    2017-11-15 10:47 - 2017-10-25 01:18 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
    2017-11-15 10:47 - 2017-10-25 01:18 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
    2017-11-15 10:47 - 2017-10-25 01:18 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
    2017-11-15 10:47 - 2017-10-25 01:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
    2017-11-15 10:47 - 2017-10-25 01:18 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
    2017-11-15 10:47 - 2017-10-25 01:16 - 023658496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2017-11-15 10:47 - 2017-10-25 01:16 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
    2017-11-15 10:47 - 2017-10-25 01:16 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
    2017-11-15 10:47 - 2017-10-25 01:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
    2017-11-15 10:47 - 2017-10-25 01:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2017-11-15 10:47 - 2017-10-25 01:14 - 000541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
    2017-11-15 10:47 - 2017-10-25 01:14 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
    2017-11-15 10:47 - 2017-10-25 01:13 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
    2017-11-15 10:47 - 2017-10-25 01:13 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
    2017-11-15 10:47 - 2017-10-25 01:12 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2017-11-15 10:47 - 2017-10-25 01:12 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2017-11-15 10:47 - 2017-10-25 01:12 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
    2017-11-15 10:47 - 2017-10-25 01:11 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
    2017-11-15 10:47 - 2017-10-25 01:10 - 008099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2017-11-15 10:47 - 2017-10-25 01:10 - 004742144 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2017-11-15 10:47 - 2017-10-25 01:10 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
    2017-11-15 10:47 - 2017-10-25 01:09 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
    2017-11-15 10:47 - 2017-10-25 01:09 - 002106368 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2017-11-15 10:47 - 2017-10-25 01:09 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
    2017-11-15 10:47 - 2017-10-25 01:09 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2017-11-15 10:47 - 2017-10-25 01:08 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2017-11-15 10:47 - 2017-10-25 01:08 - 002781696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2017-11-15 10:47 - 2017-10-25 01:08 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
    2017-11-15 10:47 - 2017-10-25 01:08 - 002392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
    2017-11-15 10:47 - 2017-10-25 01:08 - 001667584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
    2017-11-15 10:47 - 2017-10-25 01:08 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
    2017-11-15 10:47 - 2017-10-25 01:08 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
    2017-11-15 10:47 - 2017-10-25 01:08 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2017-11-15 10:47 - 2017-10-25 01:07 - 018914304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2017-11-15 10:47 - 2017-10-25 01:07 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
    2017-11-15 10:47 - 2017-10-25 01:07 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2017-11-15 10:47 - 2017-10-25 01:07 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2017-11-15 10:47 - 2017-10-25 01:07 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
    2017-11-15 10:47 - 2017-10-25 01:07 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
    2017-11-15 10:47 - 2017-10-25 01:06 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
    2017-11-15 10:47 - 2017-10-25 01:05 - 019339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2017-11-15 10:47 - 2017-10-25 01:05 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
    2017-11-15 10:47 - 2017-10-25 01:05 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
    2017-11-15 10:47 - 2017-10-25 01:04 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
    2017-11-15 10:47 - 2017-10-25 01:04 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
    2017-11-15 10:47 - 2017-10-25 01:03 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
    2017-11-15 10:47 - 2017-10-25 01:02 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
    2017-11-15 10:47 - 2017-10-25 01:01 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
    2017-11-15 10:47 - 2017-10-25 01:01 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2017-11-15 10:47 - 2017-10-25 00:59 - 003679232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2017-11-15 10:47 - 2017-10-25 00:59 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2017-11-15 10:47 - 2017-10-25 00:58 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
    2017-11-15 10:47 - 2017-10-25 00:58 - 001322496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
    2017-11-15 10:47 - 2017-10-25 00:58 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
    2017-11-15 10:47 - 2017-10-25 00:57 - 006035968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2017-11-15 10:47 - 2017-10-25 00:55 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
    2017-11-15 10:47 - 2017-10-25 00:54 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
    2017-11-15 10:47 - 2017-10-21 10:25 - 003313968 _____ C:\WINDOWS\system32\Windows.Mirage.dll
    2017-11-15 10:47 - 2017-10-20 12:17 - 002474584 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
    2017-11-15 10:47 - 2017-10-20 03:08 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
    2017-11-14 14:10 - 2017-11-14 14:11 - 035202519 _____ C:\Users\Rogério\Desktop\Video - at Yout.mp4

    ==================== Um Mês Modificados arquivos e pastas ========

    (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

    2017-12-12 05:41 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\AppReadiness
    2017-12-12 05:40 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
    2017-12-12 05:37 - 2017-10-20 15:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2017-12-11 22:26 - 2017-10-20 15:15 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security
    2017-12-11 22:14 - 2017-09-29 11:46 - 000000000 ___HD C:\Program Files\WindowsApps
    2017-12-11 22:13 - 2017-05-08 16:26 - 000000000 ____D C:\Users\Todos os Usuários\NVIDIA
    2017-12-11 22:13 - 2017-05-08 16:26 - 000000000 ____D C:\ProgramData\NVIDIA
    2017-12-11 02:07 - 2017-08-17 09:18 - 000000000 ____D C:\Dungeons & Dragons Online
    2017-12-11 01:31 - 2017-04-16 18:37 - 000000000 ____D C:\Users\Rogério\AppData\Local\Turbine
    2017-12-11 00:07 - 2017-10-20 15:22 - 002588988 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2017-12-11 00:07 - 2017-09-30 12:34 - 000976396 _____ C:\WINDOWS\system32\prfh0416.dat
    2017-12-11 00:07 - 2017-09-30 12:34 - 000333194 _____ C:\WINDOWS\system32\prfc0416.dat
    2017-12-11 00:01 - 2017-10-20 15:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2017-12-10 03:02 - 2017-09-29 06:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
    2017-12-10 02:40 - 2017-02-15 08:04 - 000000000 ____D C:\Program Files (x86)\Origin
    2017-12-10 02:15 - 2017-02-15 04:51 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Origin
    2017-12-10 02:08 - 2017-02-15 04:47 - 000000000 ____D C:\Users\Todos os Usuários\Origin
    2017-12-10 02:08 - 2017-02-15 04:47 - 000000000 ____D C:\ProgramData\Origin
    2017-12-10 02:01 - 2017-02-10 07:51 - 000000000 ____D C:\Users\Rogério\AppData\Local\CrashDumps
    2017-12-08 05:19 - 2017-02-10 20:58 - 000000000 ____D C:\Users\Rogério\AppData\Local\Ubisoft Game Launcher
    2017-12-07 22:40 - 2017-05-22 14:54 - 000000000 ____D C:\Users\Rogério\AppData\LocalLow\Mozilla
    2017-12-07 21:24 - 2016-10-14 20:18 - 000000000 ____D C:\Users\Rogério\Desktop\Panda Network
    2017-12-07 21:07 - 2017-02-15 04:42 - 000000000 ____D C:\Users\Rogério\AppData\Local\NVIDIA Corporation
    2017-12-07 21:04 - 2017-09-29 06:45 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
    2017-12-07 07:05 - 2017-10-20 15:12 - 000000000 ____D C:\Users\Rogério
    2017-12-07 03:49 - 2017-06-21 04:51 - 000000000 ____D C:\Program Files (x86)\Steam
    2017-12-07 03:48 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
    2017-12-07 03:48 - 2017-09-29 11:44 - 000000000 ____D C:\WINDOWS\INF
    2017-12-07 03:43 - 2017-02-10 07:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2017-12-07 03:42 - 2017-02-15 04:45 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\NVIDIA
    2017-12-07 03:40 - 2017-05-08 16:26 - 000000000 ____D C:\Users\Todos os Usuários\NVIDIA Corporation
    2017-12-07 03:40 - 2017-05-08 16:26 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
    2017-12-07 03:25 - 2017-08-17 09:19 - 000000000 ____D C:\Users\Rogério\AppData\Local\Akamai
    2017-12-05 18:42 - 2017-02-10 13:35 - 000000000 ____D C:\WINDOWS\system32\MRT
    2017-12-05 18:39 - 2017-10-10 22:50 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
    2017-12-05 18:39 - 2017-02-10 13:35 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2017-12-05 18:39 - 2015-10-30 05:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
    2017-12-04 19:46 - 2017-05-22 14:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2017-12-02 19:57 - 2017-05-22 14:54 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2017-12-02 19:57 - 2017-05-22 14:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2017-12-01 04:19 - 2017-03-07 04:08 - 000000000 ____D C:\Users\Rogério\AppData\Local\Spotify
    2017-12-01 01:29 - 2017-03-07 04:08 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Spotify
    2017-11-30 08:32 - 2017-08-07 03:00 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2017-11-29 23:06 - 2017-06-17 09:39 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\WhatsApp
    2017-11-28 19:28 - 2017-05-02 15:47 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\discord
    2017-11-28 18:20 - 2017-03-10 22:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2017-11-28 18:20 - 2017-03-10 22:53 - 000000000 ____D C:\Users\Todos os Usuários\Oracle
    2017-11-28 18:20 - 2017-03-10 22:53 - 000000000 ____D C:\ProgramData\Oracle
    2017-11-28 18:20 - 2017-03-10 22:53 - 000000000 ____D C:\Program Files (x86)\Java
    2017-11-28 18:18 - 2017-03-10 22:54 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
    2017-11-27 23:56 - 2017-10-09 11:14 - 001615472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
    2017-11-27 23:56 - 2017-10-09 11:14 - 000225208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
    2017-11-27 23:56 - 2017-10-09 11:06 - 004485560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
    2017-11-27 23:56 - 2017-10-09 11:06 - 003817584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
    2017-11-27 23:56 - 2017-10-09 10:47 - 000048442 _____ C:\WINDOWS\system32\nvinfo.pb
    2017-11-27 23:56 - 2017-09-29 18:51 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
    2017-11-27 22:37 - 2017-05-08 16:26 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
    2017-11-27 22:06 - 2017-05-08 16:26 - 005965624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
    2017-11-27 22:06 - 2017-05-08 16:26 - 002588976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
    2017-11-27 22:06 - 2017-05-08 16:26 - 001766288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
    2017-11-27 22:06 - 2017-05-08 16:26 - 000608240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
    2017-11-27 22:06 - 2017-05-08 16:26 - 000450544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
    2017-11-27 22:06 - 2017-05-08 16:26 - 000122768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
    2017-11-27 22:06 - 2017-05-08 16:26 - 000082736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
    2017-11-25 20:49 - 2017-02-19 03:35 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\uTorrent
    2017-11-25 04:49 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\NDF
    2017-11-24 20:17 - 2017-05-08 16:25 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2017-11-24 17:14 - 2017-05-22 14:54 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Mozilla
    2017-11-24 09:20 - 2017-10-20 15:15 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-24 09:20 - 2017-10-20 15:15 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-24 09:20 - 2017-10-20 15:15 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-24 09:20 - 2017-10-20 15:15 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-24 09:20 - 2017-10-20 15:15 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-24 09:20 - 2017-10-20 15:15 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-24 09:20 - 2017-10-20 15:15 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-24 09:20 - 2017-10-20 15:15 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-24 09:20 - 2017-05-08 16:25 - 000000000 ____D C:\Program Files\NVIDIA Corporation
    2017-11-24 08:58 - 2017-02-10 08:00 - 000000000 ____D C:\Program Files (x86)\Google
    2017-11-23 21:48 - 2017-07-08 20:02 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
    2017-11-23 21:29 - 2017-02-10 07:42 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Skype
    2017-11-20 09:04 - 2017-05-08 16:26 - 007874971 _____ C:\WINDOWS\system32\nvcoproc.bin
    2017-11-19 16:36 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\rescache
    2017-11-17 14:00 - 2017-10-20 15:15 - 000004612 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
    2017-11-17 14:00 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
    2017-11-17 14:00 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
    2017-11-17 12:30 - 2017-02-15 04:19 - 000000000 ____D C:\Users\Rogério\AppData\Local\NPE
    2017-11-17 12:28 - 2017-02-13 06:59 - 000000000 ____D C:\Program Files\Common Files\AV
    2017-11-17 10:35 - 2017-06-17 09:39 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
    2017-11-17 10:35 - 2017-06-17 09:39 - 000000000 ____D C:\Users\Rogério\AppData\Local\WhatsApp
    2017-11-17 10:35 - 2017-05-02 15:47 - 000000000 ____D C:\Users\Rogério\AppData\Local\SquirrelTemp
    2017-11-17 10:31 - 2017-09-29 11:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
    2017-11-17 10:31 - 2017-02-13 04:15 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
    2017-11-17 10:31 - 2017-02-13 04:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\NSx64
    2017-11-17 08:36 - 2017-10-19 01:56 - 000102600 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
    2017-11-17 08:36 - 2017-10-19 01:56 - 000008471 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
    2017-11-15 23:41 - 2017-05-09 21:10 - 000186304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
    2017-11-15 23:41 - 2017-05-09 21:10 - 000152512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
    2017-11-15 23:41 - 2017-02-15 04:42 - 002404800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
    2017-11-15 23:41 - 2017-02-15 04:42 - 002070976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
    2017-11-15 23:41 - 2017-02-15 04:42 - 001309120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
    2017-11-15 22:53 - 2017-02-15 04:42 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
    2017-11-15 20:12 - 2017-10-20 15:11 - 000230616 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2017-11-15 20:11 - 2017-09-29 11:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
    2017-11-15 20:11 - 2017-09-29 11:46 - 000000000 ___SD C:\WINDOWS\system32\F12
    2017-11-15 20:11 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\TextInput
    2017-11-15 20:11 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
    2017-11-15 20:11 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
    2017-11-15 20:11 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
    2017-11-15 20:11 - 2017-09-29 06:45 - 000000000 ____D C:\WINDOWS\system32\Dism
    2017-11-15 10:48 - 2017-09-29 11:37 - 000000000 ____D C:\WINDOWS\CbsTemp
    2017-11-15 10:43 - 2017-10-20 15:15 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
    2017-11-13 09:58 - 2017-10-20 15:13 - 000000000 ____D C:\Users\Rogério\AppData\Local\Packages
    2017-11-13 09:23 - 2017-10-20 15:12 - 000000000 ____D C:\Users\rapha_000

    Alguns arquivos em TEMP:
    ====================
    2017-12-05 18:20 - 2017-10-25 02:37 - 001954048 _____ (Microsoft Corporation) C:\Users\Rogério\AppData\Local\Temp\dllnt_dump.dll
    2017-12-07 03:40 - 2017-10-27 14:06 - 000370296 _____ (NVIDIA Corporation) C:\Users\Rogério\AppData\Local\Temp\nvStInst.exe

    ==================== Bamital & volsnap ======================

    (Não há correção automática para arquivos que não passaram na verificação.)

    C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
    C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
    C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

    LastRegBack: 2017-12-01 02:24

    ==================== Fim de FRST.txt ============================

     

     

    Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 11-12-2017
    Executado por Rogério (12-12-2017 05:48:45)
    Executando a partir de C:\Users\Rogério\Desktop
    Windows 10 Home Versão 1709 16299.64 (X64) (2017-10-20 17:19:06)
    Modo da Inicialização: Normal
    ==========================================================


    ==================== Contas: =============================

    Administrador (S-1-5-21-2442392909-140579935-1769747838-500 - Administrator - Disabled)
    ASPNET (S-1-5-21-2442392909-140579935-1769747838-1004 - Limited - Enabled)
    Convidado (S-1-5-21-2442392909-140579935-1769747838-501 - Limited - Disabled)
    DefaultAccount (S-1-5-21-2442392909-140579935-1769747838-503 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-2442392909-140579935-1769747838-1006 - Limited - Enabled)
    Momar (S-1-5-21-2442392909-140579935-1769747838-1007 - Limited - Disabled)
    rapha_000 (S-1-5-21-2442392909-140579935-1769747838-1003 - Limited - Enabled) => C:\Users\rapha_000
    Rogério (S-1-5-21-2442392909-140579935-1769747838-1001 - Administrator - Enabled) => C:\Users\Rogério
    WDAGUtilityAccount (S-1-5-21-2442392909-140579935-1769747838-504 - Limited - Disabled)

    ==================== Central de Segurança ========================

    (Se uma entrada for incluída na fixlist, será removida.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Norton Security (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Norton Security (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
    FW: Norton Security (Enabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}

    ==================== Programas Instalados ======================

    (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

    µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.3.28705 - BitTorrent Inc.)
    µTorrent (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
    Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
    Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
    Akamai NetSession Interface (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
    Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation)
    Atualizações da NVIDIA 31.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.1.0 - NVIDIA Corporation) Hidden
    Corsair Utility Engine (HKLM-x32\...\{B6784863-ACC5-4BB6-AC26-485FAF3A8E4C}) (Version: 2.20.72 - Corsair)
    Curse (HKLM-x32\...\{A20BFF62-AE3C-42BD-9C52-841CAB96BC49}) (Version: 6.0.0.0 - Curse)
    Discord (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Discord) (Version: 0.0.298 - Discord Inc.)
    Dungeons & Dragons Online v2600.0045.9717.4070 (HKLM-x32\...\bc8a6440-918f-11dd-ad8b-0800200c9a66_is1) (Version: 2600.0045.9717.4070 - Standing Stone Games, LLC)
    Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version:  - Ubisoft)
    FormatFactory 4.1.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.1.0.0 - Free Time)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
    Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.0.16 - Riot Games, Inc.)
    Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
    Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
    IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2016) (Version: 1.3 - Receita Federal do Brasil)
    IRPF2017 (HKLM-x32\...\IRPF2017) (Version: 1.1 - Receita Federal do Brasil)
    Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
    League of Legends (HKLM-x32\...\{8CCCD0E7-56E4-45FB-B3FB-9F5183C2F4F0}) (Version: 4.1.2 - Riot Games) Hidden
    League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
    Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
    LoLReplay2 (HKLM-x32\...\{9D5BAC5A-EDBF-4A34-AC2D-139C84B7E050}_is1) (Version: v2.8.2 - Aequus Gaming Ltd.)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Mozilla Firefox 57.0.1 (x64 pt-BR) (HKLM\...\Mozilla Firefox 57.0.1 (x64 pt-BR)) (Version: 57.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3 - Mozilla)
    MPC-HC 1.7.11 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.11 - MPC-HC Team)
    Norton Security (HKLM-x32\...\NS) (Version: 22.11.2.7 - Symantec Corporation)
    NVIDIA Driver de áudio HD 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
    NVIDIA Driver de controle do 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
    NVIDIA Driver de gráficos 388.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.43 - NVIDIA Corporation)
    NVIDIA Driver do 3D Vision 388.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.43 - NVIDIA Corporation)
    NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
    NVIDIA Software do sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
    Origin (HKLM-x32\...\Origin) (Version: 10.5.8.11002 - Electronic Arts, Inc.)
    Painel de controle da NVIDIA 388.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.43 - NVIDIA Corporation) Hidden
    PBE (HKLM-x32\...\PBE 1.0) (Version: 1.0 - Riot Games, Inc)
    Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
    PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
    Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - )
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
    Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.10 - Serpro - Serviço Federal de Processamento de Dados)
    Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)
    SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts)
    Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
    Software de dispositivo do Chipset Intel® (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
    Spotify (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Spotify) (Version: 1.0.68.407.g6864aaaf - Spotify AB)
    STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    Twitch (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
    Uplay (HKLM-x32\...\Uplay) (Version: 36.0 - Ubisoft)
    Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
    WhatsApp (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\WhatsApp) (Version: 0.2.6968 - WhatsApp)
    WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
    WinX DVD Ripper Platinum 7.5.12 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version:  - Digiarty Software, Inc.)

