Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Errepege

Suspeita de Malware: Chrome e Edge extremamente lentos

Recommended Posts

Há uns dias os meus navegadores começaram a ter uma lentidão estranha. Uso o Google Chrome e Edge e ambos estão com o mesmo problema. Assim que inicio a navegação, ele abre normalmente, mas demora pra começar a carregar as páginas e demora muito. No Chrome parece no canto inferior esquerdo a seguinte mensagem: "fazendo o download do script de proxy" e às vezes passa um bom tempo e nada de carregar a página. Mas, de repente, em ambos os navegadores, tudo volta ao normal.

No Firefox está tudo bem, assim como no outro pc da casa, descartando-se assim um problema com minha internet. Esse PC problema está conectado pelo cabo de rede.

 

Sistema Windows 10 64 bits

 

Nota: Durante o scan do Za-Scan, ele 'parou de funcionar' e quando cliquei em 'fechar programa' ele abriu novamente, ficou uns segundos escaneando e gerou o 'ZA-Scan.txt'.

Segue print do erro, também.

ZA-Scan.txt

ZASCAN BUG.png

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Errepege

 

Por favor, atente para o seguinte:

  • Sobre o Fórum: Este é um espaço privado, não público. Seu uso é um privilégio, não um direito;
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • IMPORTANTE: Caso tenha programas de ativação do windows ou de compartilhamento de torrent, sugiro desinstalar. Só irei dar procedimento na analise após a remoção. Regras do forum;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Respeite a ordem das instruções passadas;
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Siga os passos abaixo:

ETAPA 1

Baixe o Malwarebytes Anti-Malware (MBAM) do link abaixo e salve no seu desktop.
https://downloads.malwarebytes.org/file/mbam_current/
 
Clique duas vezes no mbam-setup.exe e siga o solicitado para instalar o programa.

  • Na aba Análise > Analise Personalizada marque a opção Procurar rootkits e as entradas referente a instalação do sistema operacional. Normalmente é o drive C:;
  • Clique em Analisar Agora. Aguarde, pois o scan pode demorar;
  • Ao acabar o scan, se houver itens encontrados, certifique-se que estejam todas marcados e clique no botão Remover Selecionadas ou Colocar em Quarentena;
  • Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo);
  • Caso o mbam não seja executado automaticamente após a reinicialização, execute manualmente;
  • O log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Relatórios na janela principal do programa;
  • Clique duas vezes no log (Registro de verificação). Clique no botão Exportar e utilize o formato .txt para exportar o log. Salve na Área de Trabalho;
  • Abra o arquivo, selecione tudo, copie e cole o conteúdo deste log em sua próxima resposta.



NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

ETAPA 2

Faça o download do AdwCleaner de um dos links abaixo e salve no desktop.
https://toolslib.net/downloads/viewdownload/1-adwcleaner/
http://www.bleepingcomputer.com/download/adwcleaner/

Clique em DOWNLOAD NOW para baixar o arquivo.

Execute o adwcleaner.exe

OBS: Usuários do Windows Vista, 7, 8/8.1 e windows 10 clique com o direito sobre o arquivo AdwCleaner.exe, depois clique em VRIfczU.png

Clique em VERIFICAR. Após o termino clique em LIMPAR e aguarde.

Será aberto o bloco de notas com o resultado.

Selecione, copie e cole o seu conteúdo na próxima resposta.

ETAPA 3

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe jrt.exe do link abaixo e salve no desktop.
http://www.bleepingcomputer.com/download/junkware-removal-tool/

Dê um duplo-clique para executar o Junkware Removal Tool (JRT).

OBS: Usuários do Windows Vista, 7, 8/8.1 e windows 10 clique com o direito sobre o arquivo jrt.exe, depois clique em VRIfczU.png

A ferramenta comecará o exame do seu sistema. Tenha paciência pois pode demorar um pouco dependendo da quantidades de ítens a examinar.

Ao final, um log se abrirá. É salvo no desktop com o nome de JRT.txt.

Selecione, copie e cole o conteúdo deste log na sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Segue logs solicitados:

 

Malwarebytes
www.malwarebytes.com

-Detalhes de registro-
Data da análise: 01/12/17
Hora da análise: 04:24
Arquivo de registro: 439693e0-d660-11e7-979c-902b34ff64cf.json
Administrador: Sim

-Informação do software-
Versão: 3.3.1.2183
Versão de componentes: 1.0.236
Versão do pacote de definições: 1.0.3387
Licença: Versão de Avaliação

-Informação do sistema-
Sistema operacional: Windows 10 (Build 16299.64)
CPU: x64
Sistema de arquivos: NTFS
Usuário: ROG\u00c3\u0089RIO\Rog\u00c3\u00a9rio

-Resumo da análise-
Tipo de análise: Análise Customizada
Resultado: Concluído
Objetos verificados: 428051
Ameaças detectadas: 0
(Nenhum item malicioso detectado)
Ameaças em quarentena: 0
(Nenhum item malicioso detectado)
Tempo decorrido: 1 hr, 16 min, 38 seg

-Opções da análise-
Memória: Habilitado
Inicialização: Habilitado
Sistema de arquivos: Habilitado
Arquivos compactados: Habilitado
Rootkits: Habilitado
Heurística: Habilitado
PUP: Detectar
PUM: Detectar

-Detalhes da análise-
Processo: 0
(Nenhum item malicioso detectado)

Módulo: 0
(Nenhum item malicioso detectado)

Chave de registro: 0
(Nenhum item malicioso detectado)

Valor de registro: 0
(Nenhum item malicioso detectado)

Dados de registro: 0
(Nenhum item malicioso detectado)

Fluxo de dados: 0
(Nenhum item malicioso detectado)

Pasta: 0
(Nenhum item malicioso detectado)

Arquivo: 0
(Nenhum item malicioso detectado)

Setor físico: 0
(Nenhum item malicioso detectado)


(end)

-------------------------------------------------------------------------------------

 

# AdwCleaner 7.0.5.0 - Logfile created on Sat Dec 02 09:00:42 2017
# Updated on 2017/29/11 by Malwarebytes 
# Database: 11-29-2017.1
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [1132 B] - [2017/11/29 19:44:24]
C:/AdwCleaner/AdwCleaner[S0].txt - [945 B] - [2017/11/29 19:44:12]


########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt ##########

--------------------------------------------------------

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64 
Ran by Rog‚rio (Administrator) on 02/12/2017 at  7:05:47,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 0 


Registry: 0 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02/12/2017 at  7:07:48,02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Nada encontrado, porém

:/

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Errepege

 

Faça o download do RogueKiller by Tigzy, e salve na sua área de trabalho (Desktop).
roguekiller.exe (x64) << link

  • Feche todos os programas
  • Execute o RogueKiller.exe.
    ** Usuários do Windows Vista, Windows 7, 8, 8.1 e Windows 10:
    Clique com o direito sobre o arquivo rogueKiller.exe, depois clique em VRIfczU.png.
  • Quando a janela da Eula aparecer, clique em Accept.
  • Selecione a aba SCAN
  • Clique em START SCAN
  • Aguarde ate que o scan termine...
  • Clique no botão OPEN REPORT
  • Clique na opção EXPORT TXT e salve na Área de Trabalho com o nome de roguekiller.txt
  • Clique em OK e feche o RogueKiller.


Atente para abrir o arquivo, copiar e colar todo o conteúdo na sua próxima resposta

Compartilhar este post


Link para o post
Compartilhar em outros sites

Segue log do RogueKiller:

RogueKiller V12.11.27.0 (x64) [Dec  4 2017] (Free) por Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Site : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Sistema Operacional : Windows 10 (10.0.16299) 64 bits version
Iniciou : Modo normal
Usuário : Rogério [Administrador]
Started from : C:\Users\Rogério\Desktop\RogueKiller_portable64.exe
Modo : Escanear -- Data : 12/05/2017 18:21:06 (Duration : 00:18:56)

¤¤¤ Processos : 0 ¤¤¤

¤¤¤ Registro : 4 ¤¤¤
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve  -> Encontrado
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve  -> Encontrado
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> Encontrado
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> Encontrado

¤¤¤ Tarefas : 0 ¤¤¤

¤¤¤ Arquivos : 5 ¤¤¤
[PUP.uTorrentAds][Arquivo] C:\Users\Rogério\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe -> Encontrado
[PUP.uTorrentAds][Arquivo] C:\Users\Rogério\AppData\Roaming\uTorrent\updates\3.5.0_43580\utorrentie.exe -> Encontrado
[PUP.uTorrentAds][Arquivo] C:\Users\Rogério\AppData\Roaming\uTorrent\updates\3.5.0_43804\utorrentie.exe -> Encontrado
[PUP.uTorrentAds][Arquivo] C:\Users\Rogério\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe -> Encontrado
[PUP.uTorrentAds][Arquivo] C:\Users\Rogério\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe -> Encontrado

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Arquivos de hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤

¤¤¤ Navegadores : 3 ¤¤¤
[PUP.Gen0][Chrome:Addon] Profile 1 : Video Downloader professional [elicpjhcidhpjomhibiffojpinpmmpil] -> Encontrado
[PUM.HomePage][Chrome:Config] Profile 1 [SecurePrefs] : homepage [http://192.168.2.1/] -> Encontrado
[PUM.HomePage][Chrome:Config] Profile 1 [SecurePrefs] : session.startup_urls [https://www.oculus.com/en-us/rift/|http://www.shoptime.com.br/produto/124255321/geladeira-refrigerador-frost-free-brastemp-ative-brm50-429-litros-platinum?epar=9381&opn=COMPARADORES|http://www.shoptime.com.br/produto/124255291/geladeira-refrigerador-frost-free-brastemp-ative-brm48-403-litros-platinum?opn=GOOGLEXML&loja=01&WT.srch=1&epar=bp_pl_00_go_pla-ed-refrigerador-todas-geral|https://www.balaodainformatica.com.br/Cliente/MinhaConta|http://carinhas.com.br/produto/caneca-personalizada-3/|http://www.bastter.com/Mercado/BastterBlue/como-obter-acesso.aspx|http://www.bastter.com/Mercado/Loja/Categoria/5/Revista-Bastter-Com.aspx|http://guides.gamepressure.com/batmanarkhamasylum/guide.asp?ID=8059|http://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns&p=4038291&viewfull=1#post4038291|http://www.giantitp.com/forums/showsinglepost.php?p=4038291&postcount=19|http://www.giantitp.com/forums/showsinglepost.php?p=4063665&postcount=24|http://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns|http://www.giantitp.com/forums/showsinglepost.php?p=4038363&postcount=20|http://www.giantitp.com/forums/showsinglepost.php?p=4063639&postcount=22|http://www.giantitp.com/forums/showsinglepost.php?p=4063650&postcount=23|http://www.giantitp.com/forums/showsinglepost.php?p=4077985&postcount=60|https://pitzi.com.br/|http://produto.mercadolivre.com.br/MLB-729972915-mata-insetos-pernilongos-moscas-e-mosquitos-zika-dengue-_JM|http://www.probuilds.net/guide/show/KR/2214984472/1561528|http://www.probuilds.net/guide/show/KR/2217666300/1268315|http://www.procon.sp.gov.br/|http://www.leagueoflegendsmath.com/Articles/Common_Build_Mistakes.html|http://www.probuilds.net/guide/show/EUW/2453503356/19806326|http://ddowiki.com/page/Adventure_Packs|http://ddowiki.com/page/Vault_of_Night_(story_arc)|http://ddowiki.com/page/Litany_of_the_Dead_Part_3|http://ddowiki.com/page/The_Shadow_Crypt|https://www.ddo.com/forums/archive/index.php/t-442813.html?s=349b7415d277efc7c0b7e3469ac30f9d|http://ddowiki.com/page/Talk:Augment_Slot|http://ddowiki.com/page/Augment_Slot|http://ddowiki.com/page/Augment_Slot/Purchasable_Augments|http://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Level_12|http://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Ruskin_Blackboot_.28Level_12.29|http://ddowiki.com/page/Devil_Assault_(quest)|http://ddowiki.com/page/Astral_Diamond|http://ddowiki.com/page/Item:Shard_of_Great_Power|http://ddowiki.com/page/Pure_Shavarath_Iron|http://crafting.cubicleninja.com/|https://www.ddo.com/en/U29|http://speedtest.copel.net/] -> Encontrado

¤¤¤ Verificação da MBR : ¤¤¤
+++++ PhysicalDrive0: Corsair Force GS ATA Device +++++
--- User ---
[MBR] ece1d71cf0e7032862379e5b8a72f916
[BSP] 5e1e0b148adde99563fda14f6e5841e3 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 121302 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 249145344 | Size: 450 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ST33000651NS ATA Device +++++
--- User ---
[MBR] c04a40d3a6a527a8f4dbc5de124b09e2
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - Microsoft reserved partition | Offset (sectors): 34 | Size: 128 MB
1 - Basic data partition | Offset (sectors): 264192 | Size: 2861459 MB
User = LL1 ... OK
User = LL2 ... OK

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Errepege

 

Feche todos os programas

  • Execute RogueKiller.exe.
    ** Usuários do Windows Vista, 7, 8/8.1 e windows 10:
    Clique com o direito sobre o arquivo rogueKiller.exe, depois clique em VRIfczU.png
  • Quando a Eula aparecer, clique em Accept.
  • Selecione a aba SCAN e clique em START SCAN
  • Aguarde ate que o scan termine.
  • >>>>>>> Navegue entre as abas e marque todas as entradas encontradas <<<<<<<
  • Clique em REMOVE SELECTED
  • Aguarde ate que o programa termine de deletar as infecções.
  • Clique no botão OPEN REPORT e depois em EXPORT TXT
  • Salve como report.txt na sua Área de Trabalho

Abra o arquivo report.txt salvo no sua Área de Trabalho, copie e cole todo o conteudo na sua próxima resposta.

 

PRÓXIMA ETAPA

 

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Stinger e salve em sua Área de trabalho (Desktop).
32 bit (x86) ou 64 bit (x64)

  • Execute o arquivo Stinger.exe como Administrador.
  • Clique no botão “I Accept”


Stinger%20a.png

Na nova janela clique em “Advanced” e depois “Settings”

Stinger%20b.png

Na janela configurações deixe conforme imagem abaixo e clique no botão “Save”

9hnsyu.png

Clique em “Customize my Scan”

Stinger%20f.png

Selecione as unidades do sistema e em seguida clique no botão “Scan”

Stinger%20g.png

Ao final clique em “View log”, será aberto uma janela com o log em seu navegador.

Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Segue logs do RogueKiller e do Stinger:

 

RogueKiller V12.11.27.0 (x64) [Dec  4 2017] (Free) por Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Site : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Sistema Operacional : Windows 10 (10.0.16299) 64 bits version
Iniciou : Modo normal
Usuário : Rogério [Administrador]
Started from : C:\Users\Rogério\Desktop\RogueKiller_portable64.exe
Modo : Deletar -- Data : 12/06/2017 07:22:44 (Duration : 00:17:56)

¤¤¤ Processos : 0 ¤¤¤

¤¤¤ Registro : 0 ¤¤¤

¤¤¤ Tarefas : 0 ¤¤¤

¤¤¤ Arquivos : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Arquivos de hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤

¤¤¤ Navegadores : 2 ¤¤¤
[PUM.HomePage][Chrome:Config] Profile 1 [SecurePrefs] : homepage [http://192.168.2.1/] -> Deletado
[PUM.HomePage][Chrome:Config] Profile 1 [SecurePrefs] : session.startup_urls [https://www.oculus.com/en-us/rift/|http://www.shoptime.com.br/produto/124255321/geladeira-refrigerador-frost-free-brastemp-ative-brm50-429-litros-platinum?epar=9381&opn=COMPARADORES|http://www.shoptime.com.br/produto/124255291/geladeira-refrigerador-frost-free-brastemp-ative-brm48-403-litros-platinum?opn=GOOGLEXML&loja=01&WT.srch=1&epar=bp_pl_00_go_pla-ed-refrigerador-todas-geral|https://www.balaodainformatica.com.br/Cliente/MinhaConta|http://carinhas.com.br/produto/caneca-personalizada-3/|http://www.bastter.com/Mercado/BastterBlue/como-obter-acesso.aspx|http://www.bastter.com/Mercado/Loja/Categoria/5/Revista-Bastter-Com.aspx|http://guides.gamepressure.com/batmanarkhamasylum/guide.asp?ID=8059|http://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns&p=4038291&viewfull=1#post4038291|http://www.giantitp.com/forums/showsinglepost.php?p=4038291&postcount=19|http://www.giantitp.com/forums/showsinglepost.php?p=4063665&postcount=24|http://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns|http://www.giantitp.com/forums/showsinglepost.php?p=4038363&postcount=20|http://www.giantitp.com/forums/showsinglepost.php?p=4063639&postcount=22|http://www.giantitp.com/forums/showsinglepost.php?p=4063650&postcount=23|http://www.giantitp.com/forums/showsinglepost.php?p=4077985&postcount=60|https://pitzi.com.br/|http://produto.mercadolivre.com.br/MLB-729972915-mata-insetos-pernilongos-moscas-e-mosquitos-zika-dengue-_JM|http://www.probuilds.net/guide/show/KR/2214984472/1561528|http://www.probuilds.net/guide/show/KR/2217666300/1268315|http://www.procon.sp.gov.br/|http://www.leagueoflegendsmath.com/Articles/Common_Build_Mistakes.html|http://www.probuilds.net/guide/show/EUW/2453503356/19806326|http://ddowiki.com/page/Adventure_Packs|http://ddowiki.com/page/Vault_of_Night_(story_arc)|http://ddowiki.com/page/Litany_of_the_Dead_Part_3|http://ddowiki.com/page/The_Shadow_Crypt|https://www.ddo.com/forums/archive/index.php/t-442813.html?s=349b7415d277efc7c0b7e3469ac30f9d|http://ddowiki.com/page/Talk:Augment_Slot|http://ddowiki.com/page/Augment_Slot|http://ddowiki.com/page/Augment_Slot/Purchasable_Augments|http://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Level_12|http://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Ruskin_Blackboot_.28Level_12.29|http://ddowiki.com/page/Devil_Assault_(quest)|http://ddowiki.com/page/Astral_Diamond|http://ddowiki.com/page/Item:Shard_of_Great_Power|http://ddowiki.com/page/Pure_Shavarath_Iron|http://crafting.cubicleninja.com/|https://www.ddo.com/en/U29|http://speedtest.copel.net/] -> Deletado

¤¤¤ Verificação da MBR : ¤¤¤
+++++ PhysicalDrive0: ST33000651NS ATA Device +++++
--- User ---
[MBR] c04a40d3a6a527a8f4dbc5de124b09e2
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - Microsoft reserved partition | Offset (sectors): 34 | Size: 128 MB
1 - Basic data partition | Offset (sectors): 264192 | Size: 2861459 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Corsair Force GS ATA Device +++++
--- User ---
[MBR] ece1d71cf0e7032862379e5b8a72f916
[BSP] 5e1e0b148adde99563fda14f6e5841e3 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 121302 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 249145344 | Size: 450 MB
User = LL1 ... OK
User = LL2 ... OK

 

-----------------------------------------------------------------------------------------

 

McAfee Stinger Scan Results


McAfee® Labs Stinger™ Version 12.1.0.2599 built on Dec  5 2017 at 23:30:41
Copyright© 2015, McAfee, Inc. All Rights Reserved.

AV Engine version v5900.7806 for Windows.
Virus data file v1000.0 created on Dec 6, 2017
Ready to scan for 10272 viruses, trojans and variants.

Custom scan initiated on quarta-feira, dezembro 06, 2017 19:20:23


Rootkit scan result : Clean.

Summary Report on C:
D:
H:
File(s)
    TotalFiles:............    862475
    Clean:.................    346188
    Not Scanned:........... 516287
    Possibly Infected:.....    0

Time: 01:10:59

Scan completed on quarta-feira, dezembro 06, 2017 20:31:22
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Errepege

 

Pressione as teclas Windows tecla-windows.gif + R e digite: msconfig
 
- Clique na guia Serviços, marque a opção Ocultar todos os serviços Microsoft e depois clique em Desativar tudo
- Clique na guia Inicialização de Programas e clique em Abrir Gerenciador de Tarefas
- Clique com o botão direito em cada entrada da inicialização e clique em Desabilitar/Desativar.

Volte para a tela de Configurações do Sistema e clique em Aplicar e depois em OK.
 
Siga as mensagens ate que seja solicitado a reiniciar.

Após isso me informe se os problemas em relação a malwares ainda persistem.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá. Desativei tudo como solicitado. Sem melhora, porém.

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Errepege

 

Baixe o Farbar Recovery Scan do link abaixo e salve na sua área de trabalho.
https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

** Usuários do Windows Vista, Windows 7, 8/8.1 e windows 10:
Clique com o direito sobre o arquivo FRST64.EXE, depois clique em VRIfczU.png .
Aceite o contrato e depois clique no botão Scan/Examinar.

Aguarde e ao final, os logs FRST.txt e Addition.txt serão salvos no seu desktop.

