Ir ao conteúdo
  • Cadastre-se
André Desessards Jardim

Computador lento + McAfee não desinstala

Recommended Posts

Olá.

São dois problemas:

 

1) O computador está bastante lento ultimamente, quase sempre apresentando o uso do disco em 100% (mesmo eu tendo desabilitado o Superfetch, o Windows Search e tendo realocado a Memória Virtual). Todos os programas estão apresentando lentidão, especialmente o Google Chrome, que trava toda hora.

 

2) Desde que restaurei as configurações do computador para as originais, o McAfee LiveSafe reapareceu, iniciando junto com o S.O. (e não aparece opção para desabilitá-lo quando clico no botão direito em cima do ícone). Tentei desinstalar pelo Windows e pelo Revo Unistaller, só que ele não aparece na lista de programas instalados. Como eu me livro dele?

 

Aproveitando,  a inicialização do Windows anda bem mais lenta do que o normal também.

 

Desde já agradeço pela ajuda e atenção;

ZA-Scan.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

@André Desessards Jardim

 

Por favor, atente para o seguinte:

  • Sobre o Fórum: Este é um espaço privado, não público. Seu uso é um privilégio, não um direito;
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • IMPORTANTE: Caso tenha programas de ativação do windows ou de compartilhamento de torrent, sugiro desinstalar. Só irei dar procedimento na analise após a remoção. Regras do forum;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Respeite a ordem das instruções passadas;
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Baixe o Farbar Recovery Scan do link abaixo e salve na sua área de trabalho.


NOTA: Faça o download de acordo com sua arquitetura (32 bits ou 64 bits)
https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/
** Usuários do Windows Vista, Windows 7, 8/8.1 e windows 10:
Clique com o direito sobre o arquivo FRST64.EXE, depois clique em VRIfczU.png .
Aceite o contrato e depois clique no botão Scan.

Aguarde e ao final, os logs FRST.txt e Addition.txt serão salvos no seu desktop.

Abra cada arquivo em separado, copie seu conteúdo e cole na sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 12.01.2019
Executado por jardi (administrador) em DESKTOP-KQ0RVII (13-01-2019 10:25:43)
Executando a partir de C:\Users\jardi\Desktop
Perfis Carregados: jardi (Perfis Disponíveis: jardi)
Platform: Windows 10 Home Single Language Versão 1803 17134.523 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a9535cd18c90bc3\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
() C:\Windows\System32\ServiceRegisterProduct.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a9535cd18c90bc3\IntelCpHDCPSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a9535cd18c90bc3\IntelCpHeciSvc.exe
(McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, Inc.) C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe
(McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_18_9\mcapexe.exe
(McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\McCSPServiceHost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a9535cd18c90bc3\igfxEM.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\mhn\AlertHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\WINDOWS DEFENDER\MSASCUIL.EXE [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\PROGRAM FILES\REALTEK\AUDIO\HDA\RAVCPL64.EXE [16408320 2015-12-18] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-09] (AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\SYNAPTICS\SYNTP\SYNTPENH.EXE [3935912 2015-05-29] (Synaptics Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-09] (AVAST Software)
HKU\S-1-5-21-2749049465-2368541470-1807606075-1009\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd)
HKU\S-1-5-21-2749049465-2368541470-1807606075-1009\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Drivers32-x32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-25] (Google Inc.)
ShellServiceObjects: Sem Nome -> {59EFE487-E5B8-4fae-9D2C-FCDF0B70CE70} => 
ShellServiceObjects-x32: Sem Nome -> {59EFE487-E5B8-4fae-9D2C-FCDF0B70CE70} => 

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{51d3c7a8-59df-4df7-bfa1-e5deb5d75cfc}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{97c46eda-75d6-4ca5-9715-d25b8fa33bf1}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2749049465-2368541470-1807606075-1009\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2749049465-2368541470-1807606075-1009 -> DefaultScope {E2ED7A2C-CC42-4F2D-BB94-ED1B7469D140} URL = 
SearchScopes: HKU\S-1-5-21-2749049465-2368541470-1807606075-1009 -> {E2ED7A2C-CC42-4F2D-BB94-ED1B7469D140} URL = 
BHO: Sem Nome -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Nenhum Arquivo
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-12-27] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (IvoSoft)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (IvoSoft)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-13] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-01-13] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-13] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-01-13] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-13] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-01-13] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-13] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-01-13] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\mcsniepl64.dll [2018-11-27] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files (x86)\mcafee\msc\mcsniepl.dll [2018-11-27] (McAfee, Inc.)

FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2018-12-27] [Legacy] [não assinado]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\program files\mcafee\msc\npmcsnffpl64.dll [2018-11-27] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-12-27] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-25] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\program files (x86)\mcafee\msc\npmcsnffpl.dll [2018-11-27] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-12-27] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-25] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\jardi\AppData\Local\Google\Chrome\User Data\Default [2019-01-13]
CHR Extension: (Apresentações) - C:\Users\jardi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-25]
CHR Extension: (Documentos) - C:\Users\jardi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-25]
CHR Extension: (Google Drive) - C:\Users\jardi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-25]
CHR Extension: (YouTube) - C:\Users\jardi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-25]
CHR Extension: (Adobe Acrobat) - C:\Users\jardi\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-12-25]
CHR Extension: (AdBlock no YouTube™) - C:\Users\jardi\AppData\Local\Google\Chrome\User Data\Default\Extensions\emngkmlligggbbiioginlkphcmffbncb [2018-12-28]
CHR Extension: (Planilhas) - C:\Users\jardi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-25]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\jardi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-12-25]
CHR Extension: (Documentos Google off-line) - C:\Users\jardi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-25]
CHR Extension: (Avast Online Security) - C:\Users\jardi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-12-25]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\jardi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-25]
CHR Extension: (Gmail) - C:\Users\jardi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-12-25]
CHR Extension: (Chrome Media Router) - C:\Users\jardi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-25]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-09] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-09] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-01-09] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9619616 2019-01-02] (Microsoft Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-07-06] (Intel Corporation) [Arquivo não assinado]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-07-06] () [Arquivo não assinado]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2016-01-07] (Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_18_9\McApExe.exe [744312 2018-11-13] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [419096 2016-04-01] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\\McCSPServiceHost.exe [2159464 2018-06-29] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [366960 2018-08-27] (McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [590712 2018-08-27] (McAfee, LLC)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [499576 2018-08-27] (McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1705968 2018-11-15] (McAfee, Inc.)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1333064 2018-10-26] (McAfee, Inc.)
U2 ServiceRegisterProduct; C:\Windows\System32\ServiceRegisterProduct.exe [19432 2015-07-16] ()
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-11] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)
R2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [658600 2018-12-06] (WiseCleaner.com)

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37304 2019-01-09] (AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [203488 2019-01-09] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [220688 2019-01-09] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196264 2019-01-09] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320888 2019-01-09] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [58160 2019-01-09] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-09] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239808 2019-01-09] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46584 2019-01-09] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42488 2019-01-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166472 2019-01-09] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111992 2019-01-09] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88144 2019-01-09] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034056 2019-01-09] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474648 2019-01-09] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [218056 2019-01-09] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380144 2019-01-09] (AVAST Software)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77120 2018-10-04] (McAfee, LLC)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\System32\drivers\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [235784 2018-10-03] (McAfee, Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [508736 2018-10-04] (McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [371520 2018-10-04] (McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85632 2018-10-04] (McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [515392 2018-10-04] (McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [975168 2018-10-04] (McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [560944 2018-10-02] (McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108840 2018-10-02] (McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [117568 2018-10-04] (McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [253760 2018-10-04] (McAfee, LLC)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3515664 2016-01-29] (Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2015-10-09] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [762584 2015-11-13] (Realsil Semiconductor Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [408280 2015-10-26] (Realsil Semiconductor Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [33448 2015-05-29] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [33960 2015-05-29] (Synaptics Incorporated)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64912 2017-05-18] (QUALCOMM Incorporated)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [146624 2018-02-26] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Corporation)
U1 aswbdisk; não ImagePath

