Ir ao conteúdo
  • Cadastre-se

Errepege

Membros Plenos
  • Total de itens

    53
  • Registro em

  • Última visita

  • Qualificações

    0%

Reputação

2

Informações gerais

  • Cidade e Estado
    Santo André. SP
  1. @Elias Pereira , cara. na moral, na certeza que esse arquivo não seria útil, deletei ele, meu problema foi resolvido lá atrás, esse último log me custou um grande tempo removendo os arquivos imensos que ele criou, causou lentidão no meu pc. Pode encerrar o tópico, por gentileza?
  2. Completo fracasso. Tentei fazer os procedimentos do Process Monitor, mas deu erro e fechou várias vezes. Quando conseguir fazer todo o procedimento, me deparei com meu ssd com 2 MB de espaço! O process Monitor criou um arquivo em ...\Windows com mais de 27GB! Ainda assim, gerei o arquivo, mas ele tem mais de 300 MB e cheio de caracteres ilegíveis. Anexo aqui? (se é que é possível anexar algo desse tamanho)
  3. Ok Segue log: SystemLook 30.07.11 by jpshortstuff Log created at 03:48 on 28/01/2018 by Rogério Administrator - Elevation successful ========== filefind ========== Searching for "WCAssistantService" No files found. ========== folderfind ========== Searching for "WCAssistantService" No folders found. ========== regfind ========== Searching for "WCAssistantService" No data found. -= EOF =-
  4. Seguem logs do FRST Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 21.01.2018 Executado por Rogério (23-01-2018 07:17:41) Executando a partir de C:\Users\Rogério\Desktop Windows 10 Home Versão 1709 16299.192 (X64) (2017-10-20 17:19:06) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-2442392909-140579935-1769747838-500 - Administrator - Disabled) ASPNET (S-1-5-21-2442392909-140579935-1769747838-1004 - Limited - Enabled) Convidado (S-1-5-21-2442392909-140579935-1769747838-501 - Limited - Disabled) DefaultAccount (S-1-5-21-2442392909-140579935-1769747838-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2442392909-140579935-1769747838-1006 - Limited - Enabled) Momar (S-1-5-21-2442392909-140579935-1769747838-1007 - Limited - Disabled) rapha_000 (S-1-5-21-2442392909-140579935-1769747838-1003 - Limited - Enabled) => C:\Users\rapha_000 Rogério (S-1-5-21-2442392909-140579935-1769747838-1001 - Administrator - Enabled) => C:\Users\Rogério WDAGUtilityAccount (S-1-5-21-2442392909-140579935-1769747838-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Norton Security (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton Security (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117} FW: Norton Security (Enabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.) Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated) Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated) Akamai NetSession Interface (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Akamai) (Version: - Akamai Technologies, Inc) Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation) Atualizações da NVIDIA 31.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.1.0 - NVIDIA Corporation) Hidden Corsair Utility Engine (HKLM-x32\...\{016ED5C0-8A01-416B-9AC9-FE00EB01ACF1}) (Version: 2.21.67 - Corsair) Curse (HKLM-x32\...\{A20BFF62-AE3C-42BD-9C52-841CAB96BC49}) (Version: 6.0.0.0 - Curse) Discord (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Discord) (Version: 0.0.300 - Discord Inc.) Dungeons & Dragons Online v2600.0045.9717.4070 (HKLM-x32\...\bc8a6440-918f-11dd-ad8b-0800200c9a66_is1) (Version: 2600.0045.9717.4070 - Standing Stone Games, LLC) Epic Games Launcher (HKLM-x32\...\{96984372-A249-4BA0-AEE5-47362B350A42}) (Version: 1.1.135.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version: - Ubisoft) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2016) (Version: 1.3 - Receita Federal do Brasil) IRPF2017 (HKLM-x32\...\IRPF2017) (Version: 1.1 - Receita Federal do Brasil) Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKLM-x32\...\{8CCCD0E7-56E4-45FB-B3FB-9F5183C2F4F0}) (Version: 4.1.2 - Riot Games) Hidden League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games) Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech) LoLReplay2 (HKLM-x32\...\{9D5BAC5A-EDBF-4A34-AC2D-139C84B7E050}_is1) (Version: v2.8.2 - Aequus Gaming Ltd.) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mozilla Firefox 57.0.4 (x64 pt-BR) (HKLM\...\Mozilla Firefox 57.0.4 (x64 pt-BR)) (Version: 57.0.4 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3 - Mozilla) MPC-HC 1.7.11 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.11 - MPC-HC Team) Norton Security (HKLM-x32\...\NS) (Version: 22.11.2.7 - Symantec Corporation) NVIDIA Driver de áudio HD 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation) NVIDIA Driver de controle do 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA Driver de gráficos 388.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.71 - NVIDIA Corporation) NVIDIA Driver do 3D Vision 388.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.71 - NVIDIA Corporation) NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 10.5.8.17910 - Electronic Arts, Inc.) Painel de controle da NVIDIA 388.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.71 - NVIDIA Corporation) Hidden PBE (HKLM-x32\...\PBE 1.0) (Version: 1.0 - Riot Games, Inc) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.) PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server) Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - ) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek) Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.10 - Serpro - Serviço Federal de Processamento de Dados) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games) SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts) Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.) Software de dispositivo do Chipset Intel® (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden Spotify (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Spotify) (Version: 1.0.68.407.g6864aaaf - Spotify AB) STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Twitch (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.) Uplay (HKLM-x32\...\Uplay) (Version: 36.0 - Ubisoft) VdhCoApp 1.1.1 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden WhatsApp (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\WhatsApp) (Version: 0.2.8082 - WhatsApp) WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation) ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation) ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-15] (NVIDIA Corporation) ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation) ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {03214716-56C0-49CF-869D-7EF8F06F0757} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-11-15] (NVIDIA Corporation) Task: {037AEFEB-5D66-4EF9-B6C4-C4793FB932B0} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [2018-01-16] (Adobe Systems Incorporated) Task: {04FD295A-E7E2-4DBB-9CF5-E8639BDA73C5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-11-15] (NVIDIA Corporation) Task: {127B2546-4D19-4740-B9E2-24408205DD9C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-15] (NVIDIA Corporation) Task: {13B73632-6084-4B4D-AC0B-4ED21DF68351} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation) Task: {22D60B90-C7EA-4290-8A98-6DE268CFA0BD} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation) Task: {6B290029-748C-41D8-80FD-AD53EF15F9A2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-15] (NVIDIA Corporation) Task: {6B83EC29-CC43-473C-A4AF-2FCA65A4BC43} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated) Task: {80D5ACF1-DB3B-4BD5-AB11-1FBC5F7C9BCD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-24] (Google Inc.) Task: {8C36BB8E-6C4D-49D5-AF9A-2DAD1BF30354} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2442392909-140579935-1769747838-1003 => C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {9148A3CE-4670-4246-9B86-854BEA005418} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-15] (NVIDIA Corporation) Task: {937620EF-3A3D-4E66-B45A-BE77585AE5EE} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2017-11-10] (Symantec Corporation) Task: {9785E5D8-92F8-4F2F-A430-F9EBDD57342F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-24] (Google Inc.) Task: {9CCB7E14-9012-4BC5-8983-7525E84DE981} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-11-15] (NVIDIA Corporation) Task: {A144C735-0CC3-4A62-8607-06D084C16A0C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-11-15] (NVIDIA Corporation) Task: {A68DAC04-3BCB-4FCE-9C70-930D1B607243} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-15] (NVIDIA Corporation) Task: {BECFF8D3-95BC-4FC6-8499-B387044C5FD0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-16] (Adobe Systems Incorporated) Task: {C575F8CD-B736-4649-8F61-49BACFFE2D04} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation) Task: {E5A8BBB3-FDFB-4345-9A2E-6F92534CA64A} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\WSCStub.exe [2017-11-10] (Symantec Corporation) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Atalhos & WMI ======================== (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\Rogério\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ShortcutWithArgument: C:\Users\Rogério\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5803ea45d7990e6f\WhatsChrome Extension.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kbhfoiaobflocffnclkigpkeoagheimn ==================== Módulos Carregados (Whitelisted) ============== 2017-09-29 11:41 - 2017-09-29 11:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-02-15 04:42 - 2017-11-15 23:41 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-12-13 07:57 - 2017-11-26 10:23 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-12-13 07:57 - 2017-11-26 10:01 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-01-04 18:03 - 2018-01-03 07:20 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libglesv2.dll 2018-01-04 18:03 - 2018-01-03 07:20 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libegl.dll 2017-02-15 04:42 - 2017-11-15 23:41 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-06-21 04:53 - 2017-11-29 03:09 - 000781088 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2017-06-21 04:53 - 2017-12-15 17:59 - 002558752 _____ () C:\Program Files (x86)\Steam\video.dll 2017-06-21 04:53 - 2016-08-31 23:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2017-12-20 21:49 - 2017-11-03 23:54 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll 2017-12-20 21:49 - 2017-11-03 23:54 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll 2017-12-20 21:49 - 2017-11-03 23:54 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll 2017-12-20 21:49 - 2017-11-03 23:54 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll 2017-12-20 21:49 - 2017-11-03 23:54 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll 2017-06-21 04:53 - 2016-08-31 23:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2017-06-21 04:53 - 2016-08-31 23:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2017-06-21 04:53 - 2017-12-15 17:59 - 000904992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2017-06-21 04:53 - 2016-07-04 20:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2017-06-21 04:54 - 2017-09-07 00:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll 2017-06-21 04:54 - 2017-10-31 02:44 - 071471904 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll 2017-06-21 04:53 - 2015-09-24 21:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll 2017-12-07 12:34 - 2017-12-07 12:34 - 000197120 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll 2017-12-07 12:26 - 2017-12-07 12:26 - 000044544 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\MacroRecording.dll 2017-12-07 12:49 - 2017-12-07 12:49 - 000151040 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairAudioDevice.dll 2017-12-07 12:26 - 2017-12-07 12:26 - 000097280 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\zlib.dll 2017-10-02 07:54 - 2017-10-02 07:54 - 000013312 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\libEGL.DLL 2017-10-02 07:54 - 2017-10-02 07:54 - 001950720 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\libGLESv2.