Ir ao conteúdo
  • Cadastre-se
Fabricio Gomes

Possível infecção de Malware

Recommended Posts

Recentemente comecei a ter alguns problemas estranhos no PC, começou com a memoria indo para 100% e com um travamento que nunca tinha acontecido antes, foi necessário reiniciar o computador, que foi quando esses problemas começaram letras sumindo, interface bugada, as atualizações do windows dando algum tipo de erro, etc...

O computador agora depois de algumas mudanças que eu fiz está aparentemente normal, mas ainda acredito que possa ter algum tipo de infecção por malware.

 

 

 

 

zoek-results.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Fabricio Gomes

 

Por favor, atente para o seguinte:

  • Sobre o Fórum: Este é um espaço privado, não público. Seu uso é um privilégio, não um direito;
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • IMPORTANTE: Caso tenha programas de ativação do windows ou de compartilhamento de torrent, sugiro desinstalar. Só irei dar procedimento na analise após a remoção. Regras do forum;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Respeite a ordem das instruções passadas;
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Baixe o Farbar Recovery Scan do link abaixo e salve na sua área de trabalho.


NOTA: Faça o download de acordo com sua arquitetura (32 bits ou 64 bits)
https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/
** Usuários do Windows Vista, Windows 7, 8/8.1 e windows 10:
Clique com o direito sobre o arquivo FRST64.EXE, depois clique em VRIfczU.png .
Aceite o contrato e depois clique no botão Scan.

Aguarde e ao final, os logs FRST.txt e Addition.txt serão salvos no seu desktop.

Abra cada arquivo em separado, copie seu conteúdo e cole na sua próxima resposta.
  • Curtir 1

Compartilhar este post


Link para o post
Compartilhar em outros sites

Os logs

 

 

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 09.01.2019 01
Executado por FBFE (administrador) em FBFE-PC (11-01-2019 13:59:13)
Executando a partir de C:\Users\FBFE\Downloads
Perfis Carregados: FBFE (Perfis Disponíveis: FBFE)
Platform: Windows 10 Home Versão 1809 17763.253 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Visicom Media Inc.) C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(AndyOS Inc.) C:\Program Files (x86)\AndyOS\Update\1.3.101.0\GoogleCrashHandler.exe
(AndyOS Inc.) C:\Program Files (x86)\AndyOS\Update\1.3.101.0\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Cooler Master) C:\Program Files (x86)\Cooler Master\MasterMouse S\MasterMouse S HID.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Discord Inc.) C:\Users\FBFE\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\FBFE\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\FBFE\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\FBFE\AppData\Local\Discord\app-0.0.301\Discord.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems, Incorporated)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9246656 2018-01-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [MasterMouse S] => C:\Program Files (x86)\Cooler Master\MasterMouse S\MasterMouse S HID.exe [1942528 2016-11-29] (Cooler Master)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [153296 2018-05-30] (Panda Security, S.L.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO
HKU\S-1-5-21-2514267135-3352645930-2829355199-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3113768 2019-01-05] (Electronic Arts)
HKU\S-1-5-21-2514267135-3352645930-2829355199-1000\...\Run: [uTorrent] => C:\Users\FBFE\AppData\Roaming\uTorrent\uTorrent.exe [1738936 2018-11-19] (BitTorrent Inc.)
HKU\S-1-5-21-2514267135-3352645930-2829355199-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-2514267135-3352645930-2829355199-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35184016 2019-01-10] (Epic Games, Inc.)
HKU\S-1-5-21-2514267135-3352645930-2829355199-1000\...\Run: [Discord] => C:\Users\FBFE\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-05-01] (Discord Inc.)
HKU\S-1-5-21-2514267135-3352645930-2829355199-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3133216 2019-01-04] (Valve Corporation)
HKU\S-1-5-21-2514267135-3352645930-2829355199-1000\...\Policies\Explorer: [NoSecurityTab] 0
HKU\S-1-5-21-2514267135-3352645930-2829355199-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [221184 2018-09-15] (Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] ()
HKLM\...\Drivers32-x32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] ()
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-18] (Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
GroupPolicyScripts: Restrição <==== ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{27af9f30-b787-4f78-90de-caa16770a126}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e404ac28-c189-4e45-ac6c-a1bdc9250e5e}: [DhcpNameServer] 8.8.8.8

Internet Explorer:
==================
HKU\S-1-5-21-2514267135-3352645930-2829355199-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://pandasecurity.mystart.com/?pr=vmn&id=pandasafeweb&v=2_0&utm_campaign=675&idate=2018-09-20&ent=hp_675&u=0E16CDBCEBD0C73357C7BE5BA442DBD9
SearchScopes: HKU\S-1-5-21-2514267135-3352645930-2829355199-1000 -> DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://pandasecurity.mystart.com/results.php?pr=vmn&gen=ms&id=pandasafeweb&v=2_0&idate=2018-09-20&ent=ch_675&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2514267135-3352645930-2829355199-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://pandasecurity.mystart.com/results.php?pr=vmn&gen=ms&id=pandasafeweb&v=2_0&idate=2018-09-20&ent=ch_675&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-12-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-11-27] (Oracle Corporation)
BHO: Panda Safe Web -> {b60873b9-51aa-4566-b2fc-c16de2ec8bff} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2018-02-13] ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-27] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-12-02] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-11-27] (Oracle Corporation)
BHO-x32: Foxit PhantomPDF Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2017-12-11] ()
BHO-x32: Panda Safe Web -> {b60873b9-51aa-4566-b2fc-c16de2ec8bff} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2018-02-13] ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-27] (Oracle Corporation)
Toolbar: HKLM - Panda Safe Web - {b60873b9-51aa-4566-b2fc-c16de2ec8bff} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2018-02-13] ()
Toolbar: HKLM-x32 - Panda Safe Web - {b60873b9-51aa-4566-b2fc-c16de2ec8bff} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2018-02-13] ()
Toolbar: HKLM-x32 - Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2017-12-11] ()
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-02] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2017-12-01] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-27] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-04-24] (Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-12-01] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-12-01] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-12-01] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2017-12-01] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-12-27] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-12-27] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-12-27] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-12-27] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-09-11] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-11] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @updt.andyroid.net/AndyOS Update;version=3 -> C:\Program Files (x86)\AndyOS\Update\1.3.101.0\npGoogleUpdate3.dll [2018-05-10] (AndyOS Inc.)
FF Plugin-x32: @updt.andyroid.net/AndyOS Update;version=9 -> C:\Program Files (x86)\AndyOS\Update\1.3.101.0\npGoogleUpdate3.dll [2018-05-10] (AndyOS Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-04-24] (Adobe Systems)

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://google.com/
CHR Profile: C:\Users\FBFE\AppData\Local\Google\Chrome\User Data\Default [2018-12-15]
CHR Extension: (Tampermonkey) - C:\Users\FBFE\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-09-15]
CHR Profile: C:\Users\FBFE\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-01-11]
CHR Extension: (Apresentações) - C:\Users\FBFE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-04]
CHR Extension: (Documentos) - C:\Users\FBFE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-04]
CHR Extension: (Google Drive) - C:\Users\FBFE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-04]
CHR Extension: (YouTube) - C:\Users\FBFE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-04]
CHR Extension: (Planilhas) - C:\Users\FBFE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-04]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\FBFE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-03-04]
CHR Extension: (Gmail) - C:\Users\FBFE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-04]
CHR Extension: (Chrome Media Router) - C:\Users\FBFE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-04]
CHR Profile: C:\Users\FBFE\AppData\Local\Google\Chrome\User Data\System Profile [2018-12-15]
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2017-12-01]
CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2017-12-01]

Opera: 
=======
OPR Session Restore: -> está habilitado.
StartMenuInternet: (HKLM) OperaStable - E:\Program Files\Opera\Launcher.exe

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems, Incorporated)
S4 Andyos; C:\Program Files (x86)\AndyOS\Update\GoogleUpdate.exe [157424 2018-05-10] (AndyOS Inc.)
S4 Andyosm; C:\Program Files (x86)\AndyOS\Update\GoogleUpdate.exe [157424 2018-05-10] (AndyOS Inc.)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8348064 2018-12-19] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9646240 2018-12-07] (Microsoft Corporation)
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-06-21] (EasyAntiCheat Ltd)
S4 FoxitPhantomService; C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe [1658944 2017-12-12] (Foxit Software Inc.)
S4 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-03-01] (Hi-Rez Studios) [Arquivo não assinado]
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc.)
S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109024 2017-11-08] (Panda Security, S.L.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation)
R2 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2270528 2019-01-05] (Electronic Arts)
S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3131208 2019-01-05] (Electronic Arts)
S3 Panda VPN Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [320848 2017-11-19] ()
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [86104 2016-07-19] (Panda Security, S.L.)
R2 panda_url_filtering; C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [246256 2016-11-22] (Visicom Media Inc.)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2018-05-30] (Panda Security, S.L.)
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2018-12-05] () [Arquivo não assinado]
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2018-09-15] ()
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-08-13] (TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-10-30] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [114208 2018-10-30] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (The OpenVPN Project)
R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [34664 2018-04-25] (Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [33120 2018-04-25] (Advanced Micro Devices, Inc)
R3 amdhub31; C:\WINDOWS\System32\drivers\amdhub31.sys [152416 2018-01-03] (Advanced Micro Devices, Inc.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices, Inc. )
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31592 2018-04-26] (Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [137496 2018-09-12] (Advanced Micro Devices, Inc. )
R2 AMDRyzenMasterDriver; C:\Program Files\AMD\RyzenMaster\bin\AMDRyzenMasterDriver.sys [70304 2017-11-16] (Advanced Micro Devices)
R3 amdxhc31; C:\WINDOWS\System32\drivers\amdxhc31.sys [460128 2018-01-03] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2016-11-18] ()
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30352 2018-06-17] (Disc Soft Ltd)
S3 FairplayKD; C:\ProgramData\muita San Andreas All\Common\temp\FairplayKD.sys [92168 2018-12-23] (Multi Theft Auto)
R1 HWiNFO; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [55960 2018-09-18] (REALiX(tm))
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc.)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [108000 2017-11-06] (Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211936 2017-11-06] (Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [121312 2017-11-06] (Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [126432 2017-11-06] (Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [99512 2017-09-26] (Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [118240 2017-11-06] (Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [91616 2017-11-06] (Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [135648 2017-11-06] (Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [336352 2017-11-06] (Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [249312 2017-11-06] (Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [123360 2017-11-06] (Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [281056 2017-11-06] (Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [125920 2017-11-06] (Panda Security, S.L.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e59b844303b9907e\nvlddmkm.sys [20395400 2018-11-16] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation)
R3 panda_url_filteringd; C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc.)
R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [191448 2017-11-08] (Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [153992 2018-01-22] (Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207248 2018-01-30] (Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [146912 2017-10-16] (Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [159200 2017-10-16] (Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [129504 2017-10-16] (Panda Security, S.L.)
U3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [72648 2017-05-22] (Panda Security, S.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46184 2018-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [328696 2018-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60408 2018-10-30] (Microsoft Corporation)
S3 WinDivert1.1; C:\ProgramData\KMSAuto\bin\driver\x64WDV\WinDivert.sys [35376 2013-12-03] (Basil Projects)
S3 XSplit_Dummy; C:\WINDOWS\system32\drivers\xspltspk.sys [26200 2016-06-15] (SplitmediaLabs Limited)
U3 aswbdisk; não ImagePath
U3 idsvc; não ImagePath