Selecione, copie e cole o conteúdo do FRST.txt em sua próxima resposta e anexe o Addition.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá, segue logs do Farbar Recovery Scan:

 

 

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 11-12-2017
Executado por Rogério (administrador) em ROGÉRIO (12-12-2017 05:48:19)
Executando a partir de C:\Users\Rogério\Desktop
Perfis Carregados: Rogério (Perfis Disponíveis: Rogério & rapha_000)
Platform: Windows 10 Home Versão 1709 16299.64 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\ns.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\ns.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1710.2791.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_151\bin\javaw.exe

==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-07-11] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe [20763320 2017-11-03] (Corsair Components, Inc.)
HKLM\...\RunOnce: [RealProtect] => C:\Program Files\McAfee\Real Protect\RealProtect.exe [7214800 2017-12-06] (McAfee, Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545048 2017-03-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Rogério\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Spotify Web Helper] => C:\Users\Rogério\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-11-27] (Spotify Ltd)
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\MountPoints2: {79afff2b-bb4e-11e7-ad9a-902b34ff64cf} - "F:\iStudio.exe" 

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 189.38.95.95 189.38.95.96
Tcpip\..\Interfaces\{1cccdaf1-4209-4f93-9225-dd69cf1164d9}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{1cccdaf1-4209-4f93-9225-dd69cf1164d9}: [DhcpNameServer] 189.38.95.95 189.38.95.96
Tcpip\..\Interfaces\{2748ca79-bce9-4d38-959b-7b3cd42ef846}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
SearchScopes: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-28] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-28] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)

Edge: 
======
Edge Session Restore: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> está habilitado.

FireFox:
========
FF DefaultProfile: ycdepkaz.default
FF ProfilePath: C:\Users\Rogério\AppData\Roaming\Mozilla\Firefox\Profiles\ycdepkaz.default [2017-12-07]
FF Homepage: Mozilla\Firefox\Profiles\ycdepkaz.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\ycdepkaz.default -> está habilitado.
FF Extension: (Video DownloadHelper) - C:\Users\Rogério\AppData\Roaming\Mozilla\Firefox\Profiles\ycdepkaz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-11-24]
FF Extension: (Flash and Video Download) - C:\Users\Rogério\AppData\Roaming\Mozilla\Firefox\Profiles\ycdepkaz.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}.xpi [2017-12-01]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2017-04-01] [Legacy] [não assinado]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> D:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-28] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-11-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-11-27] (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-24] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://192.168.2.1/
CHR StartupUrls: Profile 1 -> "hxxps://www.oculus.com/en-us/rift/","hxxp://www.shoptime.com.br/produto/124255321/geladeira-refrigerador-frost-free-brastemp-ative-brm50-429-litros-platinum?epar=9381&opn=COMPARADORES","hxxp://www.shoptime.com.br/produto/124255291/geladeira-refrigerador-frost-free-brastemp-ative-brm48-403-litros-platinum?opn=GOOGLEXML&loja=01&WT.srch=1&epar=bp_pl_00_go_pla-ed-refrigerador-todas-geral","hxxps://www.balaodainformatica.com.br/Cliente/MinhaConta","hxxp://carinhas.com.br/produto/caneca-personalizada-3/","hxxp://www.bastter.com/Mercado/BastterBlue/como-obter-acesso.aspx","hxxp://www.bastter.com/Mercado/Loja/Categoria/5/Revista-Bastter-Com.aspx","hxxp://guides.gamepressure.com/batmanarkhamasylum/guide.asp?ID=8059","hxxp://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns&p=4038291&viewfull=1#post4038291","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4038291&postcount=19","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063665&postcount=24","hxxp://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4038363&postcount=20","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063639&postcount=22","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063650&postcount=23","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4077985&postcount=60","hxxps://pitzi.com.br/","hxxp://produto.mercadolivre.com.br/MLB-729972915-mata-insetos-pernilongos-moscas-e-mosquitos-zika-dengue-_JM","hxxp://www.probuilds.net/guide/show/KR/2214984472/1561528","hxxp://www.probuilds.net/guide/show/KR/2217666300/1268315","hxxp://www.procon.sp.gov.br/","hxxp://www.leagueoflegendsmath.com/Articles/Common_Build_Mistakes.html","hxxp://www.probuilds.net/guide/show/EUW/2453503356/19806326","hxxp://ddowiki.com/page/Adventure_Packs","hxxp://ddowiki.com/page/Vault_of_Night_(story_arc)","hxxp://ddowiki.com/page/Litany_of_the_Dead_Part_3","hxxp://ddowiki.com/page/The_Shadow_Crypt","hxxps://www.ddo.com/forums/archive/index.php/t-442813.html?s=349b7415d277efc7c0b7e3469ac30f9d","hxxp://ddowiki.com/page/Talk:Augment_Slot","hxxp://ddowiki.com/page/Augment_Slot","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Level_12","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Ruskin_Blackboot_.28Level_12.29","hxxp://ddowiki.com/page/Devil_Assault_(quest)","hxxp://ddowiki.com/page/Astral_Diamond","hxxp://ddowiki.com/page/Item:Shard_of_Great_Power","hxxp://ddowiki.com/page/Pure_Shavarath_Iron","hxxp://crafting.cubicleninja.com/","hxxps://www.ddo.com/en/U29","hxxp://speedtest.copel.net/"
CHR Session Restore: Profile 1 -> está habilitado.
CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default [2017-11-25]
CHR Extension: (Apresentações) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-25]
CHR Extension: (Documentos) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-25]
CHR Extension: (Google Drive) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-25]
CHR Extension: (YouTube) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-25]
CHR Extension: (Norton Security Toolbar) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-11-25]
CHR Extension: (Adobe Acrobat) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-11-25]
CHR Extension: (Planilhas) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-25]
CHR Extension: (SearchVZ) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhmeggicckjohfhgocjieomdmmanmocd [2017-11-25]
CHR Extension: (Documentos Google off-line) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-25]
CHR Extension: (Norton Identity Safe) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2017-11-25]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-25]
CHR Extension: (Gmail) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-25]
CHR Extension: (Chrome Media Router) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-25]
CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-11-24]
CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-12-12]
CHR Extension: (Apresentações) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-24]
CHR Extension: (Duolingo na Web) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2017-11-24]
CHR Extension: (Documentos) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-24]
CHR Extension: (Google Drive) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-24]
CHR Extension: (YouTube) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-24]
CHR Extension: (Facebook) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2017-11-24]
CHR Extension: (Adblock Plus) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-11-24]
CHR Extension: (Norton Security Toolbar) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-11-24]
CHR Extension: (Adobe Acrobat) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-11-24]
CHR Extension: (Google Agenda) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-11-24]
CHR Extension: (Video Downloader professional) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2017-12-05]
CHR Extension: (Planilhas) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-24]
CHR Extension: (Documentos Google off-line) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-24]
CHR Extension: (hxxp://www.netflix.com/browse) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hjaaapkoiljkjpgpfgckfielajkdjhik [2017-11-24]
CHR Extension: (Google Keep - notas e listas) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-12-11]
CHR Extension: (Norton Identity Safe) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iikflkcanblccfahdhdonehdalibjnif [2017-11-24]
CHR Extension: (X-Men Blog - PASSA PRO BABAÇO!) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\miaklnakbdehkcfhmoohcocbifodpebf [2017-11-24]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-24]
CHR Extension: (Gmail) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-24]
CHR Extension: (Chrome Media Router) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-24]
CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\System Profile [2017-11-24]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\Exts\Chrome.crx <não encontrado (a)>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fhmeggicckjohfhgocjieomdmmanmocd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\Exts\Chrome.crx <não encontrado (a)>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530888 2017-08-25] ()
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S4 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Arquivo não assinado]
S4 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Arquivo não assinado]
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-11] (Intel Corporation)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [343544 2017-12-06] (McAfee, Inc.)
R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NS.exe [326144 2017-11-11] (Symantec Corporation)
S4 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-15] (NVIDIA Corporation)
S4 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-15] (NVIDIA Corporation)
S4 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [463664 2017-11-27] (NVIDIA Corporation)
S4 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-11-15] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2134848 2017-11-22] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3014472 2017-11-22] (Electronic Arts)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\BASHDefs\20171206.001\BHDrvx64.sys [1872024 2017-10-11] (Symantec Corporation)
R1 ccSet_NS; C:\WINDOWS\system32\drivers\NSx64\160B020.007\ccSetx64.sys [187544 2017-11-10] (Symantec Corporation)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45528 2017-07-31] (Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21968 2017-07-31] (Corsair)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [508056 2017-10-18] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [158360 2017-10-18] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171211.001\IDSvia64.sys [1056920 2017-10-13] (Symantec Corporation)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [917008 2017-12-06] (McAfee, Inc.)
S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [124432 2017-12-06] (McAfee, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2d65b7647eff8c45\nvlddmkm.sys [17020720 2017-11-28] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-10] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-11-27] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2017-03-10] (Realtek )
R1 SRTSP; C:\WINDOWS\System32\Drivers\NSx64\160B020.007\SRTSP64.SYS [812696 2017-11-10] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NSx64\160B020.007\SRTSPX64.SYS [49304 2017-11-10] (Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NSx64\160B020.007\SYMEFASI64.SYS [1938584 2017-11-10] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NSx64\160B020.007\SymELAM.sys [24608 2017-11-10] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102600 2017-11-17] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NSx64\160B020.007\Ironx64.SYS [309984 2017-11-10] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\Drivers\NSx64\160B020.007\SYMNETS.SYS [566936 2017-11-10] (Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-12-12 05:47 - 2017-12-12 05:47 - 000051348 _____ C:\Users\Rogério\Desktop\Addition.txt
2017-12-12 05:46 - 2017-12-12 05:48 - 000026240 _____ C:\Users\Rogério\Desktop\FRST.txt
2017-12-12 05:46 - 2017-12-12 05:48 - 000000000 ____D C:\FRST
2017-12-12 05:45 - 2017-12-12 05:45 - 002392064 _____ (Farbar) C:\Users\Rogério\Desktop\FRST64.exe
2017-12-12 05:44 - 2017-12-12 05:44 - 000000000 ____D C:\Users\Rogério\AppData\Local\PlaceholderTileLogoFolder
2017-12-11 22:25 - 2017-12-11 22:25 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-12-07 03:42 - 2017-12-07 03:42 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-12-07 03:42 - 2017-11-27 22:16 - 000137200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-12-07 03:42 - 2017-09-13 21:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-12-07 03:42 - 2017-09-13 21:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-12-07 03:42 - 2017-09-13 21:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-12-07 03:42 - 2017-09-13 21:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-12-07 03:40 - 2017-11-27 23:56 - 040238576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 036348400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 035159072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 029378960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 023266584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 019039304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 013866792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 013255032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 011780888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 010883744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 004202808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 003615024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 001991016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438843.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 001674552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438843.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 001331016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 001321264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 001135464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 001101296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 001044848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 001038680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 001032688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 000982000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 000932424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 000794392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 000740152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 000634224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 000618744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 000616240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 000599536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 000506864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 000045496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-12-06 19:20 - 2017-12-06 19:20 - 000917008 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfehidk.sys
2017-12-06 19:20 - 2017-12-06 19:20 - 000343544 _____ (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
2017-12-06 19:20 - 2017-12-06 19:20 - 000124432 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mferkdet.sys
2017-12-06 19:16 - 2017-12-06 22:11 - 000000000 ____D C:\Program Files\stinger
2017-12-06 19:16 - 2017-12-06 19:16 - 000000000 ____D C:\Program Files\McAfee
2017-12-06 19:14 - 2017-12-06 19:14 - 000009018 _____ C:\Users\Rogério\Desktop\ROGUEKILLER.txt
2017-12-06 17:59 - 2017-12-06 17:59 - 000000000 ____D C:\Users\rapha_000\Desktop\Backup
2017-12-05 18:21 - 2017-12-06 07:22 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-12-05 18:20 - 2017-12-05 18:46 - 000000000 ____D C:\Users\Todos os Usuários\RogueKiller
2017-12-05 18:20 - 2017-12-05 18:46 - 000000000 ____D C:\ProgramData\RogueKiller
2017-12-04 20:00 - 2017-12-04 20:00 - 026851912 _____ (Adlice Software) C:\Users\Rogério\Desktop\RogueKiller_portable64.exe
2017-11-29 19:28 - 2017-11-29 19:28 - 000015578 _____ C:\ZA-Scan.txt
2017-11-29 18:06 - 2017-11-29 18:06 - 000000000 ____D C:\zoek_backup
2017-11-29 17:55 - 2017-11-29 17:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine
2017-11-29 17:55 - 2017-11-29 17:55 - 000000000 ____D C:\Program Files (x86)\Corsair
2017-11-29 17:42 - 2017-12-02 07:00 - 000000000 ____D C:\AdwCleaner
2017-11-24 09:16 - 2017-12-07 03:42 - 000000000 ____D C:\WINDOWS\LastGood
2017-11-24 09:04 - 2017-11-24 09:04 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome
2017-11-24 08:58 - 2017-11-24 08:58 - 000003586 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-24 08:58 - 2017-11-24 08:58 - 000003462 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-24 08:58 - 2017-11-24 08:58 - 000002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-20 15:08 - 2017-11-20 16:54 - 715231211 _____ C:\Users\rapha_000\Downloads\dragon_ball_super_116_FULLHD_fast.mp4
2017-11-17 23:30 - 2017-11-17 23:32 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2017-11-17 23:30 - 2017-11-09 04:43 - 000540784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-11-17 23:30 - 2017-11-09 04:43 - 000446392 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-11-17 18:24 - 2017-11-17 18:24 - 000001603 _____ C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\release.lnk
2017-11-17 12:29 - 2017-11-17 12:29 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2017-11-17 10:31 - 2017-11-17 10:31 - 000003386 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-11-15 10:47 - 2017-10-25 07:11 - 017083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-11-15 10:47 - 2017-10-25 07:11 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-11-15 10:47 - 2017-10-25 07:09 - 021753344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-11-15 10:47 - 2017-10-25 06:57 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2017-11-15 10:47 - 2017-10-25 06:57 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-11-15 10:47 - 2017-10-25 06:56 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-11-15 10:47 - 2017-10-25 04:36 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-11-15 10:47 - 2017-10-25 02:41 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2017-11-15 10:47 - 2017-10-25 02:40 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-15 10:47 - 2017-10-25 02:40 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-15 10:47 - 2017-10-25 02:40 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2017-11-15 10:47 - 2017-10-25 02:39 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-11-15 10:47 - 2017-10-25 02:39 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-15 10:47 - 2017-10-25 02:39 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-11-15 10:47 - 2017-10-25 02:37 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-11-15 10:47 - 2017-10-25 02:37 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-15 10:47 - 2017-10-25 02:36 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-15 10:47 - 2017-10-25 02:36 - 002400664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-15 10:47 - 2017-10-25 02:36 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-11-15 10:47 - 2017-10-25 02:34 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-15 10:47 - 2017-10-25 02:34 - 000839928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-11-15 10:47 - 2017-10-25 02:34 - 000710920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-15 10:47 - 2017-10-25 02:32 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-15 10:47 - 2017-10-25 02:32 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-11-15 10:47 - 2017-10-25 02:31 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-11-15 10:47 - 2017-10-25 02:31 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-11-15 10:47 - 2017-10-25 02:30 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-11-15 10:47 - 2017-10-25 02:30 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-11-15 10:47 - 2017-10-25 02:29 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-11-15 10:47 - 2017-10-25 02:29 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-11-15 10:47 - 2017-10-25 02:29 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-11-15 10:47 - 2017-10-25 02:28 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-11-15 10:47 - 2017-10-25 02:27 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-15 10:47 - 2017-10-25 02:27 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-11-15 10:47 - 2017-10-25 02:27 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-11-15 10:47 - 2017-10-25 02:27 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-11-15 10:47 - 2017-10-25 02:24 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-11-15 10:47 - 2017-10-25 02:20 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-11-15 10:47 - 2017-10-25 01:52 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-11-15 10:47 - 2017-10-25 01:50 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-15 10:47 - 2017-10-25 01:36 - 025246208 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-15 10:47 - 2017-10-25 01:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-11-15 10:47 - 2017-10-25 01:30 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-11-15 10:47 - 2017-10-25 01:28 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-11-15 10:47 - 2017-10-25 01:28 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-11-15 10:47 - 2017-10-25 01:28 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-11-15 10:47 - 2017-10-25 01:27 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-11-15 10:47 - 2017-10-25 01:27 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-11-15 10:47 - 2017-10-25 01:27 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-11-15 10:47 - 2017-10-25 01:24 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-11-15 10:47 - 2017-10-25 01:22 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-15 10:47 - 2017-10-25 01:22 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-11-15 10:47 - 2017-10-25 01:19 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-15 10:47 - 2017-10-25 01:19 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2017-11-15 10:47 - 2017-10-25 01:18 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2017-11-15 10:47 - 2017-10-25 01:18 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-11-15 10:47 - 2017-10-25 01:18 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-11-15 10:47 - 2017-10-25 01:18 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2017-11-15 10:47 - 2017-10-25 01:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2017-11-15 10:47 - 2017-10-25 01:18 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2017-11-15 10:47 - 2017-10-25 01:16 - 023658496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-15 10:47 - 2017-10-25 01:16 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2017-11-15 10:47 - 2017-10-25 01:16 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-11-15 10:47 - 2017-10-25 01:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-15 10:47 - 2017-10-25 01:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-15 10:47 - 2017-10-25 01:14 - 000541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-11-15 10:47 - 2017-10-25 01:14 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2017-11-15 10:47 - 2017-10-25 01:13 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-15 10:47 - 2017-10-25 01:13 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-11-15 10:47 - 2017-10-25 01:12 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-11-15 10:47 - 2017-10-25 01:12 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-15 10:47 - 2017-10-25 01:12 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-11-15 10:47 - 2017-10-25 01:11 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-15 10:47 - 2017-10-25 01:10 - 008099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-15 10:47 - 2017-10-25 01:10 - 004742144 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-15 10:47 - 2017-10-25 01:10 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-11-15 10:47 - 2017-10-25 01:09 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-11-15 10:47 - 2017-10-25 01:09 - 002106368 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-15 10:47 - 2017-10-25 01:09 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-11-15 10:47 - 2017-10-25 01:09 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-15 10:47 - 2017-10-25 01:08 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-15 10:47 - 2017-10-25 01:08 - 002781696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-15 10:47 - 2017-10-25 01:08 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-15 10:47 - 2017-10-25 01:08 - 002392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-11-15 10:47 - 2017-10-25 01:08 - 001667584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-11-15 10:47 - 2017-10-25 01:08 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-11-15 10:47 - 2017-10-25 01:08 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2017-11-15 10:47 - 2017-10-25 01:08 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-15 10:47 - 2017-10-25 01:07 - 018914304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-15 10:47 - 2017-10-25 01:07 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-11-15 10:47 - 2017-10-25 01:07 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-11-15 10:47 - 2017-10-25 01:07 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-11-15 10:47 - 2017-10-25 01:07 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-11-15 10:47 - 2017-10-25 01:07 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2017-11-15 10:47 - 2017-10-25 01:06 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-15 10:47 - 2017-10-25 01:05 - 019339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-15 10:47 - 2017-10-25 01:05 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-15 10:47 - 2017-10-25 01:05 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2017-11-15 10:47 - 2017-10-25 01:04 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-15 10:47 - 2017-10-25 01:04 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2017-11-15 10:47 - 2017-10-25 01:03 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-11-15 10:47 - 2017-10-25 01:02 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-15 10:47 - 2017-10-25 01:01 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-15 10:47 - 2017-10-25 01:01 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-15 10:47 - 2017-10-25 00:59 - 003679232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-15 10:47 - 2017-10-25 00:59 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-15 10:47 - 2017-10-25 00:58 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-11-15 10:47 - 2017-10-25 00:58 - 001322496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-11-15 10:47 - 2017-10-25 00:58 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-11-15 10:47 - 2017-10-25 00:57 - 006035968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-15 10:47 - 2017-10-25 00:55 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-11-15 10:47 - 2017-10-25 00:54 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2017-11-15 10:47 - 2017-10-21 10:25 - 003313968 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-11-15 10:47 - 2017-10-20 12:17 - 002474584 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-11-15 10:47 - 2017-10-20 03:08 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-14 14:10 - 2017-11-14 14:11 - 035202519 _____ C:\Users\Rogério\Desktop\Video - at Yout.mp4