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2019-01-13 10:25 - 2019-01-13 10:26 - 000020651 _____ C:\Users\jardi\Desktop\FRST.txt
2019-01-13 10:23 - 2019-01-13 10:25 - 000000000 ____D C:\FRST
2019-01-13 10:22 - 2019-01-13 10:23 - 002427392 _____ (Farbar) C:\Users\jardi\Desktop\FRST64.exe
2019-01-12 01:13 - 2019-01-12 01:13 - 000000000 ____D C:\Users\jardi\AppData\Local\OneDrive
2019-01-11 22:32 - 2019-01-12 02:12 - 000003606 _____ C:\WINDOWS\System32\Tasks\McAfee DAT Built in test
2019-01-10 10:39 - 2019-01-10 10:40 - 025071772 _____ C:\Users\jardi\Downloads\Matematica Discreta para Computacao e Informatica - Paulo Blauth Menezes.pdf
2019-01-10 10:36 - 2019-01-10 10:36 - 000906849 _____ C:\Users\jardi\Downloads\Livro_Matematica Discreta.pdf
2019-01-10 06:24 - 2019-01-10 06:24 - 000333233 _____ C:\Users\jardi\Downloads\sbc_template-converted.pdf
2019-01-10 06:16 - 2019-01-10 06:17 - 000311112 _____ C:\Users\jardi\Downloads\TemplateForuns.zip
2019-01-09 12:22 - 2019-01-09 12:22 - 000000000 ____D C:\Users\Todos os Usuários\HP
2019-01-09 12:20 - 2019-01-09 12:25 - 051344832 _____ C:\Users\jardi\Downloads\DJ2050_J510_1313-1.exe
2019-01-09 12:17 - 2019-01-09 12:17 - 000152959 _____ C:\Users\jardi\Documents\Boleto de Pagamento.pdf
2019-01-09 09:41 - 2019-01-09 08:19 - 000361352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-01-09 09:31 - 2019-01-09 09:31 - 000000000 ____D C:\WINDOWS\SysWOW64\%VPSDIR64%
2019-01-09 09:15 - 2019-01-09 09:15 - 000017933 _____ C:\ZA-Scan.txt
2019-01-09 09:10 - 2019-01-09 09:06 - 002017184 _____ C:\Users\jardi\Desktop\zoek.exe
2019-01-09 09:10 - 2019-01-09 09:06 - 002017184 _____ C:\Users\jardi\Desktop\ZA-Scan.exe
2019-01-09 09:10 - 2019-01-09 09:05 - 002019874 _____ C:\Users\jardi\Desktop\Z-Analyse.exe
2019-01-09 09:09 - 2019-01-09 09:09 - 000000000 ____D C:\zoek_backup
2019-01-09 08:59 - 2019-01-09 08:59 - 002334579 _____ C:\Users\jardi\Downloads\MENEZES_Matematica_discreta_computacao_i.pdf
2019-01-09 08:31 - 2019-01-01 11:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-09 08:31 - 2019-01-01 11:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 08:31 - 2019-01-01 11:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-09 08:31 - 2019-01-01 11:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-09 08:31 - 2019-01-01 11:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-09 08:31 - 2019-01-01 11:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 08:31 - 2019-01-01 11:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-09 08:31 - 2019-01-01 11:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-09 08:31 - 2019-01-01 11:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-09 08:31 - 2019-01-01 11:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-09 08:31 - 2019-01-01 05:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-09 08:31 - 2019-01-01 05:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-09 08:31 - 2019-01-01 05:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-09 08:31 - 2019-01-01 05:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-09 08:31 - 2019-01-01 05:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-09 08:31 - 2019-01-01 05:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-09 08:31 - 2019-01-01 05:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-09 08:31 - 2019-01-01 05:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-09 08:31 - 2019-01-01 05:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-09 08:31 - 2019-01-01 05:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-09 08:31 - 2019-01-01 05:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-09 08:31 - 2019-01-01 05:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 08:31 - 2019-01-01 05:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 08:31 - 2019-01-01 05:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-09 08:31 - 2019-01-01 05:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-09 08:31 - 2019-01-01 05:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-09 08:31 - 2019-01-01 05:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-09 08:31 - 2019-01-01 05:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-09 08:31 - 2019-01-01 05:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-09 08:31 - 2019-01-01 05:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-09 08:31 - 2019-01-01 04:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-09 08:31 - 2019-01-01 04:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-09 08:31 - 2019-01-01 04:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-09 08:31 - 2019-01-01 04:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-09 08:31 - 2019-01-01 04:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-09 08:31 - 2019-01-01 04:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-09 08:31 - 2019-01-01 04:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 08:31 - 2019-01-01 04:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-09 08:31 - 2019-01-01 04:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 08:31 - 2019-01-01 04:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-09 08:31 - 2019-01-01 04:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-09 08:31 - 2019-01-01 04:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-09 08:31 - 2019-01-01 04:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-09 08:31 - 2019-01-01 04:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 08:31 - 2019-01-01 04:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-09 08:31 - 2019-01-01 04:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-09 08:31 - 2019-01-01 04:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 08:31 - 2019-01-01 04:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-09 08:31 - 2019-01-01 04:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 08:31 - 2019-01-01 04:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-09 08:31 - 2019-01-01 04:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-09 08:31 - 2019-01-01 04:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 08:31 - 2019-01-01 04:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-09 08:31 - 2019-01-01 04:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 08:31 - 2019-01-01 04:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-09 08:31 - 2019-01-01 04:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-09 08:31 - 2019-01-01 04:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 08:31 - 2019-01-01 04:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-09 08:31 - 2019-01-01 04:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 08:31 - 2019-01-01 04:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-09 08:31 - 2019-01-01 04:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-09 08:31 - 2019-01-01 04:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-09 08:31 - 2019-01-01 04:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-09 08:31 - 2019-01-01 04:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-09 08:31 - 2019-01-01 04:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-09 08:31 - 2019-01-01 04:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-09 08:31 - 2019-01-01 04:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-09 08:31 - 2019-01-01 04:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 08:31 - 2019-01-01 04:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-09 08:31 - 2019-01-01 04:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-09 08:31 - 2019-01-01 04:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-09 08:31 - 2019-01-01 04:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-09 08:31 - 2019-01-01 04:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-09 08:31 - 2019-01-01 04:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-09 08:31 - 2019-01-01 04:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-09 08:31 - 2019-01-01 04:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-09 08:31 - 2019-01-01 04:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-09 08:31 - 2019-01-01 04:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 08:31 - 2019-01-01 04:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-09 08:31 - 2019-01-01 04:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-09 08:31 - 2019-01-01 04:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-09 08:31 - 2019-01-01 04:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-09 08:31 - 2019-01-01 04:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 08:31 - 2019-01-01 04:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-09 08:31 - 2019-01-01 04:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-09 08:31 - 2019-01-01 03:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-09 08:31 - 2018-12-19 02:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-09 08:20 - 2019-01-09 08:18 - 000320888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-01-09 08:20 - 2019-01-09 08:18 - 000220688 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-01-09 08:20 - 2019-01-09 08:18 - 000196264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-01-09 08:20 - 2019-01-09 08:18 - 000058160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-01-09 08:20 - 2019-01-09 08:18 - 000037304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-01-08 11:27 - 2019-01-08 11:27 - 000009949 _____ C:\Users\jardi\Documents\Concurso Professor Substituto - Boleto de Pagamento.html
2019-01-08 11:27 - 2019-01-08 11:27 - 000000000 ____D C:\Users\jardi\Documents\Concurso Professor Substituto - Boleto de Pagamento_files
2019-01-07 21:15 - 2019-01-07 21:15 - 001554386 _____ C:\Users\jardi\Downloads\Projeto Político Pedagógico do Curso de Ciência da Computação.pdf
2019-01-07 20:43 - 2019-01-07 20:43 - 000000000 ____D C:\Users\jardi\Documents\Concursos
2019-01-01 00:57 - 2008-08-18 19:18 - 000077824 _____ (Fox Magic Software) C:\WINDOWS\SysWOW64\fmcodec.DLL
2019-01-01 00:51 - 2019-01-01 00:51 - 000000000 ____D C:\Program Files (x86)\DsNET Corp
2019-01-01 00:51 - 2017-11-09 13:58 - 000440320 _____ (Dart Communications) C:\WINDOWS\SysWOW64\DartSock.dll
2019-01-01 00:51 - 2017-11-09 13:58 - 000401408 _____ (Dart Communications) C:\WINDOWS\SysWOW64\DartSecure2.dll
2019-01-01 00:51 - 2017-11-09 13:58 - 000249856 _____ (Dart Communications) C:\WINDOWS\SysWOW64\DartCertificate.dll
2019-01-01 00:36 - 2019-01-01 00:36 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2018-12-31 18:34 - 2019-01-11 22:41 - 000000000 ____D C:\WINDOWS\Minidump
2018-12-31 05:29 - 2019-01-13 10:02 - 000000000 ____D C:\Users\jardi\AppData\Local\CrashDumps
2018-12-28 03:32 - 2018-12-28 03:32 - 000766090 _____ C:\Users\jardi\Downloads\Edital_150-2018 (1).pdf
2018-12-28 01:36 - 2018-12-28 01:36 - 000047190 _____ C:\Users\jardi\Documents\favoritos_28_12_2018.html
2018-12-27 18:35 - 2018-12-27 18:35 - 000000000 ____D C:\Users\jardi\AppData\Roaming\LibreOffice
2018-12-27 18:29 - 2018-12-27 18:31 - 000000000 ____D C:\Program Files\LibreOffice
2018-12-27 18:20 - 2018-12-27 18:20 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-12-26 03:00 - 2018-12-26 03:00 - 000000000 ____D C:\Users\jardi\AppData\Roaming\WinRAR
2018-12-25 17:55 - 2019-01-08 02:23 - 000003292 _____ C:\WINDOWS\System32\Tasks\Wise Turbo Checker.job
2018-12-25 17:55 - 2019-01-08 02:23 - 000003128 _____ C:\WINDOWS\System32\Tasks\Wise Care 365.job
2018-12-25 17:49 - 2019-01-13 10:07 - 000000000 ____D C:\Users\jardi\AppData\Roaming\Wise Care 365
2018-12-25 17:38 - 2019-01-12 00:01 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-12-25 17:37 - 2018-12-25 17:37 - 000002131 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2018-12-25 17:36 - 2018-12-25 17:36 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-12-25 17:35 - 2018-12-25 17:41 - 000000000 ____D C:\Users\Todos os Usuários\Adobe
2018-12-25 17:33 - 2018-12-25 17:40 - 000000000 ____D C:\Users\jardi\AppData\Local\Adobe
2018-12-25 17:31 - 2018-12-25 17:31 - 000000000 ____D C:\Program Files\WinRAR
2018-12-25 17:26 - 2018-12-14 05:25 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-12-25 17:26 - 2018-12-14 04:55 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-12-25 17:26 - 2018-12-14 04:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-12-25 17:26 - 2018-12-14 04:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-12-25 17:26 - 2018-12-08 10:42 - 004527800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-12-25 17:26 - 2018-12-08 10:42 - 001616824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-12-25 17:26 - 2018-12-08 10:29 - 013572608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-12-25 17:26 - 2018-12-08 10:28 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-12-25 17:26 - 2018-12-08 10:28 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-12-25 17:26 - 2018-12-08 10:25 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-12-25 17:26 - 2018-12-08 10:23 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-12-25 17:26 - 2018-12-08 10:23 - 002892288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-12-25 17:26 - 2018-12-08 06:07 - 005625352 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-12-25 17:26 - 2018-12-08 06:06 - 001017168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-12-25 17:26 - 2018-12-08 06:05 - 007436216 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-12-25 17:26 - 2018-12-08 06:05 - 002822656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-12-25 17:26 - 2018-12-08 06:04 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-12-25 17:26 - 2018-12-08 06:04 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-12-25 17:26 - 2018-12-08 05:47 - 000861744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-12-25 17:26 - 2018-12-08 05:46 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-12-25 17:26 - 2018-12-08 05:45 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-12-25 17:26 - 2018-12-08 05:45 - 004789952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-12-25 17:26 - 2018-12-08 05:45 - 002307240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2018-12-25 17:26 - 2018-12-08 05:45 - 001379816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-12-25 17:26 - 2018-12-08 05:42 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-12-25 17:26 - 2018-12-08 05:41 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-12-25 17:26 - 2018-12-08 05:40 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-12-25 17:26 - 2018-12-08 05:38 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-12-25 17:26 - 2018-12-08 05:38 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-12-25 17:26 - 2018-12-08 05:36 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-12-25 17:26 - 2018-12-08 05:36 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-12-25 17:26 - 2018-12-08 05:33 - 001457152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-12-25 17:26 - 2018-11-09 04:15 - 021388752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-12-25 17:26 - 2018-11-09 03:59 - 008623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-12-25 17:26 - 2018-11-09 03:57 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-12-25 17:26 - 2018-11-09 03:55 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-12-25 17:26 - 2018-11-09 03:32 - 020383832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-12-25 17:26 - 2018-11-09 03:20 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-12-25 17:26 - 2018-11-09 03:20 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-12-25 17:26 - 2018-11-09 00:56 - 001213472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-12-25 17:26 - 2018-11-09 00:48 - 003179760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-12-25 17:26 - 2018-11-09 00:48 - 002719736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-12-25 17:26 - 2018-11-09 00:48 - 001613288 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-12-25 17:26 - 2018-11-09 00:48 - 000899920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-12-25 17:26 - 2018-11-09 00:47 - 002571128 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-12-25 17:26 - 2018-11-09 00:47 - 002062392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-12-25 17:26 - 2018-11-09 00:21 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-12-25 17:26 - 2018-11-09 00:21 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-12-25 17:26 - 2018-11-09 00:18 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-12-25 17:26 - 2018-11-09 00:18 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-12-25 17:26 - 2018-11-09 00:17 - 002584576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-12-25 17:26 - 2018-11-09 00:17 - 001069568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-12-25 17:26 - 2018-11-09 00:16 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-12-25 17:26 - 2018-11-09 00:16 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2018-12-25 17:26 - 2018-11-09 00:15 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-12-25 17:26 - 2018-11-09 00:07 - 002417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-12-25 17:26 - 2018-11-09 00:07 - 001299704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-12-25 17:26 - 2018-11-08 23:46 - 002161008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-12-25 17:26 - 2018-11-08 23:46 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-12-25 17:26 - 2018-11-08 23:29 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-12-25 17:26 - 2018-11-08 23:28 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-12-25 17:26 - 2018-11-08 23:26 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-12-25 17:25 - 2018-12-14 05:29 - 001130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-12-25 17:25 - 2018-12-14 05:21 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-12-25 17:25 - 2018-12-14 05:21 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-12-25 17:25 - 2018-12-14 05:21 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-12-25 17:25 - 2018-12-14 05:21 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-12-25 17:25 - 2018-12-14 05:21 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-12-25 17:25 - 2018-12-14 05:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-12-25 17:25 - 2018-12-14 05:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-12-25 17:25 - 2018-12-14 04:55 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-12-25 17:25 - 2018-12-14 04:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-12-25 17:25 - 2018-12-14 04:52 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-12-25 17:25 - 2018-12-14 04:51 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-12-25 17:25 - 2018-12-14 04:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-12-25 17:25 - 2018-12-08 10:47 - 001048712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2018-12-25 17:25 - 2018-12-08 10:47 - 000645320 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-12-25 17:25 - 2018-12-08 10:46 - 000549760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2018-12-25 17:25 - 2018-12-08 10:42 - 001634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-12-25 17:25 - 2018-12-08 10:41 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-12-25 17:25 - 2018-12-08 10:41 - 000481880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-12-25 17:25 - 2018-12-08 10:40 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-12-25 17:25 - 2018-12-08 10:39 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2018-12-25 17:25 - 2018-12-08 10:27 - 005657600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-12-25 17:25 - 2018-12-08 10:27 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2018-12-25 17:25 - 2018-12-08 10:27 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2018-12-25 17:25 - 2018-12-08 10:27 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2018-12-25 17:25 - 2018-12-08 10:23 - 001856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-12-25 17:25 - 2018-12-08 10:23 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-12-25 17:25 - 2018-12-08 10:23 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-12-25 17:25 - 2018-12-08 10:23 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-12-25 17:25 - 2018-12-08 10:22 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-12-25 17:25 - 2018-12-08 10:22 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-12-25 17:25 - 2018-12-08 10:22 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-12-25 17:25 - 2018-12-08 06:12 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-12-25 17:25 - 2018-12-08 06:12 - 000269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-12-25 17:25 - 2018-12-08 06:12 - 000092688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2018-12-25 17:25 - 2018-12-08 06:07 - 001328632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2018-12-25 17:25 - 2018-12-08 06:06 - 000777512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-12-25 17:25 - 2018-12-08 06:06 - 000491416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-12-25 17:25 - 2018-12-08 06:06 - 000433168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-12-25 17:25 - 2018-12-08 06:06 - 000249088 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2018-12-25 17:25 - 2018-12-08 06:05 - 001935008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-12-25 17:25 - 2018-12-08 06:05 - 001209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-12-25 17:25 - 2018-12-08 06:05 - 001018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2018-12-25 17:25 - 2018-12-08 06:05 - 000793592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-12-25 17:25 - 2018-12-08 06:05 - 000706040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-12-25 17:25 - 2018-12-08 06:05 - 000594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-12-25 17:25 - 2018-12-08 06:05 - 000421176 _____ (Microsoft Corporation) C:\WINDOWS\system32\xbgmengine.dll
2018-12-25 17:25 - 2018-12-08 06:05 - 000413920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-12-25 17:25 - 2018-12-08 06:05 - 000130312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-12-25 17:25 - 2018-12-08 06:05 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2018-12-25 17:25 - 2018-12-08 06:04 - 002590296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2018-12-25 17:25 - 2018-12-08 06:04 - 001943328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-12-25 17:25 - 2018-12-08 06:04 - 001188512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-12-25 17:25 - 2018-12-08 06:04 - 001150312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-12-25 17:25 - 2018-12-08 06:04 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-12-25 17:25 - 2018-12-08 06:04 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-12-25 17:25 - 2018-12-08 06:04 - 000527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-12-25 17:25 - 2018-12-08 06:04 - 000416024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2018-12-25 17:25 - 2018-12-08 06:04 - 000413176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-12-25 17:25 - 2018-12-08 06:04 - 000375608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-12-25 17:25 - 2018-12-08 06:04 - 000335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2018-12-25 17:25 - 2018-12-08 06:04 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-12-25 17:25 - 2018-12-08 06:04 - 000158624 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-12-25 17:25 - 2018-12-08 06:04 - 000058168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2018-12-25 17:25 - 2018-12-08 05:47 - 000785760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-12-25 17:25 - 2018-12-08 05:46 - 001397104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-12-25 17:25 - 2018-12-08 05:46 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-12-25 17:25 - 2018-12-08 05:46 - 000457056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2018-12-25 17:25 - 2018-12-08 05:46 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-12-25 17:25 - 2018-12-08 05:45 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-12-25 17:25 - 2018-12-08 05:45 - 001620472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-12-25 17:25 - 2018-12-08 05:45 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-12-25 17:25 - 2018-12-08 05:45 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-12-25 17:25 - 2018-12-08 05:45 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-12-25 17:25 - 2018-12-08 05:45 - 000129296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-12-25 17:25 - 2018-12-08 05:39 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnsruprov.dll
2018-12-25 17:25 - 2018-12-08 05:38 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\eeprov.dll
2018-12-25 17:25 - 2018-12-08 05:38 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2018-12-25 17:25 - 2018-12-08 05:38 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2018-12-25 17:25 - 2018-12-08 05:38 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2018-12-25 17:25 - 2018-12-08 05:38 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-12-25 17:25 - 2018-12-08 05:38 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2018-12-25 17:25 - 2018-12-08 05:37 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-12-25 17:25 - 2018-12-08 05:37 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-12-25 17:25 - 2018-12-08 05:37 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2018-12-25 17:25 - 2018-12-08 05:37 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2018-12-25 17:25 - 2018-12-08 05:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2018-12-25 17:25 - 2018-12-08 05:37 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2018-12-25 17:25 - 2018-12-08 05:37 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2018-12-25 17:25 - 2018-12-08 05:37 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2018-12-25 17:25 - 2018-12-08 05:37 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2018-12-25 17:25 - 2018-12-08 05:37 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2018-12-25 17:25 - 2018-12-08 05:36 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-12-25 17:25 - 2018-12-08 05:36 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-12-25 17:25 - 2018-12-08 05:36 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-12-25 17:25 - 2018-12-08 05:36 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2018-12-25 17:25 - 2018-12-08 05:36 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-12-25 17:25 - 2018-12-08 05:36 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-12-25 17:25 - 2018-12-08 05:36 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2018-12-25 17:25 - 2018-12-08 05:36 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mmcss.sys
2018-12-25 17:25 - 2018-12-08 05:35 - 002126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2018-12-25 17:25 - 2018-12-08 05:35 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-12-25 17:25 - 2018-12-08 05:34 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-12-25 17:25 - 2018-12-08 05:34 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-12-25 17:25 - 2018-12-08 05:34 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2018-12-25 17:25 - 2018-12-08 05:34 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-12-25 17:25 - 2018-12-08 05:34 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2018-12-25 17:25 - 2018-12-08 05:33 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-12-25 17:25 - 2018-12-08 05:33 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-12-25 17:25 - 2018-12-08 05:33 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-12-25 17:25 - 2018-12-08 05:33 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-12-25 17:25 - 2018-12-08 05:33 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2018-12-25 17:25 - 2018-12-08 05:33 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-12-25 17:25 - 2018-12-08 05:32 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-12-25 17:25 - 2018-12-08 05:32 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-12-25 17:25 - 2018-12-08 05:32 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-12-25 17:25 - 2018-12-08 05:32 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-12-25 17:25 - 2018-12-08 05:32 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-12-25 17:25 - 2018-12-08 05:30 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-12-25 17:25 - 2018-12-08 05:30 - 002966528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-12-25 17:25 - 2018-12-08 05:30 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2018-12-25 17:25 - 2018-12-08 05:29 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-12-25 17:25 - 2018-12-08 05:29 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-12-25 17:25 - 2018-12-08 05:29 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2018-12-25 17:25 - 2018-12-08 05:29 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2018-12-25 17:25 - 2018-12-08 05:28 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-12-25 17:25 - 2018-12-08 05:28 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-12-25 17:25 - 2018-12-08 05:28 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-12-25 17:25 - 2018-12-08 05:27 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-12-25 17:25 - 2018-12-08 05:27 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-12-25 17:25 - 2018-12-08 05:27 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2018-12-25 17:25 - 2018-12-08 05:27 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2018-12-25 17:25 - 2018-12-08 05:26 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-12-25 17:25 - 2018-12-08 05:26 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-12-25 17:25 - 2018-12-08 05:25 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-12-25 17:25 - 2018-12-08 05:25 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-12-25 17:25 - 2018-12-08 05:25 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2018-12-25 17:25 - 2018-12-08 05:25 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2018-12-25 17:25 - 2018-12-08 05:25 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-12-25 17:25 - 2018-12-08 05:24 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-12-25 17:25 - 2018-12-08 05:24 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-12-25 17:25 - 2018-12-08 05:24 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-12-25 17:25 - 2018-11-09 04:00 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-12-25 17:25 - 2018-11-09 03:58 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2018-12-25 17:25 - 2018-11-09 03:57 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2018-12-25 17:25 - 2018-11-09 03:56 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-12-25 17:25 - 2018-11-09 03:56 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-12-25 17:25 - 2018-11-09 03:56 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2018-12-25 17:25 - 2018-11-09 03:55 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-12-25 17:25 - 2018-11-09 03:54 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2018-12-25 17:25 - 2018-11-09 03:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-12-25 17:25 - 2018-11-09 03:19 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2018-12-25 17:25 - 2018-11-09 03:18 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-12-25 17:25 - 2018-11-09 03:18 - 000320512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-12-25 17:25 - 2018-11-09 03:17 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-12-25 17:25 - 2018-11-09 00:49 - 000723416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-12-25 17:25 - 2018-11-09 00:49 - 000565048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-12-25 17:25 - 2018-11-09 00:49 - 000368656 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-12-25 17:25 - 2018-11-09 00:48 - 000766704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-12-25 17:25 - 2018-11-09 00:48 - 000745472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-12-25 17:25 - 2018-11-09 00:48 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-12-25 17:25 - 2018-11-09 00:47 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-12-25 17:25 - 2018-11-09 00:47 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-12-25 17:25 - 2018-11-09 00:47 - 000537912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2018-12-25 17:25 - 2018-11-09 00:22 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-12-25 17:25 - 2018-11-09 00:22 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2018-12-25 17:25 - 2018-11-09 00:21 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-12-25 17:25 - 2018-11-09 00:21 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2018-12-25 17:25 - 2018-11-09 00:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-12-25 17:25 - 2018-11-09 00:20 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-12-25 17:25 - 2018-11-09 00:20 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll
2018-12-25 17:25 - 2018-11-09 00:20 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2018-12-25 17:25 - 2018-11-09 00:20 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2018-12-25 17:25 - 2018-11-09 00:19 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-12-25 17:25 - 2018-11-09 00:19 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-12-25 17:25 - 2018-11-09 00:18 - 000573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2018-12-25 17:25 - 2018-11-09 00:18 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2018-12-25 17:25 - 2018-11-09 00:18 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2018-12-25 17:25 - 2018-11-09 00:16 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-12-25 17:25 - 2018-11-09 00:16 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-12-25 17:25 - 2018-11-09 00:15 - 000933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-12-25 17:25 - 2018-11-09 00:15 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-12-25 17:25 - 2018-11-08 23:48 - 000550728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-12-25 17:25 - 2018-11-08 23:47 - 000295224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-12-25 17:25 - 2018-11-08 23:46 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-12-25 17:25 - 2018-11-08 23:46 - 000721024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-12-25 17:25 - 2018-11-08 23:46 - 000573504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-12-25 17:25 - 2018-11-08 23:31 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-12-25 17:25 - 2018-11-08 23:31 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-12-25 17:25 - 2018-11-08 23:30 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2018-12-25 17:25 - 2018-11-08 23:30 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2018-12-25 17:25 - 2018-11-08 23:29 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-12-25 17:25 - 2018-11-08 23:29 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-12-25 17:25 - 2018-11-08 23:27 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2018-12-25 17:25 - 2018-11-08 23:26 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-12-25 17:25 - 2018-11-08 23:25 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-12-25 17:25 - 2018-11-08 23:25 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-12-25 17:20 - 2019-01-09 08:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-12-25 17:19 - 2019-01-09 08:26 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-12-25 17:16 - 2018-12-25 17:16 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-12-25 17:16 - 2018-12-25 17:16 - 000000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2018-12-25 17:16 - 2018-12-25 17:16 - 000000000 ____D C:\Users\jardi\AppData\Local\mbamtray
2018-12-25 17:16 - 2018-12-25 17:16 - 000000000 ____D C:\Users\jardi\AppData\Local\mbam
2018-12-25 17:16 - 2018-12-25 17:16 - 000000000 ____D C:\Program Files\Malwarebytes
2018-12-25 17:16 - 2018-12-04 08:09 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-12-25 17:14 - 2019-01-12 00:01 - 000003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-12-25 17:14 - 2019-01-12 00:01 - 000002238 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-12-25 17:14 - 2018-12-31 18:15 - 000001240 _____ C:\Users\Public\Desktop\Wise Care 365.lnk
2018-12-25 17:14 - 2018-12-25 17:14 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-12-25 17:14 - 2018-12-25 17:14 - 000000000 ____D C:\Program Files\CCleaner
2018-12-25 17:14 - 2018-12-25 17:14 - 000000000 ____D C:\Program Files (x86)\Wise
2018-12-25 17:10 - 2018-12-25 17:10 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2018-12-25 17:03 - 2018-12-25 17:03 - 000000000 ____D C:\Program Files\rempl
2018-12-25 12:22 - 2019-01-09 09:43 - 000002083 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-12-25 12:22 - 2018-12-25 12:22 - 000000000 ____D C:\Users\jardi\AppData\Roaming\AVAST Software
2018-12-25 12:22 - 2018-12-25 12:22 - 000000000 ____D C:\Users\jardi\AppData\Local\CEF
2018-12-25 12:22 - 2018-12-25 12:22 - 000000000 ____D C:\Users\jardi\AppData\Local\AVAST Software
2018-12-25 12:20 - 2019-01-12 00:01 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2018-12-25 12:19 - 2019-01-13 09:28 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-12-25 12:19 - 2019-01-09 08:19 - 000474648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-12-25 12:19 - 2019-01-09 08:19 - 000380144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-12-25 12:19 - 2019-01-09 08:19 - 000239808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-12-25 12:19 - 2019-01-09 08:19 - 000218056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-12-25 12:19 - 2019-01-09 08:19 - 000203488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-12-25 12:19 - 2019-01-09 08:19 - 000166472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-12-25 12:19 - 2019-01-09 08:19 - 000111992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-12-25 12:19 - 2019-01-09 08:19 - 000088144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-12-25 12:19 - 2019-01-09 08:19 - 000046584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-12-25 12:19 - 2019-01-09 08:19 - 000042488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2018-12-25 12:19 - 2019-01-09 08:19 - 000015488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2018-12-25 12:19 - 2019-01-09 08:18 - 001034056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-12-25 12:18 - 2018-12-25 12:18 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-12-25 12:16 - 2018-12-25 18:01 - 000000000 ____D C:\Users\Todos os Usuários\AVAST Software
2018-12-25 12:16 - 2018-12-25 12:16 - 000000000 ____D C:\Program Files\AVAST Software
2018-12-25 12:03 - 2018-12-25 12:08 - 000000000 ____D C:\Users\jardi\AppData\Local\ClassicShell
2018-12-25 12:03 - 2018-12-25 12:03 - 000000000 ____D C:\Program Files\VS Revo Group
2018-12-25 12:02 - 2018-12-25 12:02 - 000000000 ____D C:\Users\Todos os Usuários\ClassicShell
2018-12-25 12:02 - 2018-12-25 12:02 - 000000000 ____D C:\Users\jardi\AppData\Roaming\ClassicShell
2018-12-25 12:01 - 2018-12-25 12:01 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-12-25 11:53 - 2018-12-25 11:53 - 000000000 ____D C:\Program Files\Classic Shell
2018-12-25 11:47 - 2018-12-25 11:47 - 000000000 ____D C:\Users\Todos os Usuários\Positivo Informática
2018-12-25 11:46 - 2018-12-25 11:46 - 000766090 _____ C:\Users\jardi\Downloads\Edital_150-2018.pdf
2018-12-25 11:40 - 2018-12-25 11:40 - 000002341 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-12-25 11:39 - 2019-01-08 02:23 - 000003576 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-25 11:39 - 2019-01-08 02:23 - 000003352 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-25 11:39 - 2018-12-25 11:48 - 000000000 ____D C:\Users\jardi\AppData\Local\Google
2018-12-25 11:39 - 2018-12-25 11:39 - 000000000 ____D C:\Program Files (x86)\Google
2018-12-25 11:38 - 2018-12-25 11:39 - 000000000 ____D C:\Users\jardi\AppData\Local\Deployment
2018-12-25 11:38 - 2018-12-25 11:38 - 000000000 ____D C:\Users\jardi\AppData\Local\Apps\2.0
2018-12-25 11:37 - 2019-01-13 09:29 - 000004184 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{AE342965-D18A-4A30-B227-BC30DDB1A28F}
2018-12-25 11:35 - 2018-12-25 12:13 - 000000000 ____D C:\Users\jardi\AppData\Local\D3DSCache
2018-12-25 10:16 - 2018-12-25 10:16 - 000000000 ____D C:\Users\jardi\AppData\Local\Comms
2018-12-25 10:14 - 2019-01-01 01:29 - 000000000 ____D C:\Windows.old
2018-12-25 10:14 - 2018-12-25 17:45 - 000000000 ____D C:\WINDOWS\Panther
2018-12-25 10:14 - 2018-12-25 17:11 - 000000000 ____D C:\Users\Todos os Usuários\Packages
2018-12-25 10:14 - 2018-12-25 10:14 - 000000000 ____D C:\WINDOWS\InfusedApps
2018-12-25 10:13 - 2018-12-25 10:13 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-12-25 10:12 - 2018-12-25 10:12 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2018-12-25 10:11 - 2018-12-25 10:11 - 000000000 ____D C:\Program Files\Synaptics
2018-12-25 10:10 - 2018-12-25 10:10 - 000000000 ____D C:\Users\jardi\AppData\Roaming\Macromedia
2018-12-25 10:09 - 2019-01-08 02:23 - 000002920 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2749049465-2368541470-1807606075-1009
2018-12-25 10:08 - 2018-12-25 10:08 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-12-25 10:07 - 2018-12-25 10:07 - 000000000 ____D C:\WINDOWS\Setup
2018-12-25 10:02 - 2018-12-25 10:02 - 000000000 ____D C:\Users\jardi\AppData\Local\DBG
2018-12-25 10:00 - 2019-01-09 18:27 - 000000000 ____D C:\Users\jardi\AppData\Local\PlaceholderTileLogoFolder
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-12-25 09:59 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2018-12-25 09:59 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\te-IN
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\or-IN
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\km-KH
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\is-IS
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\id-ID
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\be-BY
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\as-IN
2018-12-25 09:59 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2018-12-25 09:59 - 2018-12-25 09:59 - 000001417 _____ C:\Users\jardi\Desktop\Microsoft Edge.lnk
2018-12-25 09:59 - 2018-12-25 09:59 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2018-12-25 09:59 - 2018-12-25 09:59 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2018-12-25 09:59 - 2018-12-25 09:59 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2018-12-25 09:59 - 2018-12-25 09:59 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2018-12-25 09:59 - 2018-12-25 09:59 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2018-12-25 09:59 - 2018-12-25 09:59 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2018-12-25 09:59 - 2018-12-25 09:59 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2018-12-25 09:59 - 2018-12-25 09:59 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2018-12-25 09:59 - 2018-12-25 09:59 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2018-12-25 09:59 - 2018-12-25 09:59 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2018-12-25 09:59 - 2018-12-25 09:59 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2018-12-25 09:59 - 2018-12-25 09:59 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2018-12-25 09:59 - 2018-12-25 09:59 - 000000000 ____D C:\WINDOWS\OCR
2018-12-25 09:59 - 2018-12-25 09:59 - 000000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2018-12-25 09:59 - 2018-12-25 09:59 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-12-25 09:59 - 2018-12-25 09:59 - 000000000 ____D C:\Program Files\MSBuild
2018-12-25 09:59 - 2018-12-25 09:59 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-12-25 09:59 - 2018-12-25 09:59 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-12-25 09:58 - 2019-01-11 08:18 - 000750780 _____ C:\WINDOWS\system32\prfh0416.dat
2018-12-25 09:58 - 2019-01-11 08:18 - 000148114 _____ C:\WINDOWS\system32\prfc0416.dat
2018-12-25 09:58 - 2018-12-25 10:32 - 000000000 ____D C:\Users\jardi\AppData\Local\Publishers
2018-12-25 09:58 - 2018-12-25 09:58 - 000000000 ____D C:\Users\jardi\AppData\Local\MicrosoftEdge
2018-12-25 09:58 - 2018-12-25 09:57 - 000328664 _____ C:\WINDOWS\system32\prfi0416.dat
2018-12-25 09:58 - 2018-12-25 09:57 - 000040858 _____ C:\WINDOWS\system32\prfd0416.dat
2018-12-25 09:57 - 2018-12-25 09:57 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2018-12-25 09:57 - 2018-12-25 09:57 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2018-12-25 09:57 - 2018-12-25 09:57 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2018-12-25 09:57 - 2018-12-25 09:57 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2018-12-25 09:57 - 2018-12-25 09:57 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2018-12-25 09:57 - 2018-12-25 09:57 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2018-12-25 09:57 - 2018-12-25 09:57 - 000000000 ____D C:\WINDOWS\system32\winrm
2018-12-25 09:57 - 2018-12-25 09:57 - 000000000 ____D C:\WINDOWS\system32\WCN
2018-12-25 09:57 - 2018-12-25 09:57 - 000000000 ____D C:\WINDOWS\system32\slmgr
2018-12-25 09:57 - 2018-12-25 09:57 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2018-12-25 09:57 - 2018-12-25 09:57 - 000000000 ____D C:\WINDOWS\system32\0409
2018-12-25 09:57 - 2018-12-25 09:57 - 000000000 ____D C:\WINDOWS\DigitalLocker
2018-12-25 09:53 - 2019-01-02 17:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-12-25 09:53 - 2019-01-02 17:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-12-25 09:51 - 2019-01-11 08:23 - 000000000 ____D C:\Users\jardi\AppData\Local\Packages
2018-12-25 09:51 - 2018-12-25 17:41 - 000000000 ____D C:\Users\jardi\AppData\Roaming\Adobe
2018-12-25 09:51 - 2018-12-25 09:52 - 000000000 ____D C:\Users\jardi\AppData\Local\Intel
2018-12-25 09:51 - 2018-12-25 09:51 - 000000000 ____D C:\Users\jardi\AppData\Local\VirtualStore
2018-12-25 09:50 - 2018-12-25 09:53 - 000000000 ____D C:\Users\jardi\AppData\Local\ConnectedDevicesPlatform
2018-12-25 09:50 - 2018-12-25 09:50 - 000000020 ___SH C:\Users\jardi\ntuser.ini
2018-12-25 09:49 - 2018-12-25 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-12-25 09:49 - 2018-12-25 09:44 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2018-12-25 09:49 - 2018-12-25 09:44 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2018-12-25 09:49 - 2018-12-25 09:44 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2018-12-25 09:49 - 2018-12-25 09:44 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2018-12-25 09:49 - 2018-12-25 09:44 - 000017346 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2018-12-25 09:49 - 2018-12-25 09:44 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2018-12-25 09:49 - 2018-12-25 09:44 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2018-12-25 09:49 - 2018-12-25 09:44 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2018-12-25 09:49 - 2018-12-25 09:44 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2018-12-25 09:48 - 2019-01-13 10:18 - 000000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2018-12-25 09:48 - 2019-01-13 09:49 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-12-25 09:48 - 2019-01-13 09:30 - 000000000 ___HD C:\Program Files\WindowsApps
2018-12-25 09:48 - 2019-01-13 09:30 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-12-25 09:48 - 2019-01-11 08:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-12-25 09:48 - 2019-01-10 07:08 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-12-25 09:48 - 2019-01-09 09:41 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-12-25 09:48 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\TextInput
2018-12-25 09:48 - 2019-01-09 09:34 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-12-25 09:48 - 2019-01-09 09:15 - 000000000 ___RD C:\Program Files (x86)
2018-12-25 09:48 - 2019-01-08 02:23 - 000002704 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2018-12-25 09:48 - 2019-01-04 21:13 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-12-25 09:48 - 2018-12-27 18:00 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2018-12-25 09:48 - 2018-12-26 03:33 - 000000000 ____D C:\WINDOWS\appcompat
2018-12-25 09:48 - 2018-12-25 20:09 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-12-25 09:48 - 2018-12-25 20:09 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-12-25 09:48 - 2018-12-25 20:09 - 000000000 ____D C:\WINDOWS\ShellComponents
2018-12-25 09:48 - 2018-12-25 17:52 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2018-12-25 09:48 - 2018-12-25 10:15 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-12-25 09:48 - 2018-12-25 10:14 - 000000000 __RHD C:\Users\Public\Libraries
2018-12-25 09:48 - 2018-12-25 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-12-25 09:48 - 2018-12-25 10:05 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-12-25 09:48 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2018-12-25 09:48 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-12-25 09:48 - 2018-12-25 10:05 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-12-25 09:48 - 2018-12-25 10:04 - 000000000 ___SD C:\WINDOWS\system32\UNP
2018-12-25 09:48 - 2018-12-25 10:04 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-12-25 09:48 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-12-25 09:48 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\ta-in
2018-12-25 09:48 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-12-25 09:48 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\si-lk
2018-12-25 09:48 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-12-25 09:48 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\setup
2018-12-25 09:48 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-12-25 09:48 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-12-25 09:48 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\system32\am-et
2018-12-25 09:48 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-12-25 09:48 - 2018-12-25 10:04 - 000000000 ____D C:\WINDOWS\Provisioning
2018-12-25 09:48 - 2018-12-25 10:04 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-12-25 09:48 - 2018-12-25 10:04 - 000000000 ____D C:\Program Files\Windows Defender
2018-12-25 09:48 - 2018-12-25 10:04 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-12-25 09:48 - 2018-12-25 10:04 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-12-25 09:48 - 2018-12-25 09:59 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2018-12-25 09:48 - 2018-12-25 09:59 - 000000000 ____D C:\WINDOWS\system32\MUI
2018-12-25 09:48 - 2018-12-25 09:59 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-12-25 09:48 - 2018-12-25 09:57 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-12-25 09:48 - 2018-12-25 09:57 - 000000000 ___SD C:\WINDOWS\system32\dsc
2018-12-25 09:48 - 2018-12-25 09:57 - 000000000 ____D C:\WINDOWS\SysWOW64\com
2018-12-25 09:48 - 2018-12-25 09:57 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2018-12-25 09:48 - 2018-12-25 09:57 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-12-25 09:48 - 2018-12-25 09:57 - 000000000 ____D C:\WINDOWS\system32\com
2018-12-25 09:48 - 2018-12-25 09:57 - 000000000 ____D C:\WINDOWS\IME
2018-12-25 09:48 - 2018-12-25 09:57 - 000000000 ____D C:\WINDOWS\Help
2018-12-25 09:48 - 2018-12-25 09:57 - 000000000 ____D C:\Program Files\Common Files\system
2018-12-25 09:48 - 2018-12-25 09:50 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2018-12-25 09:48 - 2018-12-25 09:49 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2018-12-25 09:48 - 2018-12-25 09:49 - 000000000 ___SD C:\WINDOWS\system32\Nui
2018-12-25 09:48 - 2018-12-25 09:49 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2018-12-25 09:48 - 2018-12-25 09:49 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2018-12-25 09:48 - 2018-12-25 09:49 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2018-12-25 09:48 - 2018-12-25 09:49 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2018-12-25 09:48 - 2018-12-25 09:49 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2018-12-25 09:48 - 2018-12-25 09:49 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2018-12-25 09:48 - 2018-12-25 09:49 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2018-12-25 09:48 - 2018-12-25 09:49 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2018-12-25 09:48 - 2018-12-25 09:49 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2018-12-25 09:48 - 2018-12-25 09:49 - 000000000 ____D C:\WINDOWS\system32\my-mm
2018-12-25 09:48 - 2018-12-25 09:49 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2018-12-25 09:48 - 2018-12-25 09:49 - 000000000 ____D C:\WINDOWS\system32\icsxml
2018-12-25 09:48 - 2018-12-25 09:49 - 000000000 ____D C:\WINDOWS\system32\ias
2018-12-25 09:48 - 2018-12-25 09:49 - 000000000 ____D C:\WINDOWS\system32\downlevel
2018-12-25 09:48 - 2018-12-25 09:49 - 000000000 ____D C:\WINDOWS\system32\DDFs
2018-12-25 09:48 - 2018-12-25 09:49 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2018-12-25 09:48 - 2018-12-25 09:49 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2018-12-25 09:48 - 2018-12-25 09:49 - 000000000 ____D C:\Program Files\windows nt
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 __SHD C:\Program Files\Windows Sidebar
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 __RSD C:\WINDOWS\media
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\WaaS
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\Vss
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\tracing
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\TAPI
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\SystemResources
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\SystemApps
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\system32\winevt
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\system32\ras
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\system32\IME
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\system32\hydrogen
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\system32\DriverState
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\System
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\SKB
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\ServiceState
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\security
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\schemas
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\SchCache
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\Resources
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\rescache
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\PLA
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\Performance
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\ModemLogs
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\L2Schemas
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\InputMethod
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\IdentityCRL
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\Globalization
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\Cursors
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\Branding
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\addins
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\Users\Todos os Usuários\WindowsHolographicDevices
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\Program Files\Windows Security
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\Program Files\Windows Portable Devices
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\Program Files\Common Files\Services
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\Program Files (x86)\windows nt
2018-12-25 09:48 - 2018-12-25 09:48 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2018-12-25 09:48 - 2018-12-25 09:44 - 000000000 ____D C:\WINDOWS\Registration
2018-12-25 09:48 - 2018-12-25 09:43 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2018-12-25 09:48 - 2018-12-25 09:34 - 000000000 ____D C:\WINDOWS\system32\spool
2018-12-25 09:48 - 2018-12-25 09:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-12-25 09:48 - 2018-12-25 09:21 - 000000000 ____D C:\Users\Todos os Usuários\USOPrivate
2018-12-25 09:48 - 2017-10-04 00:40 - 000000000 ____D C:\WINDOWS\Web
2018-12-25 09:46 - 2019-01-11 08:18 - 001737602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-12-25 09:45 - 2019-01-13 10:02 - 000000000 ____D C:\WINDOWS\INF
2018-12-25 09:45 - 2018-12-25 09:45 - 000012350 _____ C:\Users\jardi\Desktop\Aplicativos Removidos.html
2018-12-25 09:44 - 2018-12-25 09:44 - 000022956 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-12-25 09:37 - 2019-01-11 08:13 - 000000000 ____D C:\Users\jardi
2018-12-25 09:37 - 2018-12-25 10:09 - 000002380 _____ C:\Users\jardi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-12-25 09:37 - 2018-12-25 09:37 - 000000000 _SHDL C:\Users\jardi\Modelos
2018-12-25 09:37 - 2018-12-25 09:37 - 000000000 _SHDL C:\Users\jardi\Meus Documentos
2018-12-25 09:37 - 2018-12-25 09:37 - 000000000 _SHDL C:\Users\jardi\Menu Iniciar
2018-12-25 09:37 - 2018-12-25 09:37 - 000000000 _SHDL C:\Users\jardi\Documents\Minhas Músicas
2018-12-25 09:37 - 2018-12-25 09:37 - 000000000 _SHDL C:\Users\jardi\Documents\Minhas Imagens
2018-12-25 09:37 - 2018-12-25 09:37 - 000000000 _SHDL C:\Users\jardi\Documents\Meus Vídeos
2018-12-25 09:37 - 2018-12-25 09:37 - 000000000 _SHDL C:\Users\jardi\Dados de Aplicativos
2018-12-25 09:37 - 2018-12-25 09:37 - 000000000 _SHDL C:\Users\jardi\Configurações Locais
2018-12-25 09:37 - 2018-12-25 09:37 - 000000000 _SHDL C:\Users\jardi\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2018-12-25 09:37 - 2018-12-25 09:37 - 000000000 _SHDL C:\Users\jardi\AppData\Local\Histórico
2018-12-25 09:37 - 2018-12-25 09:37 - 000000000 _SHDL C:\Users\jardi\AppData\Local\Dados de Aplicativos
2018-12-25 09:37 - 2018-12-25 09:37 - 000000000 _SHDL C:\Users\jardi\Ambiente de Rede
2018-12-25 09:37 - 2018-12-25 09:37 - 000000000 _SHDL C:\Users\jardi\Ambiente de Impressão
2018-12-25 09:36 - 2019-01-10 07:43 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-12-25 09:31 - 2018-12-25 09:31 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-12-25 09:25 - 2019-01-11 08:13 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-12-25 09:25 - 2019-01-09 09:37 - 100139008 _____ C:\WINDOWS\system32\config\SOFTWARE
2018-12-25 09:25 - 2019-01-09 09:36 - 031457280 _____ C:\WINDOWS\system32\config\SYSTEM
2018-12-25 09:25 - 2019-01-09 09:36 - 001048576 _____ C:\WINDOWS\system32\config\DEFAULT
2018-12-25 09:25 - 2019-01-09 09:36 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-12-25 09:25 - 2019-01-09 09:36 - 000057344 _____ C:\WINDOWS\system32\config\SECURITY
2018-12-25 09:25 - 2019-01-09 09:36 - 000028672 _____ C:\WINDOWS\system32\config\SAM
2018-12-25 09:25 - 2018-12-25 10:15 - 000000000 ___HD C:\$SysReset
2018-12-25 09:25 - 2018-12-25 09:57 - 000000000 ____D C:\WINDOWS\servicing
2018-12-25 09:25 - 2018-12-25 09:48 - 000000000 ____D C:\WINDOWS\system32\SMI
2018-12-25 09:22 - 2018-12-25 09:34 - 000000000 ____D C:\Users\Todos os Usuários\Intel
2018-12-25 09:22 - 2018-12-25 09:32 - 000000000 ____D C:\Program Files\Intel
2018-12-25 09:22 - 2018-12-25 09:22 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-12-25 09:22 - 2018-12-25 09:22 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2018-12-25 09:22 - 2018-11-19 19:57 - 000136704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2018-12-25 09:22 - 2018-11-19 19:57 - 000111616 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2018-12-25 09:21 - 2018-12-25 09:21 - 000000264 _____ C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2018-12-25 09:21 - 2018-12-25 09:21 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2018-12-25 09:21 - 2018-12-25 09:21 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2018-12-25 09:21 - 2018-12-25 09:21 - 000000000 ____H C:\Users\Todos os Usuários\DP45977C.lfl
2018-12-25 09:21 - 2018-12-25 09:21 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-12-25 09:21 - 2018-12-25 09:21 - 000000000 ____D C:\WINDOWS\system32\DAX2
2018-12-25 09:21 - 2018-12-25 09:21 - 000000000 ____D C:\Users\Todos os Usuários\USOShared
2018-12-25 09:21 - 2018-12-25 09:21 - 000000000 ____D C:\Program Files\Realtek
2018-12-25 09:21 - 2018-04-11 21:33 - 002752000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-12-25 09:17 - 2019-01-12 03:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-12-18 21:27 - 2018-12-18 21:27 - 000470592 _____ C:\Users\jardi\Downloads\ENPOS2018 Certificado Apresentação André Desessards Jardim.pdf
2018-12-18 16:05 - 2018-12-18 16:05 - 001170942 _____ C:\Users\jardi\Documents\JARDIM_Avaliacao_Proposta_Tese.pdf
2018-12-17 21:21 - 2018-12-17 21:22 - 000000000 ____D C:\Users\jardi\Documents\Val