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2019-01-11 13:59 - 2019-01-11 14:00 - 000028565 _____ C:\Users\FBFE\Downloads\FRST.txt
2019-01-11 13:58 - 2019-01-11 13:59 - 000000000 ____D C:\FRST
2019-01-11 13:57 - 2019-01-11 13:57 - 002425856 _____ (Farbar) C:\Users\FBFE\Downloads\FRST64.exe
2019-01-10 11:31 - 2019-01-10 11:31 - 000000000 ____D C:\Users\FBFE\AppData\Roaming\EasyAntiCheat
2019-01-10 11:15 - 2019-01-10 11:15 - 000717059 _____ C:\Users\FBFE\Downloads\Memorias Postumas de Bras Cubas - Machado de Assis (1).pdf
2019-01-10 10:09 - 2019-01-10 10:10 - 000574546 _____ C:\Users\FBFE\Downloads\CharlesFourierosFalanstrioseacrticaCivilizaoIndustrial.RIPS2016 (1).pdf
2019-01-10 10:09 - 2019-01-10 10:09 - 000574546 _____ C:\Users\FBFE\Downloads\CharlesFourierosFalanstrioseacrticaCivilizaoIndustrial.RIPS2016.pdf
2019-01-10 10:01 - 2019-01-10 10:01 - 000207571 _____ C:\Users\FBFE\Downloads\document.pdf
2019-01-10 09:38 - 2019-01-10 09:41 - 004434126 _____ C:\Users\FBFE\Downloads\Acao Humana -  Um Tratado de Ec - Ludwig von Mises.pdf
2019-01-10 09:04 - 2019-01-10 09:04 - 000597587 _____ C:\Users\FBFE\Downloads\Crítica da Faculdade do Juízo de Immanuel Kant.pdf
2019-01-09 16:54 - 2019-01-09 16:54 - 020811776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-09 16:54 - 2019-01-09 16:54 - 019024384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-09 16:54 - 2019-01-09 16:54 - 012151808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-09 16:54 - 2019-01-09 16:54 - 006057984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-09 16:54 - 2019-01-09 16:54 - 005440016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-01-09 16:54 - 2019-01-09 16:54 - 003952952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2019-01-09 16:54 - 2019-01-09 16:54 - 003550592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-01-09 16:54 - 2019-01-09 16:54 - 002986352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2019-01-09 16:54 - 2019-01-09 16:54 - 002469648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-01-09 16:54 - 2019-01-09 16:54 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-01-09 16:54 - 2019-01-09 16:54 - 001201136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-01-09 16:54 - 2019-01-09 16:54 - 001022464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-01-09 16:54 - 2019-01-09 16:54 - 000870400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-01-09 16:54 - 2019-01-09 16:54 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-09 16:54 - 2019-01-09 16:54 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-09 16:54 - 2019-01-09 16:54 - 000662528 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Pipeline.dll
2019-01-09 16:54 - 2019-01-09 16:54 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-09 16:54 - 2019-01-09 16:54 - 000098816 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Broker.dll
2019-01-09 16:53 - 2019-01-09 16:54 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 026806784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 023440384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 012858368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 009677352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 16:53 - 2019-01-09 16:53 - 007857152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 006544800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-01-09 16:53 - 2019-01-09 16:53 - 003380224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 003338328 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 002929152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 002777432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 002626360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-09 16:53 - 2019-01-09 16:53 - 002594872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 002437552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 002275896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 002186752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 002021584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 001641616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 001602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 001255736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-09 16:53 - 2019-01-09 16:53 - 001212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 001058848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-01-09 16:53 - 2019-01-09 16:53 - 001050936 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-09 16:53 - 2019-01-09 16:53 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 000387384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 000178696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-09 16:53 - 2019-01-09 16:53 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 000140808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-09 16:53 - 2019-01-09 16:53 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintWorkflowService.dll
2019-01-09 16:53 - 2019-01-09 16:53 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-09 16:53 - 2019-01-09 16:53 - 000047112 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-09 16:53 - 2019-01-09 16:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-01-09 16:53 - 2019-01-09 16:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-01-09 16:53 - 2019-01-09 16:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-01-09 16:53 - 2019-01-09 16:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-01-09 16:53 - 2019-01-09 16:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-01-09 16:53 - 2019-01-09 16:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-01-09 16:53 - 2019-01-09 16:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-01-09 16:53 - 2019-01-09 16:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-01-09 16:04 - 2019-01-09 16:04 - 002035943 _____ C:\Users\FBFE\Downloads\zoek.zip
2019-01-09 16:01 - 2019-01-09 16:01 - 000000000 ____D C:\zoek_backup
2019-01-09 01:44 - 2019-01-09 06:04 - 000000000 ____D C:\Users\FBFE\BrawlhallaReplays
2019-01-08 14:21 - 2019-01-08 14:23 - 013380830 _____ C:\Users\FBFE\Downloads\ps2_bios.zip
2019-01-08 14:18 - 2019-01-08 14:18 - 000002012 _____ C:\Users\Public\Desktop\PCSX2 1.4.0.lnk
2019-01-08 14:18 - 2019-01-08 14:18 - 000000000 ____D C:\Users\FBFE\Documents\PCSX2
2019-01-08 14:18 - 2019-01-08 14:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2019-01-08 14:17 - 2019-01-08 14:18 - 000000000 ____D C:\Program Files (x86)\PCSX2 1.4.0
2019-01-08 13:26 - 2019-01-08 13:26 - 089358336 _____ C:\Users\FBFE\Desktop\Soulcalibur III (USA).iso
2019-01-08 10:48 - 2019-01-08 10:48 - 002137342 _____ C:\Users\FBFE\Downloads\Black.7z.opdownload
2019-01-08 10:26 - 2019-01-08 13:03 - 1706652884 _____ C:\Users\FBFE\Downloads\Soulcalibur III (USA).7z
2019-01-08 10:14 - 2019-01-08 10:14 - 000011226 _____ C:\Users\FBFE\Downloads\boleto (1).pdf
2019-01-08 09:38 - 2019-01-08 09:38 - 000000000 ____D C:\Users\FBFE\AppData\Roaming\BrawlhallaAir
2019-01-08 09:33 - 2019-01-08 09:33 - 000000222 _____ C:\Users\FBFE\Desktop\Brawlhalla.url
2019-01-08 06:18 - 2019-01-08 06:18 - 001193950 _____ C:\Users\FBFE\Downloads\A Teoria da Exploracao do Socia - Eugen Von Bohm-Bawerk (1).pdf
2019-01-08 04:28 - 2019-01-08 04:28 - 001276744 _____ C:\Users\FBFE\Downloads\Desestatizacao do Dinheiro - Friedrich August Hayek (1).pdf
2019-01-07 03:45 - 2019-01-07 03:45 - 000000000 ____D C:\Users\FBFE\AppData\LocalLow\Artix Entertainment, LLC
2019-01-07 03:36 - 2019-01-07 03:36 - 000000222 _____ C:\Users\FBFE\Desktop\AdventureQuest 3D.url
2019-01-04 05:44 - 2019-01-04 05:45 - 001017100 _____ C:\Users\FBFE\Downloads\Por que nao sou cristao - Bertrand Russel.pdf
2019-01-04 03:36 - 2019-01-04 03:36 - 000001428 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2019-01-04 03:36 - 2019-01-04 03:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2019-01-03 20:24 - 2019-01-03 20:25 - 004487925 _____ C:\Users\FBFE\Downloads\Discurso do método - René Descartes (1).pdf
2019-01-03 20:24 - 2019-01-03 20:24 - 033071093 _____ C:\Users\FBFE\Downloads\Meditações Metafisicas - René Descartes.pdf
2019-01-03 20:23 - 2019-01-03 20:24 - 004487925 _____ C:\Users\FBFE\Downloads\Discurso do método - René Descartes.pdf
2019-01-03 02:12 - 2019-01-03 02:12 - 000839274 _____ C:\Users\FBFE\Downloads\A Historia da Revolucao Russa - Leon Trotski.pdf
2019-01-03 02:02 - 2019-01-03 02:02 - 001117083 _____ C:\Users\FBFE\Downloads\Etica a Nicomaco - Aristoteles.pdf
2019-01-01 15:14 - 2019-01-01 15:14 - 025274525 _____ C:\Users\FBFE\Downloads\História da Arte Gombrich.pdf
2018-12-31 20:47 - 2018-12-31 20:47 - 002264292 _____ C:\Users\FBFE\Downloads\Coleção os pensadores - Platão.pdf
2018-12-31 20:43 - 2018-12-31 20:45 - 002961872 _____ C:\Users\FBFE\Downloads\Matrimonio do Ceu e do Inferno - William Blake.pdf
2018-12-29 19:31 - 2018-12-29 19:31 - 000000222 _____ C:\Users\FBFE\Desktop\Warframe.url
2018-12-25 14:39 - 2018-12-25 14:41 - 003182972 _____ C:\Users\FBFE\Downloads\Interpretacao De Textos e Seman - Pedro Henrique (1).pdf
2018-12-23 20:34 - 2018-12-23 20:34 - 000962038 _____ C:\Users\FBFE\Documents\Pré-matrícula - Educação - Prefeitura de São Gonçalo.pdf
2018-12-23 17:14 - 2018-12-23 17:14 - 000002193 _____ C:\Users\Public\Desktop\muita San Andreas 1.5.lnk
2018-12-23 17:14 - 2018-12-23 17:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\muita San Andreas 1.5
2018-12-23 17:13 - 2019-01-08 14:18 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2018-12-23 17:13 - 2018-12-23 17:15 - 000000000 ____D C:\Program Files (x86)\muita San Andreas 1.5
2018-12-23 17:12 - 2018-12-23 17:15 - 000000000 ____D C:\Users\Todos os Usuários\muita San Andreas All
2018-12-23 17:12 - 2018-12-23 17:15 - 000000000 ____D C:\ProgramData\muita San Andreas All
2018-12-23 16:56 - 2018-12-23 16:58 - 067086392 _____ (Multi Theft Auto) C:\Users\FBFE\Downloads\mtasa-1.5.6.exe
2018-12-23 01:58 - 2018-12-23 02:07 - 000000000 ____D C:\Users\FBFE\Documents\GTA San Andreas User Files
2018-12-23 01:58 - 2018-12-23 01:58 - 000001294 _____ C:\Users\FBFE\Desktop\GTA San Andreas.lnk
2018-12-23 01:58 - 2018-12-23 01:58 - 000000000 ____D C:\Users\FBFE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2018-12-23 01:58 - 2018-12-23 01:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2018-12-23 01:53 - 2018-12-23 01:53 - 015534010 _____ C:\Users\FBFE\Downloads\sa-mp-0.3.7-R3-1-install.exe
2018-12-23 01:42 - 2018-12-23 01:51 - 689588989 ____R C:\Users\FBFE\Documents\GTA San Andreas FULL_[RiP].rar
2018-12-22 07:27 - 2018-12-22 07:27 - 000451974 _____ C:\Users\FBFE\Downloads\Poemas Completos de Ricardo Reis - Fernando Pessoa.pdf
2018-12-22 07:17 - 2018-12-22 07:17 - 000192949 _____ C:\Users\FBFE\Downloads\FALENAS Machado de Assis.pdf
2018-12-21 21:23 - 2018-12-21 21:23 - 000000000 ____D C:\Users\Todos os Usuários\Hotspot Shield
2018-12-21 21:23 - 2018-12-21 21:23 - 000000000 ____D C:\ProgramData\Hotspot Shield
2018-12-20 21:05 - 2018-12-20 21:05 - 000009590 _____ C:\Users\FBFE\Downloads\11994329700_Emissão_de_Carteira_de_Trabalho_Brasileiro_20122018.pdf
2018-12-20 15:07 - 2018-12-20 15:07 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-12-20 15:07 - 2018-12-20 15:07 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-12-15 09:25 - 2018-12-15 09:25 - 010105016 _____ (AVAST Software) C:\Users\FBFE\Downloads\avastclear.exe
2018-12-15 09:17 - 2018-12-18 20:19 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-12-15 09:15 - 2018-12-18 20:19 - 000000000 ____D C:\Users\Todos os Usuários\AVAST Software
2018-12-15 09:15 - 2018-12-18 20:19 - 000000000 ____D C:\ProgramData\AVAST Software
2018-12-15 09:15 - 2018-12-15 09:15 - 000000000 ____D C:\Program Files\AVAST Software
2018-12-15 09:13 - 2018-12-15 09:14 - 019299120 _____ (Piriform Software Ltd) C:\Users\FBFE\Downloads\ccsetup551.exe
2018-12-15 08:42 - 2018-12-15 08:42 - 000742216 _____ (Spotify Ltd) C:\Users\FBFE\Downloads\SpotifySetup.exe
2018-12-14 08:07 - 2018-12-14 08:07 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2018-12-14 08:07 - 2018-12-14 08:07 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-12-14 08:07 - 2018-12-14 08:07 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-12-14 08:07 - 2018-12-14 08:07 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-12-14 08:07 - 2018-12-14 08:07 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-12-14 08:07 - 2018-12-14 08:07 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-12-14 08:07 - 2018-12-14 08:07 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-12-14 08:07 - 2018-12-14 08:07 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-12-14 08:07 - 2018-12-14 08:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-12-13 08:14 - 2018-12-13 08:14 - 000000011 _____ C:\Users\FBFE\Desktop\asdasds.txt
2018-12-12 13:57 - 2018-12-12 13:57 - 000615174 _____ C:\Users\FBFE\Downloads\Quarenta Ditos.pdf