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\localhost -> localhost ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2015-10-30 05:24 - 2015-10-30 05:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: BEService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3 MSCONFIG\Services: Intel(R) Security Assist => 3 MSCONFIG\Services: isaHelperSvc => 2 MSCONFIG\Services: jhi_service => 2 MSCONFIG\Services: LBTServ => 3 MSCONFIG\Services: LMS => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: Origin Client Service => 3 MSCONFIG\Services: Origin Web Helper Service => 2 MSCONFIG\Services: SkypeUpdate => 2 HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "IMSS" HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Akamai NetSession Interface" HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "OneDriveSetup" HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "uTorrent" ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{6A3AEA4A-6C2F-4DCF-8CED-8BF24273F186}] => (Allow) D:\Vuze\Azureus.exe FirewallRules: [{CCDC5F06-7575-4D7A-99D5-E547831D8D8D}] => (Allow) D:\Vuze\Azureus.exe FirewallRules: [{66B60690-A84D-43C1-B3E5-7E6570A8C4CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{3BCEA9B6-9EB8-4654-9EA2-C5EE356494E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{0F2D6EEE-D364-4F30-95DC-A268AEC7C69B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{4F17C9A2-4132-49A1-9610-02940CED6742}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{212F812C-3DF1-4F06-80C3-AEB3E785C207}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{07DDE512-9CCC-474A-A45C-5F60E353E097}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe FirewallRules: [{2C593F2A-99A0-4D01-8235-69F19632CA18}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe FirewallRules: [{6B49B98F-A6AE-437C-8DC9-1C689F0E3B66}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe FirewallRules: [{691A0892-A702-43D7-B2E4-AA3AC46BFC53}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe FirewallRules: [{686B1685-0541-4F0D-9AB6-591228928201}] => (Allow) D:\Games\Origin\SimCity\SimCity\SimCity.exe FirewallRules: [{3A0FD541-ED64-4CEB-9BC5-E4B07D240681}] => (Allow) D:\Games\Origin\SimCity\SimCity\SimCity.exe FirewallRules: [{ACD7F6EE-AE74-4689-BE04-0FA721C1B0DD}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe FirewallRules: [{7BE5F36D-4B47-4BFE-9E8E-6316A8F563BC}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe FirewallRules: [{57E60006-667B-4127-8FFE-F0880A05772B}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe FirewallRules: [{17046295-58D9-43D7-83BA-F78A3E2B76DC}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe FirewallRules: [{587B0D03-84D1-4CF4-B824-125CD26D68BB}] => (Allow) D:\Games\steamapps\common\Sword Coast Legends\SwordCoast.exe FirewallRules: [{D2A1E2FC-C7FD-4174-9921-518FAAF694AE}] => (Allow) D:\Games\steamapps\common\Sword Coast Legends\SwordCoast.exe FirewallRules: [{A6E57C5E-A0EA-467B-BEB3-E9BB5AB9F786}] => (Allow) D:\Games\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe FirewallRules: [{8504C1E4-6897-4FCD-A727-5FDE8E63293A}] => (Allow) D:\Games\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe FirewallRules: [{88A614AE-D977-4267-B58F-F7AB8B991491}] => (Allow) D:\Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe FirewallRules: [{708FDAC7-D9E8-44E4-BF33-F9A61FD7669B}] => (Allow) D:\Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe FirewallRules: [{7505F984-C705-44A6-86E1-FF8079F671CE}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\IGE_WPF64.exe FirewallRules: [{977AB962-91B9-4EAD-8988-8796730D9C63}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\IGE_WPF64.exe FirewallRules: [{3B73638A-4E23-43D8-B02D-7E9F79215723}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\FarCry4.exe FirewallRules: [{8B7D40A5-CA48-4CDF-8FF8-991E903B9EA3}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\FarCry4.exe FirewallRules: [{E4FB541D-F96A-4DB0-B6B2-8016A0CC2632}] => (Allow) D:\Games\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{AE266EFE-5C69-4C32-9674-15855D489BED}] => (Allow) D:\Games\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{BD2B9DB2-8BB0-40D0-82E5-1D1A8DAA1998}] => (Allow) D:\Games\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe FirewallRules: [{DE951DEB-87AE-4FF2-9F6D-7503C2ADC803}] => (Allow) D:\Games\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe FirewallRules: [{910A18F5-1557-43A5-AD2E-3F6E2DA658B6}] => (Allow) D:\Games\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe FirewallRules: [{A39BED4D-E47D-4C1A-B1CE-B5A3677A08F1}] => (Allow) D:\Games\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe FirewallRules: [{79950C39-6643-4DE1-B59C-28CA25216DE1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{1A3EFCCB-2809-4389-97A3-B3B818BACE03}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{627532CD-D967-4A6E-A8E0-1F63B7194A82}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{AF0748BD-259C-4F8D-9520-B02EB4F06E2F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{FFB1C619-937F-4820-9F4C-64418CE152A3}] => (Allow) C:\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe FirewallRules: [{A3A70C65-01F3-486B-8B75-A980A69F6F66}] => (Allow) C:\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe FirewallRules: [{765609D5-7494-4E93-9CA2-83A23540743E}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{AC0027CD-298C-4070-AA83-A7169A16F1D3}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{DC495A06-4183-476A-9DD4-69D43172CB0A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{71E0BAEE-872A-47A1-82E4-C978866389C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{992908C0-D632-462F-8B1B-660EA43AB307}] => (Allow) E:\Steam\Steam.exe FirewallRules: [{562016B1-6276-47E4-89F4-0E7047913FA6}] => (Allow) E:\Steam\Steam.exe FirewallRules: [{E5E99778-A929-415B-BBCA-B317AC521E27}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{D2A938C8-9B98-4C5F-AFCC-AE593E4FEC3B}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{D40BEE31-5F7B-4186-8BD4-9440D7D9A689}] => (Allow) E:\Steam\SteamApps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe FirewallRules: [{D4085136-777D-487C-9614-59DC29C6E4BC}] => (Allow) E:\Steam\SteamApps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe FirewallRules: [{671CFEB2-13D7-4C81-9F39-6B01F94DD4D3}] => (Allow) E:\Steam\SteamApps\common\Sword Coast Legends\SwordCoast.exe FirewallRules: [{B5BB585F-3FAE-4B5C-8FDA-25C188E40F92}] => (Allow) E:\Steam\SteamApps\common\Sword Coast Legends\SwordCoast.exe FirewallRules: [{0C0BEC0A-EBB1-46F2-8504-AA3D039071E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{5D366CB0-329E-4492-B892-FDD6F6424DBD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{23FD4592-0A1E-4ED7-B33B-84D9FF32ECE1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{6C0D5192-F0B3-496A-937B-95BF2C42A008}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{694775E2-71C6-4F92-95C1-CE30B7384F58}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{D40465AA-A88C-4BC9-B2BA-2F51B20CF5D8}] => (Allow) E:\Origin Games\SimCity\SimCity\SimCity.exe FirewallRules: [{7522DCBD-351D-4CA9-932B-2085EE8331A7}] => (Allow) E:\Origin Games\SimCity\SimCity\SimCity.exe FirewallRules: [{11EA87D8-3820-499D-8D11-2E9F472F6283}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{80B75330-A2F8-4231-AB67-B6D52A03BDFD}] => (Allow) E:\Steam\SteamApps\common\TreeOfSavior\release\patch\tos.exe FirewallRules: [{B4FDB7D3-8A77-46A8-8D8D-C21D9924C7E6}] => (Allow) E:\Steam\SteamApps\common\TreeOfSavior\release\patch\tos.exe FirewallRules: [TCP Query User{D3E18C15-52A3-4096-B48A-B121EC01D840}C:\users\rogério\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\rogério\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{87E64EE3-FF2C-4D2F-844A-4A407623700A}C:\users\rogério\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\rogério\appdata\local\akamai\netsession_win.exe FirewallRules: [{2D6CABFD-A41D-4EAF-B5FA-4B347A0D272A}] => (Allow) D:\FormatFactory\FormatFactory.exe FirewallRules: [{AC0A28C6-20CB-4877-8457-2CF3F589BC38}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{C9F054A8-9EE4-4182-B9FE-CA93EFD8F3C6}] => (Allow) D:\FormatFactory\FormatFactory.exe FirewallRules: [{D1EC6DFB-E4F2-42E3-8F06-3E7B73C6308A}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{5FEEDB86-69E0-4D54-A47B-3CD256347BBA}] => (Allow) D:\FormatFactory\FormatFactory.exe FirewallRules: [{6FEC8C01-9A2E-4634-81BC-AC3E009090CA}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{783F3379-67BD-452B-B7E4-1BC3076A56A4}] => (Allow) D:\FormatFactory\FFModules\Package\PTInstOnline.exe FirewallRules: [{2E2B5476-A7AB-4C63-B355-6A6F62ADDB4D}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{CC2207F9-AC08-42A8-8A35-C04DB1E5B74A}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{848F86BE-40C1-496C-888C-37246F8EB469}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{76AD3729-4A86-4B60-A4CD-584D7D631589}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe FirewallRules: [{7F019F32-7F2E-4476-8F41-B4B2A65B3714}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe ==================== Pontos de Restauração ========================= ATENÇÃO: A Restauração do Sistema está desabilitada ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (01/14/2018 01:55:45 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: Client_tos.exe, versão: 1.8.1.1, carimbo de data/hora: 0x5a56f93a Nome do módulo com falha: libtcmalloc_minimal.dll, versão: 0.0.0.0, carimbo de data/hora: 0x593015fc Código de exceção: 0xc0000005 Deslocamento da falha: 0x00009380 ID do processo com falha: 0x23f4 Hora de início do aplicativo com falha: 0x01d38d5012bae32a Caminho do aplicativo com falha: C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\Client_tos.exe Caminho do módulo com falha: C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\libtcmalloc_minimal.dll ID do Relatório: f9493912-1365-47be-9b20-a37ea49d5c6a Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/12/2018 10:10:21 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: svchost.exe_InstallService, versão: 10.0.16299.15, carimbo de data/hora: 0x9c786b9a Nome do módulo com falha: ucrtbase.dll, versão: 10.0.16299.125, carimbo de data/hora: 0x70f70cc4 Código de exceção: 0xc0000409 Deslocamento da falha: 0x000000000006b70e ID do processo com falha: 0x2bcc Hora de início do aplicativo com falha: 0x01d38a8642a02b4b Caminho do aplicativo com falha: C:\WINDOWS\System32\svchost.exe Caminho do módulo com falha: C:\WINDOWS\System32\ucrtbase.dll ID do Relatório: 23148c8e-b3ff-4448-b2c5-044c441c7dd5 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/11/2018 03:34:14 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: dwm.exe, versão: 10.0.16299.15, carimbo de data/hora: 0x7f22d77c Nome do módulo com falha: dwmcore.dll, versão: 10.0.16299.192, carimbo de data/hora: 0xa96f7b91 Código de exceção: 0xc0000602 Deslocamento da falha: 0x00000000000feff6 ID do processo com falha: 0x43c Hora de início do aplicativo com falha: 0x01d38a863b796c00 Caminho do aplicativo com falha: C:\WINDOWS\system32\dwm.exe Caminho do módulo com falha: C:\WINDOWS\system32\dwmcore.dll ID do Relatório: ad02ddef-fb75-4610-9263-0aff95066af3 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/04/2018 11:35:20 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa League of Legends.exe versão 7.24.211.7318 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção. ID do Processo: cd8 Hora de Início: 01d385c0a35b7484 Hora de Término: 4294967295 Caminho do Aplicativo: C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.198\deploy\League of Legends.exe ID do Relatório: 8e02608d-30f3-429d-b387-f574da11cc61 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/04/2018 05:00:55 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: dwm.exe, versão: 10.0.16299.15, carimbo de data/hora: 0x7f22d77c Nome do módulo com falha: dwmcore.dll, versão: 10.0.16299.125, carimbo de data/hora: 0x5eb910be Código de exceção: 0xc0000005 Deslocamento da falha: 0x0000000000086ece ID do processo com falha: 0x444 Hora de início do aplicativo com falha: 0x01d384fe8ed75982 Caminho do aplicativo com falha: C:\WINDOWS\system32\dwm.exe Caminho do módulo com falha: C:\WINDOWS\system32\dwmcore.dll ID do Relatório: bc220602-28c4-47ac-88b8-bff96a9ff5f1 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/02/2018 09:23:21 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: dwm.exe, versão: 10.0.16299.15, carimbo de data/hora: 0x7f22d77c Nome do módulo com falha: dwmcore.dll, versão: 10.0.16299.125, carimbo de data/hora: 0x5eb910be Código de exceção: 0xc0000602 Deslocamento da falha: 0x00000000000ef0ea ID do processo com falha: 0x241c Hora de início do aplicativo com falha: 0x01d38291ee880c75 Caminho do aplicativo com falha: C:\WINDOWS\system32\dwm.exe Caminho do módulo com falha: C:\WINDOWS\system32\dwmcore.dll ID do Relatório: a2c9f3f9-b717-4a9f-8a44-aa9fd30711aa Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/02/2018 08:13:36 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: Origin.exe, versão: 10.5.8.17910, carimbo de data/hora: 0x5a39a35e Nome do módulo com falha: Qt5WebEngineCore.dll, versão: 5.8.0.0, carimbo de data/hora: 0x59e17bf0 Código de exceção: 0x80000003 Deslocamento da falha: 0x01f77933 ID do processo com falha: 0x4990 Hora de início do aplicativo com falha: 0x01d3836784dba604 Caminho do aplicativo com falha: C:\Program Files (x86)\Origin\Origin.exe Caminho do módulo com falha: C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll ID do Relatório: eac078d6-d8d7-4d84-b5e5-e3cedac4d44e Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/02/2018 08:04:00 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: Lavasoft.WCAssistant.WinService.exe, versão: 1.0.0.0, carimbo de data/hora: 0x59482a46 Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.16299.15, carimbo de data/hora: 0x4736733c Código de exceção: 0xe0434f4d Deslocamento da falha: 0x0000000000013fb8 ID do processo com falha: 0x34a4 Hora de início do aplicativo com falha: 0x01d383b102aa6050 Caminho do aplicativo com falha: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe Caminho do módulo com falha: C:\WINDOWS\System32\KERNELBASE.dll