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2019-01-13 09:45 - 2017-10-04 00:32 - 000000000 ____D C:\Program Files\Microsoft Office
2019-01-13 09:25 - 2018-02-23 13:03 - 000000000 __SHD C:\Users\jardi\IntelGraphicsProfiles
2019-01-10 06:36 - 2018-03-01 08:56 - 000000000 ____D C:\Users\jardi\Documents\Doutorado
2019-01-01 02:06 - 2018-03-01 09:00 - 000000000 ____D C:\Users\jardi\Documents\Vários
2018-12-31 18:38 - 2017-10-04 00:28 - 000000000 ____D C:\Users\Todos os Usuários\McAfee
2018-12-27 20:42 - 2017-10-04 00:28 - 000000000 ____D C:\Program Files\mcafee
2018-12-27 18:06 - 2017-10-04 00:28 - 000000000 ____D C:\Program Files\Common Files\McAfee
2018-12-26 03:00 - 2018-09-28 15:31 - 000000000 ____D C:\Users\jardi\Documents\Dead Space
2018-12-26 00:49 - 2017-10-04 00:28 - 000000000 ____D C:\Program Files\Common Files\AV
2018-12-25 20:17 - 2018-02-23 23:54 - 000000000 ___RD C:\Users\jardi\3D Objects
2018-12-25 20:17 - 2017-05-05 18:52 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-12-25 18:04 - 2017-10-04 00:28 - 000000000 ____D C:\Program Files (x86)\McAfee
2018-12-25 17:31 - 2018-04-17 18:36 - 000000000 ____D C:\Users\jardi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-12-25 10:09 - 2018-02-23 13:08 - 000000000 ___RD C:\Users\jardi\OneDrive
2018-12-25 09:44 - 2017-03-18 19:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-12-25 09:34 - 2017-10-04 00:32 - 000000000 ____D C:\Program Files\Microsoft Office 15
2018-12-25 09:34 - 2017-10-04 00:19 - 000000000 ____D C:\Users\Todos os Usuários\Package Cache
2018-12-25 09:34 - 2017-10-04 00:19 - 000000000 ____D C:\Program Files (x86)\Intel
2018-12-25 09:34 - 2017-10-04 00:18 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-12-25 09:34 - 2017-10-04 00:18 - 000000000 ____D C:\Program Files (x86)\Realtek
2018-12-25 09:34 - 2017-03-19 00:32 - 000000000 ____D C:\WINDOWS\HoloShell
2018-12-25 09:32 - 2017-10-04 00:28 - 000000000 ____D C:\Program Files\mcafee.com
2018-12-25 06:32 - 2018-10-15 20:24 - 000000000 ____D C:\Users\jardi\AppData\LocalLow\Sun
2018-12-25 06:32 - 2018-02-27 15:22 - 000000000 ____D C:\Users\jardi\AppData\LocalLow\Adobe
2018-12-25 00:41 - 2017-10-04 00:21 - 000000000 ____D C:\Intel