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2019-01-11 13:50 - 2018-09-15 05:33 - 000000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2019-01-11 13:50 - 2018-09-15 05:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-11 13:06 - 2018-12-05 23:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-11 12:51 - 2018-11-26 18:22 - 000000000 ____D C:\Program Files (x86)\Steam
2019-01-11 12:25 - 2018-03-03 20:35 - 000000000 ____D C:\Users\Todos os Usuários\NVIDIA
2019-01-11 12:25 - 2018-03-03 20:35 - 000000000 ____D C:\ProgramData\NVIDIA
2019-01-11 11:39 - 2018-07-19 21:53 - 000000000 ____D C:\Users\FBFE\AppData\Local\Warframe
2019-01-11 09:05 - 2018-09-20 23:01 - 000000000 ____D C:\Program Files\Panda Security URL Filtering
2019-01-11 01:41 - 2018-09-15 05:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-11 01:41 - 2018-09-15 05:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-10 12:54 - 2018-04-14 13:12 - 000000000 ____D C:\Users\FBFE\AppData\Local\ElevatedDiagnostics
2019-01-10 11:31 - 2018-12-11 13:53 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2019-01-10 11:15 - 2018-12-07 06:47 - 000000000 ____D C:\Users\FBFE\Desktop\Livros
2019-01-09 17:19 - 2018-12-06 00:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-09 17:18 - 2018-09-15 14:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-01-09 17:18 - 2018-09-15 14:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-01-09 17:18 - 2018-09-15 05:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-09 17:18 - 2018-09-15 04:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-01-09 17:18 - 2018-03-04 00:01 - 000000000 ____D C:\Users\Todos os Usuários\panda_url_filtering
2019-01-09 17:18 - 2018-03-04 00:01 - 000000000 ____D C:\ProgramData\panda_url_filtering
2019-01-09 17:02 - 2018-03-04 00:55 - 000000000 ____D C:\Users\FBFE\AppData\Local\CrashDumps
2019-01-09 16:55 - 2018-09-15 05:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-09 16:14 - 2018-12-05 21:55 - 000000000 ___DC C:\WINDOWS\Panther
2019-01-09 16:10 - 2018-09-15 05:31 - 000000000 ____D C:\WINDOWS\INF
2019-01-09 15:10 - 2018-12-06 00:04 - 000000000 ____D C:\Users\FBFE
2019-01-09 14:47 - 2018-09-15 05:36 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-09 14:47 - 2018-09-15 05:36 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-09 14:46 - 2018-03-15 09:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-09 14:41 - 2018-03-15 09:34 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-09 06:32 - 2018-12-06 00:27 - 000004654 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-01-09 06:32 - 2018-12-06 00:27 - 000004494 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-01-09 06:32 - 2018-09-15 05:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-01-09 06:32 - 2018-09-15 05:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-01-08 14:18 - 2018-05-19 17:16 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2019-01-08 09:33 - 2018-03-04 00:20 - 000000000 ____D C:\Users\FBFE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-01-08 08:32 - 2018-09-15 05:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-01-07 03:45 - 2018-09-29 22:43 - 000000000 ____D C:\Users\FBFE\AppData\LocalLow\Unity
2019-01-06 07:02 - 2018-03-03 22:59 - 000000000 ____D C:\Users\FBFE\AppData\Local\Packages
2019-01-05 20:40 - 2018-10-05 20:49 - 000000000 ____D C:\Users\FBFE\AppData\Roaming\discord
2019-01-05 14:01 - 2018-05-01 06:39 - 000000000 ____D C:\Users\Todos os Usuários\Origin
2019-01-05 14:01 - 2018-05-01 06:39 - 000000000 ____D C:\ProgramData\Origin
2019-01-05 13:59 - 2018-05-01 06:50 - 000000000 ____D C:\Users\FBFE\AppData\Roaming\Origin
2019-01-05 13:58 - 2018-05-01 06:56 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-01-05 13:46 - 2018-05-19 16:58 - 000000000 ____D C:\Users\FBFE\AppData\Local\D3DSCache
2019-01-05 13:46 - 2018-03-03 20:13 - 000000000 ____D C:\Users\Todos os Usuários\Package Cache
2019-01-05 13:46 - 2018-03-03 20:13 - 000000000 ____D C:\ProgramData\Package Cache
2019-01-05 13:44 - 2018-05-01 06:50 - 000000000 ____D C:\Program Files (x86)\Origin
2019-01-04 22:01 - 2018-03-05 13:26 - 000000000 ____D C:\Users\Todos os Usuários\Foxit Software
2019-01-04 22:01 - 2018-03-05 13:26 - 000000000 ____D C:\ProgramData\Foxit Software
2019-01-04 03:35 - 2018-03-05 13:22 - 000000000 ____D C:\Program Files (x86)\Foxit Software
2019-01-02 00:20 - 2018-12-08 20:03 - 000000000 ____D C:\Users\FBFE\.junique
2018-12-26 20:14 - 2018-12-08 20:02 - 000000726 _____ C:\Users\FBFE\Documents\Minion.lnk
2018-12-26 20:14 - 2018-12-08 20:02 - 000000000 ____D C:\Users\FBFE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Good Game Mods LLC
2018-12-26 20:14 - 2018-12-08 20:02 - 000000000 ____D C:\Users\FBFE\AppData\Local\Minion
2018-12-23 02:05 - 2018-09-15 05:41 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2018-12-23 02:05 - 2018-09-15 05:41 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2018-12-23 02:05 - 2018-09-15 05:41 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2018-12-23 02:05 - 2018-09-15 05:41 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2018-12-23 02:05 - 2018-09-15 05:41 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2018-12-23 02:05 - 2018-09-15 05:41 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2018-12-23 02:05 - 2018-09-15 05:41 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2018-12-23 02:05 - 2018-09-15 05:41 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2018-12-23 02:05 - 2018-09-15 05:41 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2018-12-23 02:05 - 2018-09-15 05:41 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2018-12-23 02:05 - 2018-09-15 05:41 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2018-12-23 02:05 - 2018-09-15 05:37 - 000472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2018-12-23 02:05 - 2018-09-15 05:37 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2018-12-23 02:05 - 2018-09-15 05:37 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2018-12-23 02:05 - 2018-09-15 05:37 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2018-12-23 02:05 - 2018-09-15 05:37 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2018-12-23 02:05 - 2018-09-15 05:37 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2018-12-23 02:05 - 2018-09-15 05:37 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2018-12-23 02:03 - 2018-05-15 22:28 - 000000000 ____D C:\Users\FBFE\AppData\Roaming\uTorrent
2018-12-23 01:53 - 2018-05-19 15:06 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2018-12-21 01:55 - 2018-12-06 02:49 - 000004156 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1544071774
2018-12-21 01:55 - 2018-12-06 02:49 - 000001371 _____ C:\Users\FBFE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2018-12-20 14:23 - 2018-12-06 00:04 - 000002370 _____ C:\Users\FBFE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-12-20 14:23 - 2018-03-03 23:08 - 000000000 ___RD C:\Users\FBFE\OneDrive
2018-12-19 20:02 - 2018-12-06 00:27 - 000003644 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-FBFE-PC-FBFE
2018-12-19 16:34 - 2018-12-06 00:27 - 000003588 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-19 16:34 - 2018-12-06 00:27 - 000003464 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-19 08:34 - 2018-09-22 11:59 - 001041657 _____ C:\Users\FBFE\Downloads\A Estrutura das Revolucoes Cien - Thomas S. Kuhn.pdf
2018-12-18 20:20 - 2018-12-05 23:54 - 000587576 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-12-18 02:10 - 2018-03-03 20:02 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-18 02:10 - 2018-03-03 20:02 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-12-15 09:27 - 2018-03-22 23:42 - 000000000 ____D C:\Users\FBFE\AppData\Roaming\TeamViewer
2018-12-15 09:25 - 2018-06-17 22:19 - 000000000 ____D C:\Users\FBFE\AppData\Roaming\DAEMON Tools Lite
2018-12-15 09:21 - 2018-09-15 05:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-12-15 09:17 - 2018-09-15 05:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-12-14 13:22 - 2018-12-05 18:25 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-12-14 08:07 - 2018-08-08 15:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-12-14 06:13 - 2018-12-06 00:18 - 001893666 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-12-14 06:13 - 2018-09-15 14:42 - 000791196 _____ C:\WINDOWS\system32\prfh0416.dat
2018-12-14 06:13 - 2018-09-15 14:42 - 000166062 _____ C:\WINDOWS\system32\prfc0416.dat
2018-12-14 06:04 - 2018-09-15 05:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-12-14 06:04 - 2018-09-15 05:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-12-14 06:04 - 2018-09-15 05:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-12-13 03:51 - 2018-09-15 04:09 - 000000000 ____D C:\WINDOWS\servicing

==================== Arquivos na raiz de alguns diretórios =======

2018-04-11 21:34 - 2018-04-11 21:34 - 000178688 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\IDvjAt.exe
2018-09-15 22:40 - 2018-09-15 22:40 - 000000002 _____ () C:\Users\FBFE\AppData\Local\imw.ini
2018-12-06 20:02 - 2018-12-06 20:02 - 000000000 _____ () C:\Users\FBFE\AppData\Local\oobelibMkey.log
2018-03-03 20:14 - 2018-08-30 22:06 - 000007602 _____ () C:\Users\FBFE\AppData\Local\Resmon.ResmonCfg

Alguns arquivos em TEMP:
====================
2019-01-04 03:35 - 2018-04-08 21:37 - 004021824 _____ (Foxit Corporation) C:\Users\FBFE\AppData\Local\Temp\FoxitUpdater.exe
2019-01-09 16:01 - 2009-11-10 20:09 - 000157184 _____ () C:\Users\FBFE\AppData\Local\Temp\virustotal.exe

==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

==================== Fim de FRST.txt ============================

 

 

O outro log

 

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 09.01.2019 01
Executado por FBFE (11-01-2019 14:00:57)
Executando a partir de C:\Users\FBFE\Downloads
Windows 10 Home Versão 1809 17763.253 (X64) (2018-12-06 02:29:41)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-2514267135-3352645930-2829355199-500 - Administrator - Disabled)
Convidado (S-1-5-21-2514267135-3352645930-2829355199-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-2514267135-3352645930-2829355199-503 - Limited - Disabled)
FBFE (S-1-5-21-2514267135-3352645930-2829355199-1000 - Administrator - Enabled) => C:\Users\FBFE
WDAGUtilityAccount (S-1-5-21-2514267135-3352645930-2829355199-504 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Panda Dome (Enabled - Up to date) {CF440CD9-5435-10B1-04E0-7768B6F10320}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Dome (Enabled - Up to date) {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-2514267135-3352645930-2829355199-1000\...\uTorrent) (Version: 3.5.4.44846 - BitTorrent Inc.)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
AMD Ryzen Master (HKLM\...\{5A1CE077-7111-4C7D-A5C5-E210D4B68AD8}) (Version: 1.3.0.0623 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.12 - Advanced Micro Devices, Inc.)
Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.026 - ASUSTek Computer Inc.)
Atualizações da NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Nome de sua empresa:) Hidden
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.36.2 - Bethesda Softworks)
Cities Skylines Industries (HKLM-x32\...\Cities Skylines Industries_is1) (Version:  - )
Cooler Master Portal Settings software (HKLM-x32\...\{1A3E3EA7-5A7C-4292-8A13-B0DE1BF49E13}_COOLER_MASTER_PORTAL) (Version: 1.00 - Cooler Master)
Corel Graphics - Windows Shell Extension (HKLM\...\_{CD4FAF77-25BC-4838-9B4B-5C59AC8662D1}) (Version: 20.0.0.633 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{CD4FAF77-25BC-4838-9B4B-5C59AC8662D1}) (Version: 20.0.633 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{C0408619-0431-4B54-B63C-C3AB18B1E4B4}) (Version: 20.0.633 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{6281459C-49C7-49C6-A9FE-50293675B4B2}) (Version: 16.0.707 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{7A731C52-8DC6-47AB-B2BC-3FE70F6C6968}) (Version: 2.8.364 - Corel corporation) Hidden
CorelDRAW Graphics Suite 2018 - BR (x64) (HKLM\...\{575AFBB6-FDF0-4191-97D0-E109C1A53E9B}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Capture (x64) (HKLM\...\{57B35A9E-2E5C-4CE4-AE54-61B02500ED6C}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Common (x64) (HKLM\...\{C9E9E21E-E375-4BAF-B647-22ABA6ABBACF}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Connect (x64) (HKLM\...\{BCAF055A-51F2-4266-BC27-E67AFE02B1CE}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Custom Data (x64) (HKLM\...\{098FFEC8-98D9-4DE0-BC3F-B5A94547FF73}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Draw (x64) (HKLM\...\{121B4D48-BDC1-4037-B150-28037FA47510}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Filters (x64) (HKLM\...\{9433E8C4-DD2E-40BE-A1AF-0832DFE89C92}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Font Manager (x64) (HKLM\...\{EFD5BDD5-CEF1-4209-ABF1-2387D0756D14}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IPM Content BR (HKLM-x32\...\{F0FAEE69-7104-4C61-9E1D-B292E780C41E}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IPM T (x64) (HKLM\...\{A4DEA23F-2371-483E-93C1-1764CA80DDEF}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - PHOTO-PAINT (x64) (HKLM\...\{CA42C3C9-6A8C-423E-885E-064B06DAD20E}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Redist (x64) (HKLM\...\{E442BB6A-268E-4864-9780-C0A4789DA64F}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Setup Files (x64) (HKLM\...\{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - VBA (x64) (HKLM\...\{8FE99871-8AF0-449F-A1C4-F18EE971DC84}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Workspaces (x64) (HKLM\...\{94B3EE65-9BD2-4C39-9E43-E1403F6A82F4}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Writing Tools (x64) (HKLM\...\{F5CC82A3-6FF2-4D76-AC4F-3A7C63E3487C}) (Version: 20.1 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 (64-Bit) (HKLM\...\_{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.1.0.708 - Corel Corporation)
CorelDRAW Graphics Suite 2018 (HKLM\...\{23465DF5-08D9-4150-9621-7A127B208936}) (Version: 20.1 - Corel Corporation) Hidden
CPUID CPU-Z 1.85 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.85 - CPUID, Inc.)
CrystalDiskInfo 7.1.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.1.0 - Crystal Dew World)
CrystalDiskMark 5.5.0 (HKLM\...\CrystalDiskMark5_is1) (Version: 5.5.0 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
Dark Souls Prepare to Die Edition (HKLM-x32\...\{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Dark Souls Prepare to Die Edition (HKLM-x32\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)
Data Lifeguard Diagnostic for Windows 1.31 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version:  - Western Digital Corporation)
Dauntless (HKLM\...\{03AFDFA7-7A23-41B1-AAC2-3898591127D3}) (Version: 1.00.0000 - Phoenix Labs)
Dead Frontier (HKLM-x32\...\{24EBCC93-0875-473D-A317-0E1D355900A8}_is1) (Version: 28 - Creaky Corpse Ltd)
Discord (HKU\S-1-5-21-2514267135-3352645930-2829355199-1000\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.01 - NVIDIA Corporation) Hidden
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Epic Games Launcher (HKLM-x32\...\{F47DCC6C-FB71-4BF6-9B2A-68A5B4B35E92}) (Version: 1.1.147.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Estudo de aprimoramento de produto para HP DeskJet 1110 series (HKLM\...\{B804967E-F921-4829-9595-9C2070412EE8}) (Version: 40.11.1124.17107 - HP Inc.)
Fallout (HKLM-x32\...\1_is1) (Version: 2.1.0.18 - GOG.com)
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version:  - Q, Timeslip)
Foxit PhantomPDF (HKLM-x32\...\{A779291C-E02A-11E7-AA87-000C296BF29B}) (Version: 9.0.1.1049 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.4.0.16811 - Foxit Software Inc.)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google Inc.) Hidden
GTA: San Andreas RIP PT-BR by TemDono - #GTABrasil - BrasNET (HKLM-x32\...\Grand Theft Auto San Andreas_is1) (Version:  - TemDono Design 2005)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP DeskJet 1110 series Ajuda (HKLM-x32\...\{A7DD371B-4BF1-49B2-9141-36828F2A8774}) (Version: 35.0.0 - Hewlett Packard)
HP DeskJet 1110 series Software básico do dispositivo (HKLM\...\{7CDE7B69-A460-4C3D-909F-79F58C6EA36B}) (Version: 40.11.1124.17107 - HP Inc.)
HP Dropbox Plugin (HKLM-x32\...\{58D6D905-7706-4362-BA48-3002C4134AF8}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{EEB862D4-D8FD-4D1A-A747-2AC05CA9CC22}) (Version: 36.0.41.58587 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HWiNFO64 Version 5.88 (HKLM\...\HWiNFO64_is1) (Version: 5.88 - Martin Malík - REALiX)
Java 8 Update 191 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
Malwarebytes versão 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
MasterMouse S Settings software (HKLM-x32\...\{1A3E3EA7-5A7C-4292-8A13-B0DE1BF49E13}_COOLER_MASTER_MASTERMOUSE_S) (Version: 1.05 - Cooler Master)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.11029.20108 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2514267135-3352645930-2829355199-1000\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
Minion (HKU\S-1-5-21-2514267135-3352645930-2829355199-1000\...\{Minion}}_is1) (Version: 3.0 - Good Game Mods LLC)
MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD)
muita:SA v1.5.6 (HKLM-x32\...\muita:SA 1.5) (Version: v1.5.6 - Multi Theft Auto)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.14 - Black Tree Gaming)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA Driver de controle do 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.16.0.122 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.122 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Opera Stable 57.0.3098.106 (HKU\S-1-5-21-2514267135-3352645930-2829355199-1000\...\Opera 57.0.3098.106) (Version: 57.0.3098.106 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.32.18460 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{d8d053c7-cbc4-41a4-94bf-296cec7e7f5a}) (Version: latest - ppy Pty Ltd)
Painel de controle da NVIDIA 417.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 417.01 - NVIDIA Corporation) Hidden
Panda Devices Agent (HKLM-x32\...\{3F9548B2-0B34-4453-A92E-35056B053F19}) (Version: 1.08.00 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.08 - Panda Security) Hidden
Panda Dome (HKLM\...\{DC22166B-6F26-4E2E-BFDE-CC3578246940}) (Version: 9.13.00 - Panda Security) Hidden
Panda Dome (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 18.06.00.0000 - Panda Security)
Panda Safe Web (HKLM-x32\...\pandasecuritytb) (Version: 4.3.1.30 - Panda Security and Visicom Media Inc.)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version:  - )
RAGE Multiplayer (HKLM-x32\...\{6FE30B47-2577-43AD-9095-1861CA25889C}) (Version: 1.0.0.0 - Adam)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.104.1223.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8351 - Realtek Semiconductor Corp.)
Rise Of The Tomb Raider 20 Years Celebration (HKLM-x32\...\{EDD218D6-C5A2-4C88-88B0-7D0DA4B0B9F4}_is1) (Version:  - Square Enix)
RivaTuner Statistics Server 7.1.0 (HKLM-x32\...\RTSS) (Version: 7.1.0 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.9.8 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.9.8 - General Workings, Inc.)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.14327 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Telegram Desktop versão 1.2.17 (HKU\S-1-5-21-2514267135-3352645930-2829355199-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.2.17 - Telegram Messenger LLP)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 2.6.3.0 - Zenimax Online Studios)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 29.0 - Ubisoft)
VEGAS Pro 15.0 (HKLM\...\{E0F91FB0-7FC4-11E7-B8E9-95BE57594EAC}) (Version: 15.0.177 - VEGAS)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Zula (HKLM-x32\...\22DF2438-3A2E-4E99-BA0E-3272968F0290_is1) (Version: 1.14-170727.16720 - XCloudGame)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-2514267135-3352645930-2829355199-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Nenhum Arquivo
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2017-12-11] (Foxit Software Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Inc.)
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security, S.L.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-11-15] (NVIDIA Corporation)
ContextMenuHandlers6: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2017-12-11] (Foxit Software Inc.)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security, S.L.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {027E8176-0535-431E-976D-0787CC9206C3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-12-14] (Microsoft Corporation)
Task: {02DD7F3E-541C-422C-B5C0-26AB5BCFD64D} - não caminho do arquivo
Task: {033D03F6-CD2F-4BC2-B911-420739E14A4D} - não caminho do arquivo
Task: {1515B2F3-0958-4AA8-9912-E5B5E7000E38} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-12-14] (Microsoft Corporation)
Task: {1FB06459-3648-443C-8855-DC25EBB769CD} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {2E85A644-BAE8-45EC-9DE5-F3A4C9977F1D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-11-16] (NVIDIA Corporation)
Task: {3291577C-A823-4235-8ACC-9AA2EA60A058} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-12-14] (Microsoft Corporation)
Task: {402661C3-C6CC-44C7-AEFD-811B0C2B31CA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {4305694A-9DA4-4904-8D94-8EA56F59542C} - System32\Tasks\AndyOSUpdateTaskMachineCore => C:\Program Files (x86)\AndyOS\Update\GoogleUpdate.exe [2018-05-10] (AndyOS Inc.) <==== ATENÇÃO
Task: {507D89AF-7662-4FBE-BBEA-8DA399C4053A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-03-03] (Google Inc.)
Task: {56320843-3A0F-4AA5-B90C-305841F10DA4} - não caminho do arquivo
Task: {57937893-25D5-4E37-9877-D73D65D73991} - não caminho do arquivo
Task: {58DC65D1-148D-4924-BD23-10EE5F0F58EF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-12-14] (Microsoft Corporation)
Task: {5B0C9CA0-C403-4A42-BD0B-8B7BF4171DB0} - System32\Tasks\AdobeGCInvoker-1.0-FBFE-PC-FBFE => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-12-13] (Adobe Systems, Incorporated)
Task: {626FF412-9450-4DE5-A27F-6CB863E8EDA1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-12-07] (Microsoft Corporation)
Task: {63601B9B-3BCD-469A-A049-AED071869D66} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-11-16] (NVIDIA Corporation)
Task: {6AEDE4A1-50D6-4F76-8172-7E6159E4535B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-11-16] (NVIDIA Corporation)
Task: {6E831112-9624-41AE-A552-5FFCD76055DE} - System32\Tasks\Opera scheduled Autoupdate 1544071774 => C:\Users\FBFE\AppData\Local\Programs\Opera\launcher.exe [2018-12-19] (Opera Software)
Task: {7FAFFD68-EB01-4898-BBEC-78AAB84CC222} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-11-16] (NVIDIA Corporation)
Task: {907234A6-47AB-4285-B8B3-9C649D23D4B9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-12-14] (Microsoft Corporation)
Task: {99893F8A-19F2-4A78-9C3D-705E4E456FA0} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-11-16] (NVIDIA Corporation)
Task: {9C46E4F7-6BA1-4653-964B-BE272C807ECB} - não caminho do arquivo
Task: {A5C30E61-87AB-47BE-B1A5-33A4C633C936} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-12-07] (Microsoft Corporation)
Task: {A8FEEDE4-253D-442A-9457-F76603141D2C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-11-16] (NVIDIA Corporation)
Task: {A9252740-1CA2-4148-B220-DF5A1FC71B2B} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {AFEE0725-2B49-4933-A832-0D5CA5773097} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-03-25] (ASUSTek Computer Inc.)
Task: {B9334FC3-530E-4AFF-AE8D-4B6B12C505A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-03-03] (Google Inc.)
Task: {CFCAD675-0CD3-489D-908C-3E28F54EC5E5} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {D1896020-A211-44C9-B4D9-95D394226083} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_pepper.exe [2019-01-09] (Adobe Systems Incorporated)
Task: {D9736033-F71D-4035-9FE1-763631C1E519} - não caminho do arquivo
Task: {E1C32A00-B299-4AAC-9A2E-02928287DDEC} - System32\Tasks\HPCustParticipation HP DeskJet 1110 series => C:\Program Files\HP\HP DeskJet 1110 series\Bin\HPCustPartic.exe [2017-04-18] (HP Inc.)
Task: {E39F8E32-F4B6-44B2-B8AF-D84A6CFEB7B8} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-09-15] ()
Task: {E906F782-432C-4310-A47E-5A7AD6F834D1} - System32\Tasks\S-1-5-21-2514267135-3352645930-2829355199-1000\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-09-15] (Microsoft Corporation)
Task: {EB37C57C-AD76-4187-B5CB-ACDF01858C32} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-11-16] (NVIDIA Corporation)
Task: {F3836248-CC78-4EB8-AEFC-C6F7A7FD9A03} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-12-14] (Microsoft Corporation)
Task: {F7D1E012-37A6-478C-923C-52307189F5E9} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated)
Task: {FE1BBBDE-1E39-4702-83F4-2ACE5205BDD9} - System32\Tasks\AndyOSUpdateTaskMachineUA => C:\Program Files (x86)\AndyOS\Update\GoogleUpdate.exe [2018-05-10] (AndyOS Inc.) <==== ATENÇÃO