    ==================== Exame Personalizado CLSID (Whitelisted): ==========================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo
    CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo
    CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo
    ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
    ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
    ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
    ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
    ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
    ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
    ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Nenhum Arquivo
    ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
    ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation)
    ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal)
    ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
    ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation)
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-11-27] (NVIDIA Corporation)
    ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
    ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation)
    ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal)
    ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)

    ==================== Tarefas Agendadas (Whitelisted) =============

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    Task: {03214716-56C0-49CF-869D-7EF8F06F0757} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-11-15] (NVIDIA Corporation)
    Task: {037AEFEB-5D66-4EF9-B6C4-C4793FB932B0} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_187_pepper.exe [2017-11-17] (Adobe Systems Incorporated)
    Task: {04FD295A-E7E2-4DBB-9CF5-E8639BDA73C5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-11-15] (NVIDIA Corporation)
    Task: {127B2546-4D19-4740-B9E2-24408205DD9C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-15] (NVIDIA Corporation)
    Task: {13B73632-6084-4B4D-AC0B-4ED21DF68351} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
    Task: {22D60B90-C7EA-4290-8A98-6DE268CFA0BD} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
    Task: {259305D0-7F98-4C24-B8ED-BF0B6F0480D0} - \Microsoft\Windows\UNP\RunCampaignManager -> Nenhum Arquivo <==== ATENÇÃO
    Task: {5EA53C80-E6B0-4B8A-9764-4CF7B679268E} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
    Task: {611231A8-9628-43F5-BC66-5E7CE9710B3B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2442392909-140579935-1769747838-1003 => C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
    Task: {6B290029-748C-41D8-80FD-AD53EF15F9A2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-15] (NVIDIA Corporation)
    Task: {6B83EC29-CC43-473C-A4AF-2FCA65A4BC43} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
    Task: {6E5C6A83-BEF1-480F-9A62-27DE21356329} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2017-11-10] (Symantec Corporation)
    Task: {80D5ACF1-DB3B-4BD5-AB11-1FBC5F7C9BCD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-24] (Google Inc.)
    Task: {9148A3CE-4670-4246-9B86-854BEA005418} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-15] (NVIDIA Corporation)
    Task: {9785E5D8-92F8-4F2F-A430-F9EBDD57342F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-24] (Google Inc.)
    Task: {9CCB7E14-9012-4BC5-8983-7525E84DE981} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-11-15] (NVIDIA Corporation)
    Task: {A144C735-0CC3-4A62-8607-06D084C16A0C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-11-15] (NVIDIA Corporation)
    Task: {A68DAC04-3BCB-4FCE-9C70-930D1B607243} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-15] (NVIDIA Corporation)
    Task: {BECFF8D3-95BC-4FC6-8499-B387044C5FD0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-17] (Adobe Systems Incorporated)
    Task: {E5A8BBB3-FDFB-4345-9A2E-6F92534CA64A} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\WSCStub.exe [2017-11-10] (Symantec Corporation)

    (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

    ==================== Atalhos & WMI ========================

    (As entradas podem ser listadas para serem restauradas ou removidas.)


    ShortcutWithArgument: C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Google Keep - notas e listas.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
    ShortcutWithArgument: C:\Users\Rogério\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
    ShortcutWithArgument: C:\Users\Rogério\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5803ea45d7990e6f\WhatsChrome Extension.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kbhfoiaobflocffnclkigpkeoagheimn

    ==================== Módulos Carregados (Whitelisted) ==============

    2017-09-29 11:41 - 2017-09-29 11:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
    2017-09-29 11:42 - 2017-09-30 12:36 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2017-09-29 11:42 - 2017-09-30 12:36 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2017-11-24 08:58 - 2017-11-10 07:57 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libglesv2.dll
    2017-11-24 08:58 - 2017-11-10 07:57 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libegl.dll
    2017-10-25 08:05 - 2017-10-25 08:05 - 004252160 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1710.2791.0_x64__8wekyb3d8bbwe\Calculator.exe
    2017-09-27 07:55 - 2017-09-27 07:55 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1710.2791.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
    2017-11-03 17:56 - 2017-11-03 17:56 - 000197120 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll
    2017-11-03 17:52 - 2017-11-03 17:52 - 000044544 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\MacroRecording.dll
    2017-11-03 18:09 - 2017-11-03 18:09 - 000151040 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairAudioDevice.dll
    2017-11-03 17:50 - 2017-11-03 17:50 - 000097280 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\zlib.dll
    2017-10-02 07:54 - 2017-10-02 07:54 - 000013312 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\libEGL.DLL
    2017-10-02 07:54 - 2017-10-02 07:54 - 001950720 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\libGLESv2.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (Se uma entrada for incluída na fixlist, somente o ADS será removido.)


    ==================== Modo de Segurança (Whitelisted) ===================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

    ==================== Associação (Whitelisted) ===============

    (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


    ==================== Internet Explorer confiável/restrito ===============

    (Se uma entrada for incluída na fixlist, será removida do Registro.)


    ==================== Hosts Conteúdo: ===============================

    (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

    2015-10-30 05:24 - 2015-10-30 05:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


    ==================== Outras Áreas ============================

    (Atualmente não há nenhuma correção automática para esta seção.)

    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
    DNS Servers: 8.8.8.8 - 8.8.4.4
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
    Firewall do Windows está habilitado.

    ==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
    MSCONFIG\Services: BEService => 3
    MSCONFIG\Services: gupdate => 2
    MSCONFIG\Services: gupdatem => 3
    MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
    MSCONFIG\Services: Intel(R) Security Assist => 3
    MSCONFIG\Services: isaHelperSvc => 2
    MSCONFIG\Services: jhi_service => 2
    MSCONFIG\Services: LBTServ => 3
    MSCONFIG\Services: LMS => 2
    MSCONFIG\Services: MozillaMaintenance => 3
    MSCONFIG\Services: NvContainerLocalSystem => 2
    MSCONFIG\Services: NvContainerNetworkService => 3
    MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
    MSCONFIG\Services: NvTelemetryContainer => 2
    MSCONFIG\Services: Origin Client Service => 3
    MSCONFIG\Services: Origin Web Helper Service => 2
    MSCONFIG\Services: SkypeUpdate => 2
    MSCONFIG\Services: Steam Client Service => 3
    HKLM\...\StartupApproved\Run: => "SecurityHealth"
    HKLM\...\StartupApproved\Run: => "EvtMgr6"
    HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
    HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
    HKLM\...\StartupApproved\Run32: => "Corsair Utility Engine"
    HKLM\...\StartupApproved\Run32: => "IMSS"
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "OneDrive"
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Skype"
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Spotify Web Helper"
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Spotify"
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "OneDriveSetup"
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Steam"

    ==================== Regras do Firewall (Whitelisted) ===============

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    FirewallRules: [{6A3AEA4A-6C2F-4DCF-8CED-8BF24273F186}] => (Allow) D:\Vuze\Azureus.exe
    FirewallRules: [{CCDC5F06-7575-4D7A-99D5-E547831D8D8D}] => (Allow) D:\Vuze\Azureus.exe
    FirewallRules: [{66B60690-A84D-43C1-B3E5-7E6570A8C4CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    FirewallRules: [{3BCEA9B6-9EB8-4654-9EA2-C5EE356494E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{0F2D6EEE-D364-4F30-95DC-A268AEC7C69B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{4F17C9A2-4132-49A1-9610-02940CED6742}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    FirewallRules: [{212F812C-3DF1-4F06-80C3-AEB3E785C207}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    FirewallRules: [{07DDE512-9CCC-474A-A45C-5F60E353E097}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe
    FirewallRules: [{2C593F2A-99A0-4D01-8235-69F19632CA18}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe
    FirewallRules: [{6B49B98F-A6AE-437C-8DC9-1C689F0E3B66}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe
    FirewallRules: [{691A0892-A702-43D7-B2E4-AA3AC46BFC53}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe
    FirewallRules: [{686B1685-0541-4F0D-9AB6-591228928201}] => (Allow) D:\Games\Origin\SimCity\SimCity\SimCity.exe
    FirewallRules: [{3A0FD541-ED64-4CEB-9BC5-E4B07D240681}] => (Allow) D:\Games\Origin\SimCity\SimCity\SimCity.exe
    FirewallRules: [{ACD7F6EE-AE74-4689-BE04-0FA721C1B0DD}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe
    FirewallRules: [{7BE5F36D-4B47-4BFE-9E8E-6316A8F563BC}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe
    FirewallRules: [{57E60006-667B-4127-8FFE-F0880A05772B}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe
    FirewallRules: [{17046295-58D9-43D7-83BA-F78A3E2B76DC}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe
    FirewallRules: [{587B0D03-84D1-4CF4-B824-125CD26D68BB}] => (Allow) D:\Games\steamapps\common\Sword Coast Legends\SwordCoast.exe
    FirewallRules: [{D2A1E2FC-C7FD-4174-9921-518FAAF694AE}] => (Allow) D:\Games\steamapps\common\Sword Coast Legends\SwordCoast.exe
    FirewallRules: [{A6E57C5E-A0EA-467B-BEB3-E9BB5AB9F786}] => (Allow) D:\Games\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe
    FirewallRules: [{8504C1E4-6897-4FCD-A727-5FDE8E63293A}] => (Allow) D:\Games\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe
    FirewallRules: [{88A614AE-D977-4267-B58F-F7AB8B991491}] => (Allow) D:\Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
    FirewallRules: [{708FDAC7-D9E8-44E4-BF33-F9A61FD7669B}] => (Allow) D:\Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
    FirewallRules: [{7505F984-C705-44A6-86E1-FF8079F671CE}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\IGE_WPF64.exe
    FirewallRules: [{977AB962-91B9-4EAD-8988-8796730D9C63}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\IGE_WPF64.exe
    FirewallRules: [{3B73638A-4E23-43D8-B02D-7E9F79215723}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\FarCry4.exe
    FirewallRules: [{8B7D40A5-CA48-4CDF-8FF8-991E903B9EA3}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\FarCry4.exe
    FirewallRules: [{E4FB541D-F96A-4DB0-B6B2-8016A0CC2632}] => (Allow) D:\Games\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
    FirewallRules: [{AE266EFE-5C69-4C32-9674-15855D489BED}] => (Allow) D:\Games\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
    FirewallRules: [{BD2B9DB2-8BB0-40D0-82E5-1D1A8DAA1998}] => (Allow) D:\Games\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
    FirewallRules: [{DE951DEB-87AE-4FF2-9F6D-7503C2ADC803}] => (Allow) D:\Games\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
    FirewallRules: [{910A18F5-1557-43A5-AD2E-3F6E2DA658B6}] => (Allow) D:\Games\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
    FirewallRules: [{A39BED4D-E47D-4C1A-B1CE-B5A3677A08F1}] => (Allow) D:\Games\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
    FirewallRules: [{79950C39-6643-4DE1-B59C-28CA25216DE1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [{1A3EFCCB-2809-4389-97A3-B3B818BACE03}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [{627532CD-D967-4A6E-A8E0-1F63B7194A82}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{AF0748BD-259C-4F8D-9520-B02EB4F06E2F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{FFB1C619-937F-4820-9F4C-64418CE152A3}] => (Allow) C:\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe
    FirewallRules: [{A3A70C65-01F3-486B-8B75-A980A69F6F66}] => (Allow) C:\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe
    FirewallRules: [{765609D5-7494-4E93-9CA2-83A23540743E}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
    FirewallRules: [{AC0027CD-298C-4070-AA83-A7169A16F1D3}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
    FirewallRules: [{DC495A06-4183-476A-9DD4-69D43172CB0A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{71E0BAEE-872A-47A1-82E4-C978866389C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{992908C0-D632-462F-8B1B-660EA43AB307}] => (Allow) E:\Steam\Steam.exe
    FirewallRules: [{562016B1-6276-47E4-89F4-0E7047913FA6}] => (Allow) E:\Steam\Steam.exe
    FirewallRules: [{E5E99778-A929-415B-BBCA-B317AC521E27}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [{D2A938C8-9B98-4C5F-AFCC-AE593E4FEC3B}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [{D40BEE31-5F7B-4186-8BD4-9440D7D9A689}] => (Allow) E:\Steam\SteamApps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
    FirewallRules: [{D4085136-777D-487C-9614-59DC29C6E4BC}] => (Allow) E:\Steam\SteamApps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
    FirewallRules: [{671CFEB2-13D7-4C81-9F39-6B01F94DD4D3}] => (Allow) E:\Steam\SteamApps\common\Sword Coast Legends\SwordCoast.exe
    FirewallRules: [{B5BB585F-3FAE-4B5C-8FDA-25C188E40F92}] => (Allow) E:\Steam\SteamApps\common\Sword Coast Legends\SwordCoast.exe
    FirewallRules: [{0C0BEC0A-EBB1-46F2-8504-AA3D039071E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    FirewallRules: [{5D366CB0-329E-4492-B892-FDD6F6424DBD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    FirewallRules: [{23FD4592-0A1E-4ED7-B33B-84D9FF32ECE1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
    FirewallRules: [{6C0D5192-F0B3-496A-937B-95BF2C42A008}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{694775E2-71C6-4F92-95C1-CE30B7384F58}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{D40465AA-A88C-4BC9-B2BA-2F51B20CF5D8}] => (Allow) E:\Origin Games\SimCity\SimCity\SimCity.exe
    FirewallRules: [{7522DCBD-351D-4CA9-932B-2085EE8331A7}] => (Allow) E:\Origin Games\SimCity\SimCity\SimCity.exe
    FirewallRules: [{ABCD9D2A-0DFE-4358-9423-01F4F44C72F3}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
    FirewallRules: [{57D8FA44-EA07-4055-9456-CB42096EA039}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
    FirewallRules: [{9DAB21CC-1E4D-4278-A4E2-A2B392FBE09E}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{FFDA303C-81CA-4CF2-A422-4B9CFAB17FA7}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{0B766991-26F1-4D1C-97C4-915D25E44F89}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{0882A8CA-958F-432A-A538-B6114228BD4D}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{15A5C0D4-F649-45A1-8F6E-6596F2F74419}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{998EB994-61B4-4439-BF4E-23A85A072D5E}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{11EA87D8-3820-499D-8D11-2E9F472F6283}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{80B75330-A2F8-4231-AB67-B6D52A03BDFD}] => (Allow) E:\Steam\SteamApps\common\TreeOfSavior\release\patch\tos.exe
    FirewallRules: [{B4FDB7D3-8A77-46A8-8D8D-C21D9924C7E6}] => (Allow) E:\Steam\SteamApps\common\TreeOfSavior\release\patch\tos.exe
    FirewallRules: [{21830394-2C27-469C-8897-E36ABE86CA30}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{EA7D2852-20F7-4C3B-A678-35D975C25831}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [TCP Query User{D3E18C15-52A3-4096-B48A-B121EC01D840}C:\users\rogério\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\rogério\appdata\local\akamai\netsession_win.exe
    FirewallRules: [UDP Query User{87E64EE3-FF2C-4D2F-844A-4A407623700A}C:\users\rogério\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\rogério\appdata\local\akamai\netsession_win.exe
    FirewallRules: [{2D6CABFD-A41D-4EAF-B5FA-4B347A0D272A}] => (Allow) D:\FormatFactory\FormatFactory.exe
    FirewallRules: [{AC0A28C6-20CB-4877-8457-2CF3F589BC38}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
    FirewallRules: [{C9F054A8-9EE4-4182-B9FE-CA93EFD8F3C6}] => (Allow) D:\FormatFactory\FormatFactory.exe
    FirewallRules: [{D1EC6DFB-E4F2-42E3-8F06-3E7B73C6308A}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
    FirewallRules: [{5FEEDB86-69E0-4D54-A47B-3CD256347BBA}] => (Allow) D:\FormatFactory\FormatFactory.exe
    FirewallRules: [{6FEC8C01-9A2E-4634-81BC-AC3E009090CA}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
    FirewallRules: [{783F3379-67BD-452B-B7E4-1BC3076A56A4}] => (Allow) D:\FormatFactory\FFModules\Package\PTInstOnline.exe
    FirewallRules: [{18A521D5-3EA0-429F-A92B-8ED0ADCA4A60}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{A6C69910-5338-4288-8F2E-601FF9D0A76A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe
    FirewallRules: [{9E7F09B8-B141-4EA2-807D-4021A23E54D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe

    ==================== Pontos de Restauração =========================

    ATENÇÃO: A Restauração do Sistema está desabilitada

    ==================== Dispositivos Apresentando Falhas No Gerenciador =============

    Name: Logitech Cordless Device
    Description: Logitech Cordless Device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: 
    Service: 
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Logitech Cordless Device
    Description: Logitech Cordless Device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: 
    Service: 
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Logitech Cordless Device
    Description: Logitech Cordless Device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: 
    Service: 
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


    ==================== Erros no Log de eventos: =========================

    Erros em Aplicativos:
    ==================
    Error: (12/12/2017 05:42:01 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: O programa CUE.exe versão 2.20.72.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.

    ID do Processo: 2c7c

    Hora de Início: 01d3722684d33bd3

    Hora de Término: 4294967295

    Caminho do Aplicativo: C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe

    ID do Relatório: 2073f252-bdd1-47f0-8878-2ffe901f68f3

    Nome completo do pacote com falha: 

    ID do aplicativo relativo ao pacote com falha:

    Error: (12/12/2017 05:38:19 AM) (Source: COM) (EventID: 10031) (User: )
    Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {41FD88F7-F295-4D39-91AC-A85F3149A05B} foi rejeitada

    Error: (12/12/2017 05:38:19 AM) (Source: COM) (EventID: 10031) (User: )
    Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {95CABCC9-BC57-4C12-B8DF-BA193232AA01} foi rejeitada

    Error: (12/12/2017 05:38:19 AM) (Source: COM) (EventID: 10031) (User: )
    Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {41FD88F7-F295-4D39-91AC-A85F3149A05B} foi rejeitada

    Error: (12/12/2017 05:38:19 AM) (Source: COM) (EventID: 10031) (User: )
    Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {95CABCC9-BC57-4C12-B8DF-BA193232AA01} foi rejeitada

    Error: (12/11/2017 10:11:30 PM) (Source: COM) (EventID: 10031) (User: )
    Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {41FD88F7-F295-4D39-91AC-A85F3149A05B} foi rejeitada

    Error: (12/11/2017 10:11:30 PM) (Source: COM) (EventID: 10031) (User: )
    Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {95CABCC9-BC57-4C12-B8DF-BA193232AA01} foi rejeitada

    Error: (12/10/2017 02:01:20 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nome do aplicativo com falha: NVIDIA Notification.exe, versão: 61.3163.1651.1, carimbo de data/hora: 0x5a0ce9fe
    Nome do módulo com falha: NvTelemetryAPI32.dll_unloaded, versão: 7.10.14.0, carimbo de data/hora: 0x5a006364
    Código de exceção: 0xc0000005
    Deslocamento da falha: 0x0002e83b
    ID do processo com falha: 0x25e8
    Hora de início do aplicativo com falha: 0x01d3716b838e9001
    Caminho do aplicativo com falha: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Geforce Experience\NVIDIA Notification.exe
    Caminho do módulo com falha: NvTelemetryAPI32.dll
    ID do Relatório: 9981eaa3-bbb4-4a14-ab8e-f1abac615d6b
    Nome completo do pacote com falha: 
    ID do aplicativo relativo ao pacote com falha:

    Error: (12/10/2017 02:01:13 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nome do aplicativo com falha: NVIDIA Notification.exe, versão: 61.3163.1651.1, carimbo de data/hora: 0x5a0ce9fe
    Nome do módulo com falha: NvTelemetryAPI32.dll_unloaded, versão: 7.10.14.0, carimbo de data/hora: 0x5a006364
    Código de exceção: 0xc00001a5
    Deslocamento da falha: 0x0006542e
    ID do processo com falha: 0x25e8
    Hora de início do aplicativo com falha: 0x01d3716b838e9001
    Caminho do aplicativo com falha: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Geforce Experience\NVIDIA Notification.exe
    Caminho do módulo com falha: NvTelemetryAPI32.dll
    ID do Relatório: c51db95d-8c6d-4c82-82e4-b9ecb09bc5be
    Nome completo do pacote com falha: 
    ID do aplicativo relativo ao pacote com falha:

    Error: (12/07/2017 03:42:04 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nome do aplicativo com falha: CUE.exe, versão: 2.20.72.0, carimbo de data/hora: 0x59fc94a5
    Nome do módulo com falha: libGLESv2.dll, versão: 0.0.0.0, carimbo de data/hora: 0x59d1d48f
    Código de exceção: 0xc000041d
    Deslocamento da falha: 0x000da181
    ID do processo com falha: 0x1d44
    Hora de início do aplicativo com falha: 0x01d36f06e9475e8a
    Caminho do aplicativo com falha: C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe
    Caminho do módulo com falha: C:\Program Files (x86)\Corsair\Corsair Utility Engine\libGLESv2.dll
    ID do Relatório: 78ef8f27-7feb-4f48-98c6-fbb0d81ade57
    Nome completo do pacote com falha: 
    ID do aplicativo relativo ao pacote com falha:


    Erros de Sistema:
    =============
    Error: (12/11/2017 11:12:14 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
    Description: 4

    Error: (12/11/2017 10:14:28 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
    Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH42THS-Microsoft.Microsoft3DViewer.