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-12-12 05:41 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-12-12 05:40 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-12-12 05:37 - 2017-10-20 15:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-11 22:26 - 2017-10-20 15:15 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security
2017-12-11 22:14 - 2017-09-29 11:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-11 22:13 - 2017-05-08 16:26 - 000000000 ____D C:\Users\Todos os Usuários\NVIDIA
2017-12-11 22:13 - 2017-05-08 16:26 - 000000000 ____D C:\ProgramData\NVIDIA
2017-12-11 02:07 - 2017-08-17 09:18 - 000000000 ____D C:\Dungeons & Dragons Online
2017-12-11 01:31 - 2017-04-16 18:37 - 000000000 ____D C:\Users\Rogério\AppData\Local\Turbine
2017-12-11 00:07 - 2017-10-20 15:22 - 002588988 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-11 00:07 - 2017-09-30 12:34 - 000976396 _____ C:\WINDOWS\system32\prfh0416.dat
2017-12-11 00:07 - 2017-09-30 12:34 - 000333194 _____ C:\WINDOWS\system32\prfc0416.dat
2017-12-11 00:01 - 2017-10-20 15:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-10 03:02 - 2017-09-29 06:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-12-10 02:40 - 2017-02-15 08:04 - 000000000 ____D C:\Program Files (x86)\Origin
2017-12-10 02:15 - 2017-02-15 04:51 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Origin
2017-12-10 02:08 - 2017-02-15 04:47 - 000000000 ____D C:\Users\Todos os Usuários\Origin
2017-12-10 02:08 - 2017-02-15 04:47 - 000000000 ____D C:\ProgramData\Origin
2017-12-10 02:01 - 2017-02-10 07:51 - 000000000 ____D C:\Users\Rogério\AppData\Local\CrashDumps
2017-12-08 05:19 - 2017-02-10 20:58 - 000000000 ____D C:\Users\Rogério\AppData\Local\Ubisoft Game Launcher
2017-12-07 22:40 - 2017-05-22 14:54 - 000000000 ____D C:\Users\Rogério\AppData\LocalLow\Mozilla
2017-12-07 21:24 - 2016-10-14 20:18 - 000000000 ____D C:\Users\Rogério\Desktop\Panda Network
2017-12-07 21:07 - 2017-02-15 04:42 - 000000000 ____D C:\Users\Rogério\AppData\Local\NVIDIA Corporation
2017-12-07 21:04 - 2017-09-29 06:45 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2017-12-07 07:05 - 2017-10-20 15:12 - 000000000 ____D C:\Users\Rogério
2017-12-07 03:49 - 2017-06-21 04:51 - 000000000 ____D C:\Program Files (x86)\Steam
2017-12-07 03:48 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-12-07 03:48 - 2017-09-29 11:44 - 000000000 ____D C:\WINDOWS\INF
2017-12-07 03:43 - 2017-02-10 07:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-12-07 03:42 - 2017-02-15 04:45 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\NVIDIA
2017-12-07 03:40 - 2017-05-08 16:26 - 000000000 ____D C:\Users\Todos os Usuários\NVIDIA Corporation
2017-12-07 03:40 - 2017-05-08 16:26 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-12-07 03:25 - 2017-08-17 09:19 - 000000000 ____D C:\Users\Rogério\AppData\Local\Akamai
2017-12-05 18:42 - 2017-02-10 13:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-05 18:39 - 2017-10-10 22:50 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-05 18:39 - 2017-02-10 13:35 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-05 18:39 - 2015-10-30 05:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-12-04 19:46 - 2017-05-22 14:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-12-02 19:57 - 2017-05-22 14:54 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-12-02 19:57 - 2017-05-22 14:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-12-01 04:19 - 2017-03-07 04:08 - 000000000 ____D C:\Users\Rogério\AppData\Local\Spotify
2017-12-01 01:29 - 2017-03-07 04:08 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Spotify
2017-11-30 08:32 - 2017-08-07 03:00 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-29 23:06 - 2017-06-17 09:39 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\WhatsApp
2017-11-28 19:28 - 2017-05-02 15:47 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\discord
2017-11-28 18:20 - 2017-03-10 22:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-11-28 18:20 - 2017-03-10 22:53 - 000000000 ____D C:\Users\Todos os Usuários\Oracle
2017-11-28 18:20 - 2017-03-10 22:53 - 000000000 ____D C:\ProgramData\Oracle
2017-11-28 18:20 - 2017-03-10 22:53 - 000000000 ____D C:\Program Files (x86)\Java
2017-11-28 18:18 - 2017-03-10 22:54 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-11-27 23:56 - 2017-10-09 11:14 - 001615472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-11-27 23:56 - 2017-10-09 11:14 - 000225208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2017-11-27 23:56 - 2017-10-09 11:06 - 004485560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-11-27 23:56 - 2017-10-09 11:06 - 003817584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-11-27 23:56 - 2017-10-09 10:47 - 000048442 _____ C:\WINDOWS\system32\nvinfo.pb
2017-11-27 23:56 - 2017-09-29 18:51 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-11-27 22:37 - 2017-05-08 16:26 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-11-27 22:06 - 2017-05-08 16:26 - 005965624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-11-27 22:06 - 2017-05-08 16:26 - 002588976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-11-27 22:06 - 2017-05-08 16:26 - 001766288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-11-27 22:06 - 2017-05-08 16:26 - 000608240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-11-27 22:06 - 2017-05-08 16:26 - 000450544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-11-27 22:06 - 2017-05-08 16:26 - 000122768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-11-27 22:06 - 2017-05-08 16:26 - 000082736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-11-25 20:49 - 2017-02-19 03:35 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\uTorrent
2017-11-25 04:49 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-11-24 20:17 - 2017-05-08 16:25 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-11-24 17:14 - 2017-05-22 14:54 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Mozilla
2017-11-24 09:20 - 2017-10-20 15:15 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-24 09:20 - 2017-10-20 15:15 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-24 09:20 - 2017-10-20 15:15 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-24 09:20 - 2017-10-20 15:15 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-24 09:20 - 2017-10-20 15:15 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-24 09:20 - 2017-10-20 15:15 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-24 09:20 - 2017-10-20 15:15 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-24 09:20 - 2017-10-20 15:15 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-24 09:20 - 2017-05-08 16:25 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-11-24 08:58 - 2017-02-10 08:00 - 000000000 ____D C:\Program Files (x86)\Google
2017-11-23 21:48 - 2017-07-08 20:02 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-11-23 21:29 - 2017-02-10 07:42 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Skype
2017-11-20 09:04 - 2017-05-08 16:26 - 007874971 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-11-19 16:36 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\rescache
2017-11-17 14:00 - 2017-10-20 15:15 - 000004612 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-11-17 14:00 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-11-17 14:00 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-11-17 12:30 - 2017-02-15 04:19 - 000000000 ____D C:\Users\Rogério\AppData\Local\NPE
2017-11-17 12:28 - 2017-02-13 06:59 - 000000000 ____D C:\Program Files\Common Files\AV
2017-11-17 10:35 - 2017-06-17 09:39 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2017-11-17 10:35 - 2017-06-17 09:39 - 000000000 ____D C:\Users\Rogério\AppData\Local\WhatsApp
2017-11-17 10:35 - 2017-05-02 15:47 - 000000000 ____D C:\Users\Rogério\AppData\Local\SquirrelTemp
2017-11-17 10:31 - 2017-09-29 11:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2017-11-17 10:31 - 2017-02-13 04:15 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2017-11-17 10:31 - 2017-02-13 04:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\NSx64
2017-11-17 08:36 - 2017-10-19 01:56 - 000102600 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2017-11-17 08:36 - 2017-10-19 01:56 - 000008471 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2017-11-15 23:41 - 2017-05-09 21:10 - 000186304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-11-15 23:41 - 2017-05-09 21:10 - 000152512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-11-15 23:41 - 2017-02-15 04:42 - 002404800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-11-15 23:41 - 2017-02-15 04:42 - 002070976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-11-15 23:41 - 2017-02-15 04:42 - 001309120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-11-15 22:53 - 2017-02-15 04:42 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-11-15 20:12 - 2017-10-20 15:11 - 000230616 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-15 20:11 - 2017-09-29 11:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-11-15 20:11 - 2017-09-29 11:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-11-15 20:11 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-11-15 20:11 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-11-15 20:11 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-11-15 20:11 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-15 20:11 - 2017-09-29 06:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-11-15 10:48 - 2017-09-29 11:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-15 10:43 - 2017-10-20 15:15 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-11-13 09:58 - 2017-10-20 15:13 - 000000000 ____D C:\Users\Rogério\AppData\Local\Packages
2017-11-13 09:23 - 2017-10-20 15:12 - 000000000 ____D C:\Users\rapha_000

Alguns arquivos em TEMP:
====================
2017-12-05 18:20 - 2017-10-25 02:37 - 001954048 _____ (Microsoft Corporation) C:\Users\Rogério\AppData\Local\Temp\dllnt_dump.dll
2017-12-07 03:40 - 2017-10-27 14:06 - 000370296 _____ (NVIDIA Corporation) C:\Users\Rogério\AppData\Local\Temp\nvStInst.exe

==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

LastRegBack: 2017-12-01 02:24

==================== Fim de FRST.txt ============================

 

 

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 11-12-2017
Executado por Rogério (12-12-2017 05:48:45)
Executando a partir de C:\Users\Rogério\Desktop
Windows 10 Home Versão 1709 16299.64 (X64) (2017-10-20 17:19:06)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-2442392909-140579935-1769747838-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2442392909-140579935-1769747838-1004 - Limited - Enabled)
Convidado (S-1-5-21-2442392909-140579935-1769747838-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-2442392909-140579935-1769747838-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2442392909-140579935-1769747838-1006 - Limited - Enabled)
Momar (S-1-5-21-2442392909-140579935-1769747838-1007 - Limited - Disabled)
rapha_000 (S-1-5-21-2442392909-140579935-1769747838-1003 - Limited - Enabled) => C:\Users\rapha_000
Rogério (S-1-5-21-2442392909-140579935-1769747838-1001 - Administrator - Enabled) => C:\Users\Rogério
WDAGUtilityAccount (S-1-5-21-2442392909-140579935-1769747838-504 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton Security (Enabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.3.28705 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation)
Atualizações da NVIDIA 31.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.1.0 - NVIDIA Corporation) Hidden
Corsair Utility Engine (HKLM-x32\...\{B6784863-ACC5-4BB6-AC26-485FAF3A8E4C}) (Version: 2.20.72 - Corsair)
Curse (HKLM-x32\...\{A20BFF62-AE3C-42BD-9C52-841CAB96BC49}) (Version: 6.0.0.0 - Curse)
Discord (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Discord) (Version: 0.0.298 - Discord Inc.)
Dungeons & Dragons Online v2600.0045.9717.4070 (HKLM-x32\...\bc8a6440-918f-11dd-ad8b-0800200c9a66_is1) (Version: 2600.0045.9717.4070 - Standing Stone Games, LLC)
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version:  - Ubisoft)
FormatFactory 4.1.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.1.0.0 - Free Time)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.0.16 - Riot Games, Inc.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2016) (Version: 1.3 - Receita Federal do Brasil)
IRPF2017 (HKLM-x32\...\IRPF2017) (Version: 1.1 - Receita Federal do Brasil)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
League of Legends (HKLM-x32\...\{8CCCD0E7-56E4-45FB-B3FB-9F5183C2F4F0}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
LoLReplay2 (HKLM-x32\...\{9D5BAC5A-EDBF-4A34-AC2D-139C84B7E050}_is1) (Version: v2.8.2 - Aequus Gaming Ltd.)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 57.0.1 (x64 pt-BR) (HKLM\...\Mozilla Firefox 57.0.1 (x64 pt-BR)) (Version: 57.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3 - Mozilla)
MPC-HC 1.7.11 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.11 - MPC-HC Team)
Norton Security (HKLM-x32\...\NS) (Version: 22.11.2.7 - Symantec Corporation)
NVIDIA Driver de áudio HD 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Driver de controle do 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Driver de gráficos 388.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.43 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 388.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.43 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.8.11002 - Electronic Arts, Inc.)
Painel de controle da NVIDIA 388.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.43 - NVIDIA Corporation) Hidden
PBE (HKLM-x32\...\PBE 1.0) (Version: 1.0 - Riot Games, Inc)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.10 - Serpro - Serviço Federal de Processamento de Dados)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Software de dispositivo do Chipset Intel® (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Spotify (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Spotify) (Version: 1.0.68.407.g6864aaaf - Spotify AB)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Twitch (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 36.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\WhatsApp) (Version: 0.2.6968 - WhatsApp)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinX DVD Ripper Platinum 7.5.12 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version:  - Digiarty Software, Inc.)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Nenhum Arquivo
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-11-27] (NVIDIA Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {03214716-56C0-49CF-869D-7EF8F06F0757} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-11-15] (NVIDIA Corporation)
Task: {037AEFEB-5D66-4EF9-B6C4-C4793FB932B0} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_187_pepper.exe [2017-11-17] (Adobe Systems Incorporated)
Task: {04FD295A-E7E2-4DBB-9CF5-E8639BDA73C5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-11-15] (NVIDIA Corporation)
Task: {127B2546-4D19-4740-B9E2-24408205DD9C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-15] (NVIDIA Corporation)
Task: {13B73632-6084-4B4D-AC0B-4ED21DF68351} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
Task: {22D60B90-C7EA-4290-8A98-6DE268CFA0BD} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
Task: {259305D0-7F98-4C24-B8ED-BF0B6F0480D0} - \Microsoft\Windows\UNP\RunCampaignManager -> Nenhum Arquivo <==== ATENÇÃO
Task: {5EA53C80-E6B0-4B8A-9764-4CF7B679268E} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
Task: {611231A8-9628-43F5-BC66-5E7CE9710B3B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2442392909-140579935-1769747838-1003 => C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {6B290029-748C-41D8-80FD-AD53EF15F9A2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-15] (NVIDIA Corporation)
Task: {6B83EC29-CC43-473C-A4AF-2FCA65A4BC43} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {6E5C6A83-BEF1-480F-9A62-27DE21356329} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2017-11-10] (Symantec Corporation)
Task: {80D5ACF1-DB3B-4BD5-AB11-1FBC5F7C9BCD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-24] (Google Inc.)
Task: {9148A3CE-4670-4246-9B86-854BEA005418} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-15] (NVIDIA Corporation)
Task: {9785E5D8-92F8-4F2F-A430-F9EBDD57342F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-24] (Google Inc.)
Task: {9CCB7E14-9012-4BC5-8983-7525E84DE981} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-11-15] (NVIDIA Corporation)
Task: {A144C735-0CC3-4A62-8607-06D084C16A0C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-11-15] (NVIDIA Corporation)
Task: {A68DAC04-3BCB-4FCE-9C70-930D1B607243} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-15] (NVIDIA Corporation)
Task: {BECFF8D3-95BC-4FC6-8499-B387044C5FD0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-17] (Adobe Systems Incorporated)
Task: {E5A8BBB3-FDFB-4345-9A2E-6F92534CA64A} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\WSCStub.exe [2017-11-10] (Symantec Corporation)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)


ShortcutWithArgument: C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Google Keep - notas e listas.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Rogério\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Rogério\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5803ea45d7990e6f\WhatsChrome Extension.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kbhfoiaobflocffnclkigpkeoagheimn

==================== Módulos Carregados (Whitelisted) ==============

2017-09-29 11:41 - 2017-09-29 11:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-09-29 11:42 - 2017-09-30 12:36 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-09-29 11:42 - 2017-09-30 12:36 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-11-24 08:58 - 2017-11-10 07:57 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libglesv2.dll
2017-11-24 08:58 - 2017-11-10 07:57 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libegl.dll
2017-10-25 08:05 - 2017-10-25 08:05 - 004252160 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1710.2791.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-09-27 07:55 - 2017-09-27 07:55 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1710.2791.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-11-03 17:56 - 2017-11-03 17:56 - 000197120 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll
2017-11-03 17:52 - 2017-11-03 17:52 - 000044544 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\MacroRecording.dll
2017-11-03 18:09 - 2017-11-03 18:09 - 000151040 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairAudioDevice.dll
2017-11-03 17:50 - 2017-11-03 17:50 - 000097280 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\zlib.dll
2017-10-02 07:54 - 2017-10-02 07:54 - 000013312 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\libEGL.DLL
2017-10-02 07:54 - 2017-10-02 07:54 - 001950720 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\libGLESv2.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)


==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)


==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2015-10-30 05:24 - 2015-10-30 05:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) Security Assist => 3
MSCONFIG\Services: isaHelperSvc => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LBTServ => 3
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvTelemetryContainer => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "EvtMgr6"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Corsair Utility Engine"
HKLM\...\StartupApproved\Run32: => "IMSS"
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Steam"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{6A3AEA4A-6C2F-4DCF-8CED-8BF24273F186}] => (Allow) D:\Vuze\Azureus.exe
FirewallRules: [{CCDC5F06-7575-4D7A-99D5-E547831D8D8D}] => (Allow) D:\Vuze\Azureus.exe
FirewallRules: [{66B60690-A84D-43C1-B3E5-7E6570A8C4CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{3BCEA9B6-9EB8-4654-9EA2-C5EE356494E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0F2D6EEE-D364-4F30-95DC-A268AEC7C69B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4F17C9A2-4132-49A1-9610-02940CED6742}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{212F812C-3DF1-4F06-80C3-AEB3E785C207}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{07DDE512-9CCC-474A-A45C-5F60E353E097}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe
FirewallRules: [{2C593F2A-99A0-4D01-8235-69F19632CA18}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe
FirewallRules: [{6B49B98F-A6AE-437C-8DC9-1C689F0E3B66}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe
FirewallRules: [{691A0892-A702-43D7-B2E4-AA3AC46BFC53}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe
FirewallRules: [{686B1685-0541-4F0D-9AB6-591228928201}] => (Allow) D:\Games\Origin\SimCity\SimCity\SimCity.exe
FirewallRules: [{3A0FD541-ED64-4CEB-9BC5-E4B07D240681}] => (Allow) D:\Games\Origin\SimCity\SimCity\SimCity.exe
FirewallRules: [{ACD7F6EE-AE74-4689-BE04-0FA721C1B0DD}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe
FirewallRules: [{7BE5F36D-4B47-4BFE-9E8E-6316A8F563BC}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe
FirewallRules: [{57E60006-667B-4127-8FFE-F0880A05772B}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe
FirewallRules: [{17046295-58D9-43D7-83BA-F78A3E2B76DC}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe
FirewallRules: [{587B0D03-84D1-4CF4-B824-125CD26D68BB}] => (Allow) D:\Games\steamapps\common\Sword Coast Legends\SwordCoast.exe
FirewallRules: [{D2A1E2FC-C7FD-4174-9921-518FAAF694AE}] => (Allow) D:\Games\steamapps\common\Sword Coast Legends\SwordCoast.exe
FirewallRules: [{A6E57C5E-A0EA-467B-BEB3-E9BB5AB9F786}] => (Allow) D:\Games\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe
FirewallRules: [{8504C1E4-6897-4FCD-A727-5FDE8E63293A}] => (Allow) D:\Games\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe
FirewallRules: [{88A614AE-D977-4267-B58F-F7AB8B991491}] => (Allow) D:\Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{708FDAC7-D9E8-44E4-BF33-F9A61FD7669B}] => (Allow) D:\Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{7505F984-C705-44A6-86E1-FF8079F671CE}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{977AB962-91B9-4EAD-8988-8796730D9C63}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{3B73638A-4E23-43D8-B02D-7E9F79215723}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{8B7D40A5-CA48-4CDF-8FF8-991E903B9EA3}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{E4FB541D-F96A-4DB0-B6B2-8016A0CC2632}] => (Allow) D:\Games\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{AE266EFE-5C69-4C32-9674-15855D489BED}] => (Allow) D:\Games\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{BD2B9DB2-8BB0-40D0-82E5-1D1A8DAA1998}] => (Allow) D:\Games\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{DE951DEB-87AE-4FF2-9F6D-7503C2ADC803}] => (Allow) D:\Games\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{910A18F5-1557-43A5-AD2E-3F6E2DA658B6}] => (Allow) D:\Games\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{A39BED4D-E47D-4C1A-B1CE-B5A3677A08F1}] => (Allow) D:\Games\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{79950C39-6643-4DE1-B59C-28CA25216DE1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1A3EFCCB-2809-4389-97A3-B3B818BACE03}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{627532CD-D967-4A6E-A8E0-1F63B7194A82}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AF0748BD-259C-4F8D-9520-B02EB4F06E2F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FFB1C619-937F-4820-9F4C-64418CE152A3}] => (Allow) C:\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe
FirewallRules: [{A3A70C65-01F3-486B-8B75-A980A69F6F66}] => (Allow) C:\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe
FirewallRules: [{765609D5-7494-4E93-9CA2-83A23540743E}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{AC0027CD-298C-4070-AA83-A7169A16F1D3}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{DC495A06-4183-476A-9DD4-69D43172CB0A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{71E0BAEE-872A-47A1-82E4-C978866389C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{992908C0-D632-462F-8B1B-660EA43AB307}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{562016B1-6276-47E4-89F4-0E7047913FA6}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{E5E99778-A929-415B-BBCA-B317AC521E27}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D2A938C8-9B98-4C5F-AFCC-AE593E4FEC3B}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D40BEE31-5F7B-4186-8BD4-9440D7D9A689}] => (Allow) E:\Steam\SteamApps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{D4085136-777D-487C-9614-59DC29C6E4BC}] => (Allow) E:\Steam\SteamApps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{671CFEB2-13D7-4C81-9F39-6B01F94DD4D3}] => (Allow) E:\Steam\SteamApps\common\Sword Coast Legends\SwordCoast.exe
FirewallRules: [{B5BB585F-3FAE-4B5C-8FDA-25C188E40F92}] => (Allow) E:\Steam\SteamApps\common\Sword Coast Legends\SwordCoast.exe
FirewallRules: [{0C0BEC0A-EBB1-46F2-8504-AA3D039071E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{5D366CB0-329E-4492-B892-FDD6F6424DBD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{23FD4592-0A1E-4ED7-B33B-84D9FF32ECE1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{6C0D5192-F0B3-496A-937B-95BF2C42A008}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{694775E2-71C6-4F92-95C1-CE30B7384F58}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D40465AA-A88C-4BC9-B2BA-2F51B20CF5D8}] => (Allow) E:\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{7522DCBD-351D-4CA9-932B-2085EE8331A7}] => (Allow) E:\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{ABCD9D2A-0DFE-4358-9423-01F4F44C72F3}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{57D8FA44-EA07-4055-9456-CB42096EA039}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{9DAB21CC-1E4D-4278-A4E2-A2B392FBE09E}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FFDA303C-81CA-4CF2-A422-4B9CFAB17FA7}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0B766991-26F1-4D1C-97C4-915D25E44F89}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0882A8CA-958F-432A-A538-B6114228BD4D}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{15A5C0D4-F649-45A1-8F6E-6596F2F74419}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{998EB994-61B4-4439-BF4E-23A85A072D5E}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{11EA87D8-3820-499D-8D11-2E9F472F6283}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{80B75330-A2F8-4231-AB67-B6D52A03BDFD}] => (Allow) E:\Steam\SteamApps\common\TreeOfSavior\release\patch\tos.exe
FirewallRules: [{B4FDB7D3-8A77-46A8-8D8D-C21D9924C7E6}] => (Allow) E:\Steam\SteamApps\common\TreeOfSavior\release\patch\tos.exe
FirewallRules: [{21830394-2C27-469C-8897-E36ABE86CA30}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EA7D2852-20F7-4C3B-A678-35D975C25831}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{D3E18C15-52A3-4096-B48A-B121EC01D840}C:\users\rogério\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\rogério\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{87E64EE3-FF2C-4D2F-844A-4A407623700A}C:\users\rogério\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\rogério\appdata\local\akamai\netsession_win.exe
FirewallRules: [{2D6CABFD-A41D-4EAF-B5FA-4B347A0D272A}] => (Allow) D:\FormatFactory\FormatFactory.exe
FirewallRules: [{AC0A28C6-20CB-4877-8457-2CF3F589BC38}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{C9F054A8-9EE4-4182-B9FE-CA93EFD8F3C6}] => (Allow) D:\FormatFactory\FormatFactory.exe
FirewallRules: [{D1EC6DFB-E4F2-42E3-8F06-3E7B73C6308A}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{5FEEDB86-69E0-4D54-A47B-3CD256347BBA}] => (Allow) D:\FormatFactory\FormatFactory.exe
FirewallRules: [{6FEC8C01-9A2E-4634-81BC-AC3E009090CA}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{783F3379-67BD-452B-B7E4-1BC3076A56A4}] => (Allow) D:\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [{18A521D5-3EA0-429F-A92B-8ED0ADCA4A60}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A6C69910-5338-4288-8F2E-601FF9D0A76A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe
FirewallRules: [{9E7F09B8-B141-4EA2-807D-4021A23E54D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe

==================== Pontos de Restauração =========================

ATENÇÃO: A Restauração do Sistema está desabilitada

==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: Logitech Cordless Device
Description: Logitech Cordless Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Logitech Cordless Device
Description: Logitech Cordless Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Logitech Cordless Device
Description: Logitech Cordless Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (12/12/2017 05:42:01 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa CUE.exe versão 2.20.72.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.

ID do Processo: 2c7c

Hora de Início: 01d3722684d33bd3

Hora de Término: 4294967295

Caminho do Aplicativo: C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe

ID do Relatório: 2073f252-bdd1-47f0-8878-2ffe901f68f3

Nome completo do pacote com falha: 

ID do aplicativo relativo ao pacote com falha:

Error: (12/12/2017 05:38:19 AM) (Source: COM) (EventID: 10031) (User: )
Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {41FD88F7-F295-4D39-91AC-A85F3149A05B} foi rejeitada

Error: (12/12/2017 05:38:19 AM) (Source: COM) (EventID: 10031) (User: )
Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {95CABCC9-BC57-4C12-B8DF-BA193232AA01} foi rejeitada

Error: (12/12/2017 05:38:19 AM) (Source: COM) (EventID: 10031) (User: )
Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {41FD88F7-F295-4D39-91AC-A85F3149A05B} foi rejeitada

Error: (12/12/2017 05:38:19 AM) (Source: COM) (EventID: 10031) (User: )
Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {95CABCC9-BC57-4C12-B8DF-BA193232AA01} foi rejeitada

Error: (12/11/2017 10:11:30 PM) (Source: COM) (EventID: 10031) (User: )
Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {41FD88F7-F295-4D39-91AC-A85F3149A05B} foi rejeitada

Error: (12/11/2017 10:11:30 PM) (Source: COM) (EventID: 10031) (User: )
Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {95CABCC9-BC57-4C12-B8DF-BA193232AA01} foi rejeitada

Error: (12/10/2017 02:01:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: NVIDIA Notification.exe, versão: 61.3163.1651.1, carimbo de data/hora: 0x5a0ce9fe
Nome do módulo com falha: NvTelemetryAPI32.dll_unloaded, versão: 7.10.14.0, carimbo de data/hora: 0x5a006364
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0002e83b
ID do processo com falha: 0x25e8
Hora de início do aplicativo com falha: 0x01d3716b838e9001
Caminho do aplicativo com falha: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Geforce Experience\NVIDIA Notification.exe
Caminho do módulo com falha: NvTelemetryAPI32.dll
ID do Relatório: 9981eaa3-bbb4-4a14-ab8e-f1abac615d6b
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:

Error: (12/10/2017 02:01:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: NVIDIA Notification.exe, versão: 61.3163.1651.1, carimbo de data/hora: 0x5a0ce9fe
Nome do módulo com falha: NvTelemetryAPI32.dll_unloaded, versão: 7.10.14.0, carimbo de data/hora: 0x5a006364
Código de exceção: 0xc00001a5
Deslocamento da falha: 0x0006542e
ID do processo com falha: 0x25e8
Hora de início do aplicativo com falha: 0x01d3716b838e9001
Caminho do aplicativo com falha: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Geforce Experience\NVIDIA Notification.exe
Caminho do módulo com falha: NvTelemetryAPI32.dll
ID do Relatório: c51db95d-8c6d-4c82-82e4-b9ecb09bc5be
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:

Error: (12/07/2017 03:42:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: CUE.exe, versão: 2.20.72.0, carimbo de data/hora: 0x59fc94a5
Nome do módulo com falha: libGLESv2.dll, versão: 0.0.0.0, carimbo de data/hora: 0x59d1d48f
Código de exceção: 0xc000041d
Deslocamento da falha: 0x000da181
ID do processo com falha: 0x1d44
Hora de início do aplicativo com falha: 0x01d36f06e9475e8a
Caminho do aplicativo com falha: C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe
Caminho do módulo com falha: C:\Program Files (x86)\Corsair\Corsair Utility Engine\libGLESv2.dll
ID do Relatório: 78ef8f27-7feb-4f48-98c6-fbb0d81ade57
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:


Erros de Sistema:
=============
Error: (12/11/2017 11:12:14 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (12/11/2017 10:14:28 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH42THS-Microsoft.Microsoft3DViewer.

Error: (12/11/2017 10:14:15 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH5FV99-Microsoft.MSPaint.

Error: (12/11/2017 10:14:12 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH537C2-Microsoft.XboxGameOverlay.

Error: (12/11/2017 02:12:36 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (12/11/2017 12:05:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH42THS-Microsoft.Microsoft3DViewer.

Error: (12/11/2017 12:05:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH5FV99-Microsoft.MSPaint.

Error: (12/11/2017 12:04:58 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH537C2-Microsoft.XboxGameOverlay.

Error: (12/11/2017 12:03:07 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH42THS-Microsoft.Microsoft3DViewer.

Error: (12/11/2017 12:02:59 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH5FV99-Microsoft.MSPaint.


CodeIntegrity:
===================================
  Date: 2017-12-11 22:21:35.053
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171211.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-10 02:09:18.787
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171208.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-08 03:38:14.718
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171207.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-07 02:41:20.966
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171206.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-06 02:31:42.546
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171205.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-05 17:21:55.985
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171204.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-03 19:29:14.466
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-12-03 19:29:13.740
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-12-03 19:28:50.803
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-12-03 19:28:49.571
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Informações da Memória =========================== 

Processador: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentagem de memória em uso: 36%
RAM física total: 16329.73 MB
RAM física disponível: 10339.94 MB
Virtual Total: 18761.73 MB
Virtual disponível: 11902.73 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.46 GB) (Free:27.08 GB) NTFS
Drive d: (Rogério) (Fixed) (Total:2794.39 GB) (Free:2036.37 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 8A6487A7)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== Fim de Addition.txt ============================

 

 

 

 

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Errepege

 

Analise se tu precisa de tantas "extensões" no chrome. Isso com certeza irá deixar teu computador lento. Cada extensão habilitada é um processo que consome no minimo 100Mb de ram.

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está no CODE abaixo:

CreateRestorePoint:
CloseProcesses:
PowerShell: $app = Get-WmiObject -Class Win32_Product -ComputerName . | Where-Object -FilterScript {$_.Name -eq "µTorrent "}
PowerShell: $app.Uninstall()
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
SearchScopes: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-28] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-28] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
Edge: 
======
Edge Session Restore: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> está habilitado.
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\MountPoints2: {79afff2b-bb4e-11e7-ad9a-902b34ff64cf} - "F:\iStudio.exe" 
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://192.168.2.1/
CHR StartupUrls: Profile 1 -> "hxxps://www.oculus.com/en-us/rift/","hxxp://www.shoptime.com.br/produto/124255321/geladeira-refrigerador-frost-free-brastemp-ative-brm50-429-litros-platinum?epar=9381&opn=COMPARADORES","hxxp://www.shoptime.com.br/produto/124255291/geladeira-refrigerador-frost-free-brastemp-ative-brm48-403-litros-platinum?opn=GOOGLEXML&loja=01&WT.srch=1&epar=bp_pl_00_go_pla-ed-refrigerador-todas-geral","hxxps://www.balaodainformatica.com.br/Cliente/MinhaConta","hxxp://carinhas.com.br/produto/caneca-personalizada-3/","hxxp://www.bastter.com/Mercado/BastterBlue/como-obter-acesso.aspx","hxxp://www.bastter.com/Mercado/Loja/Categoria/5/Revista-Bastter-Com.aspx","hxxp://guides.gamepressure.com/batmanarkhamasylum/guide.asp?ID=8059","hxxp://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns&p=4038291&viewfull=1#post4038291","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4038291&postcount=19","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063665&postcount=24","hxxp://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4038363&postcount=20","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063639&postcount=22","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063650&postcount=23","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4077985&postcount=60","hxxps://pitzi.com.br/","hxxp://produto.mercadolivre.com.br/MLB-729972915-mata-insetos-pernilongos-moscas-e-mosquitos-zika-dengue-_JM","hxxp://www.probuilds.net/guide/show/KR/2214984472/1561528","hxxp://www.probuilds.net/guide/show/KR/2217666300/1268315","hxxp://www.procon.sp.gov.br/","hxxp://www.leagueoflegendsmath.com/Articles/Common_Build_Mistakes.html","hxxp://www.probuilds.net/guide/show/EUW/2453503356/19806326","hxxp://ddowiki.com/page/Adventure_Packs","hxxp://ddowiki.com/page/Vault_of_Night_(story_arc)","hxxp://ddowiki.com/page/Litany_of_the_Dead_Part_3","hxxp://ddowiki.com/page/The_Shadow_Crypt","hxxps://www.ddo.com/forums/archive/index.php/t-442813.html?s=349b7415d277efc7c0b7e3469ac30f9d","hxxp://ddowiki.com/page/Talk:Augment_Slot","hxxp://ddowiki.com/page/Augment_Slot","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Level_12","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Ruskin_Blackboot_.28Level_12.29","hxxp://ddowiki.com/page/Devil_Assault_(quest)","hxxp://ddowiki.com/page/Astral_Diamond","hxxp://ddowiki.com/page/Item:Shard_of_Great_Power","hxxp://ddowiki.com/page/Pure_Shavarath_Iron","hxxp://crafting.cubicleninja.com/","hxxps://www.ddo.com/en/U29","hxxp://speedtest.copel.net/"
CHR Session Restore: Profile 1 -> está habilitado.
Task: {259305D0-7F98-4C24-B8ED-BF0B6F0480D0} - \Microsoft\Windows\UNP\RunCampaignManager -> Nenhum Arquivo <==== ATENÇÃO
ShortcutWithArgument: C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Google Keep - notas e listas.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Rogério\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Rogério\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5803ea45d7990e6f\WhatsChrome Extension.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kbhfoiaobflocffnclkigpkeoagheimn
FirewallRules: [{ABCD9D2A-0DFE-4358-9423-01F4F44C72F3}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{57D8FA44-EA07-4055-9456-CB42096EA039}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{9DAB21CC-1E4D-4278-A4E2-A2B392FBE09E}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FFDA303C-81CA-4CF2-A422-4B9CFAB17FA7}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0B766991-26F1-4D1C-97C4-915D25E44F89}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0882A8CA-958F-432A-A538-B6114228BD4D}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{15A5C0D4-F649-45A1-8F6E-6596F2F74419}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{998EB994-61B4-4439-BF4E-23A85A072D5E}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{21830394-2C27-469C-8897-E36ABE86CA30}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EA7D2852-20F7-4C3B-A678-35D975C25831}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Nenhum Arquiv
PowerShell: $app = Get-WmiObject -Class Win32_Product -ComputerName . | Where-Object -FilterScript {$_.Name -eq "µTorrent "}
PowerShell: $app.Uninstall()
CMD: ipconfig /flushdns
RemoveProxy:
EmptyTemp:
CreateRestorePoint:

Salve este arquivo na na sua área de trabalho com o nome fixlist

OBS: É de extrema importância que o arquivo "fixlist" seja salvo na sua Área de Trabalho/Desktop. Verifique também se o FRST.exe encontra-se na Área de Trabalho/Desktop.

** Usuários do Windows Vista, Windows 7, 8/8.1 e windows 10:
Clique com o direito sobre o arquivo FRST.EXE, depois clique em VRIfczU.png.

Clique no botão Fix.

Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.

Anexe o log na sua próxima resposta

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá. Eu já tinha feito isso, mas pra me certificar depois da sua postagem, exclui (não apenas desativei) todas as extensões. 

Pediu pra eu postar o Fixlog.txt? Não apareceu esse arquivo, e sim os dois de antes. FRST.txt e Addition.txt. 

De qualquer forma, vou colar ambos os logs aqui:

============================================================================

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 13-12-2017
Executado por Rogério (administrador) em ROGÉRIO (16-12-2017 07:19:21)
Executando a partir de C:\Users\Rogério\Desktop
Perfis Carregados: Rogério (Perfis Disponíveis: Rogério & rapha_000)
Platform: Windows 10 Home Versão 1709 16299.125 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\ns.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\ns.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1712.3351.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe
(Microsoft Corporation) C:\Windows\System32\bcastdvr.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-07-11] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe [20763320 2017-11-03] (Corsair Components, Inc.)
HKLM\...\RunOnce: [RealProtect] => C:\Program Files\McAfee\Real Protect\RealProtect.exe [7214800 2017-12-06] (McAfee, Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545048 2017-03-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Rogério\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Spotify Web Helper] => C:\Users\Rogério\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-11-27] (Spotify Ltd)
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_187_pepper.exe -update pepperplugin
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\MountPoints2: {79afff2b-bb4e-11e7-ad9a-902b34ff64cf} - "F:\iStudio.exe" 

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 189.38.95.95 189.38.95.96
Tcpip\..\Interfaces\{1cccdaf1-4209-4f93-9225-dd69cf1164d9}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{1cccdaf1-4209-4f93-9225-dd69cf1164d9}: [DhcpNameServer] 189.38.95.95 189.38.95.96
Tcpip\..\Interfaces\{2748ca79-bce9-4d38-959b-7b3cd42ef846}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
SearchScopes: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-28] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-28] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)

Edge: 
======
Edge Session Restore: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> está habilitado.