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)


==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)


ShortcutWithArgument: C:\Users\FBFE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\FB - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

==================== Módulos Carregados (Whitelisted) ==============

2018-12-05 16:53 - 2018-11-16 09:51 - 001314672 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-09-15 05:28 - 2018-09-15 05:28 - 000834088 _____ () C:\Windows\System32\InputHost.dll
2018-11-26 14:20 - 2018-11-15 21:24 - 000154608 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-09-15 05:28 - 2018-09-15 05:28 - 000474624 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-05 22:58 - 2018-12-05 22:58 - 002801152 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-09-15 05:28 - 2018-09-15 05:28 - 001740288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-04 06:00 - 2018-10-04 06:01 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-12-13 10:53 - 2018-12-13 10:53 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-12-13 10:53 - 2018-12-13 10:56 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2019-01-11 01:40 - 2019-01-11 01:41 - 005172224 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\YourPhone.exe
2019-01-11 01:40 - 2019-01-11 01:41 - 002172928 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\YourPhone.AppCore.dll
2019-01-11 01:40 - 2019-01-11 01:41 - 001795584 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\PhoneContentDataStore.dll
2018-10-31 00:32 - 2018-10-31 00:33 - 001004032 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2019-01-11 01:40 - 2019-01-11 01:41 - 002907136 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\PhoneCommunicationAppService.dll
2015-03-06 22:07 - 2015-03-06 22:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2018-10-05 06:43 - 2018-10-05 06:43 - 001096840 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-06 22:07 - 2015-03-06 22:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2018-10-05 06:43 - 2018-10-05 06:43 - 000241800 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2018-12-05 16:53 - 2018-11-16 09:50 - 101251952 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-12-05 16:53 - 2018-11-16 09:50 - 004619632 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libglesv2.dll
2018-12-05 16:53 - 2018-11-16 09:50 - 000108400 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libegl.dll
2018-11-06 18:31 - 2018-11-06 18:32 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-11-06 18:31 - 2018-11-06 18:31 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-06 18:31 - 2018-11-06 18:31 - 001754112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2018-11-18 04:56 - 2018-11-18 05:00 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-11-18 04:56 - 2018-11-18 05:00 - 066031104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-11-18 04:56 - 2018-11-18 05:00 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-03-14 23:56 - 2018-03-14 23:59 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-11-18 04:56 - 2018-11-18 04:59 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-11-18 04:56 - 2018-11-18 05:00 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-20 17:46 - 2018-08-20 17:49 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-08-20 17:46 - 2018-08-20 17:49 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-03-30 09:40 - 2018-03-30 09:42 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-11-18 04:56 - 2018-11-18 05:00 - 014097920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-11-18 04:56 - 2018-11-18 04:59 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-11-18 04:56 - 2018-11-18 04:57 - 002863616 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-31 21:36 - 2018-08-31 21:43 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-27 21:20 - 2018-07-27 21:24 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-12-18 02:10 - 2018-12-12 03:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2018-12-18 02:10 - 2018-12-12 03:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2015-12-15 15:17 - 2015-12-15 15:17 - 000618544 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2018-09-12 23:19 - 2016-02-23 14:48 - 000082944 _____ () C:\Program Files (x86)\Cooler Master\MasterMouse S\HidDevice.dll
2018-12-05 16:53 - 2018-11-16 09:51 - 001032560 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-10-05 20:41 - 2018-05-01 00:01 - 001891672 _____ () C:\Users\FBFE\AppData\Local\Discord\app-0.0.301\ffmpeg.dll
2018-10-05 20:41 - 2018-05-01 00:01 - 001937752 _____ () C:\Users\FBFE\AppData\Local\Discord\app-0.0.301\libglesv2.dll
2018-10-05 20:41 - 2018-05-01 00:01 - 000095576 _____ () C:\Users\FBFE\AppData\Local\Discord\app-0.0.301\libegl.dll
2018-10-05 20:49 - 2018-12-18 18:37 - 011328856 _____ () \\?\C:\Users\FBFE\AppData\Roaming\discord\0.0.301\modules\discord_voice\discord_voice.node
2018-10-05 20:49 - 2018-11-16 13:49 - 001639256 _____ () \\?\C:\Users\FBFE\AppData\Roaming\discord\0.0.301\modules\discord_utils\discord_utils.node
2018-10-05 20:49 - 2018-10-05 20:49 - 001910104 _____ () \\?\C:\Users\FBFE\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\cld\build\Release\cld.node
2018-10-05 20:49 - 2018-10-05 20:49 - 000422744 _____ () \\?\C:\Users\FBFE\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\spellchecker\build\Release\spellchecker.node
2018-10-05 20:49 - 2018-10-05 20:49 - 000145240 _____ () \\?\C:\Users\FBFE\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2018-10-05 20:49 - 2018-10-05 20:49 - 000512856 _____ () \\?\C:\Users\FBFE\AppData\Roaming\discord\0.0.301\modules\discord_erlpack\discord_erlpack.node
2018-10-05 20:49 - 2018-12-18 18:37 - 001658712 _____ () \\?\C:\Users\FBFE\AppData\Roaming\discord\0.0.301\modules\discord_game_utils\discord_game_utils.node
2018-10-05 20:50 - 2018-10-10 08:45 - 009621848 _____ () \\?\C:\Users\FBFE\AppData\Roaming\discord\0.0.301\modules\discord_cloudsync\discord_cloudsync.node
2018-10-05 20:49 - 2018-10-05 20:49 - 002722648 _____ () \\?\C:\Users\FBFE\AppData\Roaming\discord\0.0.301\modules\discord_rpc\discord_rpc.node
2018-10-05 20:49 - 2018-11-26 21:25 - 001718104 _____ () \\?\C:\Users\FBFE\AppData\Roaming\discord\0.0.301\modules\discord_overlay2\discord_overlay2.node
2018-10-05 20:51 - 2018-12-13 05:49 - 001261400 _____ () \\?\C:\Users\FBFE\AppData\Roaming\discord\0.0.301\modules\discord_modules\discord_modules.node
2018-10-05 20:51 - 2019-01-08 21:26 - 022034264 _____ () \\?\C:\Users\FBFE\AppData\Roaming\discord\0.0.301\modules\discord_dispatch\discord_dispatch.node
2018-10-05 20:51 - 2018-10-05 20:51 - 002760536 _____ () \\?\C:\Users\FBFE\AppData\Roaming\discord\0.0.301\modules\discord_contact_import\discord_contact_import.node
2018-10-05 20:51 - 2018-10-05 20:51 - 001249112 _____ () \\?\C:\Users\FBFE\AppData\Roaming\discord\0.0.301\modules\discord_vigilante\discord_vigilante.node