    Error: (12/11/2017 10:14:15 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
    Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH5FV99-Microsoft.MSPaint.

    Error: (12/11/2017 10:14:12 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
    Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH537C2-Microsoft.XboxGameOverlay.

    Error: (12/11/2017 02:12:36 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
    Description: 4

    Error: (12/11/2017 12:05:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
    Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH42THS-Microsoft.Microsoft3DViewer.

    Error: (12/11/2017 12:05:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
    Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH5FV99-Microsoft.MSPaint.

    Error: (12/11/2017 12:04:58 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
    Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH537C2-Microsoft.XboxGameOverlay.

    Error: (12/11/2017 12:03:07 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
    Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH42THS-Microsoft.Microsoft3DViewer.

    Error: (12/11/2017 12:02:59 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
    Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH5FV99-Microsoft.MSPaint.


    CodeIntegrity:
    ===================================
      Date: 2017-12-11 22:21:35.053
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171211.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

      Date: 2017-12-10 02:09:18.787
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171208.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

      Date: 2017-12-08 03:38:14.718
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171207.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

      Date: 2017-12-07 02:41:20.966
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171206.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

      Date: 2017-12-06 02:31:42.546
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171205.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

      Date: 2017-12-05 17:21:55.985
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171204.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

      Date: 2017-12-03 19:29:14.466
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

      Date: 2017-12-03 19:29:13.740
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

      Date: 2017-12-03 19:28:50.803
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

      Date: 2017-12-03 19:28:49.571
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


    ==================== Informações da Memória =========================== 

    Processador: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
    Percentagem de memória em uso: 36%
    RAM física total: 16329.73 MB
    RAM física disponível: 10339.94 MB
    Virtual Total: 18761.73 MB
    Virtual disponível: 11902.73 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:118.46 GB) (Free:27.08 GB) NTFS
    Drive d: (Rogério) (Fixed) (Total:2794.39 GB) (Free:2036.37 GB) NTFS

    ==================== MBR & Tabela de Partições ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

    Partition: GPT.

    ========================================================
    Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 8A6487A7)
    Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=118.5 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

    ==================== Fim de Addition.txt ============================

     

     

     

     

     

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    @Errepege

     

    Analise se tu precisa de tantas "extensões" no chrome. Isso com certeza irá deixar teu computador lento. Cada extensão habilitada é um processo que consome no minimo 100Mb de ram.

     

    Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

    Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está no CODE abaixo:

    CreateRestorePoint:
    CloseProcesses:
    PowerShell: $app = Get-WmiObject -Class Win32_Product -ComputerName . | Where-Object -FilterScript {$_.Name -eq "µTorrent "}
    PowerShell: $app.Uninstall()
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
    SearchScopes: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
    SearchScopes: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
    BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
    BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
    BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-28] (Oracle Corporation)
    BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-28] (Oracle Corporation)
    Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
    Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
    Edge: 
    ======
    Edge Session Restore: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> está habilitado.
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\MountPoints2: {79afff2b-bb4e-11e7-ad9a-902b34ff64cf} - "F:\iStudio.exe" 
    CHR DefaultProfile: Profile 1
    CHR HomePage: Profile 1 -> hxxp://192.168.2.1/
    CHR StartupUrls: Profile 1 -> "hxxps://www.oculus.com/en-us/rift/","hxxp://www.shoptime.com.br/produto/124255321/geladeira-refrigerador-frost-free-brastemp-ative-brm50-429-litros-platinum?epar=9381&opn=COMPARADORES","hxxp://www.shoptime.com.br/produto/124255291/geladeira-refrigerador-frost-free-brastemp-ative-brm48-403-litros-platinum?opn=GOOGLEXML&loja=01&WT.srch=1&epar=bp_pl_00_go_pla-ed-refrigerador-todas-geral","hxxps://www.balaodainformatica.com.br/Cliente/MinhaConta","hxxp://carinhas.com.br/produto/caneca-personalizada-3/","hxxp://www.bastter.com/Mercado/BastterBlue/como-obter-acesso.aspx","hxxp://www.bastter.com/Mercado/Loja/Categoria/5/Revista-Bastter-Com.aspx","hxxp://guides.gamepressure.com/batmanarkhamasylum/guide.asp?ID=8059","hxxp://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns&p=4038291&viewfull=1#post4038291","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4038291&postcount=19","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063665&postcount=24","hxxp://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4038363&postcount=20","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063639&postcount=22","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063650&postcount=23","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4077985&postcount=60","hxxps://pitzi.com.br/","hxxp://produto.mercadolivre.com.br/MLB-729972915-mata-insetos-pernilongos-moscas-e-mosquitos-zika-dengue-_JM","hxxp://www.probuilds.net/guide/show/KR/2214984472/1561528","hxxp://www.probuilds.net/guide/show/KR/2217666300/1268315","hxxp://www.procon.sp.gov.br/","hxxp://www.leagueoflegendsmath.com/Articles/Common_Build_Mistakes.html","hxxp://www.probuilds.net/guide/show/EUW/2453503356/19806326","hxxp://ddowiki.com/page/Adventure_Packs","hxxp://ddowiki.com/page/Vault_of_Night_(story_arc)","hxxp://ddowiki.com/page/Litany_of_the_Dead_Part_3","hxxp://ddowiki.com/page/The_Shadow_Crypt","hxxps://www.ddo.com/forums/archive/index.php/t-442813.html?s=349b7415d277efc7c0b7e3469ac30f9d","hxxp://ddowiki.com/page/Talk:Augment_Slot","hxxp://ddowiki.com/page/Augment_Slot","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Level_12","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Ruskin_Blackboot_.28Level_12.29","hxxp://ddowiki.com/page/Devil_Assault_(quest)","hxxp://ddowiki.com/page/Astral_Diamond","hxxp://ddowiki.com/page/Item:Shard_of_Great_Power","hxxp://ddowiki.com/page/Pure_Shavarath_Iron","hxxp://crafting.cubicleninja.com/","hxxps://www.ddo.com/en/U29","hxxp://speedtest.copel.net/"
    CHR Session Restore: Profile 1 -> está habilitado.
    Task: {259305D0-7F98-4C24-B8ED-BF0B6F0480D0} - \Microsoft\Windows\UNP\RunCampaignManager -> Nenhum Arquivo <==== ATENÇÃO
    ShortcutWithArgument: C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Google Keep - notas e listas.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
    ShortcutWithArgument: C:\Users\Rogério\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
    ShortcutWithArgument: C:\Users\Rogério\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5803ea45d7990e6f\WhatsChrome Extension.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kbhfoiaobflocffnclkigpkeoagheimn
    FirewallRules: [{ABCD9D2A-0DFE-4358-9423-01F4F44C72F3}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
    FirewallRules: [{57D8FA44-EA07-4055-9456-CB42096EA039}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
    FirewallRules: [{9DAB21CC-1E4D-4278-A4E2-A2B392FBE09E}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{FFDA303C-81CA-4CF2-A422-4B9CFAB17FA7}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{0B766991-26F1-4D1C-97C4-915D25E44F89}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{0882A8CA-958F-432A-A538-B6114228BD4D}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{15A5C0D4-F649-45A1-8F6E-6596F2F74419}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{998EB994-61B4-4439-BF4E-23A85A072D5E}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{21830394-2C27-469C-8897-E36ABE86CA30}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{EA7D2852-20F7-4C3B-A678-35D975C25831}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
    ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Nenhum Arquivo
    CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo
    CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo
    CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo
    ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Nenhum Arquiv
    PowerShell: $app = Get-WmiObject -Class Win32_Product -ComputerName . | Where-Object -FilterScript {$_.Name -eq "µTorrent "}
    PowerShell: $app.Uninstall()
    CMD: ipconfig /flushdns
    RemoveProxy:
    EmptyTemp:
    CreateRestorePoint:

    Salve este arquivo na na sua área de trabalho com o nome fixlist

    OBS: É de extrema importância que o arquivo "fixlist" seja salvo na sua Área de Trabalho/Desktop. Verifique também se o FRST.exe encontra-se na Área de Trabalho/Desktop.

    ** Usuários do Windows Vista, Windows 7, 8/8.1 e windows 10:
    Clique com o direito sobre o arquivo FRST.EXE, depois clique em VRIfczU.png.

    Clique no botão Fix.

    Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.

    Anexe o log na sua próxima resposta

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Olá. Eu já tinha feito isso, mas pra me certificar depois da sua postagem, exclui (não apenas desativei) todas as extensões. 

    Pediu pra eu postar o Fixlog.txt? Não apareceu esse arquivo, e sim os dois de antes. FRST.txt e Addition.txt. 

    De qualquer forma, vou colar ambos os logs aqui:

    ============================================================================

    Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 13-12-2017
    Executado por Rogério (administrador) em ROGÉRIO (16-12-2017 07:19:21)
    Executando a partir de C:\Users\Rogério\Desktop
    Perfis Carregados: Rogério (Perfis Disponíveis: Rogério & rapha_000)
    Platform: Windows 10 Home Versão 1709 16299.125 (X64) Idioma: Português (Brasil)
    Internet Explorer Versão 11 (Navegador padrão: Chrome)
    Modo da Inicialização: Normal
    Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processos (Whitelisted) =================

    (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

    (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\ns.exe
    (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\ns.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
    (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
    (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
    (Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
    (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
    () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1712.3351.0_x64__8wekyb3d8bbwe\Calculator.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
    (Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe
    (Microsoft Corporation) C:\Windows\System32\bcastdvr.exe
    (Microsoft Corporation) C:\Windows\System32\smartscreen.exe

    ==================== Registro (Whitelisted) ===========================

    (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

    HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
    HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech, Inc.)
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-07-11] (Intel Corporation)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
    HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe [20763320 2017-11-03] (Corsair Components, Inc.)
    HKLM\...\RunOnce: [RealProtect] => C:\Program Files\McAfee\Real Protect\RealProtect.exe [7214800 2017-12-06] (McAfee, Inc.)
    Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545048 2017-03-14] (Skype Technologies S.A.)
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Rogério\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Spotify Web Helper] => C:\Users\Rogério\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-11-27] (Spotify Ltd)
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_187_pepper.exe -update pepperplugin
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\MountPoints2: {79afff2b-bb4e-11e7-ad9a-902b34ff64cf} - "F:\iStudio.exe" 

    ==================== Internet (Whitelisted) ====================

    (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

    Tcpip\Parameters: [DhcpNameServer] 189.38.95.95 189.38.95.96
    Tcpip\..\Interfaces\{1cccdaf1-4209-4f93-9225-dd69cf1164d9}: [NameServer] 8.8.8.8,8.8.4.4
    Tcpip\..\Interfaces\{1cccdaf1-4209-4f93-9225-dd69cf1164d9}: [DhcpNameServer] 189.38.95.95 189.38.95.96
    Tcpip\..\Interfaces\{2748ca79-bce9-4d38-959b-7b3cd42ef846}: [DhcpNameServer] 8.8.8.8 8.8.4.4

    Internet Explorer:
    ==================
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
    SearchScopes: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
    SearchScopes: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
    BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
    BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
    BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-28] (Oracle Corporation)
    BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-28] (Oracle Corporation)
    Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
    Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)

    Edge: 
    ======
    Edge Session Restore: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> está habilitado.

    FireFox:
    ========
    FF DefaultProfile: ycdepkaz.default
    FF ProfilePath: C:\Users\Rogério\AppData\Roaming\Mozilla\Firefox\Profiles\ycdepkaz.default [2017-12-07]
    FF Homepage: Mozilla\Firefox\Profiles\ycdepkaz.default -> about:home
    FF Session Restore: Mozilla\Firefox\Profiles\ycdepkaz.default -> está habilitado.
    FF Extension: (Video DownloadHelper) - C:\Users\Rogério\AppData\Roaming\Mozilla\Firefox\Profiles\ycdepkaz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-11-24]
    FF Extension: (Flash and Video Download) - C:\Users\Rogério\AppData\Roaming\Mozilla\Firefox\Profiles\ycdepkaz.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}.xpi [2017-12-01]
    FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
    FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2017-04-01] [Legacy] [não assinado]
    FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> D:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google, Inc.)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-28] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-28] (Oracle Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-11-27] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-11-27] (NVIDIA Corporation)
    FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-24] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-24] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

    Chrome: 
    =======
    CHR DefaultProfile: Profile 1
    CHR HomePage: Profile 1 -> hxxp://192.168.2.1/
    CHR StartupUrls: Profile 1 -> "hxxps://www.oculus.com/en-us/rift/","hxxp://www.shoptime.com.br/produto/124255321/geladeira-refrigerador-frost-free-brastemp-ative-brm50-429-litros-platinum?epar=9381&opn=COMPARADORES","hxxp://www.shoptime.com.br/produto/124255291/geladeira-refrigerador-frost-free-brastemp-ative-brm48-403-litros-platinum?opn=GOOGLEXML&loja=01&WT.srch=1&epar=bp_pl_00_go_pla-ed-refrigerador-todas-geral","hxxps://www.balaodainformatica.com.br/Cliente/MinhaConta","hxxp://carinhas.com.br/produto/caneca-personalizada-3/","hxxp://www.bastter.com/Mercado/BastterBlue/como-obter-acesso.aspx","hxxp://www.bastter.com/Mercado/Loja/Categoria/5/Revista-Bastter-Com.aspx","hxxp://guides.gamepressure.com/batmanarkhamasylum/guide.asp?ID=8059","hxxp://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns&p=4038291&viewfull=1#post4038291","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4038291&postcount=19","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063665&postcount=24","hxxp://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4038363&postcount=20","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063639&postcount=22","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063650&postcount=23","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4077985&postcount=60","hxxps://pitzi.com.br/","hxxp://produto.mercadolivre.com.br/MLB-729972915-mata-insetos-pernilongos-moscas-e-mosquitos-zika-dengue-_JM","hxxp://www.probuilds.net/guide/show/KR/2214984472/1561528","hxxp://www.probuilds.net/guide/show/KR/2217666300/1268315","hxxp://www.procon.sp.gov.br/","hxxp://www.leagueoflegendsmath.com/Articles/Common_Build_Mistakes.html","hxxp://www.probuilds.net/guide/show/EUW/2453503356/19806326","hxxp://ddowiki.com/page/Adventure_Packs","hxxp://ddowiki.com/page/Vault_of_Night_(story_arc)","hxxp://ddowiki.com/page/Litany_of_the_Dead_Part_3","hxxp://ddowiki.com/page/The_Shadow_Crypt","hxxps://www.ddo.com/forums/archive/index.php/t-442813.html?s=349b7415d277efc7c0b7e3469ac30f9d","hxxp://ddowiki.com/page/Talk:Augment_Slot","hxxp://ddowiki.com/page/Augment_Slot","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Level_12","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Ruskin_Blackboot_.28Level_12.29","hxxp://ddowiki.com/page/Devil_Assault_(quest)","hxxp://ddowiki.com/page/Astral_Diamond","hxxp://ddowiki.com/page/Item:Shard_of_Great_Power","hxxp://ddowiki.com/page/Pure_Shavarath_Iron","hxxp://crafting.cubicleninja.com/","hxxps://www.ddo.com/en/U29","hxxp://speedtest.copel.net/"
    CHR Session Restore: Profile 1 -> está habilitado.
    CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default [2017-11-25]
    CHR Extension: (Apresentações) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-25]
    CHR Extension: (Documentos) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-25]
    CHR Extension: (Google Drive) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-25]
    CHR Extension: (YouTube) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-25]
    CHR Extension: (Norton Security Toolbar) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-11-25]
    CHR Extension: (Adobe Acrobat) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-11-25]
    CHR Extension: (Planilhas) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-25]
    CHR Extension: (SearchVZ) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhmeggicckjohfhgocjieomdmmanmocd [2017-11-25]
    CHR Extension: (Documentos Google off-line) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-25]
    CHR Extension: (Norton Identity Safe) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2017-11-25]
    CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-25]
    CHR Extension: (Gmail) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-25]
    CHR Extension: (Chrome Media Router) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-25]
    CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-11-24]
    CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-12-16]
    CHR Extension: (Duolingo na Web) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2017-11-24]
    CHR Extension: (Google Drive) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-24]
    CHR Extension: (YouTube) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-24]
    CHR Extension: (Facebook) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2017-11-24]
    CHR Extension: (Adblock Plus) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-11-24]
    CHR Extension: (Google Agenda) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-11-24]
    CHR Extension: (Video Downloader professional) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2017-12-16]
    CHR Extension: (Planilhas) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-16]
    CHR Extension: (hxxp://www.netflix.com/browse) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hjaaapkoiljkjpgpfgckfielajkdjhik [2017-11-24]
    CHR Extension: (X-Men Blog - PASSA PRO BABAÇO!) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\miaklnakbdehkcfhmoohcocbifodpebf [2017-11-24]
    CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-24]
    CHR Extension: (Gmail) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-24]
    CHR Extension: (Chrome Media Router) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-16]
    CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\System Profile [2017-11-24]
    CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\Exts\Chrome.crx <não encontrado (a)>
    CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fhmeggicckjohfhgocjieomdmmanmocd] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\Exts\Chrome.crx <não encontrado (a)>
    CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