==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

LastRegBack: 2018-12-25 09:17

==================== Fim de FRST.txt ============================

 

 

 

 

 

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 12.01.2019
Executado por jardi (13-01-2019 10:27:47)
Executando a partir de C:\Users\jardi\Desktop
Windows 10 Home Single Language Versão 1803 17134.523 (X64) (2018-12-25 11:50:33)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-2749049465-2368541470-1807606075-500 - Administrator - Disabled)
Convidado (S-1-5-21-2749049465-2368541470-1807606075-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-2749049465-2368541470-1807606075-503 - Limited - Disabled)
jardi (S-1-5-21-2749049465-2368541470-1807606075-1009 - Administrator - Enabled) => C:\Users\jardi
WDAGUtilityAccount (S-1-5-21-2749049465-2368541470-1807606075-504 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1177 - Intel Corporation)
Intel(R) PRO/Wireless Driver (HKLM\...\{8736f7db-10ee-4722-b588-3a7296eafc38}) (Version: 18.40.0000.4099 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1519.7 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{E2FEF167-A654-48D5-BA41-0C3B5B91FE4E}) (Version: 18.1.1546.2762 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{3D45BD48-F215-4C69-B23F-256C83D1D7F0}) (Version: 1.0.0.534 - Intel Corporation)
LibreOffice 6.1.4.2 (HKLM\...\{080C0C39-B1B5-48BB-85AB-4F9A8768CD10}) (Version: 6.1.4.2 - The Document Foundation)
Malwarebytes versão 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office Home and Student 2016 - pt-br (HKLM\...\HomeStudentRetail - pt-br) (Version: 16.0.11126.20196 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2749049465-2368541470-1807606075-1009\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20196 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20196 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.11126.20196 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7695 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.6 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.6 - VS Revo Group, Ltd.)
Software de dispositivo do Chipset Intel® (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Software Intel® PROSet/Wireless (HKLM-x32\...\{d5572863-793c-4ec8-872a-43cccc68b948}) (Version: 18.40.0 - Intel Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.10.0 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Wise Care 365 5.2.2 (HKLM-x32\...\Wise Care 365_is1) (Version: 5.2.2 - WiseCleaner.com, Inc.)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-09] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (IvoSoft)
ShellIconOverlayIdentifiers-x32-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (IvoSoft)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-09] (AVAST Software)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> [CC]{CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} =>  -> Nenhum Arquivo
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> Nenhum Arquivo
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Nenhum Arquivo
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-09] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> [CC]{57CE581A-0CB6-4266-9CA0-19364C90A0B3} =>  -> Nenhum Arquivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Nenhum Arquivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a9535cd18c90bc3\igfxDTCM.dll [2018-11-19] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-09] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> [CC]{57CE581A-0CB6-4266-9CA0-19364C90A0B3} =>  -> Nenhum Arquivo
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> [CC]{CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} =>  -> Nenhum Arquivo
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2018-07-15] (IvoSoft)
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> Nenhum Arquivo
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Nenhum Arquivo

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {02F59D3F-E2D7-4ABB-A5F8-02B9FA6E8F25} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-01-13] (Microsoft Corporation)
Task: {0B188018-EC4B-46BA-B91E-2F31CC4842EB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-25] (Google Inc.)
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" foi desbloqueado. <==== ATENÇÃO
Task: {0DB4070A-CA4B-49ED-9BF4-24B1FCFF36C0} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {16F8780C-C3CA-4620-B95E-8648A87E744E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-10] (AVAST Software)
Task: {3FA62E50-FBFD-4D6C-ACF6-B902414E6675} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {42F135FD-59F0-4A9E-AD45-C78BD032487E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-09] (AVAST Software)
Task: {6889CF96-BA20-4FD1-B34C-3AE045A2530D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2019-01-13] (Microsoft Corporation)
Task: {84BEEF38-021F-47F3-B99F-F5B1BCD9DEA9} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {89023B0F-B4DD-4761-9992-448D58126F85} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {8D5D88F0-645C-448B-B76F-02127DAC0F96} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [2018-10-30] (McAfee, Inc.)
Task: {8F273339-DB91-4F1D-8781-823EA73D65A0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2019-01-13] (Microsoft Corporation)
Task: {91330823-54E5-4DF3-BBB2-4C12C8EB0649} - System32\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe [2018-12-07] (WiseCleaner.com)
Task: {921213CC-7740-4C85-9A74-2511B979786B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-01-13] (Microsoft Corporation)
Task: {9ECA269F-1829-4576-83CB-AA7C49CF8B3D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2019-01-13] (Microsoft Corporation)
Task: {B692A67D-0FE6-4709-9D83-895840293200} - System32\Tasks\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.6.319\mcdatrep.exe [2018-12-25] (McAfee, LLC.)
Task: {B994D5C4-DC45-49B7-B77F-139A719E6AB1} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2018-11-13] (McAfee, Inc.)
Task: {C2C9F2B8-7173-406D-AE26-F8D9D83714D2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-01-02] (Microsoft Corporation)
Task: {CAA22E0A-2F35-43EB-B9A5-5B5ACF0E1085} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-12-10] (Piriform Software Ltd)
Task: {D02396CC-E18A-4FEC-BDFE-E186E0075281} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-25] (Google Inc.)
Task: {E75E60B2-7934-4CB3-89BE-35B8D985D76F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-12-10] (Piriform Ltd)
Task: {F4167E47-7887-4A08-933C-0616680D36C5} - System32\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2018-12-06] (wisecleaner.com)
Task: {F6848A77-5138-4038-BEEC-F1E410A8B26F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-01-02] (Microsoft Corporation)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)


==================== Módulos Carregados (Whitelisted) ==============

2016-02-15 13:10 - 2015-07-16 20:28 - 000019432 _____ () C:\Windows\System32\ServiceRegisterProduct.exe
2018-06-29 18:34 - 2018-06-29 18:34 - 000896136 _____ () C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\McCSPMsgBusDLL.dll
2018-11-19 19:57 - 2018-11-19 19:57 - 000142440 ____N () C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a9535cd18c90bc3\igdinfo64.dll
2019-01-09 08:19 - 2019-01-09 08:19 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-01-09 08:19 - 2019-01-09 08:19 - 000667016 _____ () c:\program files\avast software\avast\streamback.dll
2018-04-11 21:34 - 2018-04-11 21:34 - 000491744 ____N () C:\Windows\System32\InputHost.dll
2018-04-11 21:34 - 2018-04-11 21:34 - 000472064 ____N () C:\Windows\ShellExperiences\TileControl.dll
2018-12-25 17:26 - 2018-11-09 00:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-01-09 08:31 - 2019-01-01 04:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-07 06:48 - 2016-01-07 06:48 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)


==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)


==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2017-03-18 19:03 - 2019-01-04 08:23 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2749049465-2368541470-1807606075-1009\Control Panel\Desktop\\Wallpaper -> C:\Users\jardi\Downloads\punisher-skull-0223.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

Se uma entrada for incluída na fixlist, será removida.

HKU\S-1-5-21-2749049465-2368541470-1807606075-1009\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2749049465-2368541470-1807606075-1009\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{A5E64A8E-0DA7-46A1-9A1B-AD1C7408EB81}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
FirewallRules: [{BCF8ED45-C003-4586-8B4D-A003A86AA2C0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{3D487E00-CAC2-4BC7-9520-C07A079EC005}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{74D3C420-43C3-4319-B4C6-4B96A9F7B933}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{A25C0676-0282-4177-9BF9-2CF5F3C88033}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, Inc.)
FirewallRules: [{5DB74544-55C4-46F1-AE47-F8C5FB78633A}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, Inc.)
FirewallRules: [{CEB39661-BEF9-4680-A772-0586E6972575}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{765C0262-ADC1-4B1B-B63B-7C0F7DBB4CBC}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)

==================== Pontos de Restauração =========================

09-01-2019 08:24:01 Windows Update
09-01-2019 08:25:14 Windows Update

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (01/13/2019 09:29:19 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/11/2019 11:49:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: svchost.exe_WpnUserService, versão: 10.0.17134.1, carimbo de data/hora: 0xa38b9ab2
Nome do módulo com falha: NotificationController.dll, versão: 10.0.17134.165, carimbo de data/hora: 0xe0385185
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000000000007c686
ID do processo com falha: 0x2ee8
Hora de início do aplicativo com falha: 0x01d4aa148d94b83a
Caminho do aplicativo com falha: C:\WINDOWS\system32\svchost.exe
Caminho do módulo com falha: C:\Windows\System32\NotificationController.dll
ID do Relatório: 53128c15-eec4-4fe6-a636-b545fdd64c0f
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:

Error: (01/11/2019 11:16:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: svchost.exe_WpnUserService, versão: 10.0.17134.1, carimbo de data/hora: 0xa38b9ab2
Nome do módulo com falha: NotificationController.dll, versão: 10.0.17134.165, carimbo de data/hora: 0xe0385185
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000000000007c686
ID do processo com falha: 0x2b70
Hora de início do aplicativo com falha: 0x01d4aa118de6397a
Caminho do aplicativo com falha: C:\WINDOWS\system32\svchost.exe
Caminho do módulo com falha: C:\Windows\System32\NotificationController.dll
ID do Relatório: 2768bc7f-1fa6-4928-98c1-6bbc52eb219b
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:

Error: (01/11/2019 10:04:46 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/11/2019 03:07:12 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/11/2019 02:59:52 AM) (Source: COM) (EventID: 10031) (User: )
Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {41FD88F7-F295-4D39-91AC-A85F3149A05B} foi rejeitada

Error: (01/11/2019 02:59:51 AM) (Source: COM) (EventID: 10031) (User: )
Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {95CABCC9-BC57-4C12-B8DF-BA193232AA01} foi rejeitada

Error: (01/10/2019 06:06:59 AM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostw (7012,G,0) Uma tentativa de abrir o arquivo "C:\Users\jardi\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" para acesso somente leitura falhou com o erro de sistema 32 (0x00000020): "O arquivo já está sendo usado por outro processo. ". A operação para abrir o arquivo falhará com o erro -1032 (0xfffffbf8).