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\ProgramData:NT [40]
AlternateDataStreams: C:\ProgramData:NT2 [816]
AlternateDataStreams: C:\Users\All Users:NT [40]
AlternateDataStreams: C:\Users\All Users:NT2 [816]
AlternateDataStreams: C:\Users\Todos os Usuários:NT [40]
AlternateDataStreams: C:\Users\Todos os Usuários:NT2 [816]
AlternateDataStreams: C:\ProgramData\Dados de aplicativos:NT [40]
AlternateDataStreams: C:\ProgramData\Dados de aplicativos:NT2 [816]
AlternateDataStreams: C:\ProgramData\muita San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\muita San Andreas All:NT2 [816]
AlternateDataStreams: C:\Users\FBFE\Dados de Aplicativos:00e481b5e22dbe1f649fcddd505d3eb7 [362]
AlternateDataStreams: C:\Users\FBFE\Dados de Aplicativos:NT [40]
AlternateDataStreams: C:\Users\FBFE\Dados de Aplicativos:NT2 [816]
AlternateDataStreams: C:\Users\FBFE\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [362]
AlternateDataStreams: C:\Users\FBFE\AppData\Roaming:NT [40]
AlternateDataStreams: C:\Users\FBFE\AppData\Roaming:NT2 [816]
AlternateDataStreams: C:\Users\Public\AppData:CSM [454]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [482]
AlternateDataStreams: C:\Users\Todos os Usuários\Dados de aplicativos:NT [40]
AlternateDataStreams: C:\Users\Todos os Usuários\Dados de aplicativos:NT2 [816]
AlternateDataStreams: C:\Users\Todos os Usuários\muita San Andreas All:NT [40]
AlternateDataStreams: C:\Users\Todos os Usuários\muita San Andreas All:NT2 [816]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)


==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-14 00:34 - 2018-03-04 13:10 - 000000931 _____ C:\WINDOWS\system32\drivers\etc\hosts

0.0.0.0 adclick.g.doublecklick.net
0.0.0.0 adeventtracker.spotify.com
0.0.0.0 ads-fa.spotify.com
0.0.0.0 analytics.spotify.com
0.0.0.0 audio2.spotify.com
0.0.0.0 b.scorecardresearch.com
0.0.0.0 bounceexchange.com
0.0.0.0 bs.serving-sys.com
0.0.0.0 content.bitsontherun.com
0.0.0.0 core.insightexpressai.com
0.0.0.0 crashdump.spotify.com
0.0.0.0 d2gi7ultltnc2u.cloudfront.net
0.0.0.0 d3rt1990lpmkn.cloudfront.net
0.0.0.0 desktop.spotify.com
0.0.0.0 doubleclick.net
0.0.0.0 ds.serving-sys.com
0.0.0.0 gtssl2-ocsp.geotrust.com
0.0.0.0 js.moatads.com
0.0.0.0 log.spotify.com
0.0.0.0 media-match.com
0.0.0.0 omaze.com
0.0.0.0 open.spotify.com
0.0.0.0 pagead46.l.doubleclick.net
0.0.0.0 pubads.g.doubleclick.net
0.0.0.0 redirector.gvt1.com
0.0.0.0 s0.2mdn.net
0.0.0.0 securepubads.g.doubleclick.net
0.0.0.0 spclient.wg.spotify.com
0.0.0.0 v.jwpcdn.com
0.0.0.0 weblb-wg.gslb.spotify.com

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;"“;”";;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2514267135-3352645930-2829355199-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\FBFE\Desktop\48768_rust.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Nenhum Arquivo)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

Se uma entrada for incluída na fixlist, será removida.