FireFox:
========
FF DefaultProfile: ycdepkaz.default
FF ProfilePath: C:\Users\Rogério\AppData\Roaming\Mozilla\Firefox\Profiles\ycdepkaz.default [2017-12-07]
FF Homepage: Mozilla\Firefox\Profiles\ycdepkaz.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\ycdepkaz.default -> está habilitado.
FF Extension: (Video DownloadHelper) - C:\Users\Rogério\AppData\Roaming\Mozilla\Firefox\Profiles\ycdepkaz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-11-24]
FF Extension: (Flash and Video Download) - C:\Users\Rogério\AppData\Roaming\Mozilla\Firefox\Profiles\ycdepkaz.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}.xpi [2017-12-01]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2017-04-01] [Legacy] [não assinado]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> D:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-28] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-11-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-11-27] (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-24] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://192.168.2.1/
CHR StartupUrls: Profile 1 -> "hxxps://www.oculus.com/en-us/rift/","hxxp://www.shoptime.com.br/produto/124255321/geladeira-refrigerador-frost-free-brastemp-ative-brm50-429-litros-platinum?epar=9381&opn=COMPARADORES","hxxp://www.shoptime.com.br/produto/124255291/geladeira-refrigerador-frost-free-brastemp-ative-brm48-403-litros-platinum?opn=GOOGLEXML&loja=01&WT.srch=1&epar=bp_pl_00_go_pla-ed-refrigerador-todas-geral","hxxps://www.balaodainformatica.com.br/Cliente/MinhaConta","hxxp://carinhas.com.br/produto/caneca-personalizada-3/","hxxp://www.bastter.com/Mercado/BastterBlue/como-obter-acesso.aspx","hxxp://www.bastter.com/Mercado/Loja/Categoria/5/Revista-Bastter-Com.aspx","hxxp://guides.gamepressure.com/batmanarkhamasylum/guide.asp?ID=8059","hxxp://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns&p=4038291&viewfull=1#post4038291","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4038291&postcount=19","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063665&postcount=24","hxxp://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4038363&postcount=20","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063639&postcount=22","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063650&postcount=23","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4077985&postcount=60","hxxps://pitzi.com.br/","hxxp://produto.mercadolivre.com.br/MLB-729972915-mata-insetos-pernilongos-moscas-e-mosquitos-zika-dengue-_JM","hxxp://www.probuilds.net/guide/show/KR/2214984472/1561528","hxxp://www.probuilds.net/guide/show/KR/2217666300/1268315","hxxp://www.procon.sp.gov.br/","hxxp://www.leagueoflegendsmath.com/Articles/Common_Build_Mistakes.html","hxxp://www.probuilds.net/guide/show/EUW/2453503356/19806326","hxxp://ddowiki.com/page/Adventure_Packs","hxxp://ddowiki.com/page/Vault_of_Night_(story_arc)","hxxp://ddowiki.com/page/Litany_of_the_Dead_Part_3","hxxp://ddowiki.com/page/The_Shadow_Crypt","hxxps://www.ddo.com/forums/archive/index.php/t-442813.html?s=349b7415d277efc7c0b7e3469ac30f9d","hxxp://ddowiki.com/page/Talk:Augment_Slot","hxxp://ddowiki.com/page/Augment_Slot","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Level_12","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Ruskin_Blackboot_.28Level_12.29","hxxp://ddowiki.com/page/Devil_Assault_(quest)","hxxp://ddowiki.com/page/Astral_Diamond","hxxp://ddowiki.com/page/Item:Shard_of_Great_Power","hxxp://ddowiki.com/page/Pure_Shavarath_Iron","hxxp://crafting.cubicleninja.com/","hxxps://www.ddo.com/en/U29","hxxp://speedtest.copel.net/"
CHR Session Restore: Profile 1 -> está habilitado.
CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default [2017-11-25]
CHR Extension: (Apresentações) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-25]
CHR Extension: (Documentos) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-25]
CHR Extension: (Google Drive) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-25]
CHR Extension: (YouTube) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-25]
CHR Extension: (Norton Security Toolbar) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-11-25]
CHR Extension: (Adobe Acrobat) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-11-25]
CHR Extension: (Planilhas) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-25]
CHR Extension: (SearchVZ) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhmeggicckjohfhgocjieomdmmanmocd [2017-11-25]
CHR Extension: (Documentos Google off-line) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-25]
CHR Extension: (Norton Identity Safe) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2017-11-25]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-25]
CHR Extension: (Gmail) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-25]
CHR Extension: (Chrome Media Router) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-25]
CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-11-24]
CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-12-16]
CHR Extension: (Duolingo na Web) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2017-11-24]
CHR Extension: (Google Drive) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-24]
CHR Extension: (YouTube) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-24]
CHR Extension: (Facebook) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2017-11-24]
CHR Extension: (Adblock Plus) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-11-24]
CHR Extension: (Google Agenda) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-11-24]
CHR Extension: (Video Downloader professional) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2017-12-16]
CHR Extension: (Planilhas) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-16]
CHR Extension: (hxxp://www.netflix.com/browse) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hjaaapkoiljkjpgpfgckfielajkdjhik [2017-11-24]
CHR Extension: (X-Men Blog - PASSA PRO BABAÇO!) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\miaklnakbdehkcfhmoohcocbifodpebf [2017-11-24]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-24]
CHR Extension: (Gmail) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-24]
CHR Extension: (Chrome Media Router) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-16]
CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\System Profile [2017-11-24]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\Exts\Chrome.crx <não encontrado (a)>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fhmeggicckjohfhgocjieomdmmanmocd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\Exts\Chrome.crx <não encontrado (a)>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530888 2017-08-25] ()
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S4 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Arquivo não assinado]
S4 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Arquivo não assinado]
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-11] (Intel Corporation)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [343544 2017-12-06] (McAfee, Inc.)
R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NS.exe [326144 2017-11-11] (Symantec Corporation)
S4 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-15] (NVIDIA Corporation)
S4 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-15] (NVIDIA Corporation)
S4 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [463664 2017-11-27] (NVIDIA Corporation)
S4 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-11-15] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2134848 2017-11-22] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3014472 2017-11-22] (Electronic Arts)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\BASHDefs\20171213.001\BHDrvx64.sys [1872024 2017-10-11] (Symantec Corporation)
R1 ccSet_NS; C:\WINDOWS\system32\drivers\NSx64\160B020.007\ccSetx64.sys [187544 2017-11-10] (Symantec Corporation)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45528 2017-07-31] (Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21968 2017-07-31] (Corsair)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [508056 2017-10-18] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [158360 2017-10-18] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171215.001\IDSvia64.sys [1056920 2017-10-13] (Symantec Corporation)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [917008 2017-12-06] (McAfee, Inc.)
S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [124432 2017-12-06] (McAfee, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2d65b7647eff8c45\nvlddmkm.sys [17020720 2017-11-28] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-10] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-11-27] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2017-03-10] (Realtek )
R1 SRTSP; C:\WINDOWS\System32\Drivers\NSx64\160B020.007\SRTSP64.SYS [812696 2017-11-10] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NSx64\160B020.007\SRTSPX64.SYS [49304 2017-11-10] (Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NSx64\160B020.007\SYMEFASI64.SYS [1938584 2017-11-10] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NSx64\160B020.007\SymELAM.sys [24608 2017-11-10] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102600 2017-11-17] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NSx64\160B020.007\Ironx64.SYS [309984 2017-11-10] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\Drivers\NSx64\160B020.007\SYMNETS.SYS [566936 2017-11-10] (Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-12-16 07:19 - 2017-12-16 07:19 - 000000000 ____D C:\Users\Rogério\Desktop\FRST-OlderVersion
2017-12-16 05:07 - 2017-12-16 05:07 - 000091303 _____ C:\Users\Rogério\Desktop\WhatsApp Image 2017-12-16 at 05.02.15.jpeg
2017-12-16 04:53 - 2017-12-16 04:53 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-12-16 03:09 - 2017-12-16 03:09 - 000009754 _____ C:\Users\Rogério\Desktop\Fixlist.txt
2017-12-13 07:57 - 2017-12-08 04:52 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-12-13 07:57 - 2017-12-07 21:34 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-12-13 07:57 - 2017-12-07 21:34 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-12-13 07:57 - 2017-12-07 21:34 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2017-12-13 07:57 - 2017-12-07 21:31 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-12-13 07:57 - 2017-12-07 21:31 - 000779440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-12-13 07:57 - 2017-12-07 21:30 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-12-13 07:57 - 2017-12-07 21:28 - 000710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-12-13 07:57 - 2017-12-07 21:28 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2017-12-13 07:57 - 2017-12-07 21:27 - 004504456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2017-12-13 07:57 - 2017-12-07 21:27 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-12-13 07:57 - 2017-12-07 21:27 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-12-13 07:57 - 2017-12-07 21:26 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-12-13 07:57 - 2017-12-07 21:26 - 002709200 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-12-13 07:57 - 2017-12-07 21:26 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-12-13 07:57 - 2017-12-07 21:25 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-12-13 07:57 - 2017-12-07 21:24 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-12-13 07:57 - 2017-12-07 21:24 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-12-13 07:57 - 2017-12-07 21:24 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-12-13 07:57 - 2017-12-07 21:23 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-12-13 07:57 - 2017-12-07 21:23 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-12-13 07:57 - 2017-12-07 21:22 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-12-13 07:57 - 2017-12-07 21:22 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-12-13 07:57 - 2017-12-07 21:22 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-12-13 07:57 - 2017-12-07 21:22 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-12-13 07:57 - 2017-12-07 21:21 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-12-13 07:57 - 2017-12-07 21:20 - 001170000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-12-13 07:57 - 2017-12-07 21:19 - 021352136 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-12-13 07:57 - 2017-12-07 21:16 - 001776272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-12-13 07:57 - 2017-12-07 21:16 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-12-13 07:57 - 2017-12-07 21:15 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-12-13 07:57 - 2017-12-07 21:15 - 000721592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-12-13 07:57 - 2017-12-07 21:14 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-12-13 07:57 - 2017-12-07 21:12 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2017-12-13 07:57 - 2017-12-07 21:10 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-12-13 07:57 - 2017-12-07 20:58 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-12-13 07:57 - 2017-12-07 20:57 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-12-13 07:57 - 2017-12-07 20:56 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-12-13 07:57 - 2017-12-07 20:55 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-12-13 07:57 - 2017-12-07 20:55 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-12-13 07:57 - 2017-12-07 20:39 - 006092664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-12-13 07:57 - 2017-12-07 20:37 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-12-13 07:57 - 2017-12-07 20:36 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2017-12-13 07:57 - 2017-12-07 20:34 - 003484840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-12-13 07:57 - 2017-12-07 20:34 - 002192112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-12-13 07:57 - 2017-12-07 20:33 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-12-13 07:57 - 2017-12-07 20:33 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2017-12-13 07:57 - 2017-12-07 20:32 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-12-13 07:57 - 2017-12-07 20:31 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-12-13 07:57 - 2017-12-07 20:31 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-12-13 07:57 - 2017-12-07 20:31 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-12-13 07:57 - 2017-12-07 20:23 - 006478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-12-13 07:57 - 2017-12-07 20:22 - 025245696 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-12-13 07:57 - 2017-12-07 20:13 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-12-13 07:57 - 2017-12-07 20:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2017-12-13 07:57 - 2017-12-07 20:12 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2017-12-13 07:57 - 2017-12-07 20:12 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-12-13 07:57 - 2017-12-07 20:12 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2017-12-13 07:57 - 2017-12-07 20:11 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-12-13 07:57 - 2017-12-07 20:10 - 018916352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-12-13 07:57 - 2017-12-07 20:10 - 006466048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-12-13 07:57 - 2017-12-07 20:10 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2017-12-13 07:57 - 2017-12-07 20:10 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2017-12-13 07:57 - 2017-12-07 20:10 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-12-13 07:57 - 2017-12-07 20:10 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2017-12-13 07:57 - 2017-12-07 20:10 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-12-13 07:57 - 2017-12-07 20:10 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-12-13 07:57 - 2017-12-07 20:09 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll
2017-12-13 07:57 - 2017-12-07 20:09 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2017-12-13 07:57 - 2017-12-07 20:09 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2017-12-13 07:57 - 2017-12-07 20:09 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2017-12-13 07:57 - 2017-12-07 20:09 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2017-12-13 07:57 - 2017-12-07 20:08 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-12-13 07:57 - 2017-12-07 20:08 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-12-13 07:57 - 2017-12-07 20:08 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-12-13 07:57 - 2017-12-07 20:08 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-12-13 07:57 - 2017-12-07 20:08 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2017-12-13 07:57 - 2017-12-07 20:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-12-13 07:57 - 2017-12-07 20:07 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-12-13 07:57 - 2017-12-07 20:07 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2017-12-13 07:57 - 2017-12-07 20:07 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-13 07:57 - 2017-12-07 20:07 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-12-13 07:57 - 2017-12-07 20:07 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2017-12-13 07:57 - 2017-12-07 20:07 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-12-13 07:57 - 2017-12-07 20:07 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-12-13 07:57 - 2017-12-07 20:06 - 023652864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-12-13 07:57 - 2017-12-07 20:06 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-12-13 07:57 - 2017-12-07 20:06 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-12-13 07:57 - 2017-12-07 20:06 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2017-12-13 07:57 - 2017-12-07 20:06 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2017-12-13 07:57 - 2017-12-07 20:05 - 006037504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-12-13 07:57 - 2017-12-07 20:05 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll
2017-12-13 07:57 - 2017-12-07 20:05 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-12-13 07:57 - 2017-12-07 20:05 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-12-13 07:57 - 2017-12-07 20:05 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-12-13 07:57 - 2017-12-07 20:05 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2017-12-13 07:57 - 2017-12-07 20:05 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-12-13 07:57 - 2017-12-07 20:05 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-12-13 07:57 - 2017-12-07 20:05 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-12-13 07:57 - 2017-12-07 20:05 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-12-13 07:57 - 2017-12-07 20:05 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2017-12-13 07:57 - 2017-12-07 20:05 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2017-12-13 07:57 - 2017-12-07 20:05 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2017-12-13 07:57 - 2017-12-07 20:05 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2017-12-13 07:57 - 2017-12-07 20:04 - 003678208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-12-13 07:57 - 2017-12-07 20:04 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2017-12-13 07:57 - 2017-12-07 20:04 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-12-13 07:57 - 2017-12-07 20:04 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-12-13 07:57 - 2017-12-07 20:03 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-12-13 07:57 - 2017-12-07 20:03 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-12-13 07:57 - 2017-12-07 20:03 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-12-13 07:57 - 2017-12-07 20:03 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-12-13 07:57 - 2017-12-07 20:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-12-13 07:57 - 2017-12-07 20:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-12-13 07:57 - 2017-12-07 20:03 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-12-13 07:57 - 2017-12-07 20:03 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-12-13 07:57 - 2017-12-07 20:03 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-13 07:57 - 2017-12-07 20:03 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll
2017-12-13 07:57 - 2017-12-07 20:02 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-12-13 07:57 - 2017-12-07 20:02 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-12-13 07:57 - 2017-12-07 20:02 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-12-13 07:57 - 2017-12-07 20:02 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-12-13 07:57 - 2017-12-07 20:02 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-12-13 07:57 - 2017-12-07 20:02 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2017-12-13 07:57 - 2017-12-07 20:01 - 008097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-12-13 07:57 - 2017-12-07 20:01 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-12-13 07:57 - 2017-12-07 20:01 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-12-13 07:57 - 2017-12-07 20:01 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-12-13 07:57 - 2017-12-07 20:01 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2017-12-13 07:57 - 2017-12-07 20:00 - 004740608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-12-13 07:57 - 2017-12-07 20:00 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-12-13 07:57 - 2017-12-07 20:00 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-12-13 07:57 - 2017-12-07 19:59 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-12-13 07:57 - 2017-12-07 19:59 - 002105856 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-12-13 07:57 - 2017-12-07 19:59 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-12-13 07:57 - 2017-12-07 19:59 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-12-13 07:57 - 2017-12-07 19:59 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-12-13 07:57 - 2017-12-07 19:58 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-12-13 07:57 - 2017-12-07 19:58 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-12-13 07:57 - 2017-12-07 19:58 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-12-13 07:57 - 2017-12-07 19:58 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-12-13 07:57 - 2017-12-07 19:58 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-12-13 07:57 - 2017-12-07 19:57 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-12-13 07:57 - 2017-12-07 19:57 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-12-13 07:57 - 2017-12-07 19:56 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-12-13 07:57 - 2017-12-07 19:56 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-12-13 07:57 - 2017-12-07 19:56 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-12-13 07:57 - 2017-12-07 19:54 - 002510336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-12-13 07:57 - 2017-12-07 19:54 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-12-13 07:57 - 2017-12-07 19:54 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-12-13 07:57 - 2017-11-26 18:35 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-12-13 07:57 - 2017-11-26 18:32 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-12-13 07:57 - 2017-11-26 18:15 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-12-13 07:57 - 2017-11-26 14:43 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-12-13 07:57 - 2017-11-26 11:48 - 001200536 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-12-13 07:57 - 2017-11-26 11:47 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-12-13 07:57 - 2017-11-26 11:45 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2017-12-13 07:57 - 2017-11-26 11:45 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-12-13 07:57 - 2017-11-26 11:45 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-12-13 07:57 - 2017-11-26 11:45 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-12-13 07:57 - 2017-11-26 11:41 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-12-13 07:57 - 2017-11-26 11:38 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-12-13 07:57 - 2017-11-26 11:37 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-12-13 07:57 - 2017-11-26 11:35 - 001090440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-12-13 07:57 - 2017-11-26 11:35 - 000924136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-12-13 07:57 - 2017-11-26 11:33 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-12-13 07:57 - 2017-11-26 11:33 - 001208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-12-13 07:57 - 2017-11-26 11:33 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-12-13 07:57 - 2017-11-26 11:33 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2017-12-13 07:57 - 2017-11-26 11:32 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-12-13 07:57 - 2017-11-26 11:32 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2017-12-13 07:57 - 2017-11-26 11:31 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-12-13 07:57 - 2017-11-26 11:30 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-12-13 07:57 - 2017-11-26 11:29 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-12-13 07:57 - 2017-11-26 11:29 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-12-13 07:57 - 2017-11-26 11:29 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-12-13 07:57 - 2017-11-26 11:29 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-12-13 07:57 - 2017-11-26 11:29 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-12-13 07:57 - 2017-11-26 11:29 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-12-13 07:57 - 2017-11-26 11:29 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-12-13 07:57 - 2017-11-26 11:28 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-12-13 07:57 - 2017-11-26 11:28 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2017-12-13 07:57 - 2017-11-26 11:28 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-12-13 07:57 - 2017-11-26 11:28 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-12-13 07:57 - 2017-11-26 11:28 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-12-13 07:57 - 2017-11-26 11:27 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-12-13 07:57 - 2017-11-26 11:27 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-12-13 07:57 - 2017-11-26 11:27 - 001413760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-12-13 07:57 - 2017-11-26 11:27 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-12-13 07:57 - 2017-11-26 11:27 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-12-13 07:57 - 2017-11-26 11:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-12-13 07:57 - 2017-11-26 11:26 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-12-13 07:57 - 2017-11-26 11:25 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-12-13 07:57 - 2017-11-26 11:23 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-12-13 07:57 - 2017-11-26 11:23 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-12-13 07:57 - 2017-11-26 11:23 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-12-13 07:57 - 2017-11-26 11:22 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-12-13 07:57 - 2017-11-26 11:21 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-12-13 07:57 - 2017-11-26 11:21 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-12-13 07:57 - 2017-11-26 11:20 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-12-13 07:57 - 2017-11-26 11:20 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-12-13 07:57 - 2017-11-26 10:57 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-12-13 07:57 - 2017-11-26 10:55 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-12-13 07:57 - 2017-11-26 10:55 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-12-13 07:57 - 2017-11-26 10:55 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-12-13 07:57 - 2017-11-26 10:55 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-12-13 07:57 - 2017-11-26 10:55 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-12-13 07:57 - 2017-11-26 10:55 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2017-12-13 07:57 - 2017-11-26 10:54 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-12-13 07:57 - 2017-11-26 10:54 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-12-13 07:57 - 2017-11-26 10:48 - 012829696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-12-13 07:57 - 2017-11-26 10:47 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-12-13 07:57 - 2017-11-26 10:43 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-12-13 07:57 - 2017-11-26 10:36 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2017-12-13 07:57 - 2017-11-26 10:36 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-12-13 07:57 - 2017-11-26 10:36 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2017-12-13 07:57 - 2017-11-26 10:36 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-12-13 07:57 - 2017-11-26 10:35 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2017-12-13 07:57 - 2017-11-26 10:35 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-12-13 07:57 - 2017-11-26 10:34 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2017-12-13 07:57 - 2017-11-26 10:33 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2017-12-13 07:57 - 2017-11-26 10:31 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-12-13 07:57 - 2017-11-26 10:31 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-12-13 07:57 - 2017-11-26 10:31 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-12-13 07:57 - 2017-11-26 10:31 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2017-12-13 07:57 - 2017-11-26 10:29 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-12-13 07:57 - 2017-11-26 10:29 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-12-13 07:57 - 2017-11-26 10:29 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2017-12-13 07:57 - 2017-11-26 10:29 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2017-12-13 07:57 - 2017-11-26 10:28 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-12-13 07:57 - 2017-11-26 10:26 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2017-12-13 07:57 - 2017-11-26 10:26 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-12-13 07:57 - 2017-11-26 10:26 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-12-13 07:57 - 2017-11-26 10:25 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-12-13 07:57 - 2017-11-26 10:25 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-12-13 07:57 - 2017-11-26 10:25 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-12-13 07:57 - 2017-11-26 10:25 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2017-12-13 07:57 - 2017-11-26 10:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-12-13 07:57 - 2017-11-26 10:23 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-12-13 07:57 - 2017-11-26 10:22 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-12-13 07:57 - 2017-11-26 10:19 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-12-13 07:57 - 2017-11-26 10:19 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-12-13 07:57 - 2017-11-26 10:19 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll
2017-12-13 07:57 - 2017-11-26 10:18 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-12-13 07:57 - 2017-11-26 10:18 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-12-13 07:57 - 2017-11-26 10:18 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-12-13 07:57 - 2017-11-26 10:17 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-12-13 07:57 - 2017-11-26 10:17 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-12-13 07:57 - 2017-11-26 10:17 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-12-13 07:57 - 2017-11-26 10:08 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-12-13 07:57 - 2017-11-26 10:05 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-12-13 07:57 - 2017-11-26 10:04 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-12-13 07:57 - 2017-11-26 10:04 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-12-13 07:57 - 2017-11-26 10:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-12-13 07:57 - 2017-11-26 10:03 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-12-13 07:57 - 2017-11-26 10:01 - 003163648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-12-13 07:57 - 2017-11-26 10:00 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-12-13 07:57 - 2017-11-26 09:59 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-12-13 07:57 - 2017-11-26 09:59 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-12-13 07:57 - 2017-11-26 09:59 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-12-13 07:57 - 2017-11-26 09:59 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-12-13 07:57 - 2017-11-26 09:58 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-12-13 07:57 - 2017-11-26 09:48 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2017-12-13 07:57 - 2017-11-26 09:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2017-12-13 07:57 - 2017-11-26 09:21 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2017-12-13 07:57 - 2017-11-26 09:21 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-12-13 07:57 - 2017-11-26 09:02 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2017-12-13 07:57 - 2017-11-26 09:01 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-12-13 07:57 - 2017-11-26 09:01 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-12-13 07:57 - 2017-11-26 09:01 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2017-12-13 07:57 - 2017-11-26 09:01 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-12-13 07:57 - 2017-11-26 09:01 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-12-13 07:57 - 2017-11-26 09:01 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-12-13 07:57 - 2017-11-26 09:00 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-12-13 07:57 - 2017-11-26 09:00 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-12-13 07:57 - 2017-11-26 08:59 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-12-13 07:57 - 2017-11-26 08:58 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-12-13 07:57 - 2017-11-26 08:58 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-12-13 07:57 - 2017-11-26 08:51 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-12-13 07:57 - 2017-11-26 08:51 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-12-13 07:57 - 2017-11-26 08:41 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-12-13 07:57 - 2017-11-26 08:41 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-12-13 07:57 - 2017-11-26 08:41 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-12-13 07:57 - 2017-11-26 08:41 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-12-13 07:57 - 2017-11-26 08:41 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-12-13 07:57 - 2017-11-26 08:40 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-12-13 07:57 - 2017-11-26 08:38 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2017-12-13 07:57 - 2017-11-26 08:37 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-12-13 07:57 - 2017-11-26 08:36 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-12-13 07:57 - 2017-11-26 08:36 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-12-13 07:57 - 2017-11-26 08:36 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-12-13 07:57 - 2017-11-26 08:36 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-12-13 07:57 - 2017-11-26 08:35 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2017-12-13 07:57 - 2017-11-26 08:35 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-12-13 07:57 - 2017-11-26 08:35 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-12-13 07:57 - 2017-11-26 08:35 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2017-12-13 07:57 - 2017-11-26 08:32 - 011923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-12-13 07:57 - 2017-11-26 08:31 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-12-13 07:57 - 2017-11-26 08:31 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-12-13 07:57 - 2017-11-26 08:30 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-12-13 07:57 - 2017-11-26 08:30 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-12-13 07:57 - 2017-11-26 08:29 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-12-13 07:57 - 2017-11-26 08:29 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-12-13 07:57 - 2017-11-26 08:28 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-12-13 07:57 - 2017-11-26 08:24 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-12-13 07:57 - 2017-11-26 08:24 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2017-12-13 07:57 - 2017-11-19 05:35 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-12-13 07:57 - 2017-11-19 00:20 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-12-12 05:47 - 2017-12-12 05:48 - 000051349 _____ C:\Users\Rogério\Desktop\Addition.txt
2017-12-12 05:46 - 2017-12-16 07:19 - 000023736 _____ C:\Users\Rogério\Desktop\FRST.txt
2017-12-12 05:46 - 2017-12-16 07:19 - 000000000 ____D C:\FRST
2017-12-12 05:45 - 2017-12-16 07:19 - 002392064 _____ (Farbar) C:\Users\Rogério\Desktop\FRST64.exe
2017-12-12 05:44 - 2017-12-12 07:00 - 000000000 ____D C:\Users\Rogério\AppData\Local\PlaceholderTileLogoFolder
2017-12-07 03:42 - 2017-12-07 03:42 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-12-07 03:42 - 2017-11-27 22:16 - 000137200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-12-07 03:42 - 2017-09-13 21:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-12-07 03:42 - 2017-09-13 21:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-12-07 03:42 - 2017-09-13 21:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-12-07 03:42 - 2017-09-13 21:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-12-07 03:40 - 2017-11-27 23:56 - 040238576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 036348400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 035159072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 029378960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 023266584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 019039304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 013866792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 013255032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 011780888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 010883744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 004202808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 003615024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 001991016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438843.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 001674552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438843.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 001331016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 001321264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 001135464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 001101296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 001044848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 001038680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 001032688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 000982000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 000932424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 000794392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 000740152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 000634224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 000618744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 000616240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 000599536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 000506864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-12-07 03:40 - 2017-11-27 23:56 - 000045496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-12-06 19:20 - 2017-12-06 19:20 - 000917008 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfehidk.sys
2017-12-06 19:20 - 2017-12-06 19:20 - 000343544 _____ (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
2017-12-06 19:20 - 2017-12-06 19:20 - 000124432 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mferkdet.sys
2017-12-06 19:16 - 2017-12-06 22:11 - 000000000 ____D C:\Program Files\stinger
2017-12-06 19:16 - 2017-12-06 19:16 - 000000000 ____D C:\Program Files\McAfee
2017-12-06 19:14 - 2017-12-06 19:14 - 000009018 _____ C:\Users\Rogério\Desktop\ROGUEKILLER.txt
2017-12-06 17:59 - 2017-12-06 17:59 - 000000000 ____D C:\Users\rapha_000\Desktop\Backup
2017-12-05 18:21 - 2017-12-06 07:22 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-12-05 18:20 - 2017-12-05 18:46 - 000000000 ____D C:\Users\Todos os Usuários\RogueKiller
2017-12-05 18:20 - 2017-12-05 18:46 - 000000000 ____D C:\ProgramData\RogueKiller
2017-11-29 19:28 - 2017-11-29 19:28 - 000015578 _____ C:\ZA-Scan.txt
2017-11-29 18:06 - 2017-11-29 18:06 - 000000000 ____D C:\zoek_backup
2017-11-29 17:55 - 2017-11-29 17:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine
2017-11-29 17:55 - 2017-11-29 17:55 - 000000000 ____D C:\Program Files (x86)\Corsair
2017-11-29 17:42 - 2017-12-02 07:00 - 000000000 ____D C:\AdwCleaner
2017-11-24 08:58 - 2017-12-14 21:35 - 000002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-24 08:58 - 2017-11-24 08:58 - 000003586 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-24 08:58 - 2017-11-24 08:58 - 000003462 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-20 15:08 - 2017-11-20 16:54 - 715231211 _____ C:\Users\rapha_000\Downloads\dragon_ball_super_116_FULLHD_fast.mp4
2017-11-17 23:30 - 2017-11-09 04:43 - 000540784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-11-17 23:30 - 2017-11-09 04:43 - 000446392 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-11-17 18:24 - 2017-11-17 18:24 - 000001603 _____ C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\release.lnk
2017-11-17 12:29 - 2017-11-17 12:29 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2017-11-17 10:31 - 2017-11-17 10:31 - 000003386 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-12-16 07:09 - 2016-10-14 20:18 - 000000000 ____D C:\Users\Rogério\Desktop\Panda Network
2017-12-16 07:08 - 2017-10-20 15:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-16 07:07 - 2017-09-29 11:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-12-16 05:22 - 2017-10-20 15:15 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security
2017-12-16 05:07 - 2017-06-17 09:39 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\WhatsApp
2017-12-16 05:06 - 2017-06-21 04:51 - 000000000 ____D C:\Program Files (x86)\Steam
2017-12-16 05:06 - 2017-06-17 09:39 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2017-12-16 05:06 - 2017-06-17 09:39 - 000000000 ____D C:\Users\Rogério\AppData\Local\WhatsApp
2017-12-16 05:06 - 2017-02-10 07:51 - 000000000 ____D C:\Users\Rogério\AppData\Local\CrashDumps
2017-12-16 05:05 - 2017-05-02 15:47 - 000000000 ____D C:\Users\Rogério\AppData\Local\SquirrelTemp
2017-12-16 02:12 - 2017-10-20 15:15 - 000004672 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-12-16 02:12 - 2017-03-10 07:47 - 000000000 ____D C:\Users\Rogério\AppData\Local\Adobe
2017-12-16 02:12 - 2017-02-19 03:35 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\uTorrent
2017-12-16 02:11 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-12-16 02:11 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-12-15 16:31 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-12-15 16:30 - 2017-09-29 11:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-15 16:30 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-12-15 16:28 - 2017-05-08 16:26 - 000000000 ____D C:\Users\Todos os Usuários\NVIDIA
2017-12-15 16:28 - 2017-05-08 16:26 - 000000000 ____D C:\ProgramData\NVIDIA
2017-12-14 08:45 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\rescache
2017-12-14 08:10 - 2017-10-20 15:13 - 000000000 ____D C:\Users\Rogério\AppData\Local\Packages
2017-12-14 08:05 - 2017-10-20 15:22 - 002623580 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-14 08:05 - 2017-09-30 12:34 - 000984900 _____ C:\WINDOWS\system32\prfh0416.dat
2017-12-14 08:05 - 2017-09-30 12:34 - 000341314 _____ C:\WINDOWS\system32\prfc0416.dat
2017-12-14 08:00 - 2017-10-20 15:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-14 08:00 - 2017-09-29 06:45 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2017-12-13 21:23 - 2017-09-29 06:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-12-13 21:15 - 2017-09-29 11:44 - 000000000 ____D C:\WINDOWS\INF
2017-12-13 21:13 - 2017-02-10 13:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-13 21:11 - 2017-10-10 22:50 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-13 21:11 - 2017-02-10 13:35 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-13 21:05 - 2017-10-20 15:48 - 000000000 ___RD C:\Users\Rogério\3D Objects
2017-12-13 21:05 - 2017-10-20 15:11 - 000230616 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-13 21:05 - 2017-02-10 07:40 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\Provisioning
2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\Program Files\Windows Defender
2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\PerfLogs
2017-12-13 21:04 - 2017-09-29 06:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-12-13 07:58 - 2017-09-29 11:42 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-12-13 07:58 - 2017-09-29 11:41 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-12-13 07:58 - 2017-09-29 11:41 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-12-13 07:58 - 2017-09-29 11:41 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-12-11 02:07 - 2017-08-17 09:18 - 000000000 ____D C:\Dungeons & Dragons Online
2017-12-11 01:31 - 2017-04-16 18:37 - 000000000 ____D C:\Users\Rogério\AppData\Local\Turbine
2017-12-10 02:40 - 2017-02-15 08:04 - 000000000 ____D C:\Program Files (x86)\Origin
2017-12-10 02:15 - 2017-02-15 04:51 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Origin
2017-12-10 02:08 - 2017-02-15 04:47 - 000000000 ____D C:\Users\Todos os Usuários\Origin
2017-12-10 02:08 - 2017-02-15 04:47 - 000000000 ____D C:\ProgramData\Origin
2017-12-08 05:19 - 2017-02-10 20:58 - 000000000 ____D C:\Users\Rogério\AppData\Local\Ubisoft Game Launcher
2017-12-07 22:40 - 2017-05-22 14:54 - 000000000 ____D C:\Users\Rogério\AppData\LocalLow\Mozilla
2017-12-07 21:07 - 2017-02-15 04:42 - 000000000 ____D C:\Users\Rogério\AppData\Local\NVIDIA Corporation
2017-12-07 07:05 - 2017-10-20 15:12 - 000000000 ____D C:\Users\Rogério
2017-12-07 03:48 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-12-07 03:43 - 2017-02-10 07:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-12-07 03:42 - 2017-02-15 04:45 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\NVIDIA
2017-12-07 03:40 - 2017-05-08 16:26 - 000000000 ____D C:\Users\Todos os Usuários\NVIDIA Corporation
2017-12-07 03:40 - 2017-05-08 16:26 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-12-07 03:25 - 2017-08-17 09:19 - 000000000 ____D C:\Users\Rogério\AppData\Local\Akamai
2017-12-05 18:39 - 2015-10-30 05:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-12-04 19:46 - 2017-05-22 14:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-12-03 20:38 - 2017-09-29 11:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-12-03 20:38 - 2017-09-29 11:49 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-02 19:57 - 2017-05-22 14:54 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-12-02 19:57 - 2017-05-22 14:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-12-01 04:19 - 2017-03-07 04:08 - 000000000 ____D C:\Users\Rogério\AppData\Local\Spotify
2017-12-01 01:29 - 2017-03-07 04:08 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Spotify
2017-11-30 08:32 - 2017-08-07 03:00 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-28 19:28 - 2017-05-02 15:47 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\discord
2017-11-28 18:20 - 2017-03-10 22:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-11-28 18:20 - 2017-03-10 22:53 - 000000000 ____D C:\Users\Todos os Usuários\Oracle
2017-11-28 18:20 - 2017-03-10 22:53 - 000000000 ____D C:\ProgramData\Oracle
2017-11-28 18:20 - 2017-03-10 22:53 - 000000000 ____D C:\Program Files (x86)\Java
2017-11-28 18:18 - 2017-03-10 22:54 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-11-27 23:56 - 2017-10-09 11:14 - 001615472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-11-27 23:56 - 2017-10-09 11:14 - 000225208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2017-11-27 23:56 - 2017-10-09 11:06 - 004485560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-11-27 23:56 - 2017-10-09 11:06 - 003817584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-11-27 23:56 - 2017-10-09 10:47 - 000048442 _____ C:\WINDOWS\system32\nvinfo.pb
2017-11-27 23:56 - 2017-09-29 18:51 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-11-27 22:37 - 2017-05-08 16:26 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-11-27 22:06 - 2017-05-08 16:26 - 005965624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-11-27 22:06 - 2017-05-08 16:26 - 002588976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-11-27 22:06 - 2017-05-08 16:26 - 001766288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-11-27 22:06 - 2017-05-08 16:26 - 000608240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-11-27 22:06 - 2017-05-08 16:26 - 000450544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-11-27 22:06 - 2017-05-08 16:26 - 000122768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-11-27 22:06 - 2017-05-08 16:26 - 000082736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-11-25 04:49 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-11-24 20:17 - 2017-05-08 16:25 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-11-24 17:14 - 2017-05-22 14:54 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Mozilla
2017-11-24 09:20 - 2017-10-20 15:15 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-24 09:20 - 2017-10-20 15:15 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-24 09:20 - 2017-10-20 15:15 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-24 09:20 - 2017-10-20 15:15 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-24 09:20 - 2017-10-20 15:15 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-24 09:20 - 2017-10-20 15:15 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-24 09:20 - 2017-10-20 15:15 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-24 09:20 - 2017-10-20 15:15 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-24 09:20 - 2017-05-08 16:25 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-11-24 08:58 - 2017-02-10 08:00 - 000000000 ____D C:\Program Files (x86)\Google
2017-11-23 21:48 - 2017-07-08 20:02 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-11-23 21:29 - 2017-02-10 07:42 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Skype
2017-11-20 09:04 - 2017-05-08 16:26 - 007874971 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-11-17 12:30 - 2017-02-15 04:19 - 000000000 ____D C:\Users\Rogério\AppData\Local\NPE
2017-11-17 12:28 - 2017-02-13 06:59 - 000000000 ____D C:\Program Files\Common Files\AV
2017-11-17 10:31 - 2017-09-29 11:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2017-11-17 10:31 - 2017-02-13 04:15 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2017-11-17 10:31 - 2017-02-13 04:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\NSx64
2017-11-17 08:36 - 2017-10-19 01:56 - 000102600 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2017-11-17 08:36 - 2017-10-19 01:56 - 000008471 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT

==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

LastRegBack: 2017-12-12 07:09

==================== Fim de FRST.txt ============================

 

----------------------------------------------------------------------------------------------------------------------------------------------

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 13-12-2017
Executado por Rogério (16-12-2017 07:19:47)
Executando a partir de C:\Users\Rogério\Desktop
Windows 10 Home Versão 1709 16299.125 (X64) (2017-10-20 17:19:06)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-2442392909-140579935-1769747838-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2442392909-140579935-1769747838-1004 - Limited - Enabled)
Convidado (S-1-5-21-2442392909-140579935-1769747838-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-2442392909-140579935-1769747838-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2442392909-140579935-1769747838-1006 - Limited - Enabled)
Momar (S-1-5-21-2442392909-140579935-1769747838-1007 - Limited - Disabled)
rapha_000 (S-1-5-21-2442392909-140579935-1769747838-1003 - Limited - Enabled) => C:\Users\rapha_000
Rogério (S-1-5-21-2442392909-140579935-1769747838-1001 - Administrator - Enabled) => C:\Users\Rogério
WDAGUtilityAccount (S-1-5-21-2442392909-140579935-1769747838-504 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton Security (Enabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\uTorrent) (Version: 3.5.0.44294 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation)
Atualizações da NVIDIA 31.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.1.0 - NVIDIA Corporation) Hidden
Corsair Utility Engine (HKLM-x32\...\{B6784863-ACC5-4BB6-AC26-485FAF3A8E4C}) (Version: 2.20.72 - Corsair)
Curse (HKLM-x32\...\{A20BFF62-AE3C-42BD-9C52-841CAB96BC49}) (Version: 6.0.0.0 - Curse)
Discord (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Discord) (Version: 0.0.298 - Discord Inc.)
Dungeons & Dragons Online v2600.0045.9717.4070 (HKLM-x32\...\bc8a6440-918f-11dd-ad8b-0800200c9a66_is1) (Version: 2600.0045.9717.4070 - Standing Stone Games, LLC)
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version:  - Ubisoft)
FormatFactory 4.1.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.1.0.0 - Free Time)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.0.16 - Riot Games, Inc.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2016) (Version: 1.3 - Receita Federal do Brasil)
IRPF2017 (HKLM-x32\...\IRPF2017) (Version: 1.1 - Receita Federal do Brasil)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
League of Legends (HKLM-x32\...\{8CCCD0E7-56E4-45FB-B3FB-9F5183C2F4F0}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
LoLReplay2 (HKLM-x32\...\{9D5BAC5A-EDBF-4A34-AC2D-139C84B7E050}_is1) (Version: v2.8.2 - Aequus Gaming Ltd.)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 57.0.1 (x64 pt-BR) (HKLM\...\Mozilla Firefox 57.0.1 (x64 pt-BR)) (Version: 57.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3 - Mozilla)
MPC-HC 1.7.11 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.11 - MPC-HC Team)
Norton Security (HKLM-x32\...\NS) (Version: 22.11.2.7 - Symantec Corporation)
NVIDIA Driver de áudio HD 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Driver de controle do 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Driver de gráficos 388.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.43 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 388.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.43 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.8.11002 - Electronic Arts, Inc.)
Painel de controle da NVIDIA 388.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.43 - NVIDIA Corporation) Hidden
PBE (HKLM-x32\...\PBE 1.0) (Version: 1.0 - Riot Games, Inc)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.10 - Serpro - Serviço Federal de Processamento de Dados)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Software de dispositivo do Chipset Intel® (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Spotify (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Spotify) (Version: 1.0.68.407.g6864aaaf - Spotify AB)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Twitch (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 36.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\WhatsApp) (Version: 0.2.7315 - WhatsApp)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinX DVD Ripper Platinum 7.5.12 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version:  - Digiarty Software, Inc.)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Nenhum Arquivo
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-11-27] (NVIDIA Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {03214716-56C0-49CF-869D-7EF8F06F0757} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-11-15] (NVIDIA Corporation)
Task: {037AEFEB-5D66-4EF9-B6C4-C4793FB932B0} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_126_pepper.exe [2017-12-16] (Adobe Systems Incorporated)
Task: {04FD295A-E7E2-4DBB-9CF5-E8639BDA73C5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-11-15] (NVIDIA Corporation)
Task: {127B2546-4D19-4740-B9E2-24408205DD9C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-15] (NVIDIA Corporation)
Task: {13B73632-6084-4B4D-AC0B-4ED21DF68351} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
Task: {22D60B90-C7EA-4290-8A98-6DE268CFA0BD} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
Task: {259305D0-7F98-4C24-B8ED-BF0B6F0480D0} - \Microsoft\Windows\UNP\RunCampaignManager -> Nenhum Arquivo <==== ATENÇÃO
Task: {55CC33AE-9FE7-4F6D-86D2-49CFD4389F12} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
Task: {611231A8-9628-43F5-BC66-5E7CE9710B3B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2442392909-140579935-1769747838-1003 => C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {6B290029-748C-41D8-80FD-AD53EF15F9A2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-15] (NVIDIA Corporation)
Task: {6B83EC29-CC43-473C-A4AF-2FCA65A4BC43} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {80D5ACF1-DB3B-4BD5-AB11-1FBC5F7C9BCD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-24] (Google Inc.)
Task: {9148A3CE-4670-4246-9B86-854BEA005418} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-15] (NVIDIA Corporation)
Task: {9785E5D8-92F8-4F2F-A430-F9EBDD57342F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-24] (Google Inc.)
Task: {9CCB7E14-9012-4BC5-8983-7525E84DE981} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-11-15] (NVIDIA Corporation)
Task: {A144C735-0CC3-4A62-8607-06D084C16A0C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-11-15] (NVIDIA Corporation)
Task: {A68DAC04-3BCB-4FCE-9C70-930D1B607243} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-15] (NVIDIA Corporation)
Task: {BECFF8D3-95BC-4FC6-8499-B387044C5FD0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-16] (Adobe Systems Incorporated)
Task: {E42DB901-08F0-4A8D-B85D-63C4F4FFE226} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2017-11-10] (Symantec Corporation)
Task: {E5A8BBB3-FDFB-4345-9A2E-6F92534CA64A} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\WSCStub.exe [2017-11-10] (Symantec Corporation)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)


ShortcutWithArgument: C:\Users\Rogério\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Rogério\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5803ea45d7990e6f\WhatsChrome Extension.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kbhfoiaobflocffnclkigpkeoagheimn

==================== Módulos Carregados (Whitelisted) ==============

2017-09-29 11:41 - 2017-09-29 11:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-12-13 07:57 - 2017-11-26 10:23 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-13 07:57 - 2017-11-26 10:01 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-12-14 08:07 - 2017-12-14 08:07 - 004307968 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1712.3351.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-09-29 11:41 - 2017-09-29 11:41 - 001909248 _____ () C:\Windows\ShellExperiences\PeopleCommonControls.dll
2017-09-29 11:41 - 2017-09-29 11:41 - 001266176 _____ () C:\Windows\ShellExperiences\PeopleBarFlyout.dll
2017-12-13 07:57 - 2017-11-26 10:26 - 002988032 _____ () C:\Windows\ShellExperiences\WindowsInternal.People.PeoplePicker.dll
2017-09-29 11:41 - 2017-09-29 11:41 - 002459648 _____ () C:\Windows\ShellExperiences\WindowsInternal.People.Relevance.dll
2017-12-06 18:02 - 2017-12-06 18:02 - 004698848 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-12-06 18:02 - 2017-12-06 18:02 - 010262528 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2017-11-03 17:56 - 2017-11-03 17:56 - 000197120 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll
2017-11-03 17:52 - 2017-11-03 17:52 - 000044544 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\MacroRecording.dll
2017-11-03 18:09 - 2017-11-03 18:09 - 000151040 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairAudioDevice.dll
2017-11-03 17:50 - 2017-11-03 17:50 - 000097280 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\zlib.dll
2017-10-02 07:54 - 2017-10-02 07:54 - 000013312 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\libEGL.DLL
2017-10-02 07:54 - 2017-10-02 07:54 - 001950720 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\libGLESv2.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)


==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)