ID do Relatório: a8c9df4a-026e-4a47-9029-1007bf4636c2 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/02/2018 06:39:21 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: Lavasoft.WCAssistant.WinService.exe, versão: 1.0.0.0, carimbo de data/hora: 0x59482a46 Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.16299.15, carimbo de data/hora: 0x4736733c Código de exceção: 0xe0434f4d Deslocamento da falha: 0x0000000000013fb8 ID do processo com falha: 0x4dd8 Hora de início do aplicativo com falha: 0x01d383a52efd13f2 Caminho do aplicativo com falha: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe Caminho do módulo com falha: C:\WINDOWS\System32\KERNELBASE.dll ID do Relatório: 8340d82d-deda-4a77-8c8f-acc7881a2d8a Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/02/2018 05:24:25 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: Lavasoft.WCAssistant.WinService.exe, versão: 1.0.0.0, carimbo de data/hora: 0x59482a46 Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.16299.15, carimbo de data/hora: 0x4736733c Código de exceção: 0xe0434f4d Deslocamento da falha: 0x0000000000013fb8 ID do processo com falha: 0x49e4 Hora de início do aplicativo com falha: 0x01d3839ab77a737a Caminho do aplicativo com falha: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe Caminho do módulo com falha: C:\WINDOWS\System32\KERNELBASE.dll ID do Relatório: 94b4f7ec-9282-467a-8287-d13eeeec4f41 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Erros de Sistema: ============= Error: (01/23/2018 07:09:06 AM) (Source: DCOM) (EventID: 10016) (User: ROGÉRIO) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} e APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} ao usuário Rogério\Rogério SID (S-1-5-21-2442392909-140579935-1769747838-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (01/23/2018 07:08:19 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9P086NHDNB9W-Microsoft.XboxSpeechtoTextOverlay. Error: (01/23/2018 07:08:19 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH42THS-Microsoft.Microsoft3DViewer. Error: (01/23/2018 07:08:12 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH537C2-Microsoft.XboxGameOverlay. Error: (01/23/2018 07:08:12 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH5FV99-Microsoft.MSPaint. Error: (01/22/2018 10:02:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9P086NHDNB9W-Microsoft.XboxSpeechtoTextOverlay. Error: (01/22/2018 10:01:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH537C2-Microsoft.XboxGameOverlay. Error: (01/22/2018 10:01:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH42THS-Microsoft.Microsoft3DViewer. Error: (01/22/2018 10:01:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH5FV99-Microsoft.MSPaint. Error: (01/22/2018 07:38:44 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH5FV99-Microsoft.MSPaint. CodeIntegrity: =================================== Date: 2018-01-20 01:37:30.483 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20180119.001\IPSEng64.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-19 02:00:56.995 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20180118.001\IPSEng64.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-15 20:42:11.779 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20180115.001\IPSEng64.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-11 01:06:19.398 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20180110.001\IPSEng64.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-06 05:50:05.136 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20180106.001\IPSEng64.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-05 22:15:06.110 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20180105.001\IPSEng64.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-05 01:24:14.904 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20180104.001\IPSEng64.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-03 21:39:19.972 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-03 08:22:04.982 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20180103.001\IPSEng64.dll that did not meet the Microsoft signing level requirements. Date: 2018-01-01 23:27:57.259 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20180101.001\IPSEng64.dll that did not meet the Microsoft signing level requirements. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz Percentagem de memória em uso: 24% RAM física total: 16329.73 MB RAM física disponível: 12361.7 MB Virtual Total: 18761.73 MB Virtual disponível: 14127.86 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:118.46 GB) (Free:19.63 GB) NTFS Drive d: (Rogério) (Fixed) (Total:2794.39 GB) (Free:1949.81 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 8A6487A7) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=118.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ==================== Fim de Addition.txt ============================ ********************************************************************* Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 21.01.2018 Executado por Rogério (administrador) em ROGÉRIO (23-01-2018 07:17:10) Executando a partir de C:\Users\Rogério\Desktop Perfis Carregados: Rogério (Perfis Disponíveis: Rogério & rapha_000) Platform: Windows 10 Home Versão 1709 16299.192 (X64) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\ns.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\ns.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech, Inc.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-07-11] (Intel Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation) HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe [21098704 2017-12-07] (Corsair Components, Inc.) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation) HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545048 2017-03-14] (Skype Technologies S.A.) HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Rogério\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.) HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [uTorrent] => C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe [1985464 2018-01-02] (BitTorrent Inc.) HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Spotify Web Helper] => C:\Users\Rogério\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-11-27] (Spotify Ltd) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{1cccdaf1-4209-4f93-9225-dd69cf1164d9}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{1cccdaf1-4209-4f93-9225-dd69cf1164d9}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{2748ca79-bce9-4d38-959b-7b3cd42ef846}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Internet Explorer: ================== HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180102__yaie BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation) FireFox: ======== FF DefaultProfile: ycdepkaz.default FF ProfilePath: C:\Users\Rogério\AppData\Roaming\Mozilla\Firefox\Profiles\ycdepkaz.default [2018-01-19] FF Homepage: Mozilla\Firefox\Profiles\ycdepkaz.default -> about:home FF NewTab: Mozilla\Firefox\Profiles\ycdepkaz.default -> hxxps://br.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180102__yaff FF Session Restore: Mozilla\Firefox\Profiles\ycdepkaz.default -> está habilitado. FF Extension: (Video DownloadHelper) - C:\Users\Rogério\AppData\Roaming\Mozilla\Firefox\Profiles\ycdepkaz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-01-19] FF Extension: (Flash and Video Download) - C:\Users\Rogério\AppData\Roaming\Mozilla\Firefox\Profiles\ycdepkaz.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}.xpi [2018-01-19] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2017-04-01] [Legacy] [não assinado] FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> D:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-28] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-28] (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-12-15] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-12-15] (NVIDIA Corporation) FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-24] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-24] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Profile 1 CHR HomePage: Profile 1 -> hxxp://www.metroweb.sp.gov.br/ CHR StartupUrls: Profile 1 -> "hxxps://www.oculus.com/en-us/rift/","hxxp://www.shoptime.com.br/produto/124255321/geladeira-refrigerador-frost-free-brastemp-ative-brm50-429-litros-platinum?epar=9381&opn=COMPARADORES","hxxp://www.shoptime.com.br/produto/124255291/geladeira-refrigerador-frost-free-brastemp-ative-brm48-403-litros-platinum?opn=GOOGLEXML&loja=01&WT.srch=1&epar=bp_pl_00_go_pla-ed-refrigerador-todas-geral","hxxps://www.balaodainformatica.com.br/Cliente/MinhaConta","hxxp://carinhas.com.br/produto/caneca-personalizada-3/","hxxp://www.bastter.com/Mercado/BastterBlue/como-obter-acesso.aspx","hxxp://www.bastter.com/Mercado/Loja/Categoria/5/Revista-Bastter-Com.aspx","hxxp://guides.gamepressure.com/batmanarkhamasylum/guide.asp?ID=8059","hxxp://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns&p=4038291&viewfull=1#post4038291","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4038291&postcount=19","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063665&postcount=24","hxxp://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4038363&postcount=20","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063639&postcount=22","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063650&postcount=23","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4077985&postcount=60","hxxps://pitzi.com.br/","hxxp://produto.mercadolivre.com.br/MLB-729972915-mata-insetos-pernilongos-moscas-e-mosquitos-zika-dengue-_JM","hxxp://www.probuilds.net/guide/show/KR/2214984472/1561528","hxxp://www.probuilds.net/guide/show/KR/2217666300/1268315","hxxp://www.procon.sp.gov.br/","hxxp://www.leagueoflegendsmath.com/Articles/Common_Build_Mistakes.html","hxxp://www.probuilds.net/guide/show/EUW/2453503356/19806326","hxxp://ddowiki.com/page/Adventure_Packs","hxxp://ddowiki.com/page/Vault_of_Night_(story_arc)","hxxp://ddowiki.com/page/Litany_of_the_Dead_Part_3","hxxp://ddowiki.com/page/The_Shadow_Crypt","hxxps://www.ddo.com/forums/archive/index.php/t-442813.html?s=349b7415d277efc7c0b7e3469ac30f9d","hxxp://ddowiki.com/page/Talk:Augment_Slot","hxxp://ddowiki.com/page/Augment_Slot","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Level_12","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Ruskin_Blackboot_.28Level_12.29","hxxp://ddowiki.com/page/Devil_Assault_(quest)","hxxp://ddowiki.com/page/Astral_Diamond","hxxp://ddowiki.com/page/Item:Shard_of_Great_Power","hxxp://ddowiki.com/page/Pure_Shavarath_Iron","hxxp://crafting.cubicleninja.com/","hxxps://www.ddo.com/en/U29","hxxp://speedtest.copel.net/" CHR Session Restore: Profile 1 -> está habilitado. CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default [2018-01-02] CHR Extension: (Apresentações) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-25] CHR Extension: (Documentos) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-25] CHR Extension: (Google Drive) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-25] CHR Extension: (YouTube) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-25] CHR Extension: (Norton Security Toolbar) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-11-25] CHR Extension: (Adobe Acrobat) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-11-25] CHR Extension: (Planilhas) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-25] CHR Extension: (SearchVZ) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhmeggicckjohfhgocjieomdmmanmocd [2017-11-25] CHR Extension: (Documentos Google off-line) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-25] CHR Extension: (Norton Identity Safe) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2017-11-25] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-25] CHR Extension: (Gmail) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-25] CHR Extension: (Chrome Media Router) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-25] CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-12-16] CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-01-23] CHR Extension: (Duolingo na Web) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2017-11-24] CHR Extension: (Google Drive) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-24] CHR Extension: (YouTube) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-24] CHR Extension: (Facebook) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2017-11-24] CHR Extension: (Adblock Plus) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-11-24] CHR Extension: (Google Agenda) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-11-24] CHR Extension: (Video Downloader professional) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2017-12-27] CHR Extension: (CastBuddy) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghagedffjalchgcgdgfindabkpnmalel [2018-01-03] CHR Extension: (hxxp://www.netflix.com/browse) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hjaaapkoiljkjpgpfgckfielajkdjhik [2017-11-24] CHR Extension: (X-Men Blog - PASSA PRO BABAÇO!) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\miaklnakbdehkcfhmoohcocbifodpebf [2017-11-24] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-24] CHR Extension: (Gmail) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-24] CHR Extension: (Chrome Media Router) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-16] CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\System Profile [2017-12-16] CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\Exts\Chrome.crx <não encontrado (a)> CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fhmeggicckjohfhgocjieomdmmanmocd] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\Exts\Chrome.crx <não encontrado (a)> CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx ==================== Serviços (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-12-18] () S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation) S4 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Arquivo não assinado] S4 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Arquivo não assinado] S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-11] (Intel Corporation) R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [343544 2017-12-06] (McAfee, Inc.) R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NS.exe [326144 2017-11-11] (Symantec Corporation) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-15] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-15] (NVIDIA Corporation) S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2155328 2018-01-01] (Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3025224 2018-01-01] (Electronic Arts) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (Whitelisted) ====================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\BASHDefs\20180117.007\BHDrvx64.sys [1872024 2017-10-11] (Symantec Corporation) R1 ccSet_NS; C:\WINDOWS\system32\drivers\NSx64\160B020.007\ccSetx64.sys [187544 2017-11-10] (Symantec Corporation) R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45528 2017-07-31] (Corsair) R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21968 2017-07-31] (Corsair) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [507984 2018-01-03] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [152656 2018-01-03] (Symantec Corporation) R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20180119.001\IDSvia64.sys [1056920 2017-10-13] (Symantec Corporation) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [917008 2017-12-06] (McAfee, Inc.) S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [124432 2017-12-06] (McAfee, Inc.) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d37ca5c2cde53609\nvlddmkm.sys [17028552 2017-12-18] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-15] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-10] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-11-27] (NVIDIA Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2017-03-10] (Realtek ) R1 SRTSP; C:\WINDOWS\System32\Drivers\NSx64\160B020.007\SRTSP64.SYS [812696 2017-11-10] (Symantec Corporation) R1 SRTSPX; C:\WINDOWS\system32\drivers\NSx64\160B020.007\SRTSPX64.SYS [49304 2017-11-10] (Symantec Corporation) R0 SymEFASI; C:\WINDOWS\System32\drivers\NSx64\160B020.007\SYMEFASI64.SYS [1938584 2017-11-10] (Symantec Corporation) S0 SymELAM; C:\WINDOWS\System32\drivers\NSx64\160B020.007\SymELAM.sys [24608 2017-11-10] (Symantec Corporation) R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102600 2017-11-17] (Symantec Corporation) R1 SymIRON; C:\WINDOWS\system32\drivers\NSx64\160B020.007\Ironx64.SYS [309984 2017-11-10] (Symantec Corporation) R1 SymNetS; C:\WINDOWS\System32\Drivers\NSx64\160B020.007\SYMNETS.SYS [566936 2017-11-10] (Symantec Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2018-01-23 07:17 - 2018-01-23 07:17 - 000024698 _____ C:\Users\Rogério\Desktop\FRST.txt 2018-01-21 03:26 - 2018-01-21 03:26 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation 2018-01-19 01:58 - 2018-01-19 01:58 - 008206624 _____ (Malwarebytes) C:\Users\Rogério\Desktop\adwcleaner_7.0.7.0.exe 2018-01-15 14:11 - 2018-01-23 07:16 - 000000000 ____D C:\Users\Rogério\Desktop\FRST-OlderVersion 2018-01-15 14:11 - 2018-01-15 14:12 - 000003606 _____ C:\Users\Rogério\Desktop\Fixlog.txt 2018-01-06 05:24 - 2018-01-06 05:24 - 004209653 _____ C:\Users\Rogério\Desktop\cemu_1.11.3.zip 2018-01-05 02:55 - 2018-01-05 02:55 - 000286341 _____ C:\Users\Rogério\Desktop\Lmao - Coub - GIFs with sound.mp4 2018-01-05 02:49 - 2018-01-05 02:49 - 000000681 _____ C:\Users\Rogério\Desktop\JRT.txt 2018-01-05 02:17 - 2018-01-01 15:15 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe 2018-01-05 02:17 - 2018-01-01 10:54 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2018-01-05 02:17 - 2018-01-01 10:53 - 001090984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2018-01-05 02:17 - 2018-01-01 10:52 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll 2018-01-05 02:17 - 2018-01-01 10:51 - 001414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2018-01-05 02:17 - 2018-01-01 10:51 - 001209240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2018-01-05 02:17 - 2018-01-01 10:51 - 001055128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2018-01-05 02:17 - 2018-01-01 10:51 - 000191816 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll 2018-01-05 02:17 - 2018-01-01 10:51 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys 2018-01-05 02:17 - 2018-01-01 10:50 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2018-01-05 02:17 - 2018-01-01 10:50 - 000780464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2018-01-05 02:17 - 2018-01-01 10:50 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll 2018-01-05 02:17 - 2018-01-01 10:50 - 000077208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2018-01-05 02:17 - 2018-01-01 10:49 - 008605080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2018-01-05 02:17 - 2018-01-01 10:49 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2018-01-05 02:17 - 2018-01-01 10:49 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2018-01-05 02:17 - 2018-01-01 10:49 - 000292376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll 2018-01-05 02:17 - 2018-01-01 10:48 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2018-01-05 02:17 - 2018-01-01 10:48 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2018-01-05 02:17 - 2018-01-01 10:48 - 000382360 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2018-01-05 02:17 - 2018-01-01 10:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2018-01-05 02:17 - 2018-01-01 10:47 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys 2018-01-05 02:17 - 2018-01-01 10:46 - 002709704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2018-01-05 02:17 - 2018-01-01 10:46 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2018-01-05 02:17 - 2018-01-01 10:46 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2018-01-05 02:17 - 2018-01-01 10:46 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2018-01-05 02:17 - 2018-01-01 10:45 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2018-01-05 02:17 - 2018-01-01 10:45 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2018-01-05 02:17 - 2018-01-01 10:45 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys 2018-01-05 02:17 - 2018-01-01 10:43 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2018-01-05 02:17 - 2018-01-01 10:43 - 000367336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2018-01-05 02:17 - 2018-01-01 10:43 - 000062872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys 2018-01-05 02:17 - 2018-01-01 10:42 - 001029016 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll 2018-01-05 02:17 - 2018-01-01 10:42 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2018-01-05 02:17 - 2018-01-01 10:42 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2018-01-05 02:17 - 2018-01-01 10:42 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll 2018-01-05 02:17 - 2018-01-01 10:42 - 000109976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys 2018-01-05 02:17 - 2018-01-01 10:41 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2018-01-05 02:17 - 2018-01-01 10:41 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2018-01-05 02:17 - 2018-01-01 10:41 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll 2018-01-05 02:17 - 2018-01-01 10:40 - 001206680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2018-01-05 02:17 - 2018-01-01 10:39 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2018-01-05 02:17 - 2018-01-01 10:39 - 000677784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2018-01-05 02:17 - 2018-01-01 10:39 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2018-01-05 02:17 - 2018-01-01 10:39 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2018-01-05 02:17 - 2018-01-01 10:39 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys 2018-01-05 02:17 - 2018-01-01 10:38 - 003904808 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2018-01-05 02:17 - 2018-01-01 10:38 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2018-01-05 02:17 - 2018-01-01 10:38 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe 2018-01-05 02:17 - 2018-01-01 10:38 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2018-01-05 02:17 - 2018-01-01 10:38 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys 2018-01-05 02:17 - 2018-01-01 10:37 - 001426664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2018-01-05 02:17 - 2018-01-01 10:37 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe 2018-01-05 02:17 - 2018-01-01 10:36 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2018-01-05 02:17 - 2018-01-01 10:36 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe 2018-01-05 02:17 - 2018-01-01 10:36 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2018-01-05 02:17 - 2018-01-01 10:36 - 000113560 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll 2018-01-05 02:17 - 2018-01-01 10:36 - 000057752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys 2018-01-05 02:17 - 2018-01-01 10:35 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2018-01-05 02:17 - 2018-01-01 10:35 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll 2018-01-05 02:17 - 2018-01-01 10:34 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2018-01-05 02:17 - 2018-01-01 10:34 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2018-01-05 02:17 - 2018-01-01 10:34 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2018-01-05 02:17 - 2018-01-01 10:34 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2018-01-05 02:17 - 2018-01-01 10:33 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2018-01-05 02:17 - 2018-01-01 10:33 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2018-01-05 02:17 - 2018-01-01 10:32 - 004481240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2018-01-05 02:17 - 2018-01-01 10:32 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2018-01-05 02:17 - 2018-01-01 10:27 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2018-01-05 02:17 - 2018-01-01 10:27 - 000163736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2018-01-05 02:17 - 2018-01-01 10:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2018-01-05 02:17 - 2018-01-01 10:26 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys 2018-01-05 02:17 - 2018-01-01 10:25 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2018-01-05 02:17 - 2018-01-01 10:25 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys 2018-01-05 02:17 - 2018-01-01 10:23 - 021352144 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2018-01-05 02:17 - 2018-01-01 10:21 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2018-01-05 02:17 - 2018-01-01 10:21 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2018-01-05 02:17 - 2018-01-01 10:06 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2018-01-05 02:17 - 2018-01-01 10:03 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2018-01-05 02:17 - 2018-01-01 10:03 - 000650328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2018-01-05 02:17 - 2018-01-01 10:03 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2018-01-05 02:17 - 2018-01-01 10:03 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll 2018-01-05 02:17 - 2018-01-01 09:53 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2018-01-05 02:17 - 2018-01-01 09:49 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2018-01-05 02:17 - 2018-01-01 09:49 - 000258808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll 2018-01-05 02:17 - 2018-01-01 09:46 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2018-01-05 02:17 - 2018-01-01 09:46 - 000289816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2018-01-05 02:17 - 2018-01-01 09:45 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2018-01-05 02:17 - 2018-01-01 09:45 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2018-01-05 02:17 - 2018-01-01 09:45 - 002192624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2018-01-05 02:17 - 2018-01-01 09:45 - 000450928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll 2018-01-05 02:17 - 2018-01-01 09:43 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2018-01-05 02:17 - 2018-01-01 09:42 - 006479552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2018-01-05 02:17 - 