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: Andyos => 2
MSCONFIG\Services: Andyosm => 3
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: EasyAntiCheat => 3
MSCONFIG\Services: FoxitPhantomService => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MEmusvc => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: TeamViewer => 2
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run32: => "Updater"
HKU\S-1-5-21-2514267135-3352645930-2829355199-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2514267135-3352645930-2829355199-1000\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2514267135-3352645930-2829355199-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2514267135-3352645930-2829355199-1000\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-2514267135-3352645930-2829355199-1000\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2514267135-3352645930-2829355199-1000\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-2514267135-3352645930-2829355199-1000\...\StartupApproved\Run: => "EpicGamesLauncher"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [UDP Query User{52D2C849-8CA2-4950-BC94-D7937A4A01F3}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc.)
FirewallRules: [TCP Query User{91D0F3C6-EFD1-4946-B918-A724A99BF8C9}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc.)
FirewallRules: [{048A9B4A-E9D1-49A2-A591-20FA904D1CDB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{5F7AFE71-DD2C-4902-944B-477A64816ADE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{089BEC7C-324C-487B-A665-C0DC1A094C0A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{3FB4C780-DEB6-4650-832D-C06471B7EB1A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{259742DC-A366-47EA-B8DF-C3BFA2D27426}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{5297DDFD-5E9F-4ACF-9CC6-837C9266779C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{DFD4333D-E09F-4CA2-823D-3D47745B7A99}] => (Block) C:\program files\java\jre1.8.0_191\bin\javaw.exe (Oracle Corporation)
FirewallRules: [{4ECB76BC-1848-4252-9EF1-2CE8AF1EFD57}] => (Block) C:\program files\java\jre1.8.0_191\bin\javaw.exe (Oracle Corporation)
FirewallRules: [UDP Query User{E958606A-175C-4E65-9F9E-0974FD8A217E}C:\program files\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_191\bin\javaw.exe (Oracle Corporation)
FirewallRules: [TCP Query User{84E769D6-0B3F-4DE8-BB22-4A13D6C9FD1B}C:\program files\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_191\bin\javaw.exe (Oracle Corporation)
FirewallRules: [{C28CEF30-F5BF-4B7D-8ACF-B56039201FF5}] => (Block) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe (Oracle Corporation)
FirewallRules: [{CFA6348A-0CD4-4C04-A768-31C7C9D43EE8}] => (Block) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe (Oracle Corporation)
FirewallRules: [UDP Query User{3028027F-90C0-4391-94A1-42261A0040BE}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe (Oracle Corporation)
FirewallRules: [TCP Query User{C4880794-2582-4445-8940-73533C87473D}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe (Oracle Corporation)
FirewallRules: [{97625242-F353-4E37-9759-E31C48583175}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{291456D5-DF4A-4775-9F8B-2FD614AE576F}] => (Allow) LPort=433
FirewallRules: [{B49C2AA3-2413-44D3-84B9-46CBBD51AA8A}] => (Allow) LPort=80
FirewallRules: [UDP Query User{3DB1A4FF-3902-428F-A988-2416D7C78159}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc.)
FirewallRules: [TCP Query User{5EB048EC-4622-41B7-A305-68DE8DF7FB38}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc.)
FirewallRules: [{F48287EC-48CA-4195-8284-15836BB997E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zenimax Online\setup.exe (Zenimax Online Studios)
FirewallRules: [{BB4CD795-96AC-411B-9BE8-B9EBFF439C71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zenimax Online\setup.exe (Zenimax Online Studios)
FirewallRules: [{0055EE09-19DA-4C78-9469-A9E0AFAB8E29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zenimax Online\setup.exe (Zenimax Online Studios)
FirewallRules: [{76098470-C4C1-47E8-9B82-C65027BCE196}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zenimax Online\setup.exe (Zenimax Online Studios)
FirewallRules: [{E1E4061D-F7A6-402B-966B-7B4655766F31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zenimax Online\zosSteamStarter.exe (Zenimax Online Studios)
FirewallRules: [{CE043F34-87D2-47A7-A7FE-DCB5142BF432}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zenimax Online\zosSteamStarter.exe (Zenimax Online Studios)
FirewallRules: [UDP Query User{71DFC71F-49CE-478B-BD0B-8818E57A9490}C:\program files (x86)\gamers club\gclauncher.exe] => (Allow) C:\program files (x86)\gamers club\gclauncher.exe (EMACLAB)
FirewallRules: [TCP Query User{4119D249-EA85-4599-87F9-BFBCCEA9D2F5}C:\program files (x86)\gamers club\gclauncher.exe] => (Allow) C:\program files (x86)\gamers club\gclauncher.exe (EMACLAB)
FirewallRules: [UDP Query User{7061D307-DE1F-49AB-8828-5FEBF09B73B0}C:\program files (x86)\gamers club\gclauncher.exe] => (Allow) C:\program files (x86)\gamers club\gclauncher.exe (EMACLAB)
FirewallRules: [TCP Query User{148DD651-F958-4E9D-B35C-151343292767}C:\program files (x86)\gamers club\gclauncher.exe] => (Allow) C:\program files (x86)\gamers club\gclauncher.exe (EMACLAB)
FirewallRules: [UDP Query User{6FA667E7-8CCB-4F34-9024-4E8838638A7A}C:\users\fbfe\appdata\local\fivem\fivem.exe] => (Allow) C:\users\fbfe\appdata\local\fivem\fivem.exe (cfx-collective)
FirewallRules: [TCP Query User{BF1945FA-1D90-4913-88B2-369B965032EE}C:\users\fbfe\appdata\local\fivem\fivem.exe] => (Allow) C:\users\fbfe\appdata\local\fivem\fivem.exe (cfx-collective)
FirewallRules: [{BCE1817E-6122-4846-8C53-81578F2A5866}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG Corporation )
FirewallRules: [{1D2228BE-F65F-4A0A-AE63-B81E3550557F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG Corporation )
FirewallRules: [{8BC6FEE7-9D1E-43C9-80C5-A09D28833800}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{3D396700-D85D-4EC0-B8DB-0A40FAADE92E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{651C3E27-C7D5-48F4-983A-13238AE2FF56}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{CF291A9A-62F6-4740-83C9-721531666BFE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{AB73BDB3-5814-4978-9F48-145F8EE1F0BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead Frontier 2\DeadFrontier2.exe ()
FirewallRules: [{0FE85D21-C1AE-4C46-A763-46FA59A8AD38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead Frontier 2\DeadFrontier2.exe ()
FirewallRules: [{CF68F3A7-B489-43E6-ADE6-6C210B7F451E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe ()
FirewallRules: [{325F410B-4EE9-44C1-8CE6-C1A8C01CC19C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe ()
FirewallRules: [{D72B9E5D-751F-4F9E-A79E-53932350FAFA}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe (Visicom Media Inc)
FirewallRules: [{9AADDF78-DFD1-40CA-A375-29C6AAEB0443}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe (Visicom Media Inc)
FirewallRules: [{47DB3142-17BD-4740-9864-8C8B65D98753}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe ()
FirewallRules: [{6A2C4306-122A-437E-A94E-4D72E29BB7A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe ()
FirewallRules: [{1AC5CAD1-7D82-46CA-8F57-9FED41BFB6A7}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Corporation)
FirewallRules: [{D6DFE472-EAD2-4C66-B52D-2C9B381C22F8}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Corporation)
FirewallRules: [{64DA212D-7B86-4D87-AD5F-A77076639B19}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Corporation)
FirewallRules: [{CB3B915F-6B23-41E3-8278-8688F2ACAC34}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Corporation)
FirewallRules: [{A0D68C87-AC77-41BE-8780-6540AFBDDCD2}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Corporation)
FirewallRules: [{CCAD16B5-93DE-4828-9C5A-25ACDE5D232B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Corporation)
FirewallRules: [{1C44EC50-C836-4EE5-B5EE-31889AAFC580}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Corporation)
FirewallRules: [{723ACCB6-F042-42F6-9B6D-1D957726F201}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Corporation)
FirewallRules: [{E60D71D4-1318-4F5F-A5E5-29A000B5E458}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Corporation)
FirewallRules: [{4F053222-273A-4E8C-92CE-84FF455F38BB}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Corporation)
FirewallRules: [{C9C81913-06C1-4526-BD51-64EBB10D9230}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Corporation)
FirewallRules: [{865AD7AC-D1AF-4A93-BBB4-106E4C4C9570}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Corporation)
FirewallRules: [{A2BF87A9-3022-4934-8501-CE719CDDB019}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Corporation)
FirewallRules: [{B572910F-3882-4D12-9A3E-3E776BCD4741}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Corporation)
FirewallRules: [{E853C149-8127-413F-8038-FC6BE86567FF}] => (Allow) C:\WINDOWS\MnIz.exe (Microsoft Corporation)
FirewallRules: [{FFB00E8A-439D-491E-9DF8-138603864D74}] => (Allow) C:\WINDOWS\SysWOW64\IgalefyAA.exe (Microsoft Corporation)
FirewallRules: [{4BED6487-74DF-4844-952A-646A5E9AE50E}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe (Microsoft Corporation)
FirewallRules: [{CF2FE6FD-0C3E-487B-A5E9-8ACF1856BB76}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{7E2EA072-256C-4C92-A4BF-1545F6764269}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation)
FirewallRules: [{0F641952-1632-4FD2-8B8C-AE6D73590AF4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation)
FirewallRules: [{9CBB7DDF-B3DD-468C-8C32-8AA458B3CEFB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{8446201D-4570-41E4-954E-CB79FEA18BA4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{55E8305E-E7BA-4313-85AB-89C6E5AAC939}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zenimax Online\Launcher\Bethesda.net_Launcher.exe (ZeniMax Online Studios)
FirewallRules: [{6C50CE0B-359A-4F74-8183-DA574245F333}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zenimax Online\Launcher\Bethesda.net_Launcher.exe (ZeniMax Online Studios)
FirewallRules: [{71D1A8EF-197E-4B94-AD15-0ED7EAD48C39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zenimax Online\Launcher\Bethesda.net_Launcher.exe (ZeniMax Online Studios)
FirewallRules: [{4AE6BF79-BC34-440D-997E-3E2C370A7BFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zenimax Online\Launcher\Bethesda.net_Launcher.exe (ZeniMax Online Studios)
FirewallRules: [{9425B91A-9AD8-4EC9-89BB-DC9D8FC05369}] => (Allow) LPort=1688
FirewallRules: [{49064672-48AB-4FAA-98F9-013B60DF1121}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{5FC0EF13-2825-48B5-8F6E-E88C42C593E5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation)
FirewallRules: [UDP Query User{939EE595-4999-496E-BA8D-988B50B7B823}C:\users\fbfe\downloads\gclauncher (2).exe] => (Allow) C:\users\fbfe\downloads\gclauncher (2).exe (EMACLAB)
FirewallRules: [TCP Query User{ED3E88B5-059D-47BC-A9FA-5ED85CF8674E}C:\users\fbfe\downloads\gclauncher (2).exe] => (Allow) C:\users\fbfe\downloads\gclauncher (2).exe (EMACLAB)
FirewallRules: [{893A4139-1BDF-4D67-89A6-BA359F3C91D0}] => (Allow) C:\users\fbfe\downloads\gclauncher (1).exe (EMACLAB)
FirewallRules: [{F6A89D03-3491-4ABB-A2F0-0A6F67DBE9D8}] => (Allow) C:\users\fbfe\downloads\gclauncher (1).exe (EMACLAB)
FirewallRules: [UDP Query User{7367AD49-CB6D-450F-8C09-2D1399C6CCAC}C:\users\fbfe\downloads\gclauncher (1).exe] => (Allow) C:\users\fbfe\downloads\gclauncher (1).exe (EMACLAB)
FirewallRules: [TCP Query User{ED2FC731-07D8-49DE-9D82-5E520BE596CF}C:\users\fbfe\downloads\gclauncher (1).exe] => (Allow) C:\users\fbfe\downloads\gclauncher (1).exe (EMACLAB)
FirewallRules: [{D56269A1-221E-42DA-888C-BBE00315B7B2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{D7B070FF-CE88-4208-9F4A-BA6CED583A1B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{7AADF7C5-FD09-4597-A820-C48B01E56A0B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{07039570-08B7-495A-8616-5DB511886F3F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [UDP Query User{7770C8FC-F0F9-4784-BB0C-C9983F9ED4A0}C:\program files (x86)\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe (Clapfoot Inc)
FirewallRules: [TCP Query User{D84DA07D-AAA3-4AA9-B0DF-F9AD0E32C1B5}C:\program files (x86)\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe (Clapfoot Inc)
FirewallRules: [UDP Query User{75BE4113-034C-47A1-ADD1-12088578404A}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games)
FirewallRules: [TCP Query User{9F059E08-954C-4BBF-BFD9-68D694B18BE4}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games)
FirewallRules: [UDP Query User{B84FC2B9-193F-4116-89EB-5DF8688D7EA8}C:\users\fbfe\downloads\gclauncher.exe] => (Allow) C:\users\fbfe\downloads\gclauncher.exe (EMACLAB)
FirewallRules: [TCP Query User{D44DE8AB-B20E-4861-B704-9DA34E3EE694}C:\users\fbfe\downloads\gclauncher.exe] => (Allow) C:\users\fbfe\downloads\gclauncher.exe (EMACLAB)
FirewallRules: [{AE6DD986-117C-4DDF-924E-949112CB88EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe ()
FirewallRules: [{3989BC08-8D6D-43CB-9469-D6B33BF91BC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe ()
FirewallRules: [{2A46C63E-021B-4D41-95A8-2777F70F1830}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe (EasyAntiCheat Ltd)
FirewallRules: [{7E5015EC-21BF-4C9F-AC9E-135426EFF3E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe (EasyAntiCheat Ltd)
FirewallRules: [UDP Query User{9BA646D3-3D4D-4B9B-85A6-758E113AEC91}C:\program files (x86)\namco bandai games\darksouls\data.exe] => (Block) C:\program files (x86)\namco bandai games\darksouls\data.exe (NAMCO BANDAI Games Inc.)
FirewallRules: [TCP Query User{702B154B-A4F8-4487-8BF7-2C7C22933670}C:\program files (x86)\namco bandai games\darksouls\data.exe] => (Block) C:\program files (x86)\namco bandai games\darksouls\data.exe (NAMCO BANDAI Games Inc.)
FirewallRules: [UDP Query User{76A32856-F2B8-49AD-B7CD-EDFE355A4EC2}C:\program files (x86)\rise of the tomb raider - 20 years celebration\rottr.exe] => (Block) C:\program files (x86)\rise of the tomb raider - 20 years celebration\rottr.exe (Eidos Inc.)
FirewallRules: [TCP Query User{98CF9161-FED6-44C1-8F43-1B588E4BD3CB}C:\program files (x86)\rise of the tomb raider - 20 years celebration\rottr.exe] => (Block) C:\program files (x86)\rise of the tomb raider - 20 years celebration\rottr.exe (Eidos Inc.)
FirewallRules: [UDP Query User{D3760E35-2FA2-400E-9CE4-C236F6DB43E2}C:\program files (x86)\namco bandai games\darksouls\data.exe] => (Block) C:\program files (x86)\namco bandai games\darksouls\data.exe (NAMCO BANDAI Games Inc.)
FirewallRules: [TCP Query User{88EE35EE-CE8A-48D2-9DAE-B57DB206495A}C:\program files (x86)\namco bandai games\darksouls\data.exe] => (Block) C:\program files (x86)\namco bandai games\darksouls\data.exe (NAMCO BANDAI Games Inc.)
FirewallRules: [{C4337E56-2566-4B6A-9A18-7CBC39CD0884}] => (Allow) C:\Program Files (x86)\NAMCO BANDAI Games\DarkSouls\DARKSOULS.exe (NAMCO BANDAI Games Inc.)
FirewallRules: [UDP Query User{0FB0839F-8BA8-40B4-809D-FE17EB9D925C}C:\program files (x86)\rise of the tomb raider - 20 years celebration\rottr.exe] => (Allow) C:\program files (x86)\rise of the tomb raider - 20 years celebration\rottr.exe (Eidos Inc.)
FirewallRules: [TCP Query User{D906EEE1-B4CC-4CF6-BC07-DEEF56BC7B0C}C:\program files (x86)\rise of the tomb raider - 20 years celebration\rottr.exe] => (Allow) C:\program files (x86)\rise of the tomb raider - 20 years celebration\rottr.exe (Eidos Inc.)
FirewallRules: [{B54D41CA-82F5-476A-A202-931240A7B4D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DDDA\DDDA.exe (Capcom U.S.A., Inc.)
FirewallRules: [{359E48AA-B877-473A-923E-6729B1116D5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DDDA\DDDA.exe (Capcom U.S.A., Inc.)
FirewallRules: [{872F87A1-BC91-4340-83B6-F622FE0D4482}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe ()
FirewallRules: [{9F6142FC-AADE-4E05-BFBB-69A41FA94819}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe ()
FirewallRules: [{0397DD5B-1374-4413-9107-543F126F200D}] => (Allow) C:\program files (x86)\origin games\dragon age inquisition\dragonageinquisition.exe (Electronic Arts)
FirewallRules: [{2334AEEB-E875-4A04-884F-31E32AEE56F8}] => (Allow) C:\program files (x86)\origin games\dragon age inquisition\dragonageinquisition.exe (Electronic Arts)
FirewallRules: [{013C9DBF-F7A9-445D-8922-2936644F9CFF}] => (Allow) C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
FirewallRules: [{2A58ADDE-B1C2-498B-9EBE-3BDCAB9D87BF}] => (Allow) C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
FirewallRules: [{D3D178DF-A664-468E-A1A2-BFB7204152A0}] => (Allow) C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
FirewallRules: [{B00C014D-CA25-43EA-AE2A-AC24E3678024}] => (Allow) C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
FirewallRules: [{0EC3F9C5-64E9-45F6-BB90-B8BAA2FD6BF7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{373EEE30-541C-4C03-8F4D-658AAA165D76}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{F8E3C222-9CAE-4645-9F2C-E180354E4DF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations)
FirewallRules: [{7868CAD1-273A-4020-B1E6-49041F101C67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations)
FirewallRules: [TCP Query User{8E8C1744-C943-4F19-B49B-702E0156E576}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{16A778FE-6295-4702-8BD2-9EE9CA33CAEB}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole GinnoGames, Inc.)
FirewallRules: [{29699697-1AA9-46AA-A445-33C79FC4909E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe ( Taleworlds Entertainment)
FirewallRules: [{8778F9EA-D2C4-4A28-ADD2-5B7D6C4F5B9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe ( Taleworlds Entertainment)
FirewallRules: [{2FDF1AC2-477E-4DB0-B9B2-C4A58C6A6EFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hand Simulator\Hand Simulator.exe ()
FirewallRules: [{4F6672A2-99F9-4E81-81E7-45D043AAABD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hand Simulator\Hand Simulator.exe ()
FirewallRules: [{9E668F3F-4A2B-4048-8C30-E74E6556E1A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe ()
FirewallRules: [{3BD3CB41-7F96-4ACD-9284-9527D5FB3C2F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe ()
FirewallRules: [TCP Query User{672BE7EF-7923-4FDA-ADA3-0503A945A6A5}C:\users\fbfe\downloads\gclauncher.exe] => (Allow) C:\users\fbfe\downloads\gclauncher.exe (EMACLAB)
FirewallRules: [UDP Query User{696ACABA-F184-4743-99AB-F0007CDB4138}C:\users\fbfe\downloads\gclauncher.exe] => (Allow) C:\users\fbfe\downloads\gclauncher.exe (EMACLAB)
FirewallRules: [{A343E9CE-98C0-4A99-B1F0-64E6A2F8DF1E}] => (Allow) C:\Program Files\HP\HP DeskJet 1110 series\Bin\USBSetup.exe (HP Inc.)
FirewallRules: [{A1D4CF82-06DB-4861-AC7F-127650D1EA47}] => (Allow) C:\Program Files\HP\HP DeskJet 1110 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc.)
FirewallRules: [TCP Query User{0E5EA827-BFC8-4F61-9164-FB228BB67991}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{2D58E019-A62B-4C1B-BFCC-C7E7D3337E7D}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{33118399-B927-49EC-BFA0-DAE0DD35B823}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{E0CC096E-7D4B-4E1B-AB65-1178E3E5E60F}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{31F24700-B2A2-478F-8E1E-E8F0D4B46DAC}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{70029E90-A92D-4E91-9F01-E58B052F4748}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games, Inc.)
FirewallRules: [{65F39E83-C616-47EF-99A3-BA4630304EF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Foxhole\War.exe ()
FirewallRules: [{10B745C6-A2C7-43F2-BE3B-16933EF925A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Foxhole\War.exe ()
FirewallRules: [TCP Query User{49A40B24-8757-4F18-B73C-F45515C904F3}C:\program files (x86)\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe (Clapfoot Inc)
FirewallRules: [UDP Query User{BC24369D-EDAD-4D35-9728-0808CBABE15E}C:\program files (x86)\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe (Clapfoot Inc)
FirewallRules: [{FB6AA664-DF53-494A-B05E-6ADFF4771CCE}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelDrw.exe (Corel Corporation)
FirewallRules: [{4C674B58-6BE4-4762-902E-0CDC036D14B9}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelPP.exe (Corel Corporation)
FirewallRules: [{87551493-7943-423F-A447-EA80974C5F70}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe (Electronic Arts)
FirewallRules: [{EDAF692A-B63C-4C9B-B695-C6E8CA5B6E28}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe (Electronic Arts)
FirewallRules: [TCP Query User{3A45E32E-A0C3-4FC7-A043-56BAC5741FA0}C:\program files (x86)\origin games\dragon age inquisition\dragonageinquisition.exe] => (Allow) C:\program files (x86)\origin games\dragon age inquisition\dragonageinquisition.exe (Electronic Arts)
FirewallRules: [UDP Query User{23165B94-0295-4614-B239-647C0D745D81}C:\program files (x86)\origin games\dragon age inquisition\dragonageinquisition.exe] => (Allow) C:\program files (x86)\origin games\dragon age inquisition\dragonageinquisition.exe (Electronic Arts)
FirewallRules: [TCP Query User{E3B30310-DB36-44AA-8ACF-D8A7F547915F}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{9FB1F331-A143-40FB-ABEA-5B3DD4126845}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{D0887E2A-5D1B-4789-A208-039E8E446B12}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{6014D26D-490B-4EED-B08D-060B8B69D529}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{58D2CF5A-5E6A-41CE-B8E5-061AF0EBCBBD}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{516F321C-2437-4A6E-8B39-4F629AC5D47C}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole GinnoGames, Inc.)
FirewallRules: [{0751F1BE-D06B-4A1E-AD39-67F17738B2B9}] => (Allow) C:\Users\FBFE\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{1B52514F-E01C-43C6-BAED-5999F0AD432D}] => (Allow) C:\Users\FBFE\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{9B06265F-7EED-4DC7-9923-25B8DA04EF03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe ()
FirewallRules: [{8F3D7367-8D1B-4E9C-88AF-270CFB60415F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe ()
FirewallRules: [{399ECF80-BA3C-43A8-9B42-99BAEE4B2406}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games)
FirewallRules: [{51FBA56D-6657-43F5-BCD1-4533984A1958}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games)
FirewallRules: [TCP Query User{BC32703B-15C4-4A1B-9D7B-528363D75ABE}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games)
FirewallRules: [UDP Query User{E7045AF0-50A2-4264-A814-3F802DAAD783}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games)
FirewallRules: [{6FF10D8E-C38E-415C-A16B-66C822CF0DDB}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe Nenhum Arquivo
FirewallRules: [{CE6B6447-A1ED-406D-A75C-8EDC8DFAF261}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe Nenhum Arquivo
FirewallRules: [{BC387A17-50D8-4DA9-97FB-DA65987F6BB6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{A327680E-E0B9-459C-83FB-69DED7163403}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{53182882-E5AC-480A-8CCF-2D35FF59E1F9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{7B58F003-F766-4E61-8F87-B97FE8AC01F1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{D21303EB-A6B4-42B8-AF47-39A9A934A2AA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{16021B6E-5F39-4F86-BD7F-08563AC8C5C9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{4C8F26D2-57E0-40ED-9BDB-E167FA19F8E0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{5FA502B0-AF2C-4F81-81A2-CC27AA967A37}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{320C1284-AEA7-4970-AA33-BDF7426FA22E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{AADEC5AC-608B-42D1-98D0-032E158819D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe (Digital Extremes)
FirewallRules: [{F472537B-C4EC-469B-AF4E-9C4E5DF89F31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes)
FirewallRules: [{A61FF345-EEC2-4841-BC2A-C03AFC45767B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe (Digital Extremes)
FirewallRules: [{57BF8551-3081-4752-B8A2-74EBEBE18943}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes)
FirewallRules: [{F65C1D13-D40C-4832-A653-D397527D9CB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes)
FirewallRules: [{E3BA0F87-E1EE-4AA7-9D8A-5537B34A405E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe ()
FirewallRules: [{820BC327-FC79-4742-BFB7-BB3153A0C551}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe (Digital Extremes)
FirewallRules: [{1BB7C2C3-0919-4C16-994D-1135317E3DE6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes)
FirewallRules: [{FC7C2847-E488-414E-9857-D3ECFA996A7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe (Digital Extremes)
FirewallRules: [{CC5B3CE1-60CC-4290-AD80-6FE52409D0C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes)
FirewallRules: [{D74F080A-9961-4FE5-97F3-30EC99BEE28A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes)
FirewallRules: [{EEB03946-4E82-4DD0-97B3-3C343DE2DA5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe ()
FirewallRules: [{AE1E2127-A2D3-4EC1-918A-9DF38406A516}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdventureQuest3D\aq3d\AQ3D.exe ()
FirewallRules: [{70271793-2E45-46E9-9D7D-BBE349E104BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdventureQuest3D\aq3d\AQ3D.exe ()
FirewallRules: [{81CED594-49D4-4DF6-B8A3-57723546A240}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe ()
FirewallRules: [{709B5EF4-95CE-4A91-9B2D-9F48F78DB16A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe ()

==================== Pontos de Restauração =========================

01-01-2019 15:01:40 Ponto de Verificação Agendado
09-01-2019 14:39:32 Windows Update

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (01/10/2019 01:15:53 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa opera.exe versão 57.0.3098.106 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção.