    ==================== Serviços (Whitelisted) ====================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530888 2017-08-25] ()
    S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
    S4 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Arquivo não assinado]
    S4 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Arquivo não assinado]
    S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-11] (Intel Corporation)
    R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [343544 2017-12-06] (McAfee, Inc.)
    R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NS.exe [326144 2017-11-11] (Symantec Corporation)
    S4 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-15] (NVIDIA Corporation)
    S4 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-15] (NVIDIA Corporation)
    S4 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [463664 2017-11-27] (NVIDIA Corporation)
    S4 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-11-15] (NVIDIA Corporation)
    S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2134848 2017-11-22] (Electronic Arts)
    R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3014472 2017-11-22] (Electronic Arts)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ======================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\BASHDefs\20171213.001\BHDrvx64.sys [1872024 2017-10-11] (Symantec Corporation)
    R1 ccSet_NS; C:\WINDOWS\system32\drivers\NSx64\160B020.007\ccSetx64.sys [187544 2017-11-10] (Symantec Corporation)
    R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45528 2017-07-31] (Corsair)
    R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21968 2017-07-31] (Corsair)
    R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [508056 2017-10-18] (Symantec Corporation)
    R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [158360 2017-10-18] (Symantec Corporation)
    R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171215.001\IDSvia64.sys [1056920 2017-10-13] (Symantec Corporation)
    R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [917008 2017-12-06] (McAfee, Inc.)
    S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [124432 2017-12-06] (McAfee, Inc.)
    R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2d65b7647eff8c45\nvlddmkm.sys [17020720 2017-11-28] (NVIDIA Corporation)
    S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-15] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-10] (NVIDIA Corporation)
    R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-11-27] (NVIDIA Corporation)
    R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2017-03-10] (Realtek )
    R1 SRTSP; C:\WINDOWS\System32\Drivers\NSx64\160B020.007\SRTSP64.SYS [812696 2017-11-10] (Symantec Corporation)
    R1 SRTSPX; C:\WINDOWS\system32\drivers\NSx64\160B020.007\SRTSPX64.SYS [49304 2017-11-10] (Symantec Corporation)
    R0 SymEFASI; C:\WINDOWS\System32\drivers\NSx64\160B020.007\SYMEFASI64.SYS [1938584 2017-11-10] (Symantec Corporation)
    S0 SymELAM; C:\WINDOWS\System32\drivers\NSx64\160B020.007\SymELAM.sys [24608 2017-11-10] (Symantec Corporation)
    R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102600 2017-11-17] (Symantec Corporation)
    R1 SymIRON; C:\WINDOWS\system32\drivers\NSx64\160B020.007\Ironx64.SYS [309984 2017-11-10] (Symantec Corporation)
    R1 SymNetS; C:\WINDOWS\System32\Drivers\NSx64\160B020.007\SYMNETS.SYS [566936 2017-11-10] (Symantec Corporation)
    S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
    S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
    S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


    ==================== Um Mês Criados arquivos e pastas ========

    (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

    2017-12-16 07:19 - 2017-12-16 07:19 - 000000000 ____D C:\Users\Rogério\Desktop\FRST-OlderVersion
    2017-12-16 05:07 - 2017-12-16 05:07 - 000091303 _____ C:\Users\Rogério\Desktop\WhatsApp Image 2017-12-16 at 05.02.15.jpeg
    2017-12-16 04:53 - 2017-12-16 04:53 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
    2017-12-16 03:09 - 2017-12-16 03:09 - 000009754 _____ C:\Users\Rogério\Desktop\Fixlist.txt
    2017-12-13 07:57 - 2017-12-08 04:52 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
    2017-12-13 07:57 - 2017-12-07 21:34 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
    2017-12-13 07:57 - 2017-12-07 21:34 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
    2017-12-13 07:57 - 2017-12-07 21:34 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
    2017-12-13 07:57 - 2017-12-07 21:31 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2017-12-13 07:57 - 2017-12-07 21:31 - 000779440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2017-12-13 07:57 - 2017-12-07 21:30 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
    2017-12-13 07:57 - 2017-12-07 21:28 - 000710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
    2017-12-13 07:57 - 2017-12-07 21:28 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
    2017-12-13 07:57 - 2017-12-07 21:27 - 004504456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
    2017-12-13 07:57 - 2017-12-07 21:27 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2017-12-13 07:57 - 2017-12-07 21:27 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
    2017-12-13 07:57 - 2017-12-07 21:26 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2017-12-13 07:57 - 2017-12-07 21:26 - 002709200 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2017-12-13 07:57 - 2017-12-07 21:26 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
    2017-12-13 07:57 - 2017-12-07 21:25 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
    2017-12-13 07:57 - 2017-12-07 21:24 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
    2017-12-13 07:57 - 2017-12-07 21:24 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
    2017-12-13 07:57 - 2017-12-07 21:24 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2017-12-13 07:57 - 2017-12-07 21:23 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
    2017-12-13 07:57 - 2017-12-07 21:23 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2017-12-13 07:57 - 2017-12-07 21:22 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
    2017-12-13 07:57 - 2017-12-07 21:22 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
    2017-12-13 07:57 - 2017-12-07 21:22 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
    2017-12-13 07:57 - 2017-12-07 21:22 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
    2017-12-13 07:57 - 2017-12-07 21:21 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2017-12-13 07:57 - 2017-12-07 21:20 - 001170000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
    2017-12-13 07:57 - 2017-12-07 21:19 - 021352136 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2017-12-13 07:57 - 2017-12-07 21:16 - 001776272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
    2017-12-13 07:57 - 2017-12-07 21:16 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
    2017-12-13 07:57 - 2017-12-07 21:15 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
    2017-12-13 07:57 - 2017-12-07 21:15 - 000721592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
    2017-12-13 07:57 - 2017-12-07 21:14 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
    2017-12-13 07:57 - 2017-12-07 21:12 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
    2017-12-13 07:57 - 2017-12-07 21:10 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
    2017-12-13 07:57 - 2017-12-07 20:58 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
    2017-12-13 07:57 - 2017-12-07 20:57 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2017-12-13 07:57 - 2017-12-07 20:56 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
    2017-12-13 07:57 - 2017-12-07 20:55 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
    2017-12-13 07:57 - 2017-12-07 20:55 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
    2017-12-13 07:57 - 2017-12-07 20:39 - 006092664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2017-12-13 07:57 - 2017-12-07 20:37 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
    2017-12-13 07:57 - 2017-12-07 20:36 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
    2017-12-13 07:57 - 2017-12-07 20:34 - 003484840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
    2017-12-13 07:57 - 2017-12-07 20:34 - 002192112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2017-12-13 07:57 - 2017-12-07 20:33 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
    2017-12-13 07:57 - 2017-12-07 20:33 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
    2017-12-13 07:57 - 2017-12-07 20:32 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2017-12-13 07:57 - 2017-12-07 20:31 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
    2017-12-13 07:57 - 2017-12-07 20:31 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
    2017-12-13 07:57 - 2017-12-07 20:31 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2017-12-13 07:57 - 2017-12-07 20:23 - 006478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2017-12-13 07:57 - 2017-12-07 20:22 - 025245696 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2017-12-13 07:57 - 2017-12-07 20:13 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2017-12-13 07:57 - 2017-12-07 20:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
    2017-12-13 07:57 - 2017-12-07 20:12 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
    2017-12-13 07:57 - 2017-12-07 20:12 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
    2017-12-13 07:57 - 2017-12-07 20:12 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
    2017-12-13 07:57 - 2017-12-07 20:11 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2017-12-13 07:57 - 2017-12-07 20:10 - 018916352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2017-12-13 07:57 - 2017-12-07 20:10 - 006466048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2017-12-13 07:57 - 2017-12-07 20:10 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
    2017-12-13 07:57 - 2017-12-07 20:10 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
    2017-12-13 07:57 - 2017-12-07 20:10 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
    2017-12-13 07:57 - 2017-12-07 20:10 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
    2017-12-13 07:57 - 2017-12-07 20:10 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
    2017-12-13 07:57 - 2017-12-07 20:10 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
    2017-12-13 07:57 - 2017-12-07 20:09 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll
    2017-12-13 07:57 - 2017-12-07 20:09 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
    2017-12-13 07:57 - 2017-12-07 20:09 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
    2017-12-13 07:57 - 2017-12-07 20:09 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
    2017-12-13 07:57 - 2017-12-07 20:09 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
    2017-12-13 07:57 - 2017-12-07 20:08 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2017-12-13 07:57 - 2017-12-07 20:08 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
    2017-12-13 07:57 - 2017-12-07 20:08 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
    2017-12-13 07:57 - 2017-12-07 20:08 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
    2017-12-13 07:57 - 2017-12-07 20:08 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
    2017-12-13 07:57 - 2017-12-07 20:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
    2017-12-13 07:57 - 2017-12-07 20:07 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
    2017-12-13 07:57 - 2017-12-07 20:07 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
    2017-12-13 07:57 - 2017-12-07 20:07 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2017-12-13 07:57 - 2017-12-07 20:07 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
    2017-12-13 07:57 - 2017-12-07 20:07 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
    2017-12-13 07:57 - 2017-12-07 20:07 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
    2017-12-13 07:57 - 2017-12-07 20:07 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2017-12-13 07:57 - 2017-12-07 20:06 - 023652864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2017-12-13 07:57 - 2017-12-07 20:06 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
    2017-12-13 07:57 - 2017-12-07 20:06 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
    2017-12-13 07:57 - 2017-12-07 20:06 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
    2017-12-13 07:57 - 2017-12-07 20:06 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
    2017-12-13 07:57 - 2017-12-07 20:05 - 006037504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2017-12-13 07:57 - 2017-12-07 20:05 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll
    2017-12-13 07:57 - 2017-12-07 20:05 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2017-12-13 07:57 - 2017-12-07 20:05 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
    2017-12-13 07:57 - 2017-12-07 20:05 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
    2017-12-13 07:57 - 2017-12-07 20:05 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
    2017-12-13 07:57 - 2017-12-07 20:05 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2017-12-13 07:57 - 2017-12-07 20:05 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
    2017-12-13 07:57 - 2017-12-07 20:05 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
    2017-12-13 07:57 - 2017-12-07 20:05 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
    2017-12-13 07:57 - 2017-12-07 20:05 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
    2017-12-13 07:57 - 2017-12-07 20:05 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
    2017-12-13 07:57 - 2017-12-07 20:05 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
    2017-12-13 07:57 - 2017-12-07 20:05 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
    2017-12-13 07:57 - 2017-12-07 20:04 - 003678208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2017-12-13 07:57 - 2017-12-07 20:04 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
    2017-12-13 07:57 - 2017-12-07 20:04 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
    2017-12-13 07:57 - 2017-12-07 20:04 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
    2017-12-13 07:57 - 2017-12-07 20:03 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
    2017-12-13 07:57 - 2017-12-07 20:03 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2017-12-13 07:57 - 2017-12-07 20:03 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
    2017-12-13 07:57 - 2017-12-07 20:03 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
    2017-12-13 07:57 - 2017-12-07 20:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
    2017-12-13 07:57 - 2017-12-07 20:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2017-12-13 07:57 - 2017-12-07 20:03 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2017-12-13 07:57 - 2017-12-07 20:03 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
    2017-12-13 07:57 - 2017-12-07 20:03 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2017-12-13 07:57 - 2017-12-07 20:03 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll
    2017-12-13 07:57 - 2017-12-07 20:02 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2017-12-13 07:57 - 2017-12-07 20:02 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
    2017-12-13 07:57 - 2017-12-07 20:02 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
    2017-12-13 07:57 - 2017-12-07 20:02 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
    2017-12-13 07:57 - 2017-12-07 20:02 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
    2017-12-13 07:57 - 2017-12-07 20:02 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
    2017-12-13 07:57 - 2017-12-07 20:01 - 008097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2017-12-13 07:57 - 2017-12-07 20:01 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
    2017-12-13 07:57 - 2017-12-07 20:01 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
    2017-12-13 07:57 - 2017-12-07 20:01 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
    2017-12-13 07:57 - 2017-12-07 20:01 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
    2017-12-13 07:57 - 2017-12-07 20:00 - 004740608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2017-12-13 07:57 - 2017-12-07 20:00 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
    2017-12-13 07:57 - 2017-12-07 20:00 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
    2017-12-13 07:57 - 2017-12-07 19:59 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
    2017-12-13 07:57 - 2017-12-07 19:59 - 002105856 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2017-12-13 07:57 - 2017-12-07 19:59 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
    2017-12-13 07:57 - 2017-12-07 19:59 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
    2017-12-13 07:57 - 2017-12-07 19:59 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
    2017-12-13 07:57 - 2017-12-07 19:58 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
    2017-12-13 07:57 - 2017-12-07 19:58 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2017-12-13 07:57 - 2017-12-07 19:58 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2017-12-13 07:57 - 2017-12-07 19:58 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
    2017-12-13 07:57 - 2017-12-07 19:58 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2017-12-13 07:57 - 2017-12-07 19:57 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2017-12-13 07:57 - 2017-12-07 19:57 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2017-12-13 07:57 - 2017-12-07 19:56 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
    2017-12-13 07:57 - 2017-12-07 19:56 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
    2017-12-13 07:57 - 2017-12-07 19:56 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2017-12-13 07:57 - 2017-12-07 19:54 - 002510336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
    2017-12-13 07:57 - 2017-12-07 19:54 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
    2017-12-13 07:57 - 2017-12-07 19:54 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
    2017-12-13 07:57 - 2017-11-26 18:35 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
    2017-12-13 07:57 - 2017-11-26 18:32 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
    2017-12-13 07:57 - 2017-11-26 18:15 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
    2017-12-13 07:57 - 2017-11-26 14:43 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
    2017-12-13 07:57 - 2017-11-26 11:48 - 001200536 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2017-12-13 07:57 - 2017-11-26 11:47 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2017-12-13 07:57 - 2017-11-26 11:45 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
    2017-12-13 07:57 - 2017-11-26 11:45 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
    2017-12-13 07:57 - 2017-11-26 11:45 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
    2017-12-13 07:57 - 2017-11-26 11:45 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2017-12-13 07:57 - 2017-11-26 11:41 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
    2017-12-13 07:57 - 2017-11-26 11:38 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
    2017-12-13 07:57 - 2017-11-26 11:37 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
    2017-12-13 07:57 - 2017-11-26 11:35 - 001090440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2017-12-13 07:57 - 2017-11-26 11:35 - 000924136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2017-12-13 07:57 - 2017-11-26 11:33 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
    2017-12-13 07:57 - 2017-11-26 11:33 - 001208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2017-12-13 07:57 - 2017-11-26 11:33 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
    2017-12-13 07:57 - 2017-11-26 11:33 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
    2017-12-13 07:57 - 2017-11-26 11:32 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
    2017-12-13 07:57 - 2017-11-26 11:32 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
    2017-12-13 07:57 - 2017-11-26 11:31 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
    2017-12-13 07:57 - 2017-11-26 11:30 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
    2017-12-13 07:57 - 2017-11-26 11:29 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
    2017-12-13 07:57 - 2017-11-26 11:29 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2017-12-13 07:57 - 2017-11-26 11:29 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
    2017-12-13 07:57 - 2017-11-26 11:29 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
    2017-12-13 07:57 - 2017-11-26 11:29 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2017-12-13 07:57 - 2017-11-26 11:29 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
    2017-12-13 07:57 - 2017-11-26 11:29 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
    2017-12-13 07:57 - 2017-11-26 11:28 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2017-12-13 07:57 - 2017-11-26 11:28 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
    2017-12-13 07:57 - 2017-11-26 11:28 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
    2017-12-13 07:57 - 2017-11-26 11:28 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
    2017-12-13 07:57 - 2017-11-26 11:28 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
    2017-12-13 07:57 - 2017-11-26 11:27 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
    2017-12-13 07:57 - 2017-11-26 11:27 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
    2017-12-13 07:57 - 2017-11-26 11:27 - 001413760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2017-12-13 07:57 - 2017-11-26 11:27 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
    2017-12-13 07:57 - 2017-11-26 11:27 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
    2017-12-13 07:57 - 2017-11-26 11:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
    2017-12-13 07:57 - 2017-11-26 11:26 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    2017-12-13 07:57 - 2017-11-26 11:25 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
    2017-12-13 07:57 - 2017-11-26 11:23 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
    2017-12-13 07:57 - 2017-11-26 11:23 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
    2017-12-13 07:57 - 2017-11-26 11:23 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
    2017-12-13 07:57 - 2017-11-26 11:22 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
    2017-12-13 07:57 - 2017-11-26 11:21 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2017-12-13 07:57 - 2017-11-26 11:21 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2017-12-13 07:57 - 2017-11-26 11:20 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
    2017-12-13 07:57 - 2017-11-26 11:20 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
    2017-12-13 07:57 - 2017-11-26 10:57 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
    2017-12-13 07:57 - 2017-11-26 10:55 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
    2017-12-13 07:57 - 2017-11-26 10:55 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
    2017-12-13 07:57 - 2017-11-26 10:55 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
    2017-12-13 07:57 - 2017-11-26 10:55 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
    2017-12-13 07:57 - 2017-11-26 10:55 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
    2017-12-13 07:57 - 2017-11-26 10:55 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
    2017-12-13 07:57 - 2017-11-26 10:54 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2017-12-13 07:57 - 2017-11-26 10:54 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
    2017-12-13 07:57 - 2017-11-26 10:48 - 012829696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2017-12-13 07:57 - 2017-11-26 10:47 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
    2017-12-13 07:57 - 2017-11-26 10:43 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
    2017-12-13 07:57 - 2017-11-26 10:36 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
    2017-12-13 07:57 - 2017-11-26 10:36 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
    2017-12-13 07:57 - 2017-11-26 10:36 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
    2017-12-13 07:57 - 2017-11-26 10:36 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
    2017-12-13 07:57 - 2017-11-26 10:35 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
    2017-12-13 07:57 - 2017-11-26 10:35 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
    2017-12-13 07:57 - 2017-11-26 10:34 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
    2017-12-13 07:57 - 2017-11-26 10:33 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
    2017-12-13 07:57 - 2017-11-26 10:31 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2017-12-13 07:57 - 2017-11-26 10:31 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
    2017-12-13 07:57 - 2017-11-26 10:31 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
    2017-12-13 07:57 - 2017-11-26 10:31 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
    2017-12-13 07:57 - 2017-11-26 10:29 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
    2017-12-13 07:57 - 2017-11-26 10:29 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
    2017-12-13 07:57 - 2017-11-26 10:29 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
    2017-12-13 07:57 - 2017-11-26 10:29 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
    2017-12-13 07:57 - 2017-11-26 10:28 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
    2017-12-13 07:57 - 2017-11-26 10:26 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
    2017-12-13 07:57 - 2017-11-26 10:26 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
    2017-12-13 07:57 - 2017-11-26 10:26 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
    2017-12-13 07:57 - 2017-11-26 10:25 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
    2017-12-13 07:57 - 2017-11-26 10:25 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
    2017-12-13 07:57 - 2017-11-26 10:25 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
    2017-12-13 07:57 - 2017-11-26 10:25 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
    2017-12-13 07:57 - 2017-11-26 10:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
    2017-12-13 07:57 - 2017-11-26 10:23 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
    2017-12-13 07:57 - 2017-11-26 10:22 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
    2017-12-13 07:57 - 2017-11-26 10:19 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
    2017-12-13 07:57 - 2017-11-26 10:19 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
    2017-12-13 07:57 - 2017-11-26 10:19 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll
    2017-12-13 07:57 - 2017-11-26 10:18 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
    2017-12-13 07:57 - 2017-11-26 10:18 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
    2017-12-13 07:57 - 2017-11-26 10:18 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
    2017-12-13 07:57 - 2017-11-26 10:17 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2017-12-13 07:57 - 2017-11-26 10:17 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2017-12-13 07:57 - 2017-11-26 10:17 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2017-12-13 07:57 - 2017-11-26 10:08 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2017-12-13 07:57 - 2017-11-26 10:05 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2017-12-13 07:57 - 2017-11-26 10:04 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
    2017-12-13 07:57 - 2017-11-26 10:04 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
    2017-12-13 07:57 - 2017-11-26 10:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
    2017-12-13 07:57 - 2017-11-26 10:03 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2017-12-13 07:57 - 2017-11-26 10:01 - 003163648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2017-12-13 07:57 - 2017-11-26 10:00 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
    2017-12-13 07:57 - 2017-11-26 09:59 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2017-12-13 07:57 - 2017-11-26 09:59 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
    2017-12-13 07:57 - 2017-11-26 09:59 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
    2017-12-13 07:57 - 2017-11-26 09:59 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
    2017-12-13 07:57 - 2017-11-26 09:58 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
    2017-12-13 07:57 - 2017-11-26 09:48 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
    2017-12-13 07:57 - 2017-11-26 09:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
    2017-12-13 07:57 - 2017-11-26 09:21 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
    2017-12-13 07:57 - 2017-11-26 09:21 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
    2017-12-13 07:57 - 2017-11-26 09:02 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
    2017-12-13 07:57 - 2017-11-26 09:01 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
    2017-12-13 07:57 - 2017-11-26 09:01 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
    2017-12-13 07:57 - 2017-11-26 09:01 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
    2017-12-13 07:57 - 2017-11-26 09:01 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
    2017-12-13 07:57 - 2017-11-26 09:01 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
    2017-12-13 07:57 - 2017-11-26 09:01 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
    2017-12-13 07:57 - 2017-11-26 09:00 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
    2017-12-13 07:57 - 2017-11-26 09:00 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
    2017-12-13 07:57 - 2017-11-26 08:59 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
    2017-12-13 07:57 - 2017-11-26 08:58 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
    2017-12-13 07:57 - 2017-11-26 08:58 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
    2017-12-13 07:57 - 2017-11-26 08:51 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
    2017-12-13 07:57 - 2017-11-26 08:51 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
    2017-12-13 07:57 - 2017-11-26 08:41 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
    2017-12-13 07:57 - 2017-11-26 08:41 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
    2017-12-13 07:57 - 2017-11-26 08:41 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
    2017-12-13 07:57 - 2017-11-26 08:41 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
    2017-12-13 07:57 - 2017-11-26 08:41 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
    2017-12-13 07:57 - 2017-11-26 08:40 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
    2017-12-13 07:57 - 2017-11-26 08:38 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
    2017-12-13 07:57 - 2017-11-26 08:37 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
    2017-12-13 07:57 - 2017-11-26 08:36 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2017-12-13 07:57 - 2017-11-26 08:36 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
    2017-12-13 07:57 - 2017-11-26 08:36 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
    2017-12-13 07:57 - 2017-11-26 08:36 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
    2017-12-13 07:57 - 2017-11-26 08:35 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
    2017-12-13 07:57 - 2017-11-26 08:35 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
    2017-12-13 07:57 - 2017-11-26 08:35 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
    2017-12-13 07:57 - 2017-11-26 08:35 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
    2017-12-13 07:57 - 2017-11-26 08:32 - 011923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2017-12-13 07:57 - 2017-11-26 08:31 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
    2017-12-13 07:57 - 2017-11-26 08:31 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
    2017-12-13 07:57 - 2017-11-26 08:30 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
    2017-12-13 07:57 - 2017-11-26 08:30 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
    2017-12-13 07:57 - 2017-11-26 08:29 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2017-12-13 07:57 - 2017-11-26 08:29 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
    2017-12-13 07:57 - 2017-11-26 08:28 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
    2017-12-13 07:57 - 2017-11-26 08:24 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
    2017-12-13 07:57 - 2017-11-26 08:24 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
    2017-12-13 07:57 - 2017-11-19 05:35 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
    2017-12-13 07:57 - 2017-11-19 00:20 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
    2017-12-12 05:47 - 2017-12-12 05:48 - 000051349 _____ C:\Users\Rogério\Desktop\Addition.txt
    2017-12-12 05:46 - 2017-12-16 07:19 - 000023736 _____ C:\Users\Rogério\Desktop\FRST.txt
    2017-12-12 05:46 - 2017-12-16 07:19 - 000000000 ____D C:\FRST
    2017-12-12 05:45 - 2017-12-16 07:19 - 002392064 _____ (Farbar) C:\Users\Rogério\Desktop\FRST64.exe
    2017-12-12 05:44 - 2017-12-12 07:00 - 000000000 ____D C:\Users\Rogério\AppData\Local\PlaceholderTileLogoFolder
    2017-12-07 03:42 - 2017-12-07 03:42 - 000000000 ____D C:\Program Files (x86)\VulkanRT
    2017-12-07 03:42 - 2017-11-27 22:16 - 000137200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
    2017-12-07 03:42 - 2017-09-13 21:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
    2017-12-07 03:42 - 2017-09-13 21:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
    2017-12-07 03:42 - 2017-09-13 21:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
    2017-12-07 03:42 - 2017-09-13 21:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
    2017-12-07 03:40 - 2017-11-27 23:56 - 040238576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 036348400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 035159072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 029378960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 023266584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 019039304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 013866792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 013255032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 011780888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 010883744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 004202808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 003615024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 001991016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438843.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 001674552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438843.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 001331016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 001321264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 001135464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 001101296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 001044848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 001038680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 001032688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 000982000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 000932424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 000794392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 000740152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 000634224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 000618744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 000616240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 000599536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 000506864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
    2017-12-07 03:40 - 2017-11-27 23:56 - 000045496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
    2017-12-06 19:20 - 2017-12-06 19:20 - 000917008 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfehidk.sys
    2017-12-06 19:20 - 2017-12-06 19:20 - 000343544 _____ (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
    2017-12-06 19:20 - 2017-12-06 19:20 - 000124432 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mferkdet.sys
    2017-12-06 19:16 - 2017-12-06 22:11 - 000000000 ____D C:\Program Files\stinger
    2017-12-06 19:16 - 2017-12-06 19:16 - 000000000 ____D C:\Program Files\McAfee
    2017-12-06 19:14 - 2017-12-06 19:14 - 000009018 _____ C:\Users\Rogério\Desktop\ROGUEKILLER.txt
    2017-12-06 17:59 - 2017-12-06 17:59 - 000000000 ____D C:\Users\rapha_000\Desktop\Backup
    2017-12-05 18:21 - 2017-12-06 07:22 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
    2017-12-05 18:20 - 2017-12-05 18:46 - 000000000 ____D C:\Users\Todos os Usuários\RogueKiller
    2017-12-05 18:20 - 2017-12-05 18:46 - 000000000 ____D C:\ProgramData\RogueKiller
    2017-11-29 19:28 - 2017-11-29 19:28 - 000015578 _____ C:\ZA-Scan.txt
    2017-11-29 18:06 - 2017-11-29 18:06 - 000000000 ____D C:\zoek_backup
    2017-11-29 17:55 - 2017-11-29 17:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine
    2017-11-29 17:55 - 2017-11-29 17:55 - 000000000 ____D C:\Program Files (x86)\Corsair
    2017-11-29 17:42 - 2017-12-02 07:00 - 000000000 ____D C:\AdwCleaner
    2017-11-24 08:58 - 2017-12-14 21:35 - 000002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2017-11-24 08:58 - 2017-11-24 08:58 - 000003586 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2017-11-24 08:58 - 2017-11-24 08:58 - 000003462 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2017-11-20 15:08 - 2017-11-20 16:54 - 715231211 _____ C:\Users\rapha_000\Downloads\dragon_ball_super_116_FULLHD_fast.mp4
    2017-11-17 23:30 - 2017-11-09 04:43 - 000540784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
    2017-11-17 23:30 - 2017-11-09 04:43 - 000446392 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
    2017-11-17 18:24 - 2017-11-17 18:24 - 000001603 _____ C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\release.lnk
    2017-11-17 12:29 - 2017-11-17 12:29 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
    2017-11-17 10:31 - 2017-11-17 10:31 - 000003386 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration

    ==================== Um Mês Modificados arquivos e pastas ========

    (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

    2017-12-16 07:09 - 2016-10-14 20:18 - 000000000 ____D C:\Users\Rogério\Desktop\Panda Network
    2017-12-16 07:08 - 2017-10-20 15:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2017-12-16 07:07 - 2017-09-29 11:37 - 000000000 ____D C:\WINDOWS\CbsTemp
    2017-12-16 05:22 - 2017-10-20 15:15 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security
    2017-12-16 05:07 - 2017-06-17 09:39 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\WhatsApp
    2017-12-16 05:06 - 2017-06-21 04:51 - 000000000 ____D C:\Program Files (x86)\Steam
    2017-12-16 05:06 - 2017-06-17 09:39 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
    2017-12-16 05:06 - 2017-06-17 09:39 - 000000000 ____D C:\Users\Rogério\AppData\Local\WhatsApp
    2017-12-16 05:06 - 2017-02-10 07:51 - 000000000 ____D C:\Users\Rogério\AppData\Local\CrashDumps
    2017-12-16 05:05 - 2017-05-02 15:47 - 000000000 ____D C:\Users\Rogério\AppData\Local\SquirrelTemp
    2017-12-16 02:12 - 2017-10-20 15:15 - 000004672 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
    2017-12-16 02:12 - 2017-03-10 07:47 - 000000000 ____D C:\Users\Rogério\AppData\Local\Adobe
    2017-12-16 02:12 - 2017-02-19 03:35 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\uTorrent
    2017-12-16 02:11 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
    2017-12-16 02:11 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
    2017-12-15 16:31 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
    2017-12-15 16:30 - 2017-09-29 11:46 - 000000000 ___HD C:\Program Files\WindowsApps
    2017-12-15 16:30 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\AppReadiness
    2017-12-15 16:28 - 2017-05-08 16:26 - 000000000 ____D C:\Users\Todos os Usuários\NVIDIA
    2017-12-15 16:28 - 2017-05-08 16:26 - 000000000 ____D C:\ProgramData\NVIDIA
    2017-12-14 08:45 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\rescache
    2017-12-14 08:10 - 2017-10-20 15:13 - 000000000 ____D C:\Users\Rogério\AppData\Local\Packages
    2017-12-14 08:05 - 2017-10-20 15:22 - 002623580 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2017-12-14 08:05 - 2017-09-30 12:34 - 000984900 _____ C:\WINDOWS\system32\prfh0416.dat
    2017-12-14 08:05 - 2017-09-30 12:34 - 000341314 _____ C:\WINDOWS\system32\prfc0416.dat
    2017-12-14 08:00 - 2017-10-20 15:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2017-12-14 08:00 - 2017-09-29 06:45 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
    2017-12-13 21:23 - 2017-09-29 06:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
    2017-12-13 21:15 - 2017-09-29 11:44 - 000000000 ____D C:\WINDOWS\INF
    2017-12-13 21:13 - 2017-02-10 13:35 - 000000000 ____D C:\WINDOWS\system32\MRT
    2017-12-13 21:11 - 2017-10-10 22:50 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
    2017-12-13 21:11 - 2017-02-10 13:35 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2017-12-13 21:05 - 2017-10-20 15:48 - 000000000 ___RD C:\Users\Rogério\3D Objects
    2017-12-13 21:05 - 2017-10-20 15:11 - 000230616 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2017-12-13 21:05 - 2017-02-10 07:40 - 000000000 __RHD C:\Users\Public\AccountPictures
    2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\TextInput
    2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
    2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
    2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
    2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\oobe
    2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
    2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
    2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\Provisioning
    2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\Program Files\Windows Defender
    2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\PerfLogs
    2017-12-13 21:04 - 2017-09-29 06:45 - 000000000 ____D C:\WINDOWS\system32\Dism
    2017-12-13 07:58 - 2017-09-29 11:42 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
    2017-12-13 07:58 - 2017-09-29 11:41 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
    2017-12-13 07:58 - 2017-09-29 11:41 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
    2017-12-13 07:58 - 2017-09-29 11:41 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
    2017-12-11 02:07 - 2017-08-17 09:18 - 000000000 ____D C:\Dungeons & Dragons Online
    2017-12-11 01:31 - 2017-04-16 18:37 - 000000000 ____D C:\Users\Rogério\AppData\Local\Turbine
    2017-12-10 02:40 - 2017-02-15 08:04 - 000000000 ____D C:\Program Files (x86)\Origin
    2017-12-10 02:15 - 2017-02-15 04:51 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Origin
    2017-12-10 02:08 - 2017-02-15 04:47 - 000000000 ____D C:\Users\Todos os Usuários\Origin
    2017-12-10 02:08 - 2017-02-15 04:47 - 000000000 ____D C:\ProgramData\Origin
    2017-12-08 05:19 - 2017-02-10 20:58 - 000000000 ____D C:\Users\Rogério\AppData\Local\Ubisoft Game Launcher
    2017-12-07 22:40 - 2017-05-22 14:54 - 000000000 ____D C:\Users\Rogério\AppData\LocalLow\Mozilla
    2017-12-07 21:07 - 2017-02-15 04:42 - 000000000 ____D C:\Users\Rogério\AppData\Local\NVIDIA Corporation
    2017-12-07 07:05 - 2017-10-20 15:12 - 000000000 ____D C:\Users\Rogério
    2017-12-07 03:48 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
    2017-12-07 03:43 - 2017-02-10 07:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2017-12-07 03:42 - 2017-02-15 04:45 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\NVIDIA
    2017-12-07 03:40 - 2017-05-08 16:26 - 000000000 ____D C:\Users\Todos os Usuários\NVIDIA Corporation
    2017-12-07 03:40 - 2017-05-08 16:26 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
    2017-12-07 03:25 - 2017-08-17 09:19 - 000000000 ____D C:\Users\Rogério\AppData\Local\Akamai
    2017-12-05 18:39 - 2015-10-30 05:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
    2017-12-04 19:46 - 2017-05-22 14:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2017-12-03 20:38 - 2017-09-29 11:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2017-12-03 20:38 - 2017-09-29 11:49 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2017-12-02 19:57 - 2017-05-22 14:54 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2017-12-02 19:57 - 2017-05-22 14:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2017-12-01 04:19 - 2017-03-07 04:08 - 000000000 ____D C:\Users\Rogério\AppData\Local\Spotify
    2017-12-01 01:29 - 2017-03-07 04:08 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Spotify
    2017-11-30 08:32 - 2017-08-07 03:00 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2017-11-28 19:28 - 2017-05-02 15:47 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\discord
    2017-11-28 18:20 - 2017-03-10 22:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2017-11-28 18:20 - 2017-03-10 22:53 - 000000000 ____D C:\Users\Todos os Usuários\Oracle
    2017-11-28 18:20 - 2017-03-10 22:53 - 000000000 ____D C:\ProgramData\Oracle
    2017-11-28 18:20 - 2017-03-10 22:53 - 000000000 ____D C:\Program Files (x86)\Java
    2017-11-28 18:18 - 2017-03-10 22:54 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
    2017-11-27 23:56 - 2017-10-09 11:14 - 001615472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
    2017-11-27 23:56 - 2017-10-09 11:14 - 000225208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
    2017-11-27 23:56 - 2017-10-09 11:06 - 004485560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
    2017-11-27 23:56 - 2017-10-09 11:06 - 003817584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
    2017-11-27 23:56 - 2017-10-09 10:47 - 000048442 _____ C:\WINDOWS\system32\nvinfo.pb
    2017-11-27 23:56 - 2017-09-29 18:51 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
    2017-11-27 22:37 - 2017-05-08 16:26 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
    2017-11-27 22:06 - 2017-05-08 16:26 - 005965624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
    2017-11-27 22:06 - 2017-05-08 16:26 - 002588976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
    2017-11-27 22:06 - 2017-05-08 16:26 - 001766288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
    2017-11-27 22:06 - 2017-05-08 16:26 - 000608240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
    2017-11-27 22:06 - 2017-05-08 16:26 - 000450544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
    2017-11-27 22:06 - 2017-05-08 16:26 - 000122768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
    2017-11-27 22:06 - 2017-05-08 16:26 - 000082736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
    2017-11-25 04:49 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\NDF
    2017-11-24 20:17 - 2017-05-08 16:25 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2017-11-24 17:14 - 2017-05-22 14:54 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Mozilla
    2017-11-24 09:20 - 2017-10-20 15:15 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-24 09:20 - 2017-10-20 15:15 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-24 09:20 - 2017-10-20 15:15 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-24 09:20 - 2017-10-20 15:15 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-24 09:20 - 2017-10-20 15:15 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-24 09:20 - 2017-10-20 15:15 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-24 09:20 - 2017-10-20 15:15 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-24 09:20 - 2017-10-20 15:15 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-24 09:20 - 2017-05-08 16:25 - 000000000 ____D C:\Program Files\NVIDIA Corporation
    2017-11-24 08:58 - 2017-02-10 08:00 - 000000000 ____D C:\Program Files (x86)\Google
    2017-11-23 21:48 - 2017-07-08 20:02 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
    2017-11-23 21:29 - 2017-02-10 07:42 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Skype
    2017-11-20 09:04 - 2017-05-08 16:26 - 007874971 _____ C:\WINDOWS\system32\nvcoproc.bin
    2017-11-17 12:30 - 2017-02-15 04:19 - 000000000 ____D C:\Users\Rogério\AppData\Local\NPE
    2017-11-17 12:28 - 2017-02-13 06:59 - 000000000 ____D C:\Program Files\Common Files\AV
    2017-11-17 10:31 - 2017-09-29 11:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
    2017-11-17 10:31 - 2017-02-13 04:15 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
    2017-11-17 10:31 - 2017-02-13 04:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\NSx64
    2017-11-17 08:36 - 2017-10-19 01:56 - 000102600 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
    2017-11-17 08:36 - 2017-10-19 01:56 - 000008471 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT

    ==================== Bamital & volsnap ======================

    (Não há correção automática para arquivos que não passaram na verificação.)

    C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
    C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
    C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

    LastRegBack: 2017-12-12 07:09

    ==================== Fim de FRST.txt ============================

     

    ----------------------------------------------------------------------------------------------------------------------------------------------

    Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 13-12-2017
    Executado por Rogério (16-12-2017 07:19:47)
    Executando a partir de C:\Users\Rogério\Desktop
    Windows 10 Home Versão 1709 16299.125 (X64) (2017-10-20 17:19:06)
    Modo da Inicialização: Normal
    ==========================================================


    ==================== Contas: =============================

    Administrador (S-1-5-21-2442392909-140579935-1769747838-500 - Administrator - Disabled)
    ASPNET (S-1-5-21-2442392909-140579935-1769747838-1004 - Limited - Enabled)
    Convidado (S-1-5-21-2442392909-140579935-1769747838-501 - Limited - Disabled)
    DefaultAccount (S-1-5-21-2442392909-140579935-1769747838-503 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-2442392909-140579935-1769747838-1006 - Limited - Enabled)
    Momar (S-1-5-21-2442392909-140579935-1769747838-1007 - Limited - Disabled)
    rapha_000 (S-1-5-21-2442392909-140579935-1769747838-1003 - Limited - Enabled) => C:\Users\rapha_000
    Rogério (S-1-5-21-2442392909-140579935-1769747838-1001 - Administrator - Enabled) => C:\Users\Rogério
    WDAGUtilityAccount (S-1-5-21-2442392909-140579935-1769747838-504 - Limited - Disabled)

    ==================== Central de Segurança ========================

    (Se uma entrada for incluída na fixlist, será removida.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Norton Security (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Norton Security (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
    FW: Norton Security (Enabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}

    ==================== Programas Instalados ======================

    (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

    µTorrent (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\uTorrent) (Version: 3.5.0.44294 - BitTorrent Inc.)
    Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
    Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
    Akamai NetSession Interface (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
    Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation)
    Atualizações da NVIDIA 31.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.1.0 - NVIDIA Corporation) Hidden
    Corsair Utility Engine (HKLM-x32\...\{B6784863-ACC5-4BB6-AC26-485FAF3A8E4C}) (Version: 2.20.72 - Corsair)
    Curse (HKLM-x32\...\{A20BFF62-AE3C-42BD-9C52-841CAB96BC49}) (Version: 6.0.0.0 - Curse)
    Discord (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Discord) (Version: 0.0.298 - Discord Inc.)
    Dungeons & Dragons Online v2600.0045.9717.4070 (HKLM-x32\...\bc8a6440-918f-11dd-ad8b-0800200c9a66_is1) (Version: 2600.0045.9717.4070 - Standing Stone Games, LLC)
    Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version:  - Ubisoft)
    FormatFactory 4.1.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.1.0.0 - Free Time)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
    Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.0.16 - Riot Games, Inc.)
    Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
    Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
    IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2016) (Version: 1.3 - Receita Federal do Brasil)
    IRPF2017 (HKLM-x32\...\IRPF2017) (Version: 1.1 - Receita Federal do Brasil)
    Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
    League of Legends (HKLM-x32\...\{8CCCD0E7-56E4-45FB-B3FB-9F5183C2F4F0}) (Version: 4.1.2 - Riot Games) Hidden
    League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
    Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
    LoLReplay2 (HKLM-x32\...\{9D5BAC5A-EDBF-4A34-AC2D-139C84B7E050}_is1) (Version: v2.8.2 - Aequus Gaming Ltd.)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Mozilla Firefox 57.0.1 (x64 pt-BR) (HKLM\...\Mozilla Firefox 57.0.1 (x64 pt-BR)) (Version: 57.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3 - Mozilla)
    MPC-HC 1.7.11 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.11 - MPC-HC Team)
    Norton Security (HKLM-x32\...\NS) (Version: 22.11.2.7 - Symantec Corporation)
    NVIDIA Driver de áudio HD 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
    NVIDIA Driver de controle do 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
    NVIDIA Driver de gráficos 388.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.43 - NVIDIA Corporation)
    NVIDIA Driver do 3D Vision 388.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.43 - NVIDIA Corporation)
    NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
    NVIDIA Software do sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
    Origin (HKLM-x32\...\Origin) (Version: 10.5.8.11002 - Electronic Arts, Inc.)
    Painel de controle da NVIDIA 388.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.43 - NVIDIA Corporation) Hidden
    PBE (HKLM-x32\...\PBE 1.0) (Version: 1.0 - Riot Games, Inc)
    Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
    PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
    Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - )
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
    Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.10 - Serpro - Serviço Federal de Processamento de Dados)
    Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)
    SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts)
    Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
    Software de dispositivo do Chipset Intel® (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
    Spotify (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Spotify) (Version: 1.0.68.407.g6864aaaf - Spotify AB)
    STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    Twitch (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
    Uplay (HKLM-x32\...\Uplay) (Version: 36.0 - Ubisoft)
    Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
    WhatsApp (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\WhatsApp) (Version: 0.2.7315 - WhatsApp)
    WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
    WinX DVD Ripper Platinum 7.5.12 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version:  - Digiarty Software, Inc.)