2018-01-01 09:42 - 004644912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2018-01-05 02:17 - 2018-01-01 09:42 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2018-01-05 02:17 - 2018-01-01 09:42 - 001003152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2018-01-05 02:17 - 2018-01-01 09:42 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2018-01-05 02:17 - 2018-01-01 09:42 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2018-01-05 02:17 - 2018-01-01 09:42 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2018-01-05 02:17 - 2018-01-01 09:42 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2018-01-05 02:17 - 2018-01-01 09:37 - 025247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2018-01-05 02:17 - 2018-01-01 09:34 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2018-01-05 02:17 - 2018-01-01 09:25 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2018-01-05 02:17 - 2018-01-01 09:25 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll 2018-01-05 02:17 - 2018-01-01 09:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2018-01-05 02:17 - 2018-01-01 09:25 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2018-01-05 02:17 - 2018-01-01 09:25 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe 2018-01-05 02:17 - 2018-01-01 09:24 - 003668480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2018-01-05 02:17 - 2018-01-01 09:24 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll 2018-01-05 02:17 - 2018-01-01 09:24 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2018-01-05 02:17 - 2018-01-01 09:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2018-01-05 02:17 - 2018-01-01 09:24 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2018-01-05 02:17 - 2018-01-01 09:23 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll 2018-01-05 02:17 - 2018-01-01 09:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2018-01-05 02:17 - 2018-01-01 09:23 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2018-01-05 02:17 - 2018-01-01 09:23 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys 2018-01-05 02:17 - 2018-01-01 09:23 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2018-01-05 02:17 - 2018-01-01 09:23 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe 2018-01-05 02:17 - 2018-01-01 09:23 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2018-01-05 02:17 - 2018-01-01 09:23 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys 2018-01-05 02:17 - 2018-01-01 09:23 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2018-01-05 02:17 - 2018-01-01 09:22 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll 2018-01-05 02:17 - 2018-01-01 09:22 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys 2018-01-05 02:17 - 2018-01-01 09:22 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll 2018-01-05 02:17 - 2018-01-01 09:21 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2018-01-05 02:17 - 2018-01-01 09:21 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll 2018-01-05 02:17 - 2018-01-01 09:21 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys 2018-01-05 02:17 - 2018-01-01 09:21 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll 2018-01-05 02:17 - 2018-01-01 09:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll 2018-01-05 02:17 - 2018-01-01 09:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys 2018-01-05 02:17 - 2018-01-01 09:21 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys 2018-01-05 02:17 - 2018-01-01 09:21 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys 2018-01-05 02:17 - 2018-01-01 09:20 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2018-01-05 02:17 - 2018-01-01 09:20 - 018917888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2018-01-05 02:17 - 2018-01-01 09:20 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2018-01-05 02:17 - 2018-01-01 09:20 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2018-01-05 02:17 - 2018-01-01 09:20 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2018-01-05 02:17 - 2018-01-01 09:20 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys 2018-01-05 02:17 - 2018-01-01 09:20 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll 2018-01-05 02:17 - 2018-01-01 09:20 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll 2018-01-05 02:17 - 2018-01-01 09:20 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2018-01-05 02:17 - 2018-01-01 09:20 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll 2018-01-05 02:17 - 2018-01-01 09:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll 2018-01-05 02:17 - 2018-01-01 09:20 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll 2018-01-05 02:17 - 2018-01-01 09:20 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2018-01-05 02:17 - 2018-01-01 09:20 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll 2018-01-05 02:17 - 2018-01-01 09:20 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll 2018-01-05 02:17 - 2018-01-01 09:20 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys 2018-01-05 02:17 - 2018-01-01 09:20 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll 2018-01-05 02:17 - 2018-01-01 09:19 - 008014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2018-01-05 02:17 - 2018-01-01 09:19 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll 2018-01-05 02:17 - 2018-01-01 09:19 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2018-01-05 02:17 - 2018-01-01 09:19 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2018-01-05 02:17 - 2018-01-01 09:19 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll 2018-01-05 02:17 - 2018-01-01 09:19 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2018-01-05 02:17 - 2018-01-01 09:19 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2018-01-05 02:17 - 2018-01-01 09:19 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2018-01-05 02:17 - 2018-01-01 09:19 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2018-01-05 02:17 - 2018-01-01 09:19 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2018-01-05 02:17 - 2018-01-01 09:19 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2018-01-05 02:17 - 2018-01-01 09:19 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll 2018-01-05 02:17 - 2018-01-01 09:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2018-01-05 02:17 - 2018-01-01 09:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll 2018-01-05 02:17 - 2018-01-01 09:19 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll 2018-01-05 02:17 - 2018-01-01 09:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll 2018-01-05 02:17 - 2018-01-01 09:19 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2018-01-05 02:17 - 2018-01-01 09:19 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msoert2.dll 2018-01-05 02:17 - 2018-01-01 09:19 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2018-01-05 02:17 - 2018-01-01 09:19 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll 2018-01-05 02:17 - 2018-01-01 09:19 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe 2018-01-05 02:17 - 2018-01-01 09:19 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll 2018-01-05 02:17 - 2018-01-01 09:19 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll 2018-01-05 02:17 - 2018-01-01 09:18 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll 2018-01-05 02:17 - 2018-01-01 09:18 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2018-01-05 02:17 - 2018-01-01 09:18 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll 2018-01-05 02:17 - 2018-01-01 09:18 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll 2018-01-05 02:17 - 2018-01-01 09:18 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2018-01-05 02:17 - 2018-01-01 09:18 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2018-01-05 02:17 - 2018-01-01 09:18 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2018-01-05 02:17 - 2018-01-01 09:18 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2018-01-05 02:17 - 2018-01-01 09:18 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll 2018-01-05 02:17 - 2018-01-01 09:18 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2018-01-05 02:17 - 2018-01-01 09:18 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll 2018-01-05 02:17 - 2018-01-01 09:18 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll 2018-01-05 02:17 - 2018-01-01 09:18 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll 2018-01-05 02:17 - 2018-01-01 09:18 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2018-01-05 02:17 - 2018-01-01 09:18 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll 2018-01-05 02:17 - 2018-01-01 09:18 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2018-01-05 02:17 - 2018-01-01 09:18 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2018-01-05 02:17 - 2018-01-01 09:18 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll 2018-01-05 02:17 - 2018-01-01 09:18 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll 2018-01-05 02:17 - 2018-01-01 09:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2018-01-05 02:17 - 2018-01-01 09:18 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll 2018-01-05 02:17 - 2018-01-01 09:17 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2018-01-05 02:17 - 2018-01-01 09:17 - 006564864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2018-01-05 02:17 - 2018-01-01 09:17 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll 2018-01-05 02:17 - 2018-01-01 09:17 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll 2018-01-05 02:17 - 2018-01-01 09:17 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2018-01-05 02:17 - 2018-01-01 09:17 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2018-01-05 02:17 - 2018-01-01 09:17 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2018-01-05 02:17 - 2018-01-01 09:17 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll 2018-01-05 02:17 - 2018-01-01 09:17 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2018-01-05 02:17 - 2018-01-01 09:17 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2018-01-05 02:17 - 2018-01-01 09:17 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll 2018-01-05 02:17 - 2018-01-01 09:17 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2018-01-05 02:17 - 2018-01-01 09:17 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll 2018-01-05 02:17 - 2018-01-01 09:17 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll 2018-01-05 02:17 - 2018-01-01 09:17 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2018-01-05 02:17 - 2018-01-01 09:17 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoert2.dll 2018-01-05 02:17 - 2018-01-01 09:16 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2018-01-05 02:17 - 2018-01-01 09:16 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2018-01-05 02:17 - 2018-01-01 09:16 - 003676672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2018-01-05 02:17 - 2018-01-01 09:16 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2018-01-05 02:17 - 2018-01-01 09:16 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll 2018-01-05 02:17 - 2018-01-01 09:16 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2018-01-05 02:17 - 2018-01-01 09:16 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2018-01-05 02:17 - 2018-01-01 09:16 - 000812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2018-01-05 02:17 - 2018-01-01 09:16 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2018-01-05 02:17 - 2018-01-01 09:16 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2018-01-05 02:17 - 2018-01-01 09:16 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2018-01-05 02:17 - 2018-01-01 09:16 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll 2018-01-05 02:17 - 2018-01-01 09:16 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2018-01-05 02:17 - 2018-01-01 09:16 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2018-01-05 02:17 - 2018-01-01 09:16 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll 2018-01-05 02:17 - 2018-01-01 09:16 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2018-01-05 02:17 - 2018-01-01 09:16 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll 2018-01-05 02:17 - 2018-01-01 09:16 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll 2018-01-05 02:17 - 2018-01-01 09:15 - 012687872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2018-01-05 02:17 - 2018-01-01 09:15 - 006029312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2018-01-05 02:17 - 2018-01-01 09:15 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2018-01-05 02:17 - 2018-01-01 09:15 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll 2018-01-05 02:17 - 2018-01-01 09:15 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2018-01-05 02:17 - 2018-01-01 09:15 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll 2018-01-05 02:17 - 2018-01-01 09:15 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2018-01-05 02:17 - 2018-01-01 09:15 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2018-01-05 02:17 - 2018-01-01 09:15 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2018-01-05 02:17 - 2018-01-01 09:15 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll 2018-01-05 02:17 - 2018-01-01 09:15 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll 2018-01-05 02:17 - 