ID do Processo: 1924

Hora de Início: 01d4a890bba08d5f

Hora de Término: 4

Caminho do Aplicativo: C:\Users\FBFE\AppData\Local\Programs\Opera\57.0.3098.106\opera.exe

ID do Relatório: 31f23af0-0f7d-4304-85e6-235017444d64

Nome completo do pacote com falha: 

ID do aplicativo relativo ao pacote com falha: 

Tipo com falha: Unknown

Error: (01/09/2019 05:19:34 PM) (Source: SetupARService) (EventID: 0) (User: )
Description: Serviço não pode ser iniciado. System.NullReferenceException: Referência de objeto não definida para uma instância de um objeto.
   em SetupAfterRebootService.SetupARService.OnStart(String[] args)
   em System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/09/2019 05:02:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Z-Analyse.exe, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.17763.134, carimbo de data/hora: 0xc30ded87
Código de exceção: 0xc0000409
Deslocamento da falha: 0x0011ab32
ID do processo com falha: 0x3348
Hora de início do aplicativo com falha: 0x01d4a84dd69a58f1
Caminho do aplicativo com falha: C:\Users\FBFE\AppData\Local\Temp\Rar$EXa17460.3199\Z-Analyse.exe
Caminho do módulo com falha: C:\WINDOWS\System32\KERNELBASE.dll
ID do Relatório: e79138cd-e615-428d-8ce8-9b3a6870e6c6
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:

Error: (01/09/2019 04:56:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Z-Analyse.exe, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.17763.134, carimbo de data/hora: 0xc30ded87
Código de exceção: 0xc0000409
Deslocamento da falha: 0x0011ab32
ID do processo com falha: 0x31fc
Hora de início do aplicativo com falha: 0x01d4a84d0ac2b9f5
Caminho do aplicativo com falha: C:\Users\FBFE\AppData\Local\Temp\Rar$EXa8948.19051\Z-Analyse.exe
Caminho do módulo com falha: C:\WINDOWS\System32\KERNELBASE.dll
ID do Relatório: 82cc3f99-5646-4ee6-acb0-5709c749bd35
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:

Error: (01/09/2019 04:41:59 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: A Central de Segurança não validou o chamador com o erro %1.

Error: (01/09/2019 04:41:56 PM) (Source: SetupARService) (EventID: 0) (User: )
Description: Serviço não pode ser iniciado. System.NullReferenceException: Referência de objeto não definida para uma instância de um objeto.
   em SetupAfterRebootService.SetupARService.OnStart(String[] args)
   em System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/09/2019 04:05:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Z-Analyse.exe, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.17763.134, carimbo de data/hora: 0xc30ded87
Código de exceção: 0xc0000409
Deslocamento da falha: 0x0011ab32
ID do processo com falha: 0x2444
Hora de início do aplicativo com falha: 0x01d4a845e7f434bc
Caminho do aplicativo com falha: C:\Users\FBFE\AppData\Local\Temp\Rar$EXa18468.12493\Z-Analyse.exe
Caminho do módulo com falha: C:\WINDOWS\System32\KERNELBASE.dll
ID do Relatório: ab62be47-b458-40c9-962c-4d6e5beec77c
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:

Error: (01/09/2019 04:02:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Z-Analyse.exe, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.17763.134, carimbo de data/hora: 0xc30ded87
Código de exceção: 0xc0000409
Deslocamento da falha: 0x0011ab32
ID do processo com falha: 0x4a58
Hora de início do aplicativo com falha: 0x01d4a84588737c67
Caminho do aplicativo com falha: C:\Users\FBFE\AppData\Local\Temp\Rar$EXa14168.46543\Z-Analyse.exe
Caminho do módulo com falha: C:\WINDOWS\System32\KERNELBASE.dll
ID do Relatório: dfc6563e-f4f1-44f8-a9a3-5b74511316bb
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:


Erros de Sistema:
=============
Error: (01/11/2019 01:12:20 PM) (Source: DCOM) (EventID: 10016) (User: FBFE-PC)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 e APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 ao usuário FBFE-PC\FBFE SID (S-1-5-21-2514267135-3352645930-2829355199-1000) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (01/11/2019 01:06:27 PM) (Source: DCOM) (EventID: 10016) (User: FBFE-PC)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 e APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 ao usuário FBFE-PC\FBFE SID (S-1-5-21-2514267135-3352645930-2829355199-1000) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (01/11/2019 09:31:33 AM) (Source: DCOM) (EventID: 10016) (User: FBFE-PC)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 e APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 ao usuário FBFE-PC\FBFE SID (S-1-5-21-2514267135-3352645930-2829355199-1000) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (01/11/2019 09:26:07 AM) (Source: DCOM) (EventID: 10016) (User: FBFE-PC)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 e APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 ao usuário FBFE-PC\FBFE SID (S-1-5-21-2514267135-3352645930-2829355199-1000) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (01/11/2019 09:24:14 AM) (Source: DCOM) (EventID: 10016) (User: FBFE-PC)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 e APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 ao usuário FBFE-PC\FBFE SID (S-1-5-21-2514267135-3352645930-2829355199-1000) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (01/11/2019 09:23:34 AM) (Source: DCOM) (EventID: 10016) (User: FBFE-PC)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 e APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 ao usuário FBFE-PC\FBFE SID (S-1-5-21-2514267135-3352645930-2829355199-1000) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (01/11/2019 09:18:08 AM) (Source: DCOM) (EventID: 10016) (User: FBFE-PC)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 e APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 ao usuário FBFE-PC\FBFE SID (S-1-5-21-2514267135-3352645930-2829355199-1000) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0 SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (01/11/2019 09:13:45 AM) (Source: DCOM) (EventID: 10016) (User: FBFE-PC)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 e APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 ao usuário FBFE-PC\FBFE SID (S-1-5-21-2514267135-3352645930-2829355199-1000) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.


CodeIntegrity:
===================================

Date: 2019-01-11 02:08:22.537
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-11 02:08:22.294
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-10 17:30:17.341
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-10 17:30:17.124
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2018-12-22 09:11:21.671
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2018-12-22 09:11:20.139
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2018-12-22 09:03:23.025
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2018-12-22 09:03:19.537
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

==================== Informações da Memória =========================== 

Processador: AMD Ryzen 5 1600 Six-Core Processor 
Percentagem de memória em uso: 45%
RAM física total: 8126.92 MB
RAM física disponível: 4390.43 MB
Virtual Total: 18238.92 MB
Virtual disponível: 12576 MB

==================== Drives ================================

Drive 😄 () (Fixed) (Total:930.59 GB) (Free:183 GB) NTFS
Drive e: () (Fixed) (Total:463.97 GB) (Free:440.54 GB) NTFS

\\?\Volume{6c072dd6-1f2c-11e8-906c-806e6f6e6963}\ (Reservado pelo Sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{8971f740-1f34-11e8-b7c3-806e6f6e6963}\ (D) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{aa2bcca6-0000-0000-0000-00ace8000000}\ () (Fixed) (Total:0.82 GB) (Free:0.34 GB) NTFS
\\?\Volume{8971f742-1f34-11e8-b7c3-806e6f6e6963}\ () (Fixed) (Total:0.46 GB) (Free:0.08 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: AA2BCCA6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=842 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 82D15779)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=473 MB) - (Type=27)

==================== Fim de Addition.txt ============================

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Fabricio Gomes

 

Siga os passos abaixo:

ETAPA 1

Baixe o Malwarebytes Anti-Malware (MBAM) do link abaixo e salve no seu desktop.
https://downloads.malwarebytes.org/file/mbam_current/
 
Clique duas vezes no mbam-setup.exe e siga o solicitado para instalar o programa.

  • Na aba Análise > Analise Personalizada marque a opção Procurar rootkits e as entradas referente a instalação do sistema operacional. Normalmente é o drive C:;
  • Clique em Analisar Agora. Aguarde, pois o scan pode demorar;
  • Ao acabar o scan, se houver itens encontrados, certifique-se que estejam todas marcados e clique no botão Remover Selecionadas ou Colocar em Quarentena;
  • Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo);
  • Caso o mbam não seja executado automaticamente após a reinicialização, execute manualmente;
  • O log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Relatórios na janela principal do programa;
  • Clique duas vezes no log (Registro de verificação). Clique no botão Exportar e utilize o formato .txt para exportar o log. Salve na Área de Trabalho.


ATENÇÃO: Abra o arquivo, selecione tudo, copie e cole o conteúdo deste log em sua próxima resposta.

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

ETAPA 2

Faça o download do AdwCleaner de um dos links abaixo e salve no desktop.
https://toolslib.net/downloads/viewdownload/1-adwcleaner/
http://www.bleepingcomputer.com/download/adwcleaner/

Clique em DOWNLOAD NOW para baixar o arquivo.

Execute o adwcleaner.exe

OBS: Usuários do Windows Vista, 7, 8/8.1 e windows 10 clique com o direito sobre o arquivo AdwCleaner.exe, depois clique em VRIfczU.png

Clique em VERIFICAR. Após o termino clique em LIMPAR e aguarde.

Será aberto o bloco de notas com o resultado.

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.
 

ETAPA 3


Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.


Faça o download do ZHPCleaner no link abaixo e salve em sua Área de trabalho (Desktop)

https://www.nicolascoolman.com/download/zhpcleaner/


Execute o arquivo ZHPCleaner.exe Como Administrador

  • Clique no botão Scanner.
  • A ferramenta começara o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Em seguida clique no botão Reparar.
  • Será gerado um log chamado ZHPCleaner.txt
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

  • Curtir 1

Compartilhar este post


Link para o post
Compartilhar em outros sites

Quando eu abri o ZHPCleaner e terminei os processos citados, não apareceu o lugar do arquivo, então cliquei em ''report'' no próprio programa, aqui está:

 