    ==================== Exame Personalizado CLSID (Whitelisted): ==========================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo
    CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo
    CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo
    ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
    ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
    ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
    ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
    ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
    ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
    ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Nenhum Arquivo
    ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
    ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation)
    ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal)
    ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
    ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation)
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-11-27] (NVIDIA Corporation)
    ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
    ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation)
    ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal)
    ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)

    ==================== Tarefas Agendadas (Whitelisted) =============

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    Task: {03214716-56C0-49CF-869D-7EF8F06F0757} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-11-15] (NVIDIA Corporation)
    Task: {037AEFEB-5D66-4EF9-B6C4-C4793FB932B0} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_126_pepper.exe [2017-12-16] (Adobe Systems Incorporated)
    Task: {04FD295A-E7E2-4DBB-9CF5-E8639BDA73C5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-11-15] (NVIDIA Corporation)
    Task: {127B2546-4D19-4740-B9E2-24408205DD9C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-15] (NVIDIA Corporation)
    Task: {13B73632-6084-4B4D-AC0B-4ED21DF68351} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
    Task: {22D60B90-C7EA-4290-8A98-6DE268CFA0BD} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
    Task: {259305D0-7F98-4C24-B8ED-BF0B6F0480D0} - \Microsoft\Windows\UNP\RunCampaignManager -> Nenhum Arquivo <==== ATENÇÃO
    Task: {55CC33AE-9FE7-4F6D-86D2-49CFD4389F12} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
    Task: {611231A8-9628-43F5-BC66-5E7CE9710B3B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2442392909-140579935-1769747838-1003 => C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
    Task: {6B290029-748C-41D8-80FD-AD53EF15F9A2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-15] (NVIDIA Corporation)
    Task: {6B83EC29-CC43-473C-A4AF-2FCA65A4BC43} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
    Task: {80D5ACF1-DB3B-4BD5-AB11-1FBC5F7C9BCD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-24] (Google Inc.)
    Task: {9148A3CE-4670-4246-9B86-854BEA005418} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-15] (NVIDIA Corporation)
    Task: {9785E5D8-92F8-4F2F-A430-F9EBDD57342F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-24] (Google Inc.)
    Task: {9CCB7E14-9012-4BC5-8983-7525E84DE981} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-11-15] (NVIDIA Corporation)
    Task: {A144C735-0CC3-4A62-8607-06D084C16A0C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-11-15] (NVIDIA Corporation)
    Task: {A68DAC04-3BCB-4FCE-9C70-930D1B607243} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-15] (NVIDIA Corporation)
    Task: {BECFF8D3-95BC-4FC6-8499-B387044C5FD0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-16] (Adobe Systems Incorporated)
    Task: {E42DB901-08F0-4A8D-B85D-63C4F4FFE226} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2017-11-10] (Symantec Corporation)
    Task: {E5A8BBB3-FDFB-4345-9A2E-6F92534CA64A} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\WSCStub.exe [2017-11-10] (Symantec Corporation)

    (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

    ==================== Atalhos & WMI ========================

    (As entradas podem ser listadas para serem restauradas ou removidas.)


    ShortcutWithArgument: C:\Users\Rogério\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
    ShortcutWithArgument: C:\Users\Rogério\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5803ea45d7990e6f\WhatsChrome Extension.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kbhfoiaobflocffnclkigpkeoagheimn

    ==================== Módulos Carregados (Whitelisted) ==============

    2017-09-29 11:41 - 2017-09-29 11:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
    2017-12-13 07:57 - 2017-11-26 10:23 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2017-12-13 07:57 - 2017-11-26 10:01 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2017-12-14 08:07 - 2017-12-14 08:07 - 004307968 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1712.3351.0_x64__8wekyb3d8bbwe\Calculator.exe
    2017-09-29 11:41 - 2017-09-29 11:41 - 001909248 _____ () C:\Windows\ShellExperiences\PeopleCommonControls.dll
    2017-09-29 11:41 - 2017-09-29 11:41 - 001266176 _____ () C:\Windows\ShellExperiences\PeopleBarFlyout.dll
    2017-12-13 07:57 - 2017-11-26 10:26 - 002988032 _____ () C:\Windows\ShellExperiences\WindowsInternal.People.PeoplePicker.dll
    2017-09-29 11:41 - 2017-09-29 11:41 - 002459648 _____ () C:\Windows\ShellExperiences\WindowsInternal.People.Relevance.dll
    2017-12-06 18:02 - 2017-12-06 18:02 - 004698848 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
    2017-12-06 18:02 - 2017-12-06 18:02 - 010262528 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
    2017-11-03 17:56 - 2017-11-03 17:56 - 000197120 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll
    2017-11-03 17:52 - 2017-11-03 17:52 - 000044544 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\MacroRecording.dll
    2017-11-03 18:09 - 2017-11-03 18:09 - 000151040 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairAudioDevice.dll
    2017-11-03 17:50 - 2017-11-03 17:50 - 000097280 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\zlib.dll
    2017-10-02 07:54 - 2017-10-02 07:54 - 000013312 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\libEGL.DLL
    2017-10-02 07:54 - 2017-10-02 07:54 - 001950720 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\libGLESv2.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (Se uma entrada for incluída na fixlist, somente o ADS será removido.)


    ==================== Modo de Segurança (Whitelisted) ===================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

    ==================== Associação (Whitelisted) ===============

    (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


    ==================== Internet Explorer confiável/restrito ===============

    (Se uma entrada for incluída na fixlist, será removida do Registro.)


    ==================== Hosts Conteúdo: ===============================

    (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

    2015-10-30 05:24 - 2015-10-30 05:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


    ==================== Outras Áreas ============================

    (Atualmente não há nenhuma correção automática para esta seção.)

    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
    DNS Servers: 8.8.8.8 - 8.8.4.4
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
    Firewall do Windows está habilitado.

    ==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
    MSCONFIG\Services: BEService => 3
    MSCONFIG\Services: gupdate => 2
    MSCONFIG\Services: gupdatem => 3
    MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
    MSCONFIG\Services: Intel(R) Security Assist => 3
    MSCONFIG\Services: isaHelperSvc => 2
    MSCONFIG\Services: jhi_service => 2
    MSCONFIG\Services: LBTServ => 3
    MSCONFIG\Services: LMS => 2
    MSCONFIG\Services: MozillaMaintenance => 3
    MSCONFIG\Services: NvContainerLocalSystem => 2
    MSCONFIG\Services: NvContainerNetworkService => 3
    MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
    MSCONFIG\Services: NvTelemetryContainer => 2
    MSCONFIG\Services: Origin Client Service => 3
    MSCONFIG\Services: Origin Web Helper Service => 2
    MSCONFIG\Services: SkypeUpdate => 2
    MSCONFIG\Services: Steam Client Service => 3
    HKLM\...\StartupApproved\Run: => "SecurityHealth"
    HKLM\...\StartupApproved\Run: => "EvtMgr6"
    HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
    HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
    HKLM\...\StartupApproved\Run32: => "Corsair Utility Engine"
    HKLM\...\StartupApproved\Run32: => "IMSS"
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "OneDrive"
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Skype"
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Spotify Web Helper"
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Spotify"
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "OneDriveSetup"
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Steam"

    ==================== Regras do Firewall (Whitelisted) ===============

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    FirewallRules: [{6A3AEA4A-6C2F-4DCF-8CED-8BF24273F186}] => (Allow) D:\Vuze\Azureus.exe
    FirewallRules: [{CCDC5F06-7575-4D7A-99D5-E547831D8D8D}] => (Allow) D:\Vuze\Azureus.exe
    FirewallRules: [{66B60690-A84D-43C1-B3E5-7E6570A8C4CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    FirewallRules: [{3BCEA9B6-9EB8-4654-9EA2-C5EE356494E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{0F2D6EEE-D364-4F30-95DC-A268AEC7C69B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{4F17C9A2-4132-49A1-9610-02940CED6742}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    FirewallRules: [{212F812C-3DF1-4F06-80C3-AEB3E785C207}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    FirewallRules: [{07DDE512-9CCC-474A-A45C-5F60E353E097}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe
    FirewallRules: [{2C593F2A-99A0-4D01-8235-69F19632CA18}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe
    FirewallRules: [{6B49B98F-A6AE-437C-8DC9-1C689F0E3B66}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe
    FirewallRules: [{691A0892-A702-43D7-B2E4-AA3AC46BFC53}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe
    FirewallRules: [{686B1685-0541-4F0D-9AB6-591228928201}] => (Allow) D:\Games\Origin\SimCity\SimCity\SimCity.exe
    FirewallRules: [{3A0FD541-ED64-4CEB-9BC5-E4B07D240681}] => (Allow) D:\Games\Origin\SimCity\SimCity\SimCity.exe
    FirewallRules: [{ACD7F6EE-AE74-4689-BE04-0FA721C1B0DD}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe
    FirewallRules: [{7BE5F36D-4B47-4BFE-9E8E-6316A8F563BC}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe
    FirewallRules: [{57E60006-667B-4127-8FFE-F0880A05772B}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe
    FirewallRules: [{17046295-58D9-43D7-83BA-F78A3E2B76DC}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe
    FirewallRules: [{587B0D03-84D1-4CF4-B824-125CD26D68BB}] => (Allow) D:\Games\steamapps\common\Sword Coast Legends\SwordCoast.exe
    FirewallRules: [{D2A1E2FC-C7FD-4174-9921-518FAAF694AE}] => (Allow) D:\Games\steamapps\common\Sword Coast Legends\SwordCoast.exe
    FirewallRules: [{A6E57C5E-A0EA-467B-BEB3-E9BB5AB9F786}] => (Allow) D:\Games\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe
    FirewallRules: [{8504C1E4-6897-4FCD-A727-5FDE8E63293A}] => (Allow) D:\Games\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe
    FirewallRules: [{88A614AE-D977-4267-B58F-F7AB8B991491}] => (Allow) D:\Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
    FirewallRules: [{708FDAC7-D9E8-44E4-BF33-F9A61FD7669B}] => (Allow) D:\Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
    FirewallRules: [{7505F984-C705-44A6-86E1-FF8079F671CE}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\IGE_WPF64.exe
    FirewallRules: [{977AB962-91B9-4EAD-8988-8796730D9C63}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\IGE_WPF64.exe
    FirewallRules: [{3B73638A-4E23-43D8-B02D-7E9F79215723}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\FarCry4.exe
    FirewallRules: [{8B7D40A5-CA48-4CDF-8FF8-991E903B9EA3}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\FarCry4.exe
    FirewallRules: [{E4FB541D-F96A-4DB0-B6B2-8016A0CC2632}] => (Allow) D:\Games\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
    FirewallRules: [{AE266EFE-5C69-4C32-9674-15855D489BED}] => (Allow) D:\Games\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
    FirewallRules: [{BD2B9DB2-8BB0-40D0-82E5-1D1A8DAA1998}] => (Allow) D:\Games\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
    FirewallRules: [{DE951DEB-87AE-4FF2-9F6D-7503C2ADC803}] => (Allow) D:\Games\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
    FirewallRules: [{910A18F5-1557-43A5-AD2E-3F6E2DA658B6}] => (Allow) D:\Games\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
    FirewallRules: [{A39BED4D-E47D-4C1A-B1CE-B5A3677A08F1}] => (Allow) D:\Games\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
    FirewallRules: [{79950C39-6643-4DE1-B59C-28CA25216DE1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [{1A3EFCCB-2809-4389-97A3-B3B818BACE03}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [{627532CD-D967-4A6E-A8E0-1F63B7194A82}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{AF0748BD-259C-4F8D-9520-B02EB4F06E2F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{FFB1C619-937F-4820-9F4C-64418CE152A3}] => (Allow) C:\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe
    FirewallRules: [{A3A70C65-01F3-486B-8B75-A980A69F6F66}] => (Allow) C:\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe
    FirewallRules: [{765609D5-7494-4E93-9CA2-83A23540743E}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
    FirewallRules: [{AC0027CD-298C-4070-AA83-A7169A16F1D3}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
    FirewallRules: [{DC495A06-4183-476A-9DD4-69D43172CB0A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{71E0BAEE-872A-47A1-82E4-C978866389C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{992908C0-D632-462F-8B1B-660EA43AB307}] => (Allow) E:\Steam\Steam.exe
    FirewallRules: [{562016B1-6276-47E4-89F4-0E7047913FA6}] => (Allow) E:\Steam\Steam.exe
    FirewallRules: [{E5E99778-A929-415B-BBCA-B317AC521E27}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [{D2A938C8-9B98-4C5F-AFCC-AE593E4FEC3B}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [{D40BEE31-5F7B-4186-8BD4-9440D7D9A689}] => (Allow) E:\Steam\SteamApps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
    FirewallRules: [{D4085136-777D-487C-9614-59DC29C6E4BC}] => (Allow) E:\Steam\SteamApps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
    FirewallRules: [{671CFEB2-13D7-4C81-9F39-6B01F94DD4D3}] => (Allow) E:\Steam\SteamApps\common\Sword Coast Legends\SwordCoast.exe
    FirewallRules: [{B5BB585F-3FAE-4B5C-8FDA-25C188E40F92}] => (Allow) E:\Steam\SteamApps\common\Sword Coast Legends\SwordCoast.exe
    FirewallRules: [{0C0BEC0A-EBB1-46F2-8504-AA3D039071E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    FirewallRules: [{5D366CB0-329E-4492-B892-FDD6F6424DBD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    FirewallRules: [{23FD4592-0A1E-4ED7-B33B-84D9FF32ECE1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
    FirewallRules: [{6C0D5192-F0B3-496A-937B-95BF2C42A008}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{694775E2-71C6-4F92-95C1-CE30B7384F58}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{D40465AA-A88C-4BC9-B2BA-2F51B20CF5D8}] => (Allow) E:\Origin Games\SimCity\SimCity\SimCity.exe
    FirewallRules: [{7522DCBD-351D-4CA9-932B-2085EE8331A7}] => (Allow) E:\Origin Games\SimCity\SimCity\SimCity.exe
    FirewallRules: [{ABCD9D2A-0DFE-4358-9423-01F4F44C72F3}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
    FirewallRules: [{57D8FA44-EA07-4055-9456-CB42096EA039}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
    FirewallRules: [{9DAB21CC-1E4D-4278-A4E2-A2B392FBE09E}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{FFDA303C-81CA-4CF2-A422-4B9CFAB17FA7}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{0B766991-26F1-4D1C-97C4-915D25E44F89}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{0882A8CA-958F-432A-A538-B6114228BD4D}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{15A5C0D4-F649-45A1-8F6E-6596F2F74419}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{998EB994-61B4-4439-BF4E-23A85A072D5E}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{11EA87D8-3820-499D-8D11-2E9F472F6283}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{80B75330-A2F8-4231-AB67-B6D52A03BDFD}] => (Allow) E:\Steam\SteamApps\common\TreeOfSavior\release\patch\tos.exe
    FirewallRules: [{B4FDB7D3-8A77-46A8-8D8D-C21D9924C7E6}] => (Allow) E:\Steam\SteamApps\common\TreeOfSavior\release\patch\tos.exe
    FirewallRules: [{21830394-2C27-469C-8897-E36ABE86CA30}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{EA7D2852-20F7-4C3B-A678-35D975C25831}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [TCP Query User{D3E18C15-52A3-4096-B48A-B121EC01D840}C:\users\rogério\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\rogério\appdata\local\akamai\netsession_win.exe
    FirewallRules: [UDP Query User{87E64EE3-FF2C-4D2F-844A-4A407623700A}C:\users\rogério\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\rogério\appdata\local\akamai\netsession_win.exe
    FirewallRules: [{2D6CABFD-A41D-4EAF-B5FA-4B347A0D272A}] => (Allow) D:\FormatFactory\FormatFactory.exe
    FirewallRules: [{AC0A28C6-20CB-4877-8457-2CF3F589BC38}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
    FirewallRules: [{C9F054A8-9EE4-4182-B9FE-CA93EFD8F3C6}] => (Allow) D:\FormatFactory\FormatFactory.exe
    FirewallRules: [{D1EC6DFB-E4F2-42E3-8F06-3E7B73C6308A}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
    FirewallRules: [{5FEEDB86-69E0-4D54-A47B-3CD256347BBA}] => (Allow) D:\FormatFactory\FormatFactory.exe
    FirewallRules: [{6FEC8C01-9A2E-4634-81BC-AC3E009090CA}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
    FirewallRules: [{783F3379-67BD-452B-B7E4-1BC3076A56A4}] => (Allow) D:\FormatFactory\FFModules\Package\PTInstOnline.exe
    FirewallRules: [{A6C69910-5338-4288-8F2E-601FF9D0A76A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe
    FirewallRules: [{9E7F09B8-B141-4EA2-807D-4021A23E54D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe
    FirewallRules: [{6A7C1CCD-6203-464F-848E-79879F9F0CD1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Pontos de Restauração =========================

    ATENÇÃO: A Restauração do Sistema está desabilitada

    ==================== Dispositivos Apresentando Falhas No Gerenciador =============

    Name: Logitech Cordless Device
    Description: Logitech Cordless Device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: 
    Service: 
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Logitech Cordless Device
    Description: Logitech Cordless Device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: 
    Service: 
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Logitech Cordless Device
    Description: Logitech Cordless Device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: 
    Service: 
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


    ==================== Erros no Log de eventos: =========================

    Erros em Aplicativos:
    ==================
    Error: (12/16/2017 05:06:12 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nome do aplicativo com falha: WhatsApp_ExecutionStub.exe, versão: 0.2.6426.0, carimbo de data/hora: 0x5931cd5c
    Nome do módulo com falha: WhatsApp_ExecutionStub.exe, versão: 0.2.6426.0, carimbo de data/hora: 0x5931cd5c
    Código de exceção: 0xc0000005
    Deslocamento da falha: 0x00004729
    ID do processo com falha: 0x3648
    Hora de início do aplicativo com falha: 0x01d3763c5b57da40
    Caminho do aplicativo com falha: C:\Users\Rogério\AppData\Local\WhatsApp\app-0.2.6426\WhatsApp_ExecutionStub.exe
    Caminho do módulo com falha: C:\Users\Rogério\AppData\Local\WhatsApp\app-0.2.6426\WhatsApp_ExecutionStub.exe
    ID do Relatório: 8e59dd86-f9b4-4cf9-b79c-a854fd4fd207
    Nome completo do pacote com falha: 
    ID do aplicativo relativo ao pacote com falha:

    Error: (12/16/2017 02:12:38 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nome do aplicativo com falha: explorer.exe, versão: 10.0.16299.125, carimbo de data/hora: 0x98ed27dd
    Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
    Código de exceção: 0xc0000005
    Deslocamento da falha: 0x10868bd0
    ID do processo com falha: 0xeb8
    Hora de início do aplicativo com falha: 0x01d37624158cb638
    Caminho do aplicativo com falha: C:\WINDOWS\SysWOW64\explorer.exe
    Caminho do módulo com falha: unknown
    ID do Relatório: 687b9a1d-aaf8-40cd-925d-aafb720265e9
    Nome completo do pacote com falha: 
    ID do aplicativo relativo ao pacote com falha:

    Error: (12/13/2017 09:15:25 PM) (Source: Perflib) (EventID: 1008) (User: )
    Description: Falha no Procedimento Open para o serviço "BITS" na DLL "C:\Windows\System32\bitsperf.dll". Os dados de desempenho para este serviço não estarão disponíveis. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código do erro.