==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2015-10-30 05:24 - 2015-10-30 05:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) Security Assist => 3
MSCONFIG\Services: isaHelperSvc => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LBTServ => 3
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvTelemetryContainer => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "EvtMgr6"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Corsair Utility Engine"
HKLM\...\StartupApproved\Run32: => "IMSS"
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Steam"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{6A3AEA4A-6C2F-4DCF-8CED-8BF24273F186}] => (Allow) D:\Vuze\Azureus.exe
FirewallRules: [{CCDC5F06-7575-4D7A-99D5-E547831D8D8D}] => (Allow) D:\Vuze\Azureus.exe
FirewallRules: [{66B60690-A84D-43C1-B3E5-7E6570A8C4CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{3BCEA9B6-9EB8-4654-9EA2-C5EE356494E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0F2D6EEE-D364-4F30-95DC-A268AEC7C69B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4F17C9A2-4132-49A1-9610-02940CED6742}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{212F812C-3DF1-4F06-80C3-AEB3E785C207}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{07DDE512-9CCC-474A-A45C-5F60E353E097}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe
FirewallRules: [{2C593F2A-99A0-4D01-8235-69F19632CA18}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe
FirewallRules: [{6B49B98F-A6AE-437C-8DC9-1C689F0E3B66}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe
FirewallRules: [{691A0892-A702-43D7-B2E4-AA3AC46BFC53}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe
FirewallRules: [{686B1685-0541-4F0D-9AB6-591228928201}] => (Allow) D:\Games\Origin\SimCity\SimCity\SimCity.exe
FirewallRules: [{3A0FD541-ED64-4CEB-9BC5-E4B07D240681}] => (Allow) D:\Games\Origin\SimCity\SimCity\SimCity.exe
FirewallRules: [{ACD7F6EE-AE74-4689-BE04-0FA721C1B0DD}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe
FirewallRules: [{7BE5F36D-4B47-4BFE-9E8E-6316A8F563BC}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe
FirewallRules: [{57E60006-667B-4127-8FFE-F0880A05772B}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe
FirewallRules: [{17046295-58D9-43D7-83BA-F78A3E2B76DC}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe
FirewallRules: [{587B0D03-84D1-4CF4-B824-125CD26D68BB}] => (Allow) D:\Games\steamapps\common\Sword Coast Legends\SwordCoast.exe
FirewallRules: [{D2A1E2FC-C7FD-4174-9921-518FAAF694AE}] => (Allow) D:\Games\steamapps\common\Sword Coast Legends\SwordCoast.exe
FirewallRules: [{A6E57C5E-A0EA-467B-BEB3-E9BB5AB9F786}] => (Allow) D:\Games\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe
FirewallRules: [{8504C1E4-6897-4FCD-A727-5FDE8E63293A}] => (Allow) D:\Games\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe
FirewallRules: [{88A614AE-D977-4267-B58F-F7AB8B991491}] => (Allow) D:\Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{708FDAC7-D9E8-44E4-BF33-F9A61FD7669B}] => (Allow) D:\Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{7505F984-C705-44A6-86E1-FF8079F671CE}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{977AB962-91B9-4EAD-8988-8796730D9C63}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{3B73638A-4E23-43D8-B02D-7E9F79215723}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{8B7D40A5-CA48-4CDF-8FF8-991E903B9EA3}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{E4FB541D-F96A-4DB0-B6B2-8016A0CC2632}] => (Allow) D:\Games\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{AE266EFE-5C69-4C32-9674-15855D489BED}] => (Allow) D:\Games\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{BD2B9DB2-8BB0-40D0-82E5-1D1A8DAA1998}] => (Allow) D:\Games\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{DE951DEB-87AE-4FF2-9F6D-7503C2ADC803}] => (Allow) D:\Games\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{910A18F5-1557-43A5-AD2E-3F6E2DA658B6}] => (Allow) D:\Games\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{A39BED4D-E47D-4C1A-B1CE-B5A3677A08F1}] => (Allow) D:\Games\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{79950C39-6643-4DE1-B59C-28CA25216DE1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1A3EFCCB-2809-4389-97A3-B3B818BACE03}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{627532CD-D967-4A6E-A8E0-1F63B7194A82}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AF0748BD-259C-4F8D-9520-B02EB4F06E2F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FFB1C619-937F-4820-9F4C-64418CE152A3}] => (Allow) C:\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe
FirewallRules: [{A3A70C65-01F3-486B-8B75-A980A69F6F66}] => (Allow) C:\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe
FirewallRules: [{765609D5-7494-4E93-9CA2-83A23540743E}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{AC0027CD-298C-4070-AA83-A7169A16F1D3}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{DC495A06-4183-476A-9DD4-69D43172CB0A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{71E0BAEE-872A-47A1-82E4-C978866389C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{992908C0-D632-462F-8B1B-660EA43AB307}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{562016B1-6276-47E4-89F4-0E7047913FA6}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{E5E99778-A929-415B-BBCA-B317AC521E27}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D2A938C8-9B98-4C5F-AFCC-AE593E4FEC3B}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D40BEE31-5F7B-4186-8BD4-9440D7D9A689}] => (Allow) E:\Steam\SteamApps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{D4085136-777D-487C-9614-59DC29C6E4BC}] => (Allow) E:\Steam\SteamApps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{671CFEB2-13D7-4C81-9F39-6B01F94DD4D3}] => (Allow) E:\Steam\SteamApps\common\Sword Coast Legends\SwordCoast.exe
FirewallRules: [{B5BB585F-3FAE-4B5C-8FDA-25C188E40F92}] => (Allow) E:\Steam\SteamApps\common\Sword Coast Legends\SwordCoast.exe
FirewallRules: [{0C0BEC0A-EBB1-46F2-8504-AA3D039071E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{5D366CB0-329E-4492-B892-FDD6F6424DBD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{23FD4592-0A1E-4ED7-B33B-84D9FF32ECE1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{6C0D5192-F0B3-496A-937B-95BF2C42A008}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{694775E2-71C6-4F92-95C1-CE30B7384F58}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D40465AA-A88C-4BC9-B2BA-2F51B20CF5D8}] => (Allow) E:\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{7522DCBD-351D-4CA9-932B-2085EE8331A7}] => (Allow) E:\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{ABCD9D2A-0DFE-4358-9423-01F4F44C72F3}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{57D8FA44-EA07-4055-9456-CB42096EA039}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{9DAB21CC-1E4D-4278-A4E2-A2B392FBE09E}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FFDA303C-81CA-4CF2-A422-4B9CFAB17FA7}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0B766991-26F1-4D1C-97C4-915D25E44F89}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0882A8CA-958F-432A-A538-B6114228BD4D}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{15A5C0D4-F649-45A1-8F6E-6596F2F74419}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{998EB994-61B4-4439-BF4E-23A85A072D5E}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{11EA87D8-3820-499D-8D11-2E9F472F6283}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{80B75330-A2F8-4231-AB67-B6D52A03BDFD}] => (Allow) E:\Steam\SteamApps\common\TreeOfSavior\release\patch\tos.exe
FirewallRules: [{B4FDB7D3-8A77-46A8-8D8D-C21D9924C7E6}] => (Allow) E:\Steam\SteamApps\common\TreeOfSavior\release\patch\tos.exe
FirewallRules: [{21830394-2C27-469C-8897-E36ABE86CA30}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EA7D2852-20F7-4C3B-A678-35D975C25831}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{D3E18C15-52A3-4096-B48A-B121EC01D840}C:\users\rogério\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\rogério\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{87E64EE3-FF2C-4D2F-844A-4A407623700A}C:\users\rogério\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\rogério\appdata\local\akamai\netsession_win.exe
FirewallRules: [{2D6CABFD-A41D-4EAF-B5FA-4B347A0D272A}] => (Allow) D:\FormatFactory\FormatFactory.exe
FirewallRules: [{AC0A28C6-20CB-4877-8457-2CF3F589BC38}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{C9F054A8-9EE4-4182-B9FE-CA93EFD8F3C6}] => (Allow) D:\FormatFactory\FormatFactory.exe
FirewallRules: [{D1EC6DFB-E4F2-42E3-8F06-3E7B73C6308A}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{5FEEDB86-69E0-4D54-A47B-3CD256347BBA}] => (Allow) D:\FormatFactory\FormatFactory.exe
FirewallRules: [{6FEC8C01-9A2E-4634-81BC-AC3E009090CA}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{783F3379-67BD-452B-B7E4-1BC3076A56A4}] => (Allow) D:\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [{A6C69910-5338-4288-8F2E-601FF9D0A76A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe
FirewallRules: [{9E7F09B8-B141-4EA2-807D-4021A23E54D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe
FirewallRules: [{6A7C1CCD-6203-464F-848E-79879F9F0CD1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Pontos de Restauração =========================

ATENÇÃO: A Restauração do Sistema está desabilitada

==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: Logitech Cordless Device
Description: Logitech Cordless Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Logitech Cordless Device
Description: Logitech Cordless Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Logitech Cordless Device
Description: Logitech Cordless Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (12/16/2017 05:06:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: WhatsApp_ExecutionStub.exe, versão: 0.2.6426.0, carimbo de data/hora: 0x5931cd5c
Nome do módulo com falha: WhatsApp_ExecutionStub.exe, versão: 0.2.6426.0, carimbo de data/hora: 0x5931cd5c
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00004729
ID do processo com falha: 0x3648
Hora de início do aplicativo com falha: 0x01d3763c5b57da40
Caminho do aplicativo com falha: C:\Users\Rogério\AppData\Local\WhatsApp\app-0.2.6426\WhatsApp_ExecutionStub.exe
Caminho do módulo com falha: C:\Users\Rogério\AppData\Local\WhatsApp\app-0.2.6426\WhatsApp_ExecutionStub.exe
ID do Relatório: 8e59dd86-f9b4-4cf9-b79c-a854fd4fd207
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:

Error: (12/16/2017 02:12:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 10.0.16299.125, carimbo de data/hora: 0x98ed27dd
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000005
Deslocamento da falha: 0x10868bd0
ID do processo com falha: 0xeb8
Hora de início do aplicativo com falha: 0x01d37624158cb638
Caminho do aplicativo com falha: C:\WINDOWS\SysWOW64\explorer.exe
Caminho do módulo com falha: unknown
ID do Relatório: 687b9a1d-aaf8-40cd-925d-aafb720265e9
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:

Error: (12/13/2017 09:15:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Falha no Procedimento Open para o serviço "BITS" na DLL "C:\Windows\System32\bitsperf.dll". Os dados de desempenho para este serviço não estarão disponíveis. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código do erro.

Error: (12/12/2017 05:32:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa CUE.exe versão 2.20.72.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.

ID do Processo: 27a4

Hora de Início: 01d3731cb991a6d0

Hora de Término: 0

Caminho do Aplicativo: C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe

ID do Relatório: f05352b1-a49a-4d37-9f9f-4b32fdd7175c

Nome completo do pacote com falha: 

ID do aplicativo relativo ao pacote com falha:

Error: (12/12/2017 05:42:01 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa CUE.exe versão 2.20.72.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.

ID do Processo: 2c7c

Hora de Início: 01d3722684d33bd3

Hora de Término: 4294967295

Caminho do Aplicativo: C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe

ID do Relatório: 2073f252-bdd1-47f0-8878-2ffe901f68f3

Nome completo do pacote com falha: 

ID do aplicativo relativo ao pacote com falha:

Error: (12/12/2017 05:38:19 AM) (Source: COM) (EventID: 10031) (User: )
Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {41FD88F7-F295-4D39-91AC-A85F3149A05B} foi rejeitada

Error: (12/12/2017 05:38:19 AM) (Source: COM) (EventID: 10031) (User: )
Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {95CABCC9-BC57-4C12-B8DF-BA193232AA01} foi rejeitada

Error: (12/12/2017 05:38:19 AM) (Source: COM) (EventID: 10031) (User: )
Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {41FD88F7-F295-4D39-91AC-A85F3149A05B} foi rejeitada

Error: (12/12/2017 05:38:19 AM) (Source: COM) (EventID: 10031) (User: )
Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {95CABCC9-BC57-4C12-B8DF-BA193232AA01} foi rejeitada

Error: (12/11/2017 10:11:30 PM) (Source: COM) (EventID: 10031) (User: )
Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {41FD88F7-F295-4D39-91AC-A85F3149A05B} foi rejeitada


Erros de Sistema:
=============
Error: (12/16/2017 04:58:19 AM) (Source: DCOM) (EventID: 10016) (User: ROGÉRIO)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 e APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 ao usuário Rogério\Rogério SID (S-1-5-21-2442392909-140579935-1769747838-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (12/16/2017 02:12:53 AM) (Source: DCOM) (EventID: 10016) (User: ROGÉRIO)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 e APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 ao usuário Rogério\Rogério SID (S-1-5-21-2442392909-140579935-1769747838-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (12/15/2017 07:09:41 PM) (Source: DCOM) (EventID: 10016) (User: ROGÉRIO)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 e APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 ao usuário Rogério\Rogério SID (S-1-5-21-2442392909-140579935-1769747838-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (12/15/2017 04:35:30 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (12/15/2017 04:29:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9P086NHDNB9W-Microsoft.XboxSpeechtoTextOverlay.

Error: (12/15/2017 04:29:28 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH5FV99-Microsoft.MSPaint.

Error: (12/15/2017 04:29:28 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH42THS-Microsoft.Microsoft3DViewer.

Error: (12/15/2017 04:28:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH537C2-Microsoft.XboxGameOverlay.

Error: (12/15/2017 01:29:59 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (12/14/2017 05:57:29 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4


CodeIntegrity:
===================================
  Date: 2017-12-16 01:40:09.007
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171215.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-14 08:22:13.441
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171213.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-11 22:21:35.053
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171211.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-10 02:09:18.787
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171208.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-08 03:38:14.718
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171207.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-07 02:41:20.966
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171206.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-06 02:31:42.546
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171205.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-05 17:21:55.985
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171204.001\IPSEng64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-03 19:29:14.466
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-12-03 19:29:13.740
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Informações da Memória =========================== 

Processador: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentagem de memória em uso: 16%
RAM física total: 16327.89 MB
RAM física disponível: 13658.15 MB
Virtual Total: 18759.89 MB
Virtual disponível: 15464.68 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.46 GB) (Free:25.89 GB) NTFS
Drive d: (Rogério) (Fixed) (Total:2794.39 GB) (Free:2013.78 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 8A6487A7)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== Fim de Addition.txt ============================

Editado por Errepege

Compartilhar este post


Link para o post
Compartilhar em outros sites
4 horas atrás, Elias Pereira disse:

@Errepege

 

Para a execução funcionar corretamente, o fixlist.txt e o frst.exe necessitam estar na área de trabalho. Siga novamente os procedimentos.

 

E estão: segue print da minha área de trabalho. Tentei novamente e o resultado foi o mesmo. Não precisa mudar nada nas opções do Farbar?

Sem título.png

Compartilhar este post


Link para o post
Compartilhar em outros sites

A unica diferença é que no procedimento informa para pressionar o botão "FIX". Pra ti deve estar como "Corrigir".

 

** Usuários do Windows Vista, Windows 7, 8/8.1 e windows 10:
Clique com o direito sobre o arquivo FRST.EXE, depois clique em VRIfczU.png.

Clique no botão 0h0YlDEzRbKP9R7xLrUlzA.png

Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.

Anexe o log na sua próxima resposta

Compartilhar este post


Link para o post
Compartilhar em outros sites

Perdão! Estava clicando em "analisar". 

 

Segue o log de Fixlog.txt

======================================================================

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 16-12-2017
Executado por Rogério (16-12-2017 17:36:24) Run:1
Executando a partir de C:\Users\Rogério\Desktop
Perfis Carregados: Rogério (Perfis Disponíveis: Rogério & rapha_000)
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
CloseProcesses:
PowerShell: $app = Get-WmiObject -Class Win32_Product -ComputerName . | Where-Object -FilterScript {$_.Name -eq "�Torrent "}
PowerShell: $app.Uninstall()
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
SearchScopes: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-28] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-28] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
Edge: 
======
Edge Session Restore: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> est� habilitado.
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\MountPoints2: {79afff2b-bb4e-11e7-ad9a-902b34ff64cf} - "F:\iStudio.exe" 
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://192.168.2.1/
CHR StartupUrls: Profile 1 -> "hxxps://www.oculus.com/en-us/rift/","hxxp://www.shoptime.com.br/produto/124255321/geladeira-refrigerador-frost-free-brastemp-ative-brm50-429-litros-platinum?epar=9381&opn=COMPARADORES","hxxp://www.shoptime.com.br/produto/124255291/geladeira-refrigerador-frost-free-brastemp-ative-brm48-403-litros-platinum?opn=GOOGLEXML&loja=01&WT.srch=1&epar=bp_pl_00_go_pla-ed-refrigerador-todas-geral","hxxps://www.balaodainformatica.com.br/Cliente/MinhaConta","hxxp://carinhas.com.br/produto/caneca-personalizada-3/","hxxp://www.bastter.com/Mercado/BastterBlue/como-obter-acesso.aspx","hxxp://www.bastter.com/Mercado/Loja/Categoria/5/Revista-Bastter-Com.aspx","hxxp://guides.gamepressure.com/batmanarkhamasylum/guide.asp?ID=8059","hxxp://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns&p=4038291&viewfull=1#post4038291","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4038291&postcount=19","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063665&postcount=24","hxxp://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4038363&postcount=20","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063639&postcount=22","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063650&postcount=23","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4077985&postcount=60","hxxps://pitzi.com.br/","hxxp://produto.mercadolivre.com.br/MLB-729972915-mata-insetos-pernilongos-moscas-e-mosquitos-zika-dengue-_JM","hxxp://www.probuilds.net/guide/show/KR/2214984472/1561528","hxxp://www.probuilds.net/guide/show/KR/2217666300/1268315","hxxp://www.procon.sp.gov.br/","hxxp://www.leagueoflegendsmath.com/Articles/Common_Build_Mistakes.html","hxxp://www.probuilds.net/guide/show/EUW/2453503356/19806326","hxxp://ddowiki.com/page/Adventure_Packs","hxxp://ddowiki.com/page/Vault_of_Night_(story_arc)","hxxp://ddowiki.com/page/Litany_of_the_Dead_Part_3","hxxp://ddowiki.com/page/The_Shadow_Crypt","hxxps://www.ddo.com/forums/archive/index.php/t-442813.html?s=349b7415d277efc7c0b7e3469ac30f9d","hxxp://ddowiki.com/page/Talk:Augment_Slot","hxxp://ddowiki.com/page/Augment_Slot","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Level_12","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Ruskin_Blackboot_.28Level_12.29","hxxp://ddowiki.com/page/Devil_Assault_(quest)","hxxp://ddowiki.com/page/Astral_Diamond","hxxp://ddowiki.com/page/Item:Shard_of_Great_Power","hxxp://ddowiki.com/page/Pure_Shavarath_Iron","hxxp://crafting.cubicleninja.com/","hxxps://www.ddo.com/en/U29","hxxp://speedtest.copel.net/"
CHR Session Restore: Profile 1 -> est� habilitado.
Task: {259305D0-7F98-4C24-B8ED-BF0B6F0480D0} - \Microsoft\Windows\UNP\RunCampaignManager -> Nenhum Arquivo <==== ATEN��O
ShortcutWithArgument: C:\Users\Rog�rio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Google Keep - notas e listas.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Rog�rio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Rog�rio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5803ea45d7990e6f\WhatsChrome Extension.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kbhfoiaobflocffnclkigpkeoagheimn
FirewallRules: [{ABCD9D2A-0DFE-4358-9423-01F4F44C72F3}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{57D8FA44-EA07-4055-9456-CB42096EA039}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{9DAB21CC-1E4D-4278-A4E2-A2B392FBE09E}] => (Allow) C:\Users\Rog�rio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FFDA303C-81CA-4CF2-A422-4B9CFAB17FA7}] => (Allow) C:\Users\Rog�rio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0B766991-26F1-4D1C-97C4-915D25E44F89}] => (Allow) C:\Users\Rog�rio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0882A8CA-958F-432A-A538-B6114228BD4D}] => (Allow) C:\Users\Rog�rio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{15A5C0D4-F649-45A1-8F6E-6596F2F74419}] => (Allow) C:\Users\Rog�rio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{998EB994-61B4-4439-BF4E-23A85A072D5E}] => (Allow) C:\Users\Rog�rio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{21830394-2C27-469C-8897-E36ABE86CA30}] => (Allow) C:\Users\Rog�rio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EA7D2852-20F7-4C3B-A678-35D975C25831}] => (Allow) C:\Users\Rog�rio\AppData\Roaming\uTorrent\uTorrent.exe
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Rog�rio\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Rog�rio\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Rog�rio\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Nenhum Arquiv
PowerShell: $app = Get-WmiObject -Class Win32_Product -ComputerName . | Where-Object -FilterScript {$_.Name -eq "�Torrent "}
PowerShell: $app.Uninstall()
CMD: ipconfig /flushdns
RemoveProxy:
EmptyTemp:
CreateRestorePoint:
*****************

Erro: (0) Falha ao criar um ponto de restauração.
Processos fechados com sucesso.