Erros de Sistema:
=============
Error: (01/13/2019 10:25:27 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KQ0RVII)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 e APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 ao usuário DESKTOP-KQ0RVII\jardi SID (S-1-5-21-2749049465-2368541470-1807606075-1009) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (01/13/2019 10:07:58 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KQ0RVII)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 e APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 ao usuário DESKTOP-KQ0RVII\jardi SID (S-1-5-21-2749049465-2368541470-1807606075-1009) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (01/13/2019 09:41:46 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KQ0RVII)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 e APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 ao usuário DESKTOP-KQ0RVII\jardi SID (S-1-5-21-2749049465-2368541470-1807606075-1009) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (01/13/2019 09:33:05 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 e APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (01/13/2019 09:32:06 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KQ0RVII)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 e APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 ao usuário DESKTOP-KQ0RVII\jardi SID (S-1-5-21-2749049465-2368541470-1807606075-1009) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (01/13/2019 09:28:35 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 e APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (01/13/2019 09:27:58 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KQ0RVII)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 e APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 ao usuário DESKTOP-KQ0RVII\jardi SID (S-1-5-21-2749049465-2368541470-1807606075-1009) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (01/13/2019 09:25:32 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 e APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.


CodeIntegrity:
===================================

Date: 2019-01-01 00:58:02.277
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2019-01-01 00:58:01.985
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2018-12-27 17:58:52.350
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfemms.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-12-27 17:58:52.342
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfemms.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-12-27 17:58:52.333
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfemms.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-12-27 17:58:52.324
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfemms.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-12-27 17:58:52.288
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfemms.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-12-27 17:58:52.255
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfemms.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfehida.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Informações da Memória =========================== 

Processador: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentagem de memória em uso: 59%
RAM física total: 3982.24 MB
RAM física disponível: 1611.24 MB
Virtual Total: 7982.24 MB
Virtual disponível: 5624.84 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:930.58 GB) (Free:881.28 GB) NTFS

\\?\Volume{8c9257e6-952d-43fa-a828-1b994284418c}\ () (Fixed) (Total:0.82 GB) (Free:0.34 GB) NTFS
\\?\Volume{b185238a-2250-46f0-bbb4-d7eb64597e19}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6B57E22C)

Partition: GPT.

==================== Fim de Addition.txt ============================

Compartilhar este post


Link para o post
Compartilhar em outros sites

@André Desessards Jardim

 

Siga os passos abaixo:

ETAPA 1

Baixe o Malwarebytes Anti-Malware (MBAM) do link abaixo e salve no seu desktop.
https://downloads.malwarebytes.org/file/mbam_current/
 
Clique duas vezes no mbam-setup.exe e siga o solicitado para instalar o programa.

  • Na aba Análise > Analise Personalizada marque a opção Procurar rootkits e as entradas referente a instalação do sistema operacional. Normalmente é o drive C:;
  • Clique em Analisar Agora. Aguarde, pois o scan pode demorar;
  • Ao acabar o scan, se houver itens encontrados, certifique-se que estejam todas marcados e clique no botão Remover Selecionadas ou Colocar em Quarentena;
  • Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo);
  • Caso o mbam não seja executado automaticamente após a reinicialização, execute manualmente;
  • O log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Relatórios na janela principal do programa;
  • Clique duas vezes no log (Registro de verificação). Clique no botão Exportar e utilize o formato .txt para exportar o log. Salve na Área de Trabalho.


ATENÇÃO: Abra o arquivo, selecione tudo, copie e cole o conteúdo deste log em sua próxima resposta.

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

ETAPA 2

Faça o download do AdwCleaner de um dos links abaixo e salve no desktop.
https://toolslib.net/downloads/viewdownload/1-adwcleaner/
http://www.bleepingcomputer.com/download/adwcleaner/

Clique em DOWNLOAD NOW para baixar o arquivo.

Execute o adwcleaner.exe

OBS: Usuários do Windows Vista, 7, 8/8.1 e windows 10 clique com o direito sobre o arquivo AdwCleaner.exe, depois clique em VRIfczU.png

Clique em VERIFICAR. Após o termino clique em LIMPAR e aguarde.

Será aberto o bloco de notas com o resultado.

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.
 

ETAPA 3


Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.


Faça o download do ZHPCleaner no link abaixo e salve em sua Área de trabalho (Desktop)

https://www.nicolascoolman.com/download/zhpcleaner/


Execute o arquivo ZHPCleaner.exe Como Administrador

  • Clique no botão Scanner.
  • A ferramenta começara o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Em seguida clique no botão Reparar.
  • Será gerado um log chamado ZHPCleaner.txt
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Malwarebytes
www.malwarebytes.com

-Detalhes de registro-
Data da análise: 14/01/2019
Hora da análise: 16:30
Arquivo de registro: 7e0f023e-182a-11e9-a012-80ee73d4135c.json

-Informação do software-
Versão: 3.6.1.2711
Versão de componentes: 1.0.508
Versão do pacote de definições: 1.0.8776
Licença: Gratuita

-Informação do sistema-
Sistema operacional: Windows 10 (Build 17134.523)
CPU: x64
Sistema de arquivos: NTFS
Usuário: DESKTOP-KQ0RVII\jardi

-Resumo da análise-
Tipo de análise: Análise Customizada
Análise Iniciada Por: Manual
Resultado: Concluído
Objetos verificados: 336630
Ameaças detectadas: 17
Ameaças em quarentena: 17
Tempo decorrido: 2 hr, 30 min, 52 seg

-Opções da análise-
Memória: Habilitado
Inicialização: Habilitado
Sistema de arquivos: Habilitado
Arquivos compactados: Habilitado
Rootkits: Habilitado
Heurística: Habilitado
PUP: Detectar
PUM: Detectar

-Detalhes da análise-
Processo: 0
(Nenhum item malicioso detectado)

Módulo: 0
(Nenhum item malicioso detectado)

Chave de registro: 15
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\TYPELIB\{B0407D14-269B-4E52-893C-440DA17813C3}, Quarentena, [529], [621110],1.0.8776
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{21A9C99D-CCD8-42BD-AFC9-B074ABCA319F}, Quarentena, [529], [621110],1.0.8776
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{40BD26C6-3139-47F3-84E6-E33B002ED5DE}, Quarentena, [529], [621110],1.0.8776
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{70AF754A-8580-4C00-B2BA-857037BE831F}, Quarentena, [529], [621110],1.0.8776
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{963D710B-65FA-4C8F-A0F8-D1D6D7E39037}, Quarentena, [529], [621110],1.0.8776
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{21A9C99D-CCD8-42BD-AFC9-B074ABCA319F}, Quarentena, [529], [621110],1.0.8776
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{40BD26C6-3139-47F3-84E6-E33B002ED5DE}, Quarentena, [529], [621110],1.0.8776
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{70AF754A-8580-4C00-B2BA-857037BE831F}, Quarentena, [529], [621110],1.0.8776
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{963D710B-65FA-4C8F-A0F8-D1D6D7E39037}, Quarentena, [529], [621110],1.0.8776
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{21A9C99D-CCD8-42BD-AFC9-B074ABCA319F}, Quarentena, [529], [621110],1.0.8776
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{40BD26C6-3139-47F3-84E6-E33B002ED5DE}, Quarentena, [529], [621110],1.0.8776
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{70AF754A-8580-4C00-B2BA-857037BE831F}, Quarentena, [529], [621110],1.0.8776
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{963D710B-65FA-4C8F-A0F8-D1D6D7E39037}, Quarentena, [529], [621110],1.0.8776
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{B0407D14-269B-4E52-893C-440DA17813C3}, Quarentena, [529], [621110],1.0.8776
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{B0407D14-269B-4E52-893C-440DA17813C3}, Quarentena, [529], [621110],1.0.8776

Valor de registro: 0
(Nenhum item malicioso detectado)

Dados de registro: 0
(Nenhum item malicioso detectado)

Fluxo de dados: 0
(Nenhum item malicioso detectado)

Pasta: 0
(Nenhum item malicioso detectado)

Arquivo: 2
PUP.Optional.InstallCore.Generic, C:\PROGRAM FILES (X86)\DSNET CORP\ATUBE CATCHER 2.0\EWORKER.EXE, Quarentena, [529], [621110],1.0.8776
PUP.Optional.InstallCore.Generic, C:\PROGRAM FILES (X86)\DSNET CORP\ATUBE CATCHER 2.0\YCT.EXE, Quarentena, [529], [621110],1.0.8776

Setor físico: 0
(Nenhum item malicioso detectado)

Instrumentação do Windows (WMI): 0
(Nenhum item malicioso detectado)


(end)

 

 

 

 

 

# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build:    12-18-2018
# Database: 2019-01-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    01-14-2019
# Duration: 00:00:06
# OS:       Windows 10 Home Single Language
# Cleaned:  0
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1266 octets] - [14/01/2019 19:16:43]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
 

 

 

 

 

 

~ ZHPCleaner v2019.1.11.7 by Nicolas Coolman (2019/01/11)

~ Run by jardi (Administrator) (14/01/2019 19:37:09)

~ Web: https://www.nicolascoolman.com

~ Blog: https://nicolascoolman.eu/

~ Facebook : https://www.facebook.com/nicolascoolman1

~ State version : Version OK

~ Certificate ZHPCleaner: Legal

~ Type : Repair

~ Report : C:\Users\jardi\Desktop\ZHPCleaner.txt

~ Quarantine : C:\Users\jardi\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt

~ UAC : Activate

~ Boot Mode : Normal (Normal boot)

Windows 10 Home Single Language, 64-bit (Build 17134)

 

---\ Alternate Data Stream (ADS). (0)

~ No malicious or unnecessary items found. (ADS)

 

---\ Services (0)

~ No malicious or unnecessary items found. (Service)

 

---\ Browser internet (0)

~ No malicious or unnecessary items found. (Browser)

 

---\ Hosts file (1)

~ The hosts file is legitimate (21)

 

---\ Scheduled automatic tasks. (0)

~ No malicious or unnecessary items found. (Task)

 

---\ Explorer ( File, Folder) (10)

MOVED file: C:\Windows\Installer\wix{7D84E343-A23D-451C-B123-0195B2D903A6}.SchedServiceConfig.rmi =>.SUP.Empty

MOVED file: C:\Windows\Installer\wix{9CBA860F-7437-4A75-941C-8EF559F2D145}.SchedServiceConfig.rmi =>.SUP.Empty

MOVED folder: C:\Users\jardi\AppData\Local\Google\Chrome\User Data\Default\File System\000 =>.SUP.Temporary.Chrome

MOVED folder: C:\Users\jardi\AppData\Local\Google\Chrome\User Data\Default\File System\001 =>.SUP.Temporary.Chrome

MOVED folder: C:\Users\jardi\AppData\Local\OneDrive =>PUP.Optional.Y2Go MOVED folder: C:\WINDOWS\Installer\MSI1ABE.tmp- =>.SUP.Empty

MOVED folder: C:\WINDOWS\Installer\MSI1BAA.tmp- =>.SUP.Empty

MOVED folder: C:\WINDOWS\Installer\MSI41A3.tmp- =>.SUP.Empty

MOVED folder: C:\WINDOWS\Installer\MSI45CC.tmp- =>.SUP.Empty

MOVED folder: C:\WINDOWS\Installer\MSICAC.tmp- =>.SUP.Empty

 

---\ Registry ( Key, Value, Data) (0)

~ No malicious or unnecessary items found. (Register)

 

---\ Summary of the elements found (3)

https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Empty

https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Chrome

https://nicolascoolman.eu/2017/04/08/pup-optional-y2go/ =>PUP.Optional.Y2Go

 

---\ Other deletions. (5)

~ Registry Keys Tracing deleted (5)

~ Remove the old reports ZHPCleaner. (0)

 

---\ Result of repair

~ Repair carried out successfully

~ Browser not found (Mozilla Firefox)

~ Browser not found (Opera Software)

 

---\ Statistics ~ Items scanned : 422

~ Items found : 0

~ Items cancelled : 0

~ Items options : 12/12

~ Space saving (bytes) : 1806

~ End of clean in 00h00mn08s

 

---\ Reports (2)

ZHPCleaner--14012019-19_35_02.txt

ZHPCleaner-[R]-14012019-19_37_17.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

@André Desessards Jardim

 

Faça o download do RogueKiller by Tigzy, e salve na sua área de trabalho (Desktop).
roguekiller.exe (x64) << link

  • Feche todos os programas
  • Execute o RogueKiller.exe.
    ** Usuários do Windows Vista, Windows 7, 8, 8.1 e Windows 10:
    Clique com o direito sobre o arquivo rogueKiller.exe, depois clique em VRIfczU.png.
  • Clique em SCAN
  • Clique no primeiro START "Standard Scan (recommended)" e aguarde o scan...
  • Clique no botão RESULTS
  • Clique na opção REPORT e em EXPORT e selecione a opção Text file...
  • Salve o arquivo na area de trabalho com o nome roguekiller_report


Atente para abrir o arquivo, copiar e colar todo o conteúdo na sua próxima resposta

Compartilhar este post


Link para o post
Compartilhar em outros sites

RogueKiller Anti-Malware V13.0.22.0 (x64) [Jan 14 2019] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.17134) 64 bits
Started in : Normal mode
User : jardi [Administrator]
Started from : C:\Users\jardi\Desktop\RogueKiller_portable64.exe
Mode : Standard Scan, Scan -- Date : 2019/01/15 11:05:02 (Duration : 00:16:59)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@André Desessards Jardim

 

  1. Clique no menu Iniciar, e após isso clique com o botão direito do mouse sob Este computador e selecione a opção Propriedades. .