    Error: (12/12/2017 05:32:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: O programa CUE.exe versão 2.20.72.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.

    ID do Processo: 27a4

    Hora de Início: 01d3731cb991a6d0

    Hora de Término: 0

    Caminho do Aplicativo: C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe

    ID do Relatório: f05352b1-a49a-4d37-9f9f-4b32fdd7175c

    Nome completo do pacote com falha: 

    ID do aplicativo relativo ao pacote com falha:

    Error: (12/12/2017 05:42:01 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: O programa CUE.exe versão 2.20.72.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.

    ID do Processo: 2c7c

    Hora de Início: 01d3722684d33bd3

    Hora de Término: 4294967295

    Caminho do Aplicativo: C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe

    ID do Relatório: 2073f252-bdd1-47f0-8878-2ffe901f68f3

    Nome completo do pacote com falha: 

    ID do aplicativo relativo ao pacote com falha:

    Error: (12/12/2017 05:38:19 AM) (Source: COM) (EventID: 10031) (User: )
    Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {41FD88F7-F295-4D39-91AC-A85F3149A05B} foi rejeitada

    Error: (12/12/2017 05:38:19 AM) (Source: COM) (EventID: 10031) (User: )
    Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {95CABCC9-BC57-4C12-B8DF-BA193232AA01} foi rejeitada

    Error: (12/12/2017 05:38:19 AM) (Source: COM) (EventID: 10031) (User: )
    Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {41FD88F7-F295-4D39-91AC-A85F3149A05B} foi rejeitada

    Error: (12/12/2017 05:38:19 AM) (Source: COM) (EventID: 10031) (User: )
    Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {95CABCC9-BC57-4C12-B8DF-BA193232AA01} foi rejeitada

    Error: (12/11/2017 10:11:30 PM) (Source: COM) (EventID: 10031) (User: )
    Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {41FD88F7-F295-4D39-91AC-A85F3149A05B} foi rejeitada


    Erros de Sistema:
    =============
    Error: (12/16/2017 04:58:19 AM) (Source: DCOM) (EventID: 10016) (User: ROGÉRIO)
    Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
     e APPID 
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
     ao usuário Rogério\Rogério SID (S-1-5-21-2442392909-140579935-1769747838-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

    Error: (12/16/2017 02:12:53 AM) (Source: DCOM) (EventID: 10016) (User: ROGÉRIO)
    Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
     e APPID 
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
     ao usuário Rogério\Rogério SID (S-1-5-21-2442392909-140579935-1769747838-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

    Error: (12/15/2017 07:09:41 PM) (Source: DCOM) (EventID: 10016) (User: ROGÉRIO)
    Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
     e APPID 
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
     ao usuário Rogério\Rogério SID (S-1-5-21-2442392909-140579935-1769747838-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

    Error: (12/15/2017 04:35:30 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
    Description: 4

    Error: (12/15/2017 04:29:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
    Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9P086NHDNB9W-Microsoft.XboxSpeechtoTextOverlay.

    Error: (12/15/2017 04:29:28 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
    Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH5FV99-Microsoft.MSPaint.

    Error: (12/15/2017 04:29:28 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
    Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH42THS-Microsoft.Microsoft3DViewer.

    Error: (12/15/2017 04:28:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
    Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH537C2-Microsoft.XboxGameOverlay.

    Error: (12/15/2017 01:29:59 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
    Description: 4

    Error: (12/14/2017 05:57:29 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
    Description: 4


    CodeIntegrity:
    ===================================
      Date: 2017-12-16 01:40:09.007
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171215.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

      Date: 2017-12-14 08:22:13.441
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171213.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

      Date: 2017-12-11 22:21:35.053
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171211.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

      Date: 2017-12-10 02:09:18.787
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171208.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

      Date: 2017-12-08 03:38:14.718
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171207.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

      Date: 2017-12-07 02:41:20.966
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171206.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

      Date: 2017-12-06 02:31:42.546
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171205.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

      Date: 2017-12-05 17:21:55.985
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171204.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

      Date: 2017-12-03 19:29:14.466
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

      Date: 2017-12-03 19:29:13.740
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


    ==================== Informações da Memória =========================== 

    Processador: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
    Percentagem de memória em uso: 16%
    RAM física total: 16327.89 MB
    RAM física disponível: 13658.15 MB
    Virtual Total: 18759.89 MB
    Virtual disponível: 15464.68 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:118.46 GB) (Free:25.89 GB) NTFS
    Drive d: (Rogério) (Fixed) (Total:2794.39 GB) (Free:2013.78 GB) NTFS

    ==================== MBR & Tabela de Partições ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

    Partition: GPT.

    ========================================================
    Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 8A6487A7)
    Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=118.5 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

    ==================== Fim de Addition.txt ============================

    Editado por Errepege

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • 4 horas atrás, Elias Pereira disse:

    @Errepege

     

    Para a execução funcionar corretamente, o fixlist.txt e o frst.exe necessitam estar na área de trabalho. Siga novamente os procedimentos.

     

    E estão: segue print da minha área de trabalho. Tentei novamente e o resultado foi o mesmo. Não precisa mudar nada nas opções do Farbar?

    Sem título.png

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    A unica diferença é que no procedimento informa para pressionar o botão "FIX". Pra ti deve estar como "Corrigir".

     

    ** Usuários do Windows Vista, Windows 7, 8/8.1 e windows 10:
    Clique com o direito sobre o arquivo FRST.EXE, depois clique em VRIfczU.png.

    Clique no botão 0h0YlDEzRbKP9R7xLrUlzA.png

    Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.

    Anexe o log na sua próxima resposta

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Perdão! Estava clicando em "analisar". 

     

    Segue o log de Fixlog.txt

    ======================================================================

    Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 16-12-2017
    Executado por Rogério (16-12-2017 17:36:24) Run:1
    Executando a partir de C:\Users\Rogério\Desktop
    Perfis Carregados: Rogério (Perfis Disponíveis: Rogério & rapha_000)
    Modo da Inicialização: Normal
    ==============================================

    fixlist Conteúdo:
    *****************
    CreateRestorePoint:
    CloseProcesses:
    PowerShell: $app = Get-WmiObject -Class Win32_Product -ComputerName . | Where-Object -FilterScript {$_.Name -eq "�Torrent "}
    PowerShell: $app.Uninstall()
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
    SearchScopes: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
    SearchScopes: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
    BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
    BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
    BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-28] (Oracle Corporation)
    BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-28] (Oracle Corporation)
    Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
    Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
    Edge: 
    ======
    Edge Session Restore: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> est� habilitado.
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\MountPoints2: {79afff2b-bb4e-11e7-ad9a-902b34ff64cf} - "F:\iStudio.exe" 
    CHR DefaultProfile: Profile 1
    CHR HomePage: Profile 1 -> hxxp://192.168.2.1/
    CHR StartupUrls: Profile 1 -> "hxxps://www.oculus.com/en-us/rift/","hxxp://www.shoptime.com.br/produto/124255321/geladeira-refrigerador-frost-free-brastemp-ative-brm50-429-litros-platinum?epar=9381&opn=COMPARADORES","hxxp://www.shoptime.com.br/produto/124255291/geladeira-refrigerador-frost-free-brastemp-ative-brm48-403-litros-platinum?opn=GOOGLEXML&loja=01&WT.srch=1&epar=bp_pl_00_go_pla-ed-refrigerador-todas-geral","hxxps://www.balaodainformatica.com.br/Cliente/MinhaConta","hxxp://carinhas.com.br/produto/caneca-personalizada-3/","hxxp://www.bastter.com/Mercado/BastterBlue/como-obter-acesso.aspx","hxxp://www.bastter.com/Mercado/Loja/Categoria/5/Revista-Bastter-Com.aspx","hxxp://guides.gamepressure.com/batmanarkhamasylum/guide.asp?ID=8059","hxxp://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns&p=4038291&viewfull=1#post4038291","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4038291&postcount=19","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063665&postcount=24","hxxp://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4038363&postcount=20","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063639&postcount=22","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063650&postcount=23","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4077985&postcount=60","hxxps://pitzi.com.br/","hxxp://produto.mercadolivre.com.br/MLB-729972915-mata-insetos-pernilongos-moscas-e-mosquitos-zika-dengue-_JM","hxxp://www.probuilds.net/guide/show/KR/2214984472/1561528","hxxp://www.probuilds.net/guide/show/KR/2217666300/1268315","hxxp://www.procon.sp.gov.br/","hxxp://www.leagueoflegendsmath.com/Articles/Common_Build_Mistakes.html","hxxp://www.probuilds.net/guide/show/EUW/2453503356/19806326","hxxp://ddowiki.com/page/Adventure_Packs","hxxp://ddowiki.com/page/Vault_of_Night_(story_arc)","hxxp://ddowiki.com/page/Litany_of_the_Dead_Part_3","hxxp://ddowiki.com/page/The_Shadow_Crypt","hxxps://www.ddo.com/forums/archive/index.php/t-442813.html?s=349b7415d277efc7c0b7e3469ac30f9d","hxxp://ddowiki.com/page/Talk:Augment_Slot","hxxp://ddowiki.com/page/Augment_Slot","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Level_12","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Ruskin_Blackboot_.28Level_12.29","hxxp://ddowiki.com/page/Devil_Assault_(quest)","hxxp://ddowiki.com/page/Astral_Diamond","hxxp://ddowiki.com/page/Item:Shard_of_Great_Power","hxxp://ddowiki.com/page/Pure_Shavarath_Iron","hxxp://crafting.cubicleninja.com/","hxxps://www.ddo.com/en/U29","hxxp://speedtest.copel.net/"
    CHR Session Restore: Profile 1 -> est� habilitado.
    Task: {259305D0-7F98-4C24-B8ED-BF0B6F0480D0} - \Microsoft\Windows\UNP\RunCampaignManager -> Nenhum Arquivo <==== ATEN��O
    ShortcutWithArgument: C:\Users\Rog�rio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Google Keep - notas e listas.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
    ShortcutWithArgument: C:\Users\Rog�rio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
    ShortcutWithArgument: C:\Users\Rog�rio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5803ea45d7990e6f\WhatsChrome Extension.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kbhfoiaobflocffnclkigpkeoagheimn
    FirewallRules: [{ABCD9D2A-0DFE-4358-9423-01F4F44C72F3}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
    FirewallRules: [{57D8FA44-EA07-4055-9456-CB42096EA039}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
    FirewallRules: [{9DAB21CC-1E4D-4278-A4E2-A2B392FBE09E}] => (Allow) C:\Users\Rog�rio\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{FFDA303C-81CA-4CF2-A422-4B9CFAB17FA7}] => (Allow) C:\Users\Rog�rio\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{0B766991-26F1-4D1C-97C4-915D25E44F89}] => (Allow) C:\Users\Rog�rio\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{0882A8CA-958F-432A-A538-B6114228BD4D}] => (Allow) C:\Users\Rog�rio\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{15A5C0D4-F649-45A1-8F6E-6596F2F74419}] => (Allow) C:\Users\Rog�rio\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{998EB994-61B4-4439-BF4E-23A85A072D5E}] => (Allow) C:\Users\Rog�rio\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{21830394-2C27-469C-8897-E36ABE86CA30}] => (Allow) C:\Users\Rog�rio\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{EA7D2852-20F7-4C3B-A678-35D975C25831}] => (Allow) C:\Users\Rog�rio\AppData\Roaming\uTorrent\uTorrent.exe
    ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Nenhum Arquivo
    CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Rog�rio\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo
    CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Rog�rio\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo
    CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Rog�rio\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo
    ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Nenhum Arquivo
    ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Nenhum Arquiv
    PowerShell: $app = Get-WmiObject -Class Win32_Product -ComputerName . | Where-Object -FilterScript {$_.Name -eq "�Torrent "}
    PowerShell: $app.Uninstall()
    CMD: ipconfig /flushdns
    RemoveProxy:
    EmptyTemp:
    CreateRestorePoint:
    *****************

    Erro: (0) Falha ao criar um ponto de restauração.
    Processos fechados com sucesso.

    ========= $app = Get-WmiObject -Class Win32_Product -ComputerName . | Where-Object -FilterScript {$_.Name -eq "�Torrent "} =========


    ========= Fim de Powershell: =========


    ========= $app.Uninstall() =========


    ========= Fim de Powershell: =========

    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => valor restaurado com sucesso
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor removido (a) com sucesso.
    "HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removido (a) com sucesso.
    HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => chave não encontrado (a)
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}" => removido (a) com sucesso.
    HKLM\Software\Classes\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} => chave Não pode ser removido. Acesso Negado.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}" => removido (a) com sucesso.
    "HKLM\Software\Classes\CLSID\{AF949550-9094-4807-95EC-D1C317803333}" => removido (a) com sucesso.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} => chave Não pode ser removido. Acesso Negado.
    HKLM\Software\Wow6432Node\Classes\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} => chave Não pode ser removido. Acesso Negado.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => removido (a) com sucesso.
    "HKLM\Software\Wow6432Node\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => removido (a) com sucesso.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}" => removido (a) com sucesso.
    "HKLM\Software\Wow6432Node\Classes\CLSID\{AF949550-9094-4807-95EC-D1C317803333}" => removido (a) com sucesso.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => removido (a) com sucesso.
    "HKLM\Software\Wow6432Node\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => removido (a) com sucesso.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => valor removido (a) com sucesso.
    HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => chave Não pode ser removido. Acesso Negado.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => valor removido (a) com sucesso.
    HKLM\Software\Wow6432Node\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => chave Não pode ser removido. Acesso Negado.
    Edge: => Erro: Nenhuma correção automática foi encontrada para esta entrada.
    ====== => Erro: Nenhuma correção automática foi encontrada para esta entrada.
    "HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ContinuousBrowsing" => removido (a) com sucesso.
    "HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{79afff2b-bb4e-11e7-ad9a-902b34ff64cf}" => removido (a) com sucesso.
    HKLM\Software\Classes\CLSID\{79afff2b-bb4e-11e7-ad9a-902b34ff64cf} => chave não encontrado (a)
    CHR DefaultProfile: Profile 1 => Erro: Nenhuma correção automática foi encontrada para esta entrada.
    "Chrome HomePage" => removido (a) com sucesso.
    "Chrome StartupUrls" => removido (a) com sucesso.
    Chrome Session Restore: => não encontrado (a).
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{259305D0-7F98-4C24-B8ED-BF0B6F0480D0} => Não pode ser removido chave. ErrorCode1: 0x00000002
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{259305D0-7F98-4C24-B8ED-BF0B6F0480D0}" => removido (a) com sucesso.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => chave não encontrado (a)
    C:\Users\Rog�rio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Google Keep - notas e listas.lnk => não encontrado (a).
    C:\Users\Rog�rio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk => não encontrado (a).
    C:\Users\Rog�rio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5803ea45d7990e6f\WhatsChrome Extension.lnk => não encontrado (a).
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ABCD9D2A-0DFE-4358-9423-01F4F44C72F3} => valor removido (a) com sucesso.
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{57D8FA44-EA07-4055-9456-CB42096EA039} => valor removido (a) com sucesso.
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9DAB21CC-1E4D-4278-A4E2-A2B392FBE09E} => valor removido (a) com sucesso.
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FFDA303C-81CA-4CF2-A422-4B9CFAB17FA7} => valor removido (a) com sucesso.
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0B766991-26F1-4D1C-97C4-915D25E44F89} => valor removido (a) com sucesso.
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0882A8CA-958F-432A-A538-B6114228BD4D} => valor removido (a) com sucesso.
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{15A5C0D4-F649-45A1-8F6E-6596F2F74419} => valor removido (a) com sucesso.
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{998EB994-61B4-4439-BF4E-23A85A072D5E} => valor removido (a) com sucesso.
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{21830394-2C27-469C-8897-E36ABE86CA30} => valor removido (a) com sucesso.
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EA7D2852-20F7-4C3B-A678-35D975C25831} => valor removido (a) com sucesso.
    "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => removido (a) com sucesso.
    HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => chave não encontrado (a)
    "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => removido (a) com sucesso.
    HKLM\Software\Wow6432Node\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => chave não encontrado (a)
    "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => removido (a) com sucesso.
    HKLM\Software\Wow6432Node\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => chave não encontrado (a)
    "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => removido (a) com sucesso.
    HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => chave não encontrado (a)
    "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => removido (a) com sucesso.
    HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => chave não encontrado (a)
    "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6" => removido (a) com sucesso.
    HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => chave não encontrado (a)
    "HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}" => removido (a) com sucesso.
    "HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}" => removido (a) com sucesso.
    "HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}" => removido (a) com sucesso.
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => removido (a) com sucesso.
    HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => chave não encontrado (a)
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => removido (a) com sucesso.
    HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => chave não encontrado (a)
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => removido (a) com sucesso.
    HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => chave não encontrado (a)
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => removido (a) com sucesso.
    HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => chave não encontrado (a)
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => removido (a) com sucesso.
    HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => chave não encontrado (a)
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6" => removido (a) com sucesso.
    HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => chave não encontrado (a)

    ========= $app = Get-WmiObject -Class Win32_Product -ComputerName . | Where-Object -FilterScript {$_.Name -eq "�Torrent "} =========


    ========= Fim de Powershell: =========


    ========= $app.Uninstall() =========


    ========= Fim de Powershell: =========


    ========= ipconfig /flushdns =========


    Configura‡Æo de IP do Windows

    Libera‡Æo do Cache do DNS Resolver bem-sucedida.

    ========= Fim de CMD: =========


    ========= RemoveProxy: =========

    HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso.
    HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso.
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso.
    HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso.


    ========= Fim de RemoveProxy: =========

    Erro: (0) Falha ao criar um ponto de restauração.

    =========== EmptyTemp: ==========

    BITS transfer queue => 8151040 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4351281 B
    Java, Flash, Steam htmlcache => 65751425 B
    Windows/system/drivers => 3520636 B
    Edge => 29403735 B
    Chrome => 662994797 B
    Firefox => 380659142 B
    Opera => 0 B

    Temp, IE cache, history, cookies, recent:
    Default => 0 B
    Users => 0 B
    ProgramData => 0 B
    Public => 0 B
    systemprofile => 0 B
    systemprofile32 => 0 B
    LocalService => 50842 B
    NetworkService => 0 B
    Rogério => 21855654 B
    rapha_000 => 86436 B

    RecycleBin => 115327886 B
    EmptyTemp: => 1.2 GB de dados temporários Removidos.