~ ZHPCleaner v2019.1.11.7 by Nicolas Coolman (2019/01/11) ~ Run by FBFE (Administrator) (13/01/2019 21:36:47) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\FBFE\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\FBFE\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home, 64-bit (Build 17763) ---\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. (ADS) ---\ Services (0) ~ No malicious or unnecessary items found. (Service) ---\ Browser internet (0) ~ No malicious or unnecessary items found. (Browser) ---\ Hosts file (1) ~ The hosts file is legitimate (31) ---\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. (Task) ---\ Explorer ( File, Folder) (39) MOVED file: C:\Users\FBFE\Desktop\µTorrent.lnk [Bad : C:\Users\FBFE\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..) =>BitTorrent (P2P) MOVED file: C:\Users\FBFE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [Bad : C:\Users\FBFE\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..) =>BitTorrent (P2P) MOVED file: C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [© 2018 Panda Security and Visicom Media Inc. - Panda Safe Web Link Library] =>.SUP.VisicomMedia MOVED file: C:\Windows\Installer\wix{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Users\FBFE\Downloads\uTorrent.exe [BitTorrent Inc. - µTorrent] =>BitTorrent (P2P) MOVED file: C:\Users\FBFE\AppData\Local\Temp\aria-debug-10132.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\FBFE\AppData\Local\Temp\aria-debug-10620.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\FBFE\AppData\Local\Temp\aria-debug-11216.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\FBFE\AppData\Local\Temp\aria-debug-11724.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\FBFE\AppData\Local\Temp\aria-debug-12228.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\FBFE\AppData\Local\Temp\aria-debug-13028.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\FBFE\AppData\Local\Temp\LocalStorage.txt =>.SUP.Temporary.Empty MOVED file: C:\Program Files (x86)\pandasecuritytb\cleanupie.exe [Visicom Media Inc - CleanupIE Application] =>.SUP.VisicomMedia MOVED folder: C:\Program Files (x86)\pandasecuritytb =>.SUP.VisicomMedia MOVED folder: C:\ProgramData\KMSAuto =>HackTool.WinActivator MOVED folder: C:\ProgramData\panda_url_filtering =>.SUP.StartSearch MOVED folder: C:\Users\FBFE\AppData\LocalLow\pandasecuritytb =>.SUP.VisicomMedia MOVED folder: C:\Users\FBFE\AppData\Local\MSfree Inc =>HackTool.WinActivator MOVED folder: C:\WINDOWS\Installer\MSI176.tmp- =>.SUP.Empty MOVED folder: C:\WINDOWS\Installer\MSI1C1C.tmp- =>.SUP.Empty MOVED folder: C:\WINDOWS\Installer\MSI1CD9.tmp- =>.SUP.Empty MOVED folder: C:\WINDOWS\Installer\MSI25B7.tmp- =>.SUP.Empty MOVED folder: C:\WINDOWS\Installer\MSI2D0B.tmp- =>.SUP.Empty MOVED folder: C:\WINDOWS\Installer\MSI9C80.tmp- =>.SUP.Empty MOVED folder: C:\WINDOWS\Installer\MSI9DBB.tmp- =>.SUP.Empty MOVED folder: C:\WINDOWS\Installer\MSIA27D.tmp- =>.SUP.Empty MOVED folder: C:\WINDOWS\Installer\MSIA29B.tmp- =>.SUP.Empty MOVED folder: C:\WINDOWS\Installer\MSIA72B.tmp- =>.SUP.Empty MOVED folder: C:\WINDOWS\Installer\MSIA8B3.tmp- =>.SUP.Empty MOVED folder: C:\WINDOWS\Installer\MSIA96F.tmp- =>.SUP.Empty MOVED folder: C:\WINDOWS\Installer\MSIAABB.tmp- =>.SUP.Empty MOVED folder: C:\WINDOWS\Installer\MSIAC05.tmp- =>.SUP.Empty MOVED folder: C:\WINDOWS\Installer\MSIADEB.tmp- =>.SUP.Empty MOVED folder: C:\WINDOWS\Installer\MSIB5C0.tmp- =>.SUP.Empty MOVED folder: C:\WINDOWS\Installer\MSIB69C.tmp- =>.SUP.Empty MOVED folder: C:\WINDOWS\Installer\MSIB72.tmp- =>.SUP.Empty MOVED folder: C:\WINDOWS\Installer\MSIC913.tmp- =>.SUP.Empty MOVED folder: C:\WINDOWS\Installer\MSICA1E.tmp- =>.SUP.Empty MOVED folder: C:\WINDOWS\Installer\MSIF574.tmp- =>.SUP.Empty ---\ Registry ( Key, Value, Data) (22) DELETED value: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{b60873b9-51aa-4566-b2fc-c16de2ec8bff} [Panda Safe Web] =>.SUP.VisicomMedia DELETED value: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{b60873b9-51aa-4566-b2fc-c16de2ec8bff} [Panda Safe Web] =>.SUP.VisicomMedia DELETED key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} [http://pandasecurity.mystart.com/results.php?pr=vmn&gen=ms&id=pandasafeweb&v=2_0&idate=2018-09-20&en[...]] [Search The Web] =>PUP.Optional.IMBooster DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b60873b9-51aa-4566-b2fc-c16de2ec8bff} [Panda Safe Web] =>.SUP.VisicomMedia DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{b60873b9-51aa-4566-b2fc-c16de2ec8bff} [] =>.SUP.VisicomMedia DELETED key*: [X64] HKLM\Software\Classes\CLSID\{b60873b9-51aa-4566-b2fc-c16de2ec8bff} [Panda Safe Web] =>.SUP.VisicomMedia DELETED key*: [X64] HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b60873b9-51aa-4566-b2fc-c16de2ec8bff} [] =>.SUP.VisicomMedia DELETED key*: [X64] HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{b60873b9-51aa-4566-b2fc-c16de2ec8bff} [] =>.SUP.VisicomMedia DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{b60873b9-51aa-4566-b2fc-c16de2ec8bff} [Panda Safe Web] =>.SUP.VisicomMedia DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b60873b9-51aa-4566-b2fc-c16de2ec8bff} [] =>.SUP.VisicomMedia DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{b60873b9-51aa-4566-b2fc-c16de2ec8bff} [] =>.SUP.VisicomMedia DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b60873b9-51aa-4566-b2fc-c16de2ec8bff} [Panda Safe Web] =>.SUP.VisicomMedia DELETED key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} [http://pandasecurity.mystart.com/results.php?pr=vmn&gen=ms&id=pandasafeweb&v=2_0&idate=2018-09-20&ent=ch_675&q={searchTerms}] =>PUP.Optional.IMBooster DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent [BitTorrent Inc.] =>BitTorrent (P2P) DELETED key*: HKCU\Software\undefined [] =>.SUP.Downloader DELETED key*: HKLM\SOFTWARE\Wow6432Node\pandasecuritytb [] =>.SUP.VisicomMedia DELETED key: HKLM\SOFTWARE\pandasecuritytb [] =>.SUP.VisicomMedia DELETED key: [X64] HKLM\SOFTWARE\Classes\CLSID\{b60873b9-51aa-4566-b2fc-c16de2ec8bff}\InprocServer32 [C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll (Not File)] =>.SUP.VisicomMedia DELETED value: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs\\c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\WinFxBrowserApplicationTemplateWizard.dll [1] =>Adware.CrossRider DELETED value: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\EpicGamesLauncher [0x0300000091D4A6287A40D401] =>Heuristic.Suspect DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{D72B9E5D-751F-4F9E-A79E-53932350FAFA} [C:\Program Files (x86)\pandasecuritytb\cleanupie.exe] =>.SUP.VisicomMedia DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{9AADDF78-DFD1-40CA-A375-29C6AAEB0443} [C:\Program Files (x86)\pandasecuritytb\cleanupie.exe] =>.SUP.VisicomMedia ---\ Summary of the elements found (11) https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>BitTorrent (P2P) https://nicolascoolman.eu/2017/03/18/superfluous-visicommedia/ =>.SUP.VisicomMedia https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Empty https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.OneDrive https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Empty https://nicolascoolman.eu/2017/01/13/hacktool-winactivator/ =>HackTool.WinActivator https://nicolascoolman.eu/2017/09/11/sup-startsearch/ =>.SUP.StartSearch https://nicolascoolman.eu/2017/09/08/adware-imbooster/ =>PUP.Optional.IMBooster https://nicolascoolman.eu/2017/12/22/sup-downloader/ =>.SUP.Downloader https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/ =>Adware.CrossRider https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect ---\ Other deletions. (16) ~ Registry Keys Tracing deleted (16) ~ Remove the old reports ZHPCleaner. (0) ---\ Result of repair ~ Repair carried out successfully ~ Browser not found (Mozilla Firefox) ---\ Statistics ~ Items scanned : 971 ~ Items found : 0 ~ Items cancelled : 0 ~ Items options : 12/12 ~ Space saving (bytes) : 470 ~ End of clean in 00h00mn50s ---\ Reports (2) ZHPCleaner--13012019-21_34_22.txt ZHPCleaner-[R]-13012019-21_37_37.txt

 

 

E peço também desculpas pela demora para responder.

 

 

Logzão.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Fabricio Gomes

 

Faça o download do RogueKiller by Tigzy, e salve na sua área de trabalho (Desktop).
roguekiller.exe (x64) << link

  • Feche todos os programas
  • Execute o RogueKiller.exe.
    ** Usuários do Windows Vista, Windows 7, 8, 8.1 e Windows 10:
    Clique com o direito sobre o arquivo rogueKiller.exe, depois clique em VRIfczU.png.
  • Clique em SCAN
  • Clique no primeiro START "Standard Scan (recommended)" e aguarde o scan...
  • Clique no botão RESULTS
  • Clique na opção REPORT e em EXPORT e selecione a opção Text file...
  • Salve o arquivo na area de trabalho com o nome roguekiller_report


Atente para abrir o arquivo, copiar e colar todo o conteúdo na sua próxima resposta

Compartilhar este post


Link para o post
Compartilhar em outros sites

Aqui está:

 

RogueKiller Anti-Malware V13.0.22.0 (x64) [Jan 14 2019] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.17763) 64 bits
Started in : Normal mode
User : FBFE [Administrator]
Started from : C:\Users\FBFE\Downloads\RogueKiller_portable64.exe
Mode : Standard Scan, Scan -- Date : 2019/01/14 20:42:59 (Duration : 00:28:53)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[Suspicious.Path (Potentially Malicious)] FairplayKD (0) -- (Hans Roes) \??\C:\ProgramData\muita San Andreas All\Common\temp\FairplayKD.sys -> Found
[PUP.HackTool (Potentially Malicious)] WinDivert1.1 (0) -- \??\C:\ProgramData\KMSAuto\bin\driver\x64WDV\WinDivert.sys -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> XX - Uninstall
  [PUP.Visicom (Potentially Malicious)] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\pandasecuritytb -- N/A -> Found
>>>>>> O23 - Services
  [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FairplayKD -- (Hans Roes) "C:\ProgramData\muita San Andreas All\Common\temp\FairplayKD.sys" -> Found
  [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EMAC Secure -- () C:\Users\FBFE\AppData\Local\Temp\GCSecure.sys -> Found
  [PUP.HackTool (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WinDivert1.1 -- C:\ProgramData\KMSAuto\bin\driver\x64WDV\WinDivert.sys (missing) -> Found
>>>>>> XX - Internet Explorer Start Page
  [PUP.Gen1 (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-2514267135-3352645930-2829355199-1000\Software\Microsoft\Internet Explorer\Main|Start Page -- http://pandasecurity.mystart.com/?pr=vmn&id=pandasafeweb&v=2_0&utm_campaign=675&idate=2018-09-20&ent=hp_675&u=0E16CDBCEBD0C73357C7BE5BA442DBD9 -> Found
  [PUP.Gen1 (Potentially Malicious)] (X86) HKEY_USERS\S-1-5-21-2514267135-3352645930-2829355199-1000\Software\Microsoft\Internet Explorer\Main|Start Page -- http://pandasecurity.mystart.com/?pr=vmn&id=pandasafeweb&v=2_0&utm_campaign=675&idate=2018-09-20&ent=hp_675&u=0E16CDBCEBD0C73357C7BE5BA442DBD9 -> Found
>>>>>> O87 - Firewall
  [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{BF1945FA-1D90-4913-88B2-369B965032EE}C:\users\fbfe\appdata\local\fivem\fivem.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\fbfe\appdata\local\fivem\fivem.exe|Name=fivem.exe|Desc=fivem.exe|Defer=User| (C:\users\fbfe\appdata\local\fivem\fivem.exe) -> Found
  [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{6FA667E7-8CCB-4F34-9024-4E8838638A7A}C:\users\fbfe\appdata\local\fivem\fivem.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\fbfe\appdata\local\fivem\fivem.exe|Name=fivem.exe|Desc=fivem.exe|Defer=User| (C:\users\fbfe\appdata\local\fivem\fivem.exe) -> Found
  [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E853C149-8127-413F-8038-FC6BE86567FF} -- v2.28|Action=Allow|Active=TRUE|Dir=In|App=C:\WINDOWS\MnIz.exe|Name=C:\WINDOWS\MnIz.exe|Desc=C:\WINDOWS\MnIz.exe| (C:\WINDOWS\MnIz.exe) -> Found
>>>>>> XX - Explorer Advanced
  [PUM.StartMenu (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-2514267135-3352645930-2829355199-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_TrackProgs -- 0 -> Found
  [PUM.StartMenu (Potentially Malicious)] (X86) HKEY_USERS\S-1-5-21-2514267135-3352645930-2829355199-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_TrackProgs -- 0 -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[Hj.Hosts (Malicious)] doubleclick.net => 0.0.0.0 -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Elias Pereira Eu fiz o Scan novamente e dessa vez apareceu que nada foi detectado.

 

''Everything's good so far no detection''

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Fabricio Gomes

 

  1. Clique no menu Iniciar, e após isso clique com o botão direito do mouse sob Este computador e selecione a opção Propriedades. .

  2. Em Propriedades, selecione a opção Configurações avançadas do sistema.

  3. Vá na aba Proteção do Sistema, e em Restauração do Sistema, vá na opção Criar.

    fce2f587-5556-456b-93d4-00966ae7f59d

  4. Depois basta seguir as instruções em tela, para criar seu ponto de restauração.

    OBS: Lembre-se de colocar um nome de fácil entendimento para uma posterior restauração a partir deste ponto.

Pressione as teclas Windows tecla-windows.gif + R e digite: msconfig
 
- Clique na guia Serviços, marque a opção Ocultar todos os serviços Microsoft e depois clique em Desativar tudo
- Clique na guia Inicialização de Programas e clique em Abrir Gerenciador de Tarefas
- Clique com o botão direito em cada entrada da inicialização e clique em Desabilitar/Desativar.

Volte para a tela de Configurações do Sistema e clique em Aplicar e depois em OK.
 
Siga as mensagens ate que seja solicitado a reiniciar.

Após isso me informe se os problemas em relação a malwares ainda persistem.

  • Obrigado 1

Compartilhar este post


Link para o post
Compartilhar em outros sites

Fiz todos esses procedimentos e aparentemente está tudo normal.

 

Muito obrigado pela sua ajuda.

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Fabricio Gomes

 

Em relação a malwares, não temos mais problemas.

Ultimas instruções.

Baixe o Delfix by Xplode do link abaixo e salve na sua área de trabalho.
http://www.bleepingcomputer.com/download/delfix/dl/281/

Dê dois cliques no delfix.exe para executá-lo. Marque as caixas conforme imagem.

*** Usuários do Windows Vista, 7, 8/8.1 e Windows 10clique com o direito sobre o arquivo delfix.exe, depois clique emVRIfczU.png

ipb9zl.png

Clique no botão Executar.

Ao final será gerado um log, mas não é necessário postar.

MANTENHA O SO ATUALIZADO:
Mantenha como "automatica" as atualizações do windows. Novas brechas de segurança são descobertas com freqüência. Muitos malwares exploram essas brechas, infectando sistemas sem depender de nenhuma ação do usuário. A Microsoft corrige essas brechas através das atualizações. Por isso é fundamental manter o seu sistema atualizado.

Se não tiver mais problema em relação a malwares, clique em Denunciar Post localizado no topo da pagina e diga que seu topico está RESOLVIDO. Se você tiver alguma dúvida relacionada a informática e tecnologia, sinta-se à vontade para postar em qualquer área do CdH.

Att.
Elias Pereira

  • Obrigado 1

Compartilhar este post


Link para o post
Compartilhar em outros sites

Crie uma conta ou entre para comentar

Você precisar ser um membro para fazer um comentário

Criar uma conta

Crie uma nova conta em nossa comunidade. É fácil!

Crie uma nova conta

Entrar

Já tem uma conta? Faça o login.

Entrar agora





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×