2018-01-01 09:15 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2018-01-05 02:17 - 2018-01-01 09:14 - 023655936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2018-01-05 02:17 - 2018-01-01 09:14 - 002465280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2018-01-05 02:17 - 2018-01-01 09:14 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2018-01-05 02:17 - 2018-01-01 09:14 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll 2018-01-05 02:17 - 2018-01-01 09:14 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2018-01-05 02:17 - 2018-01-01 09:14 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2018-01-05 02:17 - 2018-01-01 09:14 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2018-01-05 02:17 - 2018-01-01 09:14 - 000870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2018-01-05 02:17 - 2018-01-01 09:13 - 013657600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2018-01-05 02:17 - 2018-01-01 09:13 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2018-01-05 02:17 - 2018-01-01 09:13 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll 2018-01-05 02:17 - 2018-01-01 09:13 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2018-01-05 02:17 - 2018-01-01 09:13 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2018-01-05 02:17 - 2018-01-01 09:13 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2018-01-05 02:17 - 2018-01-01 09:13 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2018-01-05 02:17 - 2018-01-01 09:13 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2018-01-05 02:17 - 2018-01-01 09:12 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2018-01-05 02:17 - 2018-01-01 09:12 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2018-01-05 02:17 - 2018-01-01 09:12 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2018-01-05 02:17 - 2018-01-01 09:12 - 001547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2018-01-05 02:17 - 2018-01-01 09:12 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2018-01-05 02:17 - 2018-01-01 09:12 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2018-01-05 02:17 - 2018-01-01 09:12 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2018-01-05 02:17 - 2018-01-01 09:11 - 008108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2018-01-05 02:17 - 2018-01-01 09:11 - 004748288 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2018-01-05 02:17 - 2018-01-01 09:11 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2018-01-05 02:17 - 2018-01-01 09:11 - 003165696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2018-01-05 02:17 - 2018-01-01 09:11 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2018-01-05 02:17 - 2018-01-01 09:11 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2018-01-05 02:17 - 2018-01-01 09:11 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2018-01-05 02:17 - 2018-01-01 09:11 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2018-01-05 02:17 - 2018-01-01 09:11 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2018-01-05 02:17 - 2018-01-01 09:11 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2018-01-05 02:17 - 2018-01-01 09:11 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2018-01-05 02:17 - 2018-01-01 09:11 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2018-01-05 02:17 - 2018-01-01 09:11 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2018-01-05 02:17 - 2018-01-01 09:11 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2018-01-05 02:17 - 2018-01-01 09:10 - 003126272 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2018-01-05 02:17 - 2018-01-01 09:10 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2018-01-05 02:17 - 2018-01-01 09:10 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll 2018-01-05 02:17 - 2018-01-01 09:09 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2018-01-05 02:17 - 2018-01-01 09:09 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2018-01-05 02:17 - 2018-01-01 09:09 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll 2018-01-05 02:17 - 2018-01-01 09:09 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2018-01-05 02:17 - 2018-01-01 09:08 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2018-01-05 02:17 - 2018-01-01 09:08 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2018-01-05 02:17 - 2018-01-01 09:08 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2018-01-05 02:17 - 2018-01-01 09:08 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll 2018-01-05 02:17 - 2018-01-01 09:06 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll 2018-01-05 02:17 - 2018-01-01 09:05 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2018-01-05 02:17 - 2018-01-01 09:05 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2018-01-05 02:17 - 2018-01-01 09:05 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe 2018-01-02 00:31 - 2018-01-02 00:31 - 000014602 _____ C:\Users\rapha_000\Downloads\O.Castelo.Animado.2004.1080p.WWW.BLUDV.COM.torrent 2018-01-02 00:30 - 2018-01-05 02:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft 2018-01-02 00:28 - 2018-01-02 00:28 - 002848936 _____ (BitTorrent Inc.) C:\Users\rapha_000\Downloads\uTorrent.exe 2017-12-30 02:31 - 2017-12-30 02:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine 2017-12-30 00:04 - 2017-12-30 00:04 - 000000914 _____ C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WiiBackupManager_Win64.lnk ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2018-01-23 07:17 - 2017-12-12 05:46 - 000000000 ____D C:\FRST 2018-01-23 07:16 - 2017-12-12 05:45 - 002393088 _____ (Farbar) C:\Users\Rogério\Desktop\FRST64.exe 2018-01-23 07:13 - 2017-10-20 15:22 - 003263532 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-01-23 07:13 - 2017-09-30 12:34 - 001142224 _____ C:\WINDOWS\system32\prfh0416.dat 2018-01-23 07:13 - 2017-09-30 12:34 - 000491534 _____ C:\WINDOWS\system32\prfc0416.dat 2018-01-23 07:12 - 2017-10-20 15:15 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security 2018-01-23 07:09 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization 2018-01-23 07:08 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-01-23 07:08 - 2017-06-21 04:51 - 000000000 ____D C:\Program Files (x86)\Steam 2018-01-23 07:08 - 2017-05-08 16:26 - 000000000 ____D C:\Users\Todos os Usuários\NVIDIA 2018-01-23 07:08 - 2017-05-08 16:26 - 000000000 ____D C:\ProgramData\NVIDIA 2018-01-23 07:07 - 2017-10-20 15:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-01-22 22:12 - 2017-09-29 06:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2018-01-22 22:01 - 2017-09-29 06:45 - 000008192 _____ C:\WINDOWS\system32\config\ELAM 2018-01-22 21:59 - 2017-06-17 09:39 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\WhatsApp 2018-01-22 19:38 - 2017-09-29 11:46 - 000000000 ___HD C:\Program Files\WindowsApps 2018-01-22 19:35 - 2017-08-17 09:18 - 000000000 ____D C:\Dungeons & Dragons Online 2018-01-21 21:30 - 2017-10-20 15:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-01-20 00:15 - 2017-06-17 09:39 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2018-01-20 00:15 - 2017-06-17 09:39 - 000000000 ____D C:\Users\Rogério\AppData\Local\WhatsApp 2018-01-20 00:15 - 2017-05-02 15:47 - 000000000 ____D C:\Users\Rogério\AppData\Local\SquirrelTemp 2018-01-19 03:05 - 2017-11-29 17:42 - 000000000 ____D C:\AdwCleaner 2018-01-19 02:02 - 2017-05-22 14:54 - 000000000 ____D C:\Users\Rogério\AppData\LocalLow\Mozilla 2018-01-18 19:10 - 2016-10-14 20:18 - 000000000 ____D C:\Users\Rogério\Desktop\Panda Network 2018-01-18 06:00 - 2017-12-18 00:28 - 000000000 ____D C:\Users\Rogério\AppData\Local\ElevatedDiagnostics 2018-01-16 21:18 - 2017-03-07 04:08 - 000000000 ____D C:\Users\Rogério\AppData\Local\Spotify 2018-01-16 20:34 - 2017-03-07 04:08 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Spotify 2018-01-16 19:51 - 2017-03-10 07:47 - 000000000 ____D C:\Users\Rogério\AppData\Local\Adobe 2018-01-16 14:51 - 2017-10-20 15:15 - 000004672 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2018-01-16 14:50 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2018-01-16 14:50 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\Macromed 2018-01-15 15:04 - 2017-02-10 19:17 - 000000000 ____D C:\Users\Rogério\Desktop\LOL 2018-01-15 15:00 - 2017-02-19 03:35 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\uTorrent 2018-01-14 13:55 - 2017-02-10 07:51 - 000000000 ____D C:\Users\Rogério\AppData\Local\CrashDumps 2018-01-14 09:35 - 2017-05-02 15:47 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\discord 2018-01-14 09:35 - 2017-05-02 15:47 - 000000000 ____D C:\Users\Rogério\AppData\Local\Discord 2018-01-11 01:11 - 2017-12-18 12:27 - 000000000 ____D C:\Users\rapha_000\AppData\LocalLow\Mozilla 2018-01-11 00:53 - 2017-02-10 13:35 - 000000000 ____D C:\WINDOWS\system32\MRT 2018-01-11 00:51 - 2017-10-10 22:50 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2018-01-11 00:51 - 2017-09-29 11:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-01-11 00:51 - 2017-02-10 13:35 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2018-01-11 00:46 - 2017-10-23 00:09 - 000000000 ___RD C:\Users\rapha_000\3D Objects 2018-01-11 00:46 - 2017-02-10 07:40 - 000000000 __RHD C:\Users\Public\AccountPictures 2018-01-09 23:33 - 2017-05-22 14:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-01-07 15:58 - 2017-05-22 14:54 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2018-01-07 15:58 - 2017-05-22 14:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2018-01-07 05:12 - 2017-10-20 15:12 - 000000000 ____D C:\Users\Rogério 2018-01-07 04:59 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\rescache 2018-01-05 17:53 - 2017-09-29 11:44 - 000000000 ____D C:\WINDOWS\INF 2018-01-05 17:47 - 2017-10-20 15:48 - 000000000 ___RD C:\Users\Rogério\3D Objects 2018-01-05 17:47 - 2017-10-20 15:11 - 000230616 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2018-01-05 02:57 - 2017-09-29 11:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2018-01-05 02:57 - 2017-09-29 11:46 - 000000000 ___SD C:\WINDOWS\system32\F12 2018-01-05 02:57 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\TextInput 2018-01-05 02:57 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2018-01-05 02:57 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\oobe 2018-01-05 02:57 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\migwiz 2018-01-05 02:57 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\appraiser 2018-01-05 02:57 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\Provisioning 2018-01-05 02:57 - 2017-09-29 06:45 - 000000000 ____D C:\WINDOWS\system32\Dism 2018-01-05 02:18 - 2017-09-29 11:41 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2018-01-05 02:18 - 2017-09-29 11:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2018-01-05 02:18 - 2017-09-29 11:41 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2018-01-04 18:03 - 2017-11-24 08:58 - 000002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-01-04 06:45 - 2015-05-21 19:37 - 000000000 ____D C:\Users\Rogério\dwhelper 2018-01-02 08:13 - 2017-02-15 04:51 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Origin 2018-01-01 23:35 - 2017-02-15 08:04 - 000000000 ____D C:\Program Files (x86)\Origin 2018-01-01 23:19 - 2017-02-15 04:47 - 000000000 ____D C:\Users\Todos os Usuários\Origin 2018-01-01 23:19 - 2017-02-15 04:47 - 000000000 ____D C:\ProgramData\Origin ==================== Bamital & volsnap ====================== (Não há correção automática para arquivos que não passaram na verificação.) C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2018-01-13 08:52 ==================== Fim de FRST.txt ============================
  5. Não utilizo wi-fi. Existe a suspeita de onde vem a fonte desse erro. Na página do Facebook do meu provedor de internet consta um erro que tem ocorrido com alguns. Se quiser olhar, aqui está o link: https://www.facebook.com/PandaNetworkInternet/ É a publicação de 25 de novembro de 2017. A ante-penúltima. Segue o log do adwcleaner: # AdwCleaner 7.0.7.0 - Logfile created on Fri Jan 19 05:05:20 2018 # Updated on 2018/18/01 by Malwarebytes # Database: 01-16-2018.1 # Running on Windows 10 Home (X64) # Mode: scan # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries. ************************* C:/AdwCleaner/AdwCleaner[C0].txt - [1132 B] - [2017/11/29 19:44:24] C:/AdwCleaner/AdwCleaner[C1].txt - [2247 B] - [2018/1/5 4:7:21] C:/AdwCleaner/AdwCleaner[S0].txt - [945 B] - [2017/11/29 19:44:12] C:/AdwCleaner/AdwCleaner[S1].txt - [1082 B] - [2017/12/2 9:0:42] C:/AdwCleaner/AdwCleaner[S2].txt - [2207 B] - [2018/1/5 4:6:55] ########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt ##########
  6. Segue log. Após clicar em corrigir, além do esperado, o problema voltou a aparecer e perdi vários itens do meu histórico. Executei os procedimentos que havia feito segundo meu último post e o problema desapareceu novamente Fixlog.txt
  7. DESCOBRI! Tem que entrar nas configurações de proxy em 'propriedades de internet' entrar em 'configurações da rede local' e desabilitar a caixa 'Detectar Automaticamente as Configurações'. @Elias Pereira valeu a ajuda, mano! Sempre conto com vocês! Obrigado pelo esforço em resolver o problema e que a Força esteja com vocês!