    ================================

    Resultado dos arquivos que foram agendados para serem movidos (Modo de Inicialização: Normal) (Data&Hora: 16-12-2017 17:59:27)


    Resultado dos registros marcados para excluir será exibido após a reinicialização:

    HKLM\Software\Classes\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} => chave Não pode ser removido. Acesso Negado.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} => chave Não pode ser removido. Acesso Negado.
    HKLM\Software\Wow6432Node\Classes\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} => chave Não pode ser removido. Acesso Negado.
    HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => chave Não pode ser removido. Acesso Negado.
    HKLM\Software\Wow6432Node\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => chave Não pode ser removido. Acesso Negado.

    ==== Fim de Fixlog 17:59:27 ====

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    @Errepege

     

    Baixe o Process Explorer

    http://live.sysinternals.com/procexp.exe

    Salve no seu Desktop e execute-o (Windows vista e superiores clique com o botão direito e selecione a opção Executar como Administrador).

    1. Clique no menu View > Select Columms > marque Verified Signer e pressione <OK>
    2. Clique no menu Options e logo em seguida em Verify Image Signatures
    3. Clique duas vezes na coluna CPU (possivelmente na cor verde) para colocar os processos com maior utilzação de CPU no topo.
    4. Clique duas vezes na coluna CPU (possivelmente na cor verde) para colocar os processos com maior utilzação de CPU no topo.

    5. Aguarde 2 minutos e então:

      Clique no menu File > Save As > Selecione o Desktop e clique em Save

    Abra o arquivo "System Idle Process.txt", copie e cole o conteúdo na sua próxima resposta.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Segue log do System Explorer:

     

    Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
    System Idle Process    87.07    52 K    8 K    0            
    procexp64.exe    2.23    55.736 K    71.596 K    1628    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
    LeagueClientUxRender.exe    2.06    885.468 K    974.384 K    1272    League of Legends        (Verified) Riot Games
    CUE.exe    2.02    181.580 K    196.772 K    11672    Corsair Utility Engine    Corsair Components, Inc.    (Verified) Corsair Components
    chrome.exe    1.54    187.172 K    204.612 K    8836    Google Chrome    Google Inc.    (Verified) Google Inc
    LeagueClientUx.exe    1.19    70.712 K    94.696 K    10388    League of Legends        (Verified) Riot Games
    Interrupts    1.17    0 K    0 K    n/a    Hardware Interrupts and DPCs        
    dwm.exe    0.56    63.064 K    57.452 K    844    Gerenciador de Janelas da Área de Trabalho    Microsoft Corporation    (Verified) Microsoft Windows
    csrss.exe    0.46    2.500 K    5.472 K    4368    Processo do tempo de Execução do Servidor do Cliente    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    chrome.exe    0.39    209.300 K    270.312 K    11468    Google Chrome    Google Inc.    (Verified) Google Inc
    LeagueClient.exe    0.27    61.216 K    107.332 K    8688    League of Legends        (Verified) Riot Games
    System    0.20    156 K    148 K    4            
    chrome.exe    0.13    362.448 K    250.588 K    10836    Google Chrome    Google Inc.    (Verified) Google Inc
    audiodg.exe    0.09    7.244 K    12.928 K    11936    Isolamento de Gráfico de Dispositivo de Áudio do Windows     Microsoft Corporation    (Verified) Microsoft Windows
    chrome.exe    0.08    305.964 K    305.632 K    9476    Google Chrome    Google Inc.    (Verified) Google Inc
    explorer.exe    0.07    60.108 K    123.360 K    8884    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
    nvcontainer.exe    0.07    8.820 K    24.444 K    3348    NVIDIA Container    NVIDIA Corporation    (Verified) NVIDIA Corporation
    chrome.exe    0.05    176.176 K    205.388 K    316    Google Chrome    Google Inc.    (Verified) Google Inc
    ns.exe    0.04    187.156 K    21.096 K    3320    Norton Security    Symantec Corporation    (Verified) Symantec Corporation
    NVIDIA Web Helper.exe    0.03    35.420 K    2.752 K    7104    NVIDIA Web Helper Service    Node.js    (Verified) NVIDIA Corporation
    svchost.exe    0.03    4.392 K    11.844 K    1936    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    chrome.exe    0.03    78.540 K    86.008 K    7632    Google Chrome    Google Inc.    (Verified) Google Inc
    chrome.exe    0.03    146.352 K    151.964 K    11768    Google Chrome    Google Inc.    (Verified) Google Inc
    chrome.exe    0.02    126.260 K    135.460 K    5512    Google Chrome    Google Inc.    (Verified) Google Inc
    chrome.exe    0.02    144.532 K    153.836 K    11800    Google Chrome    Google Inc.    (Verified) Google Inc
    svchost.exe    0.02    2.448 K    8.048 K    4464    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe    0.02    9.500 K    20.164 K    10044    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    chrome.exe    0.01    76.164 K    94.844 K    10940    Google Chrome    Google Inc.    (Verified) Google Inc
    chrome.exe    0.01    138.468 K    162.200 K    2948    Google Chrome    Google Inc.    (Verified) Google Inc
    chrome.exe    0.01    158.568 K    171.188 K    8144    Google Chrome    Google Inc.    (Verified) Google Inc
    chrome.exe    0.01    453.296 K    423.672 K    3276    Google Chrome    Google Inc.    (Verified) Google Inc
    LeagueClientUxRender.exe    0.01    88.512 K    109.176 K    8248    League of Legends        (Verified) Riot Games
    chrome.exe    0.01    92.176 K    103.696 K    7652    Google Chrome    Google Inc.    (Verified) Google Inc
    chrome.exe    0.01    59.548 K    70.636 K    5496    Google Chrome    Google Inc.    (Verified) Google Inc
    chrome.exe    < 0.01    147.188 K    154.964 K    9932    Google Chrome    Google Inc.    (Verified) Google Inc
    chrome.exe    < 0.01    56.600 K    63.296 K    10596    Google Chrome    Google Inc.    (Verified) Google Inc
    chrome.exe    < 0.01    43.456 K    65.324 K    7420    Google Chrome    Google Inc.    (Verified) Google Inc
    chrome.exe    < 0.01    145.652 K    153.652 K    3492    Google Chrome    Google Inc.    (Verified) Google Inc
    chrome.exe    < 0.01    139.208 K    145.584 K    11432    Google Chrome    Google Inc.    (Verified) Google Inc
    chrome.exe    < 0.01    128.500 K    137.728 K    11268    Google Chrome    Google Inc.    (Verified) Google Inc
    svchost.exe    < 0.01    2.160 K    7.624 K    1720    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    chrome.exe    < 0.01    91.960 K    106.380 K    7980    Google Chrome    Google Inc.    (Verified) Google Inc
    chrome.exe    < 0.01    91.828 K    103.300 K    9172    Google Chrome    Google Inc.    (Verified) Google Inc
    svchost.exe    < 0.01    9.604 K    19.420 K    1768    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    chrome.exe    < 0.01    68.608 K    83.556 K    7852    Google Chrome    Google Inc.    (Verified) Google Inc
    svchost.exe    < 0.01    2.408 K    12.472 K    1828    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    lsass.exe    < 0.01    6.756 K    16.612 K    740    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    ns.exe    < 0.01    15.280 K    10.156 K    2524    Norton Security    Symantec Corporation    (Verified) Symantec Corporation
    svchost.exe    < 0.01    4.348 K    19.732 K    3304    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    NVDisplay.Container.exe    < 0.01    26.020 K    33.784 K    4764    NVIDIA Container    NVIDIA Corporation    (Verified) NVIDIA Corporation
    svchost.exe    < 0.01    8.508 K    32.716 K    12184    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    Memory Compression    < 0.01    272 K    34.940 K    1468            
    svchost.exe    < 0.01    11.036 K    22.836 K    8900    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    WmiPrvSE.exe        2.400 K    9.180 K    10968    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
    winlogon.exe        2.068 K    8.128 K    10732    Aplicativo de Logon do Windows    Microsoft Corporation    (Verified) Microsoft Windows
    wininit.exe        1.324 K    6.664 K    644    Aplicativo de Inicialização do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    taskhostw.exe        7.184 K    18.104 K    852    Processo de Host para Tarefas do Windows    Microsoft Corporation    (Verified) Microsoft Windows
    svchost.exe        12.996 K    15.884 K    1476    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        6.312 K    13.300 K    996    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        5.016 K    12.920 K    2536    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        7.356 K    16.648 K    3104    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        11.404 K    26.992 K    892    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        26.940 K    36.672 K    3112    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        5.692 K    18.232 K    10160    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        3.852 K    9.264 K    2000    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        2.232 K    12.140 K    5028    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        1.960 K    8.428 K    2864    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        2.344 K    9.292 K    3064    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        2.336 K    7.804 K    304    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        3.092 K    12.968 K    2436    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        7.628 K    30.964 K    9564    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        4.912 K    19.456 K    7000    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        4.240 K    17.864 K    1624    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        3.296 K    13.632 K    7696    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        5.096 K    9.436 K    1652    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        6.312 K    16.148 K    1348    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        2.880 K    11.488 K    13064    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        2.388 K    8.780 K    2680    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        1.892 K    9.096 K    2072    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        8.532 K    27.788 K    3096    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        1.276 K    6.060 K    1820    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        2.556 K    9.668 K    1560    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        3.936 K    14.632 K    3984    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        2.896 K    9.192 K    2168    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        2.476 K    10.052 K    10636    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        1.928 K    8.024 K    1836    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        1.364 K    6.316 K    2396    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        2.604 K    11.248 K    1332    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        2.028 K    11.692 K    1320    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        2.036 K    7.208 K    6372    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        1.984 K    13.172 K    8288    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        3.872 K    13.364 K    3128    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        1.340 K    5.704 K    8408    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        916 K    3.952 K    864    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        2.236 K    10.200 K    1180    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        1.728 K    6.300 K    1248    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        1.860 K    8.648 K    2040    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        1.952 K    8.516 K    2064    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        1.620 K    6.408 K    2580    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        2.324 K    9.368 K    2588    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        2.364 K    11.944 K    2640    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        2.552 K    7.808 K    3004    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        1.720 K    7.312 K    3012    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        1.576 K    6.840 K    3088    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        1.584 K    6.800 K    3252    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        1.260 K    5.840 K    3312    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        1.880 K    8.244 K    3340    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        1.296 K    5.660 K    3480    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        2.036 K    9.100 K    3724    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        3.464 K    12.760 K    3736    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        2.768 K    9.988 K    3800    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        12.044 K    26.100 K    4028    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        1.512 K    7.492 K    6696    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        3.492 K    14.668 K    6736    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        3.280 K    14.968 K    9492    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        3.640 K    8.508 K    9668    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        3.324 K    13.424 K    11148    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    svchost.exe        1.552 K    5.936 K    4760    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    spoolsv.exe        5.308 K    14.780 K    2780    Aplicativo de subsistema de spooler    Microsoft Corporation    (Verified) Microsoft Windows
    smss.exe        456 K    1.204 K    352    Gerenciador de Sessão do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    sihost.exe        6.028 K    24.732 K    6528    Shell Infrastructure Host    Microsoft Corporation    (Verified) Microsoft Windows
    ShellExperienceHost.exe    Suspended    54.488 K    104.536 K    10444    Windows Shell Experience Host    Microsoft Corporation    (Verified) Microsoft Windows
    SettingSyncHost.exe        6.132 K    5.564 K    3156    Host Process for Setting Synchronization    Microsoft Corporation    (Verified) Microsoft Windows
    services.exe        4.672 K    10.456 K    728    Aplicativo de serviços e controle    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    SecurityHealthService.exe        3.908 K    15.696 K    3400    Windows Security Health Service    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    SearchUI.exe    Suspended    96.952 K    149.300 K    6872    Search and Cortana application    Microsoft Corporation    (Verified) Microsoft Windows
    RuntimeBroker.exe        7.844 K    27.868 K    7032    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
    RuntimeBroker.exe        5.204 K    18.064 K    7744    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
    RuntimeBroker.exe        6.180 K    23.016 K    6612    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
    procexp.exe        3.368 K    11.100 K    2532    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
    NvTelemetryContainer.exe        7.580 K    15.928 K    3332    NVIDIA Container    NVIDIA Corporation    (Verified) NVIDIA Corporation
    NVDisplay.Container.exe        4.808 K    13.996 K    1644    NVIDIA Container    NVIDIA Corporation    (Verified) NVIDIA Corporation
    nvcplui.exe        61.348 K    70.500 K    9548    NVIDIA Control Panel Application, 8.1.940.0    NVIDIA Corporation    (Verified) NVIDIA Corporation
    nvcontainer.exe        20.512 K    36.324 K    456    NVIDIA Container    NVIDIA Corporation    (Verified) NVIDIA Corporation
    mfevtps.exe        4.220 K    9.296 K    3136    McAfee Process Validation Service    McAfee, Inc.    (Verified) McAfee
    GoogleCrashHandler64.exe        1.588 K    256 K    9200    Google Crash Handler    Google Inc.    (Verified) Google Inc
    GoogleCrashHandler.exe        1.596 K    236 K    9024    Google Crash Handler    Google Inc.    (Verified) Google Inc
    GameBarPresenceWriter.exe        4.396 K    16.888 K    8652    Gamebar Presence Writer    Microsoft Corporation    (Verified) Microsoft Windows
    fontdrvhost.exe        5.100 K    11.416 K    5808    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
    fontdrvhost.exe        1.352 K    4.212 K    900    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
    dllhost.exe        1.996 K    10.068 K    11556    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
    dasHost.exe        5.948 K    18.116 K    3656    Device Association Framework Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
    ctfmon.exe        3.080 K    14.724 K    9956    Carregador CTF    Microsoft Corporation    (Verified) Microsoft Windows
    csrss.exe        1.684 K    5.216 K    540    Processo do tempo de Execução do Servidor do Cliente    Microsoft Corporation    (Verified) Microsoft Windows Publisher
    conhost.exe        5.248 K    536 K    6616    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
    chrome.exe        70.132 K    79.068 K    11420    Google Chrome    Google Inc.    (Verified) Google Inc
    chrome.exe        180.272 K    183.448 K    9584    Google Chrome    Google Inc.    (Verified) Google Inc
    chrome.exe        61.416 K    71.832 K    9876    Google Chrome    Google Inc.    (Verified) Google Inc
    chrome.exe        83.884 K    102.264 K    7724    Google Chrome    Google Inc.    (Verified) Google Inc
    chrome.exe        118.284 K    132.504 K    5976    Google Chrome    Google Inc.    (Verified) Google Inc
    chrome.exe        32.388 K    45.384 K    11788    Google Chrome    Google Inc.    (Verified) Google Inc
    chrome.exe        3.272 K    11.160 K    11896    Google Chrome    Google Inc.    (Verified) Google Inc
    chrome.exe        3.108 K    11.744 K    12052    Google Chrome    Google Inc.    (Verified) Google Inc

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Restaurei o chrome. E nada... 

    Realmente não sei mais o que fazer

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Procedimentos executados. 

    Segue o log:

     

    Malwarebytes
    www.malwarebytes.com

    -Detalhes de registro-
    Data da análise: 03/01/18
    Hora da análise: 21:41
    Arquivo de registro: aa95e08e-f0df-11e7-b243-902b34ff64cf.json
    Administrador: Sim

    -Informação do software-
    Versão: 3.3.1.2183
    Versão de componentes: 1.0.262
    Versão do pacote de definições: 1.0.3618
    Licença: Gratuita

    -Informação do sistema-
    Sistema operacional: Windows 10 (Build 16299.125)
    CPU: x64
    Sistema de arquivos: NTFS
    Usuário: ROG\u00c3\u0089RIO\Rog\u00c3\u00a9rio

    -Resumo da análise-
    Tipo de análise: Análise Customizada
    Resultado: Concluído
    Objetos verificados: 419973
    Ameaças detectadas: 2
    Ameaças em quarentena: 2
    Tempo decorrido: 1 hr, 24 min, 20 seg

    -Opções da análise-
    Memória: Habilitado
    Inicialização: Habilitado
    Sistema de arquivos: Habilitado
    Arquivos compactados: Habilitado
    Rootkits: Habilitado
    Heurística: Habilitado
    PUP: Detectar
    PUM: Detectar

    -Detalhes da análise-
    Processo: 0
    (Nenhum item malicioso detectado)

    Módulo: 0
    (Nenhum item malicioso detectado)

    Chave de registro: 0
    (Nenhum item malicioso detectado)

    Valor de registro: 0
    (Nenhum item malicioso detectado)

    Dados de registro: 0
    (Nenhum item malicioso detectado)

    Fluxo de dados: 0
    (Nenhum item malicioso detectado)

    Pasta: 0
    (Nenhum item malicioso detectado)

    Arquivo: 2
    PUP.Optional.WinBing, C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\DEFAULTS\PREF\DSENGINE.JS, Quarentena, [1550], [474786],1.0.3618
    PUP.Optional.WinBing, C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\DSENGINE.CFG, Quarentena, [1550], [474787],1.0.3618

    Setor físico: 0
    (Nenhum item malicioso detectado)


    (end)


    ---------------------------
    # AdwCleaner 7.0.6.0 - Logfile created on Fri Jan 05 04:07:21 2018
    # Updated on 2017/21/12 by Malwarebytes 
    # Running on Windows 10 Home (X64)
    # Mode: clean
    # Support: https://www.malwarebytes.com/support

    ***** [ Services ] *****

    No malicious services deleted.

    ***** [ Folders ] *****

    Deleted: C:\ProgramData\Application Data\lavasoft\web companion
    Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion


    ***** [ Files ] *****

    Deleted: C:\Users\Rogério\AppData\Roaming\Mozilla\Firefox\Profiles\ycdepkaz.default\searchplugins\yahoo-lavasoft.xml


    ***** [ DLL ] *****

    No malicious DLLs cleaned.

    ***** [ WMI ] *****

    No malicious WMI cleaned.

    ***** [ Shortcuts ] *****

    No malicious shortcuts cleaned.

    ***** [ Tasks ] *****

    No malicious tasks deleted.

    ***** [ Registry ] *****

    Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
    Deleted: [Key] - HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Lavasoft\Web Companion
    Deleted: [Key] - HKCU\Software\Lavasoft\Web Companion
    Deleted: [Value] - HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
    Deleted: [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
    Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
    Deleted: [Value] - HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe


    ***** [ Firefox (and derivatives) ] *****

    No malicious Firefox entries deleted.

    ***** [ Chromium (and derivatives) ] *****

    No malicious Chromium entries deleted.

    *************************

    ::Tracing keys deleted
    ::Winsock settings cleared
    ::Additional Actions: 0

    *************************

    C:/AdwCleaner/AdwCleaner[C0].txt - [1132 B] - [2017/11/29 19:44:24]
    C:/AdwCleaner/AdwCleaner[S0].txt - [945 B] - [2017/11/29 19:44:12]
    C:/AdwCleaner/AdwCleaner[S1].txt - [1082 B] - [2017/12/2 9:0:42]
    C:/AdwCleaner/AdwCleaner[S2].txt - [2207 B] - [2018/1/5 4:6:55]


    ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

    ------------------

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.1.4 (07.09.2017)
    Operating System: Windows 10 Home x64 
    Ran by Rog‚rio (Administrator) on 05/01/2018 at  2:48:24,60
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


    File System: 0 


    Registry: 1 

    Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353} (Registry Key)


    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 05/01/2018 at  2:49:34,12
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Crie uma conta ou entre para comentar

    Você precisar ser um membro para fazer um comentário






    Sobre o Clube do Hardware

    No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

    Direitos autorais

    Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

    ×