========= $app = Get-WmiObject -Class Win32_Product -ComputerName . | Where-Object -FilterScript {$_.Name -eq "�Torrent "} =========


========= Fim de Powershell: =========


========= $app.Uninstall() =========


========= Fim de Powershell: =========

HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => valor restaurado com sucesso
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor removido (a) com sucesso.
"HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => chave não encontrado (a)
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} => chave Não pode ser removido. Acesso Negado.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}" => removido (a) com sucesso.
"HKLM\Software\Classes\CLSID\{AF949550-9094-4807-95EC-D1C317803333}" => removido (a) com sucesso.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} => chave Não pode ser removido. Acesso Negado.
HKLM\Software\Wow6432Node\Classes\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} => chave Não pode ser removido. Acesso Negado.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => removido (a) com sucesso.
"HKLM\Software\Wow6432Node\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}" => removido (a) com sucesso.
"HKLM\Software\Wow6432Node\Classes\CLSID\{AF949550-9094-4807-95EC-D1C317803333}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => removido (a) com sucesso.
"HKLM\Software\Wow6432Node\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => valor removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => chave Não pode ser removido. Acesso Negado.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => valor removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => chave Não pode ser removido. Acesso Negado.
Edge: => Erro: Nenhuma correção automática foi encontrada para esta entrada.
====== => Erro: Nenhuma correção automática foi encontrada para esta entrada.
"HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ContinuousBrowsing" => removido (a) com sucesso.
"HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{79afff2b-bb4e-11e7-ad9a-902b34ff64cf}" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{79afff2b-bb4e-11e7-ad9a-902b34ff64cf} => chave não encontrado (a)
CHR DefaultProfile: Profile 1 => Erro: Nenhuma correção automática foi encontrada para esta entrada.
"Chrome HomePage" => removido (a) com sucesso.
"Chrome StartupUrls" => removido (a) com sucesso.
Chrome Session Restore: => não encontrado (a).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{259305D0-7F98-4C24-B8ED-BF0B6F0480D0} => Não pode ser removido chave. ErrorCode1: 0x00000002
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{259305D0-7F98-4C24-B8ED-BF0B6F0480D0}" => removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => chave não encontrado (a)
C:\Users\Rog�rio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Google Keep - notas e listas.lnk => não encontrado (a).
C:\Users\Rog�rio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk => não encontrado (a).
C:\Users\Rog�rio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5803ea45d7990e6f\WhatsChrome Extension.lnk => não encontrado (a).
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ABCD9D2A-0DFE-4358-9423-01F4F44C72F3} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{57D8FA44-EA07-4055-9456-CB42096EA039} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9DAB21CC-1E4D-4278-A4E2-A2B392FBE09E} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FFDA303C-81CA-4CF2-A422-4B9CFAB17FA7} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0B766991-26F1-4D1C-97C4-915D25E44F89} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0882A8CA-958F-432A-A538-B6114228BD4D} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{15A5C0D4-F649-45A1-8F6E-6596F2F74419} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{998EB994-61B4-4439-BF4E-23A85A072D5E} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{21830394-2C27-469C-8897-E36ABE86CA30} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EA7D2852-20F7-4C3B-A678-35D975C25831} => valor removido (a) com sucesso.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => chave não encontrado (a)
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => chave não encontrado (a)
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => chave não encontrado (a)
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => chave não encontrado (a)
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => chave não encontrado (a)
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6" => removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => chave não encontrado (a)
"HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}" => removido (a) com sucesso.
"HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}" => removido (a) com sucesso.
"HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => chave não encontrado (a)
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => chave não encontrado (a)
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => chave não encontrado (a)
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => chave não encontrado (a)
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => chave não encontrado (a)
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => chave não encontrado (a)

========= $app = Get-WmiObject -Class Win32_Product -ComputerName . | Where-Object -FilterScript {$_.Name -eq "�Torrent "} =========


========= Fim de Powershell: =========


========= $app.Uninstall() =========


========= Fim de Powershell: =========


========= ipconfig /flushdns =========


Configura‡Æo de IP do Windows

Libera‡Æo do Cache do DNS Resolver bem-sucedida.

========= Fim de CMD: =========


========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso.
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso.
HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso.


========= Fim de RemoveProxy: =========

Erro: (0) Falha ao criar um ponto de restauração.

=========== EmptyTemp: ==========

BITS transfer queue => 8151040 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4351281 B
Java, Flash, Steam htmlcache => 65751425 B
Windows/system/drivers => 3520636 B
Edge => 29403735 B
Chrome => 662994797 B
Firefox => 380659142 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 50842 B
NetworkService => 0 B
Rogério => 21855654 B
rapha_000 => 86436 B

RecycleBin => 115327886 B
EmptyTemp: => 1.2 GB de dados temporários Removidos.

================================

Resultado dos arquivos que foram agendados para serem movidos (Modo de Inicialização: Normal) (Data&Hora: 16-12-2017 17:59:27)


Resultado dos registros marcados para excluir será exibido após a reinicialização:

HKLM\Software\Classes\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} => chave Não pode ser removido. Acesso Negado.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} => chave Não pode ser removido. Acesso Negado.
HKLM\Software\Wow6432Node\Classes\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} => chave Não pode ser removido. Acesso Negado.
HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => chave Não pode ser removido. Acesso Negado.
HKLM\Software\Wow6432Node\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => chave Não pode ser removido. Acesso Negado.

==== Fim de Fixlog 17:59:27 ====

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Errepege

 

Baixe o Process Explorer

http://live.sysinternals.com/procexp.exe

Salve no seu Desktop e execute-o (Windows vista e superiores clique com o botão direito e selecione a opção Executar como Administrador).

  1. Clique no menu View > Select Columms > marque Verified Signer e pressione <OK>
  2. Clique no menu Options e logo em seguida em Verify Image Signatures
  3. Clique duas vezes na coluna CPU (possivelmente na cor verde) para colocar os processos com maior utilzação de CPU no topo.
  4. Clique duas vezes na coluna CPU (possivelmente na cor verde) para colocar os processos com maior utilzação de CPU no topo.

  5. Aguarde 2 minutos e então:

    Clique no menu File > Save As > Selecione o Desktop e clique em Save

Abra o arquivo "System Idle Process.txt", copie e cole o conteúdo na sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Segue log do System Explorer:

 

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
System Idle Process    87.07    52 K    8 K    0            
procexp64.exe    2.23    55.736 K    71.596 K    1628    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
LeagueClientUxRender.exe    2.06    885.468 K    974.384 K    1272    League of Legends        (Verified) Riot Games
CUE.exe    2.02    181.580 K    196.772 K    11672    Corsair Utility Engine    Corsair Components, Inc.    (Verified) Corsair Components
chrome.exe    1.54    187.172 K    204.612 K    8836    Google Chrome    Google Inc.    (Verified) Google Inc
LeagueClientUx.exe    1.19    70.712 K    94.696 K    10388    League of Legends        (Verified) Riot Games
Interrupts    1.17    0 K    0 K    n/a    Hardware Interrupts and DPCs        
dwm.exe    0.56    63.064 K    57.452 K    844    Gerenciador de Janelas da Área de Trabalho    Microsoft Corporation    (Verified) Microsoft Windows
csrss.exe    0.46    2.500 K    5.472 K    4368    Processo do tempo de Execução do Servidor do Cliente    Microsoft Corporation    (Verified) Microsoft Windows Publisher
chrome.exe    0.39    209.300 K    270.312 K    11468    Google Chrome    Google Inc.    (Verified) Google Inc
LeagueClient.exe    0.27    61.216 K    107.332 K    8688    League of Legends        (Verified) Riot Games
System    0.20    156 K    148 K    4            
chrome.exe    0.13    362.448 K    250.588 K    10836    Google Chrome    Google Inc.    (Verified) Google Inc
audiodg.exe    0.09    7.244 K    12.928 K    11936    Isolamento de Gráfico de Dispositivo de Áudio do Windows     Microsoft Corporation    (Verified) Microsoft Windows
chrome.exe    0.08    305.964 K    305.632 K    9476    Google Chrome    Google Inc.    (Verified) Google Inc
explorer.exe    0.07    60.108 K    123.360 K    8884    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
nvcontainer.exe    0.07    8.820 K    24.444 K    3348    NVIDIA Container    NVIDIA Corporation    (Verified) NVIDIA Corporation
chrome.exe    0.05    176.176 K    205.388 K    316    Google Chrome    Google Inc.    (Verified) Google Inc
ns.exe    0.04    187.156 K    21.096 K    3320    Norton Security    Symantec Corporation    (Verified) Symantec Corporation
NVIDIA Web Helper.exe    0.03    35.420 K    2.752 K    7104    NVIDIA Web Helper Service    Node.js    (Verified) NVIDIA Corporation
svchost.exe    0.03    4.392 K    11.844 K    1936    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
chrome.exe    0.03    78.540 K    86.008 K    7632    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe    0.03    146.352 K    151.964 K    11768    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe    0.02    126.260 K    135.460 K    5512    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe    0.02    144.532 K    153.836 K    11800    Google Chrome    Google Inc.    (Verified) Google Inc
svchost.exe    0.02    2.448 K    8.048 K    4464    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    0.02    9.500 K    20.164 K    10044    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
chrome.exe    0.01    76.164 K    94.844 K    10940    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe    0.01    138.468 K    162.200 K    2948    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe    0.01    158.568 K    171.188 K    8144    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe    0.01    453.296 K    423.672 K    3276    Google Chrome    Google Inc.    (Verified) Google Inc
LeagueClientUxRender.exe    0.01    88.512 K    109.176 K    8248    League of Legends        (Verified) Riot Games
chrome.exe    0.01    92.176 K    103.696 K    7652    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe    0.01    59.548 K    70.636 K    5496    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe    < 0.01    147.188 K    154.964 K    9932    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe    < 0.01    56.600 K    63.296 K    10596    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe    < 0.01    43.456 K    65.324 K    7420    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe    < 0.01    145.652 K    153.652 K    3492    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe    < 0.01    139.208 K    145.584 K    11432    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe    < 0.01    128.500 K    137.728 K    11268    Google Chrome    Google Inc.    (Verified) Google Inc
svchost.exe    < 0.01    2.160 K    7.624 K    1720    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
chrome.exe    < 0.01    91.960 K    106.380 K    7980    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe    < 0.01    91.828 K    103.300 K    9172    Google Chrome    Google Inc.    (Verified) Google Inc
svchost.exe    < 0.01    9.604 K    19.420 K    1768    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
chrome.exe    < 0.01    68.608 K    83.556 K    7852    Google Chrome    Google Inc.    (Verified) Google Inc
svchost.exe    < 0.01    2.408 K    12.472 K    1828    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
lsass.exe    < 0.01    6.756 K    16.612 K    740    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
ns.exe    < 0.01    15.280 K    10.156 K    2524    Norton Security    Symantec Corporation    (Verified) Symantec Corporation
svchost.exe    < 0.01    4.348 K    19.732 K    3304    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
NVDisplay.Container.exe    < 0.01    26.020 K    33.784 K    4764    NVIDIA Container    NVIDIA Corporation    (Verified) NVIDIA Corporation
svchost.exe    < 0.01    8.508 K    32.716 K    12184    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
Memory Compression    < 0.01    272 K    34.940 K    1468            
svchost.exe    < 0.01    11.036 K    22.836 K    8900    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
WmiPrvSE.exe        2.400 K    9.180 K    10968    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
winlogon.exe        2.068 K    8.128 K    10732    Aplicativo de Logon do Windows    Microsoft Corporation    (Verified) Microsoft Windows
wininit.exe        1.324 K    6.664 K    644    Aplicativo de Inicialização do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
taskhostw.exe        7.184 K    18.104 K    852    Processo de Host para Tarefas do Windows    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        12.996 K    15.884 K    1476    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6.312 K    13.300 K    996    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5.016 K    12.920 K    2536    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7.356 K    16.648 K    3104    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        11.404 K    26.992 K    892    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        26.940 K    36.672 K    3112    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5.692 K    18.232 K    10160    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3.852 K    9.264 K    2000    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.232 K    12.140 K    5028    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.960 K    8.428 K    2864    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.344 K    9.292 K    3064    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.336 K    7.804 K    304    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3.092 K    12.968 K    2436    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7.628 K    30.964 K    9564    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4.912 K    19.456 K    7000    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4.240 K    17.864 K    1624    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3.296 K    13.632 K    7696    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5.096 K    9.436 K    1652    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6.312 K    16.148 K    1348    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.880 K    11.488 K    13064    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.388 K    8.780 K    2680    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.892 K    9.096 K    2072    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        8.532 K    27.788 K    3096    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.276 K    6.060 K    1820    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.556 K    9.668 K    1560    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3.936 K    14.632 K    3984    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.896 K    9.192 K    2168    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.476 K    10.052 K    10636    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.928 K    8.024 K    1836    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.364 K    6.316 K    2396    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.604 K    11.248 K    1332    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.028 K    11.692 K    1320    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.036 K    7.208 K    6372    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.984 K    13.172 K    8288    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3.872 K    13.364 K    3128    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.340 K    5.704 K    8408    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        916 K    3.952 K    864    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.236 K    10.200 K    1180    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.728 K    6.300 K    1248    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.860 K    8.648 K    2040    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.952 K    8.516 K    2064    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.620 K    6.408 K    2580    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.324 K    9.368 K    2588    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.364 K    11.944 K    2640    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.552 K    7.808 K    3004    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.720 K    7.312 K    3012    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.576 K    6.840 K    3088    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.584 K    6.800 K    3252    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.260 K    5.840 K    3312    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.880 K    8.244 K    3340    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.296 K    5.660 K    3480    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.036 K    9.100 K    3724    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3.464 K    12.760 K    3736    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.768 K    9.988 K    3800    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        12.044 K    26.100 K    4028    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.512 K    7.492 K    6696    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3.492 K    14.668 K    6736    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3.280 K    14.968 K    9492    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3.640 K    8.508 K    9668    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3.324 K    13.424 K    11148    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.552 K    5.936 K    4760    Processo de Host para Serviços do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
spoolsv.exe        5.308 K    14.780 K    2780    Aplicativo de subsistema de spooler    Microsoft Corporation    (Verified) Microsoft Windows
smss.exe        456 K    1.204 K    352    Gerenciador de Sessão do Windows    Microsoft Corporation    (Verified) Microsoft Windows Publisher
sihost.exe        6.028 K    24.732 K    6528    Shell Infrastructure Host    Microsoft Corporation    (Verified) Microsoft Windows
ShellExperienceHost.exe    Suspended    54.488 K    104.536 K    10444    Windows Shell Experience Host    Microsoft Corporation    (Verified) Microsoft Windows
SettingSyncHost.exe        6.132 K    5.564 K    3156    Host Process for Setting Synchronization    Microsoft Corporation    (Verified) Microsoft Windows
services.exe        4.672 K    10.456 K    728    Aplicativo de serviços e controle    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SecurityHealthService.exe        3.908 K    15.696 K    3400    Windows Security Health Service    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SearchUI.exe    Suspended    96.952 K    149.300 K    6872    Search and Cortana application    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        7.844 K    27.868 K    7032    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        5.204 K    18.064 K    7744    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        6.180 K    23.016 K    6612    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
procexp.exe        3.368 K    11.100 K    2532    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
NvTelemetryContainer.exe        7.580 K    15.928 K    3332    NVIDIA Container    NVIDIA Corporation    (Verified) NVIDIA Corporation
NVDisplay.Container.exe        4.808 K    13.996 K    1644    NVIDIA Container    NVIDIA Corporation    (Verified) NVIDIA Corporation
nvcplui.exe        61.348 K    70.500 K    9548    NVIDIA Control Panel Application, 8.1.940.0    NVIDIA Corporation    (Verified) NVIDIA Corporation
nvcontainer.exe        20.512 K    36.324 K    456    NVIDIA Container    NVIDIA Corporation    (Verified) NVIDIA Corporation
mfevtps.exe        4.220 K    9.296 K    3136    McAfee Process Validation Service    McAfee, Inc.    (Verified) McAfee
GoogleCrashHandler64.exe        1.588 K    256 K    9200    Google Crash Handler    Google Inc.    (Verified) Google Inc
GoogleCrashHandler.exe        1.596 K    236 K    9024    Google Crash Handler    Google Inc.    (Verified) Google Inc
GameBarPresenceWriter.exe        4.396 K    16.888 K    8652    Gamebar Presence Writer    Microsoft Corporation    (Verified) Microsoft Windows
fontdrvhost.exe        5.100 K    11.416 K    5808    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
fontdrvhost.exe        1.352 K    4.212 K    900    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
dllhost.exe        1.996 K    10.068 K    11556    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
dasHost.exe        5.948 K    18.116 K    3656    Device Association Framework Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
ctfmon.exe        3.080 K    14.724 K    9956    Carregador CTF    Microsoft Corporation    (Verified) Microsoft Windows
csrss.exe        1.684 K    5.216 K    540    Processo do tempo de Execução do Servidor do Cliente    Microsoft Corporation    (Verified) Microsoft Windows Publisher
conhost.exe        5.248 K    536 K    6616    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
chrome.exe        70.132 K    79.068 K    11420    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe        180.272 K    183.448 K    9584    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe        61.416 K    71.832 K    9876    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe        83.884 K    102.264 K    7724    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe        118.284 K    132.504 K    5976    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe        32.388 K    45.384 K    11788    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe        3.272 K    11.160 K    11896    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe        3.108 K    11.744 K    12052    Google Chrome    Google Inc.    (Verified) Google Inc

Compartilhar este post


Link para o post
Compartilhar em outros sites

Compartilhar este post


Link para o post
Compartilhar em outros sites

Restaurei o chrome. E nada... 

Realmente não sei mais o que fazer

Compartilhar este post


Link para o post
Compartilhar em outros sites

Procedimentos executados. 

Segue o log:

 

Malwarebytes
www.malwarebytes.com

-Detalhes de registro-
Data da análise: 03/01/18
Hora da análise: 21:41
Arquivo de registro: aa95e08e-f0df-11e7-b243-902b34ff64cf.json
Administrador: Sim

-Informação do software-
Versão: 3.3.1.2183
Versão de componentes: 1.0.262
Versão do pacote de definições: 1.0.3618
Licença: Gratuita

-Informação do sistema-
Sistema operacional: Windows 10 (Build 16299.125)
CPU: x64
Sistema de arquivos: NTFS
Usuário: ROG\u00c3\u0089RIO\Rog\u00c3\u00a9rio

-Resumo da análise-
Tipo de análise: Análise Customizada
Resultado: Concluído
Objetos verificados: 419973
Ameaças detectadas: 2
Ameaças em quarentena: 2
Tempo decorrido: 1 hr, 24 min, 20 seg

-Opções da análise-
Memória: Habilitado
Inicialização: Habilitado
Sistema de arquivos: Habilitado
Arquivos compactados: Habilitado
Rootkits: Habilitado
Heurística: Habilitado
PUP: Detectar
PUM: Detectar

-Detalhes da análise-
Processo: 0
(Nenhum item malicioso detectado)

Módulo: 0
(Nenhum item malicioso detectado)

Chave de registro: 0
(Nenhum item malicioso detectado)

Valor de registro: 0
(Nenhum item malicioso detectado)

Dados de registro: 0
(Nenhum item malicioso detectado)

Fluxo de dados: 0
(Nenhum item malicioso detectado)

Pasta: 0
(Nenhum item malicioso detectado)

Arquivo: 2
PUP.Optional.WinBing, C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\DEFAULTS\PREF\DSENGINE.JS, Quarentena, [1550], [474786],1.0.3618
PUP.Optional.WinBing, C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\DSENGINE.CFG, Quarentena, [1550], [474787],1.0.3618

Setor físico: 0
(Nenhum item malicioso detectado)


(end)


---------------------------
# AdwCleaner 7.0.6.0 - Logfile created on Fri Jan 05 04:07:21 2018
# Updated on 2017/21/12 by Malwarebytes 
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\ProgramData\Application Data\lavasoft\web companion
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion


***** [ Files ] *****

Deleted: C:\Users\Rogério\AppData\Roaming\Mozilla\Firefox\Profiles\ycdepkaz.default\searchplugins\yahoo-lavasoft.xml


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
Deleted: [Key] - HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Lavasoft\Web Companion
Deleted: [Key] - HKCU\Software\Lavasoft\Web Companion
Deleted: [Value] - HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted: [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted: [Value] - HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [1132 B] - [2017/11/29 19:44:24]
C:/AdwCleaner/AdwCleaner[S0].txt - [945 B] - [2017/11/29 19:44:12]
C:/AdwCleaner/AdwCleaner[S1].txt - [1082 B] - [2017/12/2 9:0:42]
C:/AdwCleaner/AdwCleaner[S2].txt - [2207 B] - [2018/1/5 4:6:55]


########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

------------------

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64 
Ran by Rog‚rio (Administrator) on 05/01/2018 at  2:48:24,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 0 


Registry: 1 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353} (Registry Key)


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05/01/2018 at  2:49:34,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×