  8. Procedimentos executados. Segue o log: Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 03/01/18 Hora da análise: 21:41 Arquivo de registro: aa95e08e-f0df-11e7-b243-902b34ff64cf.json Administrador: Sim -Informação do software- Versão: 3.3.1.2183 Versão de componentes: 1.0.262 Versão do pacote de definições: 1.0.3618 Licença: Gratuita -Informação do sistema- Sistema operacional: Windows 10 (Build 16299.125) CPU: x64 Sistema de arquivos: NTFS Usuário: ROG\u00c3\u0089RIO\Rog\u00c3\u00a9rio -Resumo da análise- Tipo de análise: Análise Customizada Resultado: Concluído Objetos verificados: 419973 Ameaças detectadas: 2 Ameaças em quarentena: 2 Tempo decorrido: 1 hr, 24 min, 20 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Detectar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 0 (Nenhum item malicioso detectado) Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 2 PUP.Optional.WinBing, C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\DEFAULTS\PREF\DSENGINE.JS, Quarentena, [1550], [474786],1.0.3618 PUP.Optional.WinBing, C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\DSENGINE.CFG, Quarentena, [1550], [474787],1.0.3618 Setor físico: 0 (Nenhum item malicioso detectado) (end) --------------------------- # AdwCleaner 7.0.6.0 - Logfile created on Fri Jan 05 04:07:21 2018 # Updated on 2017/21/12 by Malwarebytes # Running on Windows 10 Home (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services deleted. ***** [ Folders ] ***** Deleted: C:\ProgramData\Application Data\lavasoft\web companion Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion ***** [ Files ] ***** Deleted: C:\Users\Rogério\AppData\Roaming\Mozilla\Firefox\Profiles\ycdepkaz.default\searchplugins\yahoo-lavasoft.xml ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion Deleted: [Key] - HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Lavasoft\Web Companion Deleted: [Key] - HKCU\Software\Lavasoft\Web Companion Deleted: [Value] - HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion Deleted: [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com Deleted: [Value] - HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[C0].txt - [1132 B] - [2017/11/29 19:44:24] C:/AdwCleaner/AdwCleaner[S0].txt - [945 B] - [2017/11/29 19:44:12] C:/AdwCleaner/AdwCleaner[S1].txt - [1082 B] - [2017/12/2 9:0:42] C:/AdwCleaner/AdwCleaner[S2].txt - [2207 B] - [2018/1/5 4:6:55] ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ########## ------------------ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.4 (07.09.2017) Operating System: Windows 10 Home x64 Ran by Rog‚rio (Administrator) on 05/01/2018 at 2:48:24,60 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 0 Registry: 1 Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353} (Registry Key) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 05/01/2018 at 2:49:34,12 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  9. Restaurei o chrome. E nada... Realmente não sei mais o que fazer
  10. Segue log do System Explorer: Process CPU Private Bytes Working Set PID Description Company Name Verified Signer System Idle Process 87.07 52 K 8 K 0 procexp64.exe 2.23 55.736 K 71.596 K 1628 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation LeagueClientUxRender.exe 2.06 885.468 K 974.384 K 1272 League of Legends (Verified) Riot Games CUE.exe 2.02 181.580 K 196.772 K 11672 Corsair Utility Engine Corsair Components, Inc. (Verified) Corsair Components chrome.exe 1.54 187.172 K 204.612 K 8836 Google Chrome Google Inc. (Verified) Google Inc LeagueClientUx.exe 1.19 70.712 K 94.696 K 10388 League of Legends (Verified) Riot Games Interrupts 1.17 0 K 0 K n/a Hardware Interrupts and DPCs dwm.exe 0.56 63.064 K 57.452 K 844 Gerenciador de Janelas da Área de Trabalho Microsoft Corporation (Verified) Microsoft Windows csrss.exe 0.46 2.500 K 5.472 K 4368 Processo do tempo de Execução do Servidor do Cliente Microsoft Corporation (Verified) Microsoft Windows Publisher chrome.exe 0.39 209.300 K 270.312 K 11468 Google Chrome Google Inc. (Verified) Google Inc LeagueClient.exe 0.27 61.216 K 107.332 K 8688 League of Legends (Verified) Riot Games System 0.20 156 K 148 K 4 chrome.exe 0.13 362.448 K 250.588 K 10836 Google Chrome Google Inc. (Verified) Google Inc audiodg.exe 0.09 7.244 K 12.928 K 11936 Isolamento de Gráfico de Dispositivo de Áudio do Windows Microsoft Corporation (Verified) Microsoft Windows chrome.exe 0.08 305.964 K 305.632 K 9476 Google Chrome Google Inc. (Verified) Google Inc explorer.exe 0.07 60.108 K 123.360 K 8884 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows nvcontainer.exe 0.07 8.820 K 24.444 K 3348 NVIDIA Container NVIDIA Corporation (Verified) NVIDIA Corporation chrome.exe 0.05 176.176 K 205.388 K 316 Google Chrome Google Inc. (Verified) Google Inc ns.exe 0.04 187.156 K 21.096 K 3320 Norton Security Symantec Corporation (Verified) Symantec Corporation NVIDIA Web Helper.exe 0.03 35.420 K 2.752 K 7104 NVIDIA Web Helper Service Node.js (Verified) NVIDIA Corporation svchost.exe 0.03 4.392 K 11.844 K 1936 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher chrome.exe 0.03 78.540 K 86.008 K 7632 Google Chrome Google Inc. (Verified) Google Inc chrome.exe 0.03 146.352 K 151.964 K 11768 Google Chrome Google Inc. (Verified) Google Inc chrome.exe 0.02 126.260 K 135.460 K 5512 Google Chrome Google Inc. (Verified) Google Inc chrome.exe 0.02 144.532 K 153.836 K 11800 Google Chrome Google Inc. (Verified) Google Inc svchost.exe 0.02 2.448 K 8.048 K 4464 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 0.02 9.500 K 20.164 K 10044 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher chrome.exe 0.01 76.164 K 94.844 K 10940 Google Chrome Google Inc. (Verified) Google Inc chrome.exe 0.01 138.468 K 162.200 K 2948 Google Chrome Google Inc. (Verified) Google Inc chrome.exe 0.01 158.568 K 171.188 K 8144 Google Chrome Google Inc. (Verified) Google Inc chrome.exe 0.01 453.296 K 423.672 K 3276 Google Chrome Google Inc. (Verified) Google Inc LeagueClientUxRender.exe 0.01 88.512 K 109.176 K 8248 League of Legends (Verified) Riot Games chrome.exe 0.01 92.176 K 103.696 K 7652 Google Chrome Google Inc. (Verified) Google Inc chrome.exe 0.01 59.548 K 70.636 K 5496 Google Chrome Google Inc. (Verified) Google Inc chrome.exe < 0.01 147.188 K 154.964 K 9932 Google Chrome Google Inc. (Verified) Google Inc chrome.exe < 0.01 56.600 K 63.296 K 10596 Google Chrome Google Inc. (Verified) Google Inc chrome.exe < 0.01 43.456 K 65.324 K 7420 Google Chrome Google Inc. (Verified) Google Inc chrome.exe < 0.01 145.652 K 153.652 K 3492 Google Chrome Google Inc. (Verified) Google Inc chrome.exe < 0.01 139.208 K 145.584 K 11432 Google Chrome Google Inc. (Verified) Google Inc chrome.exe < 0.01 128.500 K 137.728 K 11268 Google Chrome Google Inc. (Verified) Google Inc svchost.exe < 0.01 2.160 K 7.624 K 1720 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher chrome.exe < 0.01 91.960 K 106.380 K 7980 Google Chrome Google Inc. (Verified) Google Inc chrome.exe < 0.01 91.828 K 103.300 K 9172 Google Chrome Google Inc. (Verified) Google Inc svchost.exe < 0.01 9.604 K 19.420 K 1768 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher chrome.exe < 0.01 68.608 K 83.556 K 7852 Google Chrome Google Inc. (Verified) Google Inc svchost.exe < 0.01 2.408 K 12.472 K 1828 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher lsass.exe < 0.01 6.756 K 16.612 K 740 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher ns.exe < 0.01 15.280 K 10.156 K 2524 Norton Security Symantec Corporation (Verified) Symantec Corporation svchost.exe < 0.01 4.348 K 19.732 K 3304 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher NVDisplay.Container.exe < 0.01 26.020 K 33.784 K 4764 NVIDIA Container NVIDIA Corporation (Verified) NVIDIA Corporation svchost.exe < 0.01 8.508 K 32.716 K 12184 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher Memory Compression < 0.01 272 K 34.940 K 1468 svchost.exe < 0.01 11.036 K 22.836 K 8900 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher WmiPrvSE.exe 2.400 K 9.180 K 10968 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows winlogon.exe 2.068 K 8.128 K 10732 Aplicativo de Logon do Windows Microsoft Corporation (Verified) Microsoft Windows wininit.exe 1.324 K 6.664 K 644 Aplicativo de Inicialização do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher taskhostw.exe 7.184 K 18.104 K 852 Processo de Host para Tarefas do Windows Microsoft Corporation (Verified) Microsoft Windows svchost.exe 12.996 K 15.884 K 1476 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 6.312 K 13.300 K 996 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 5.016 K 12.920 K 2536 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 7.356 K 16.648 K 3104 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 11.404 K 26.992 K 892 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 26.940 K 36.672 K 3112 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 5.692 K 18.232 K 10160 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 3.852 K 9.264 K 2000 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 2.232 K 12.140 K 5028 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 1.960 K 8.428 K 2864 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 2.344 K 9.292 K 3064 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 2.336 K 7.804 K 304 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 3.092 K 12.968 K 2436 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 7.628 K 30.964 K 9564 