  2. Em Propriedades, selecione a opção Configurações avançadas do sistema.

  3. Vá na aba Proteção do Sistema, e em Restauração do Sistema, vá na opção Criar.

    fce2f587-5556-456b-93d4-00966ae7f59d

  4. Depois basta seguir as instruções em tela, para criar seu ponto de restauração.

    OBS: Lembre-se de colocar um nome de fácil entendimento para uma posterior restauração a partir deste ponto.

Pressione as teclas Windows tecla-windows.gif + R e digite: msconfig
 
- Clique na guia Serviços, marque a opção Ocultar todos os serviços Microsoft e depois clique em Desativar tudo
- Clique na guia Inicialização de Programas e clique em Abrir Gerenciador de Tarefas
- Clique com o botão direito em cada entrada da inicialização e clique em Desabilitar/Desativar.

Volte para a tela de Configurações do Sistema e clique em Aplicar e depois em OK.
 
Siga as mensagens ate que seja solicitado a reiniciar.

Após isso me informe se os problemas em relação a malwares ainda persistem.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá,

fiz tudo o que foi pedido.

Aparentemente não há mais problemas com malwares.

Muito obrigado pela atenção e por toda ajuda!!!!

 

Só um pequeno adendo: o McAffe continua inicializando com o Windows. E não há jeito de eu conseguir desinstalá-lo (não aparece nem no Revo Unistaller). Normalmente eu uso somente o Avast. Tirando qualquer outro. Mas dessa vez não consigo me livrar do McAffe. Como eu faço para retirar ele do computador? Ou recomenda deixar os dois (isso não influencia na velocidade da máquina?)?

Compartilhar este post


Link para o post
Compartilhar em outros sites

@André Desessards Jardim

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

Faça download do arquivo fixlist em anexo e salve este arquivo na na sua área de trabalho.
 

OBS: É de extrema importância que o arquivo "fixlist" seja salvo na sua Área de Trabalho/Desktop. Verifique também se o FRST.exe encontra-se na Área de Trabalho/Desktop.

** Usuários do Windows Vista, Windows 7, 8/8.1 e windows 10:
Clique com o direito sobre o arquivo FRST.EXE, depois clique em VRIfczU.png.

Clique no botão 0h0YlDEzRbKP9R7xLrUlzA.png

Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.

Abra o arquivo Fixlog.txt, copie e cole seu conteudo na sua proxima resposta.

fixlist.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 16.01.2019 01
Executado por jardi (18-01-2019 16:16:33) Run:1
Executando a partir de C:\Users\jardi\Desktop
Perfis Carregados: jardi (Perfis Disponíveis: jardi)
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
CloseProcesses:
reg: reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run"
reg: reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
reg: reg query "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig /s"
reg: reg query "HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run /s
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, Inc.) C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe
(McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_18_9\mcapexe.exe
(McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\mhn\AlertHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
C:\Program Files\Common Files\McAfee\
C:\Program Files\mcafee\
C:\Windows\System32\mfevtps.exe
ShellServiceObjects: Sem Nome -> {59EFE487-E5B8-4fae-9D2C-FCDF0B70CE70} => 
ShellServiceObjects-x32: Sem Nome -> {59EFE487-E5B8-4fae-9D2C-FCDF0B70CE70} =>
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\mcsniepl64.dll [2018-11-27] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files (x86)\mcafee\msc\mcsniepl.dll [2018-11-27] (McAfee, Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2018-12-27] [Legacy] [não assinado]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\program files\mcafee\msc\npmcsnffpl64.dll [2018-11-27] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\program files (x86)\mcafee\msc\npmcsnffpl.dll [2018-11-27] ()
CHR Extension: (McAfee® WebAdvisor) - C:\Users\jardi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-12-25]
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_18_9\McApExe.exe [744312 2018-11-13] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [419096 2016-04-01] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\\McCSPServiceHost.exe [2159464 2018-06-29] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [366960 2018-08-27] (McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [590712 2018-08-27] (McAfee, LLC)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [499576 2018-08-27] (McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1705968 2018-11-15] (McAfee, Inc.)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1333064 2018-10-26] (McAfee, Inc.)
C:\Program Files\Common Files\McAfee\VSCore_18_9\McApExe.exe
C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe
C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\\McCSPServiceHost.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77120 2018-10-04] (McAfee, LLC)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\System32\drivers\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [235784 2018-10-03] (McAfee, Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [508736 2018-10-04] (McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [371520 2018-10-04] (McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85632 2018-10-04] (McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [515392 2018-10-04] (McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [975168 2018-10-04] (McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [560944 2018-10-02] (McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108840 2018-10-02] (McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [117568 2018-10-04] (McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [253760 2018-10-04] (McAfee, LLC)
C:\WINDOWS\System32\drivers\cfwids.sys
C:\WINDOWS\System32\drivers\ssudbus.sys
C:\WINDOWS\System32\drivers\Dot4.sys
C:\WINDOWS\System32\drivers\HipShieldK.sys
C:\WINDOWS\system32\DRIVERS\ibtusb.sys
C:\WINDOWS\System32\drivers\mfeaack.sys
C:\WINDOWS\System32\drivers\mfeavfk.sys
C:\WINDOWS\System32\drivers\mfeelamk.sys
C:\WINDOWS\System32\drivers\mfefirek.sys
C:\WINDOWS\System32\drivers\mfehidk.sys
C:\WINDOWS\System32\DRIVERS\mfencbdc.sys
C:\WINDOWS\System32\DRIVERS\mfencrk.sys
C:\WINDOWS\System32\drivers\mfeplk.sys
C:\WINDOWS\System32\drivers\mfewfpk.sys
C:\WINDOWS\System32\Tasks\McAfee DAT Built in test
C:\WINDOWS\System32\Tasks\McAfeeLogon
C:\WINDOWS\System32\Tasks\McAfee
C:\Users\Todos os Usuários\McAfee
C:\Program Files\mcafee
C:\Program Files\Common Files\McAfee
C:\Program Files (x86)\McAfee
C:\Program Files\mcafee.com
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" foi desbloqueado. <==== ATENÇÃO
Task: {0DB4070A-CA4B-49ED-9BF4-24B1FCFF36C0} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {3FA62E50-FBFD-4D6C-ACF6-B902414E6675} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {8D5D88F0-645C-448B-B76F-02127DAC0F96} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [2018-10-30] (McAfee, Inc.)
Task: {B692A67D-0FE6-4709-9D83-895840293200} - System32\Tasks\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.6.319\mcdatrep.exe [2018-12-25] (McAfee, LLC.)
Task: {B994D5C4-DC45-49B7-B77F-139A719E6AB1} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2018-11-13] (McAfee, Inc.)
C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\McCSPMsgBusDLL.dll
FirewallRules: [{A5E64A8E-0DA7-46A1-9A1B-AD1C7408EB81}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
FirewallRules: [{A25C0676-0282-4177-9BF9-2CF5F3C88033}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, Inc.)
FirewallRules: [{5DB74544-55C4-46F1-AE47-F8C5FB78633A}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, Inc.)
RemoveProxy:
EmptyTemp:
CreateRestorePoint:
*****************

Ponto de Restauração criado com sucesso.
Processos fechados com sucesso.

========= reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" =========


HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
    CCleaner Smart Cleaning    REG_SZ    "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

========= Fim de Reg: =========


========= reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" =========


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    SecurityHealth    REG_SZ    %PROGRAMFILES%\WINDOWS DEFENDER\MSASCUIL.EXE
    RTHDVCPL    REG_SZ    "C:\PROGRAM FILES\REALTEK\AUDIO\HDA\RAVCPL64.EXE" -S
    AvastUI.exe    REG_SZ    "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
    SynTPEnh    REG_EXPAND_SZ    %PROGRAMFILES%\SYNAPTICS\SYNTP\SYNTPENH.EXE

========= Fim de Reg: =========


========= reg query "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig /s" =========

ERRO: O sistema nÆo p“de localizar a chave do Registro ou valor especificado.


========= Fim de Reg: =========


========= reg query "HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run /s =========

========= Fim de Reg: =========

C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe => Não foi possível fechar o processo
"C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe" => Não foi possível fechar o processo
C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe => Não foi possível fechar o processo
C:\Windows\System32\mfevtps.exe => Não foi possível fechar o processo
C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe => Não foi possível fechar o processo
C:\Windows\System32\mfevtps.exe => Não foi possível fechar o processo
C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe => Não foi possível fechar o processo
C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe => Não foi possível fechar o processo
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe => Não foi possível fechar o processo
C:\Program Files\Common Files\McAfee\VSCore_18_9\mcapexe.exe => Não foi possível fechar o processo
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe => Não foi possível fechar o processo
C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\McCSPServiceHost.exe => Não foi encontrado em execução o processo
C:\Program Files\Common Files\McAfee\platform\McUICnt.exe => Não foi possível fechar o processo
C:\Program Files\Common Files\McAfee\mhn\AlertHost.exe => Não foi encontrado em execução o processo
C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe => Não foi possível fechar o processo

"C:\Program Files\Common Files\McAfee" pasta mover:

Não pode ser movido "C:\Program Files\Common Files\McAfee" => Agendado para ser movido na reinicialização.


"C:\Program Files\mcafee" pasta mover:

Não pode ser movido "C:\Program Files\mcafee" => Agendado para ser movido na reinicialização.

Não pode ser movido "C:\Windows\System32\mfevtps.exe" => Agendado para ser movido na reinicialização.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{59EFE487-E5B8-4fae-9D2C-FCDF0B70CE70}" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{59EFE487-E5B8-4fae-9D2C-FCDF0B70CE70} => não encontrado (a)
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{59EFE487-E5B8-4fae-9D2C-FCDF0B70CE70}" => removido (a) com sucesso.
HKLM\Software\WOW6432Node\Classes\CLSID\{59EFE487-E5B8-4fae-9D2C-FCDF0B70CE70} => não encontrado (a)
HKLM\Software\Classes\PROTOCOLS\Filter\application/x-mfe-ipt => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{3EF5086B-5478-4598-A054-786C45D75692} => removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\PROTOCOLS\Filter\application/x-mfe-ipt => não encontrado (a)
HKLM\Software\Wow6432Node\Classes\CLSID\{3EF5086B-5478-4598-A054-786C45D75692} => removido (a) com sucesso.
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com" => removido (a) com sucesso.

"C:\Program Files\McAfee\MSK" pasta mover:

Não pode ser movido "C:\Program Files\McAfee\MSK" => Agendado para ser movido na reinicialização.

HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10 => removido (a) com sucesso.
Não pode ser movido "c:\program files\mcafee\msc\npmcsnffpl64.dll" => Agendado para ser movido na reinicialização.
HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10 => removido (a) com sucesso.
Não pode ser movido "c:\program files (x86)\mcafee\msc\npmcsnffpl.dll" => Agendado para ser movido na reinicialização.
CHR Extension: (McAfee® WebAdvisor) - C:\Users\jardi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-12-25] => Erro: Nenhuma correção automática foi encontrada para esta entrada.
McAPExe => Não foi possível finalizar o serviço.
HKLM\System\CurrentControlSet\Services\McAPExe => Não pode ser removido, chave pode estar protegida
HKLM\System\CurrentControlSet\Services\McAWFwk => Não pode ser removido, chave pode estar protegida
HKLM\System\CurrentControlSet\Services\mccspsvc => Não pode ser removido, chave pode estar protegida
HKLM\System\CurrentControlSet\Services\mfefire => Não pode ser removido, chave pode estar protegida
mfemms => Não foi possível finalizar o serviço.
HKLM\System\CurrentControlSet\Services\mfemms => Não pode ser removido, chave pode estar protegida
mfevtp => Não foi possível finalizar o serviço.
HKLM\System\CurrentControlSet\Services\mfevtp => Não pode ser removido, chave pode estar protegida
ModuleCoreService => Não foi possível finalizar o serviço.
HKLM\System\CurrentControlSet\Services\ModuleCoreService => Não pode ser removido, chave pode estar protegida
PEFService => Não foi possível finalizar o serviço.
HKLM\System\CurrentControlSet\Services\PEFService => Não pode ser removido, chave pode estar protegida
Não pode ser movido "C:\Program Files\Common Files\McAfee\VSCore_18_9\McApExe.exe" => Agendado para ser movido na reinicialização.
Não pode ser movido "C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe" => Agendado para ser movido na reinicialização.
Não pode ser movido "C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\\McCSPServiceHost.exe" => Agendado para ser movido na reinicialização.
Não pode ser movido "C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe" => Agendado para ser movido na reinicialização.
Não pode ser movido "C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe" => Agendado para ser movido na reinicialização.
Não pode ser movido "C:\Windows\system32\mfevtps.exe" => Agendado para ser movido na reinicialização.
Não pode ser movido "C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe" => Agendado para ser movido na reinicialização.
Não pode ser movido "C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe" => Agendado para ser movido na reinicialização.
cfwids => Não foi possível finalizar o serviço.
HKLM\System\CurrentControlSet\Services\cfwids => Não pode ser removido, chave pode estar protegida
HKLM\System\CurrentControlSet\Services\dg_ssudbus => removido (a) com sucesso.
dg_ssudbus => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\dot4 => removido (a) com sucesso.
dot4 => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\HipShieldK => Não pode ser removido, chave pode estar protegida
ibtusb => Não foi possível finalizar o serviço.
HKLM\System\CurrentControlSet\Services\ibtusb => removido (a) com sucesso.
ibtusb => serviço removido (a) com sucesso.
mfeaack => Não foi possível finalizar o serviço.
HKLM\System\CurrentControlSet\Services\mfeaack => Não pode ser removido, chave pode estar protegida
mfeavfk => Não foi possível finalizar o serviço.
HKLM\System\CurrentControlSet\Services\mfeavfk => Não pode ser removido, chave pode estar protegida
HKLM\System\CurrentControlSet\Services\mfeelamk => Não pode ser removido, chave pode estar protegida
mfefirek => Não foi possível finalizar o serviço.
HKLM\System\CurrentControlSet\Services\mfefirek => Não pode ser removido, chave pode estar protegida
mfehidk => Não foi possível finalizar o serviço.
HKLM\System\CurrentControlSet\Services\mfehidk => Não pode ser removido, chave pode estar protegida
mfencbdc => Não foi possível finalizar o serviço.
HKLM\System\CurrentControlSet\Services\mfencbdc => Não pode ser removido, chave pode estar protegida
HKLM\System\CurrentControlSet\Services\mfencrk => Não pode ser removido, chave pode estar protegida
mfeplk => Não foi possível finalizar o serviço.
HKLM\System\CurrentControlSet\Services\mfeplk => Não pode ser removido, chave pode estar protegida
mfewfpk => Não foi possível finalizar o serviço.
HKLM\System\CurrentControlSet\Services\mfewfpk => Não pode ser removido, chave pode estar protegida
Não pode ser movido "C:\WINDOWS\System32\drivers\cfwids.sys" => Agendado para ser movido na reinicialização.
C:\WINDOWS\System32\drivers\ssudbus.sys => movido com sucesso
C:\WINDOWS\System32\drivers\Dot4.sys => movido com sucesso
Não pode ser movido "C:\WINDOWS\System32\drivers\HipShieldK.sys" => Agendado para ser movido na reinicialização.
C:\WINDOWS\system32\DRIVERS\ibtusb.sys => movido com sucesso
Não pode ser movido "C:\WINDOWS\System32\drivers\mfeaack.sys" => Agendado para ser movido na reinicialização.
Não pode ser movido "C:\WINDOWS\System32\drivers\mfeavfk.sys" => Agendado para ser movido na reinicialização.
Não pode ser movido "C:\WINDOWS\System32\drivers\mfeelamk.sys" => Agendado para ser movido na reinicialização.
Não pode ser movido "C:\WINDOWS\System32\drivers\mfefirek.sys" => Agendado para ser movido na reinicialização.
Não pode ser movido "C:\WINDOWS\System32\drivers\mfehidk.sys" => Agendado para ser movido na reinicialização.
Não pode ser movido "C:\WINDOWS\System32\DRIVERS\mfencbdc.sys" => Agendado para ser movido na reinicialização.
Não pode ser movido "C:\WINDOWS\System32\DRIVERS\mfencrk.sys" => Agendado para ser movido na reinicialização.
Não pode ser movido "C:\WINDOWS\System32\drivers\mfeplk.sys" => Agendado para ser movido na reinicialização.
Não pode ser movido "C:\WINDOWS\System32\drivers\mfewfpk.sys" => Agendado para ser movido na reinicialização.
C:\WINDOWS\System32\Tasks\McAfee DAT Built in test => movido com sucesso
C:\WINDOWS\System32\Tasks\McAfeeLogon => movido com sucesso
C:\WINDOWS\System32\Tasks\McAfee => movido com sucesso

"C:\Users\Todos os Usuários\McAfee" pasta mover:

Não pode ser movido "C:\Users\Todos os Usuários\McAfee" => Agendado para ser movido na reinicialização.


"C:\Program Files\mcafee" pasta mover:

Não pode ser movido "C:\Program Files\mcafee" => Agendado para ser movido na reinicialização.


"C:\Program Files\Common Files\McAfee" pasta mover:

Não pode ser movido "C:\Program Files\Common Files\McAfee" => Agendado para ser movido na reinicialização.


"C:\Program Files (x86)\McAfee" pasta mover:

Não pode ser movido "C:\Program Files (x86)\McAfee" => Agendado para ser movido na reinicialização.


"C:\Program Files\mcafee.com" pasta mover:

Não pode ser movido "C:\Program Files\mcafee.com" => Agendado para ser movido na reinicialização.

"AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}" => removido (a) com sucesso.
"AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}" => removido (a) com sucesso.
"FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}" => removido (a) com sucesso.
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" foi desbloqueado. <==== ATENÇÃO" => não encontrado (a)
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0DB4070A-CA4B-49ED-9BF4-24B1FCFF36C0}" => não encontrado (a)
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0DB4070A-CA4B-49ED-9BF4-24B1FCFF36C0}" => não encontrado (a)
"C:\WINDOWS\System32\Tasks\McAfee\McAfee Idle Detection Task" => não encontrado (a)
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\TreeTask: {0DB4070A-CA4B-49ED-9BF4-24B1FCFF36C0} - System32\Tasks\McAfee\McAfee Idle Detection Task" => não encontrado (a)
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3FA62E50-FBFD-4D6C-ACF6-B902414E6675}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3FA62E50-FBFD-4D6C-ACF6-B902414E6675}" => removido (a) com sucesso.
"C:\WINDOWS\System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent" => não encontrado (a)
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee\McAfee Auto Maintenance Task Agent" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D5D88F0-645C-448B-B76F-02127DAC0F96}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D5D88F0-645C-448B-B76F-02127DAC0F96}" => removido (a) com sucesso.
"C:\WINDOWS\System32\Tasks\McAfee\DAD.Execute.Updates" => não encontrado (a)
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee\DAD.Execute.Updates" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B692A67D-0FE6-4709-9D83-895840293200}" => não encontrado (a)
"C:\WINDOWS\System32\Tasks\McAfee DAT Built in test" => não encontrado (a)
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee DAT Built in test" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B994D5C4-DC45-49B7-B77F-139A719E6AB1}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B994D5C4-DC45-49B7-B77F-139A719E6AB1}" => removido (a) com sucesso.
"C:\WINDOWS\System32\Tasks\McAfeeLogon" => não encontrado (a)
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfeeLogon" => removido (a) com sucesso.
Não pode ser movido "C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\McCSPMsgBusDLL.dll" => Agendado para ser movido na reinicialização.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A5E64A8E-0DA7-46A1-9A1B-AD1C7408EB81}" => removido (a) com sucesso.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A25C0676-0282-4177-9BF9-2CF5F3C88033}" => removido (a) com sucesso.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5DB74544-55C4-46F1-AE47-F8C5FB78633A}" => removido (a) com sucesso.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.
"HKU\S-1-5-21-2749049465-2368541470-1807606075-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\S-1-5-21-2749049465-2368541470-1807606075-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.


========= Fim de RemoveProxy: =========

Ponto de Restauração criado com sucesso.

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 37303715 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 552654 B
Edge => 16896 B
Chrome => 27926632 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 155793 B
systemprofile32 => 0 B
LocalService => 908 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
jardi => 23391676 B

RecycleBin => 0 B
EmptyTemp: => 92.7 MB de dados temporários Removidos.

================================

Resultado dos arquivos que foram agendados para serem movidos (Modo de Inicialização: Normal) (Data&Hora: 18-01-2019 16:44:14)

C:\Program Files\Common Files\McAfee => Não pode ser movido
C:\Program Files\mcafee => Não pode ser movido
C:\Windows\System32\mfevtps.exe => Não pode ser movido
C:\Program Files\McAfee\MSK => Não pode ser movido
c:\program files\mcafee\msc\npmcsnffpl64.dll => Não pode ser movido
c:\program files (x86)\mcafee\msc\npmcsnffpl.dll => Não pode ser movido
C:\Program Files\Common Files\McAfee\VSCore_18_9\McApExe.exe => Não pode ser movido
C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe => Não pode ser movido
C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\\McCSPServiceHost.exe => Não pode ser movido
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe => Não pode ser movido
C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe => Não pode ser movido
C:\Windows\system32\mfevtps.exe => Não pode ser movido
C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe => Não pode ser movido
C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe => Não pode ser movido
C:\WINDOWS\System32\drivers\cfwids.sys => Não pode ser movido
C:\WINDOWS\System32\drivers\HipShieldK.sys => Não pode ser movido
C:\WINDOWS\System32\drivers\mfeaack.sys => Não pode ser movido
C:\WINDOWS\System32\drivers\mfeavfk.sys => Não pode ser movido
C:\WINDOWS\System32\drivers\mfeelamk.sys => Não pode ser movido
C:\WINDOWS\System32\drivers\mfefirek.sys => Não pode ser movido
C:\WINDOWS\System32\drivers\mfehidk.sys => Não pode ser movido
C:\WINDOWS\System32\DRIVERS\mfencbdc.sys => Não pode ser movido
C:\WINDOWS\System32\DRIVERS\mfencrk.sys => Não pode ser movido
C:\WINDOWS\System32\drivers\mfeplk.sys => Não pode ser movido
C:\WINDOWS\System32\drivers\mfewfpk.sys => Não pode ser movido
C:\Users\Todos os Usuários\McAfee => Não pode ser movido
C:\Program Files\mcafee => Não pode ser movido
C:\Program Files\Common Files\McAfee => Não pode ser movido
C:\Program Files (x86)\McAfee => Não pode ser movido
C:\Program Files\mcafee.com => Não pode ser movido
C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\McCSPMsgBusDLL.dll => Não pode ser movido

Resultado dos registros marcados para excluir será exibido após a reinicialização:

HKLM\System\CurrentControlSet\Services\McAPExe => Não pode ser removido, chave pode estar protegida
HKLM\System\CurrentControlSet\Services\McAWFwk => Não pode ser removido, chave pode estar protegida
HKLM\System\CurrentControlSet\Services\mccspsvc => Não pode ser removido, chave pode estar protegida
HKLM\System\CurrentControlSet\Services\mfefire => Não pode ser removido, chave pode estar protegida
HKLM\System\CurrentControlSet\Services\mfemms => Não pode ser removido, chave pode estar protegida
HKLM\System\CurrentControlSet\Services\mfevtp => Não pode ser removido, chave pode estar protegida
HKLM\System\CurrentControlSet\Services\ModuleCoreService => Não pode ser removido, chave pode estar protegida
HKLM\System\CurrentControlSet\Services\PEFService => Não pode ser removido, chave pode estar protegida
HKLM\System\CurrentControlSet\Services\cfwids => Não pode ser removido, chave pode estar protegida
HKLM\System\CurrentControlSet\Services\HipShieldK => Não pode ser removido, chave pode estar protegida
HKLM\System\CurrentControlSet\Services\mfeaack => Não pode ser removido, chave pode estar protegida
HKLM\System\CurrentControlSet\Services\mfeavfk => Não pode ser removido, chave pode estar protegida
HKLM\System\CurrentControlSet\Services\mfeelamk => Não pode ser removido, chave pode estar protegida
HKLM\System\CurrentControlSet\Services\mfefirek => Não pode ser removido, chave pode estar protegida
HKLM\System\CurrentControlSet\Services\mfehidk => Não pode ser removido, chave pode estar protegida
HKLM\System\CurrentControlSet\Services\mfencbdc => Não pode ser removido, chave pode estar protegida
HKLM\System\CurrentControlSet\Services\mfencrk => Não pode ser removido, chave pode estar protegida
HKLM\System\CurrentControlSet\Services\mfeplk => Não pode ser removido, chave pode estar protegida
HKLM\System\CurrentControlSet\Services\mfewfpk => Não pode ser removido, chave pode estar protegida

==== Fim de Fixlog 16:45:30 ====

Compartilhar este post


Link para o post
Compartilhar em outros sites

@André Desessards Jardim

 

Muito estranho o FRST não conseguir remover.

 

Experimente fazer download da ferramenta propria da McAfee para remoção dos seus produtos.

http://us.mcafee.com/apps/supporttools/mcpr/mcpr.asp

 

Poste os resultados.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Acho que agora sim ele foi desinstalado.

Não aparece mais na Barra de Tarefas ou no Menu Iniciar.

E não consta nenhum processo dele no Gerenciador de Tarefas.

 

Mais uma vez muito obrigado por toda ajuda e atenção!!

E desculpe pelo incômodo.

Abraço.

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@André Desessards Jardim

 

Em relação a malwares, não temos mais problemas.

Ultimas instruções.

Baixe o Delfix by Xplode do link abaixo e salve na sua área de trabalho.
http://www.bleepingcomputer.com/download/delfix/dl/281/

Dê dois cliques no delfix.exe para executá-lo. Marque as caixas conforme imagem.

*** Usuários do Windows Vista, 7, 8/8.1 e Windows 10clique com o direito sobre o arquivo delfix.exe, depois clique emVRIfczU.png

ipb9zl.png

Clique no botão Executar.

Ao final será gerado um log, mas não é necessário postar.

MANTENHA O SO ATUALIZADO:
Mantenha como "automatica" as atualizações do windows. Novas brechas de segurança são descobertas com freqüência. Muitos malwares exploram essas brechas, infectando sistemas sem depender de nenhuma ação do usuário. A Microsoft corrige essas brechas através das atualizações. Por isso é fundamental manter o seu sistema atualizado.

Se não tiver mais problema em relação a malwares, clique em Denunciar Post localizado no topo da pagina e diga que seu topico está RESOLVIDO. Se você tiver alguma dúvida relacionada a informática e tecnologia, sinta-se à vontade para postar em qualquer área do CdH.

Att.
Elias Pereira

Compartilhar este post


Link para o post
Compartilhar em outros sites

Crie uma conta ou entre para comentar

Você precisar ser um membro para fazer um comentário

Criar uma conta

Crie uma nova conta em nossa comunidade. É fácil!

Crie uma nova conta

Entrar

Já tem uma conta? Faça o login.

Entrar agora





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×