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 4.912 K 19.456 K 7000 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 4.240 K 17.864 K 1624 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 3.296 K 13.632 K 7696 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 5.096 K 9.436 K 1652 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 6.312 K 16.148 K 1348 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 2.880 K 11.488 K 13064 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 2.388 K 8.780 K 2680 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 1.892 K 9.096 K 2072 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 8.532 K 27.788 K 3096 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 1.276 K 6.060 K 1820 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 2.556 K 9.668 K 1560 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 3.936 K 14.632 K 3984 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 2.896 K 9.192 K 2168 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 2.476 K 10.052 K 10636 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 1.928 K 8.024 K 1836 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 1.364 K 6.316 K 2396 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 2.604 K 11.248 K 1332 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 2.028 K 11.692 K 1320 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 2.036 K 7.208 K 6372 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 1.984 K 13.172 K 8288 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 3.872 K 13.364 K 3128 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 1.340 K 5.704 K 8408 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 916 K 3.952 K 864 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 2.236 K 10.200 K 1180 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 1.728 K 6.300 K 1248 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 1.860 K 8.648 K 2040 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 1.952 K 8.516 K 2064 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 1.620 K 6.408 K 2580 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 2.324 K 9.368 K 2588 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 2.364 K 11.944 K 2640 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 2.552 K 7.808 K 3004 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 1.720 K 7.312 K 3012 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 1.576 K 6.840 K 3088 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 1.584 K 6.800 K 3252 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 1.260 K 5.840 K 3312 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 1.880 K 8.244 K 3340 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 1.296 K 5.660 K 3480 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 2.036 K 9.100 K 3724 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 3.464 K 12.760 K 3736 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 2.768 K 9.988 K 3800 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 12.044 K 26.100 K 4028 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 1.512 K 7.492 K 6696 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 3.492 K 14.668 K 6736 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 3.280 K 14.968 K 9492 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 3.640 K 8.508 K 9668 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 3.324 K 13.424 K 11148 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher svchost.exe 1.552 K 5.936 K 4760 Processo de Host para Serviços do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher spoolsv.exe 5.308 K 14.780 K 2780 Aplicativo de subsistema de spooler Microsoft Corporation (Verified) Microsoft Windows smss.exe 456 K 1.204 K 352 Gerenciador de Sessão do Windows Microsoft Corporation (Verified) Microsoft Windows Publisher sihost.exe 6.028 K 24.732 K 6528 Shell Infrastructure Host Microsoft Corporation (Verified) Microsoft Windows ShellExperienceHost.exe Suspended 54.488 K 104.536 K 10444 Windows Shell Experience Host Microsoft Corporation (Verified) Microsoft Windows SettingSyncHost.exe 6.132 K 5.564 K 3156 Host Process for Setting Synchronization Microsoft Corporation (Verified) Microsoft Windows services.exe 4.672 K 10.456 K 728 Aplicativo de serviços e controle Microsoft Corporation (Verified) Microsoft Windows Publisher SecurityHealthService.exe 3.908 K 15.696 K 3400 Windows Security Health Service Microsoft Corporation (Verified) Microsoft Windows Publisher SearchUI.exe Suspended 96.952 K 149.300 K 6872 Search and Cortana application Microsoft Corporation (Verified) Microsoft Windows RuntimeBroker.exe 7.844 K 27.868 K 7032 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows RuntimeBroker.exe 5.204 K 18.064 K 7744 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows RuntimeBroker.exe 6.180 K 23.016 K 6612 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows procexp.exe 3.368 K 11.100 K 2532 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation NvTelemetryContainer.exe 7.580 K 15.928 K 3332 NVIDIA Container NVIDIA Corporation (Verified) NVIDIA Corporation NVDisplay.Container.exe 4.808 K 13.996 K 1644 NVIDIA Container NVIDIA Corporation (Verified) NVIDIA Corporation nvcplui.exe 61.348 K 70.500 K 9548 NVIDIA Control Panel Application, 8.1.940.0 NVIDIA Corporation (Verified) NVIDIA Corporation nvcontainer.exe 20.512 K 36.324 K 456 NVIDIA Container NVIDIA Corporation (Verified) NVIDIA Corporation mfevtps.exe 4.220 K 9.296 K 3136 McAfee Process Validation Service McAfee, Inc. (Verified) McAfee GoogleCrashHandler64.exe 1.588 K 256 K 9200 Google Crash Handler Google Inc. (Verified) Google Inc GoogleCrashHandler.exe 1.596 K 236 K 9024 Google Crash Handler Google Inc. (Verified) Google Inc GameBarPresenceWriter.exe 4.396 K 16.888 K 8652 Gamebar Presence Writer Microsoft Corporation (Verified) Microsoft Windows fontdrvhost.exe 5.100 K 11.416 K 5808 Usermode Font Driver Host Microsoft Corporation (Verified) Microsoft Windows fontdrvhost.exe 1.352 K 4.212 K 900 Usermode Font Driver Host Microsoft Corporation (Verified) Microsoft Windows dllhost.exe 1.996 K 10.068 K 11556 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows dasHost.exe 5.948 K 18.116 K 3656 Device Association Framework Provider Host Microsoft Corporation (Verified) Microsoft Windows ctfmon.exe 3.080 K 14.724 K 9956 Carregador CTF Microsoft Corporation (Verified) Microsoft Windows csrss.exe 1.684 K 5.216 K 540 Processo do tempo de Execução do Servidor do Cliente Microsoft Corporation (Verified) Microsoft Windows Publisher conhost.exe 5.248 K 536 K 6616 Console Window Host Microsoft Corporation (Verified) Microsoft Windows chrome.exe 70.132 K 79.068 K 11420 Google Chrome Google Inc. (Verified) Google Inc chrome.exe 180.272 K 183.448 K 9584 Google Chrome Google Inc. (Verified) Google Inc chrome.exe 61.416 K 71.832 K 9876 Google Chrome Google Inc. (Verified) Google Inc chrome.exe 83.884 K 102.264 K 7724 Google Chrome Google Inc. (Verified) Google Inc chrome.exe 118.284 K 132.504 K 5976 Google Chrome Google Inc. (Verified) Google Inc chrome.exe 32.388 K 45.384 K 11788 Google Chrome Google Inc. (Verified) Google Inc chrome.exe 3.272 K 11.160 K 11896 Google Chrome Google Inc. (Verified) Google Inc chrome.exe 3.108 K 11.744 K 12052 Google Chrome Google Inc. (Verified) Google Inc
  11. Perdão! Estava clicando em "analisar". Segue o log de Fixlog.txt ====================================================================== Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 16-12-2017 Executado por Rogério (16-12-2017 17:36:24) Run:1 Executando a partir de C:\Users\Rogério\Desktop Perfis Carregados: Rogério (Perfis Disponíveis: Rogério & rapha_000) Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** CreateRestorePoint: CloseProcesses: PowerShell: $app = Get-WmiObject -Class Win32_Product -ComputerName . | Where-Object -FilterScript {$_.Name -eq "�Torrent "} PowerShell: $app.Uninstall() HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP SearchScopes: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 SearchScopes: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.) BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-28] (Oracle Corporation) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-28] (Oracle Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation) Edge: ====== Edge Session Restore: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> est� habilitado. HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\MountPoints2: {79afff2b-bb4e-11e7-ad9a-902b34ff64cf} - "F:\iStudio.exe" CHR DefaultProfile: Profile 1 CHR HomePage: Profile 1 -> hxxp://192.168.2.1/ CHR StartupUrls: Profile 1 -> "hxxps://www.oculus.com/en-us/rift/","hxxp://www.shoptime.com.br/produto/124255321/geladeira-refrigerador-frost-free-brastemp-ative-brm50-429-litros-platinum?epar=9381&opn=COMPARADORES","hxxp://www.shoptime.com.br/produto/124255291/geladeira-refrigerador-frost-free-brastemp-ative-brm48-403-litros-platinum?opn=GOOGLEXML&loja=01&WT.srch=1&epar=bp_pl_00_go_pla-ed-refrigerador-todas-geral","hxxps://www.balaodainformatica.com.br/Cliente/MinhaConta","hxxp://carinhas.com.br/produto/caneca-personalizada-3/","hxxp://www.bastter.com/Mercado/BastterBlue/como-obter-acesso.aspx","hxxp://www.bastter.com/Mercado/Loja/Categoria/5/Revista-Bastter-Com.aspx","hxxp://guides.gamepressure.com/batmanarkhamasylum/guide.asp?ID=8059","hxxp://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns&p=4038291&viewfull=1#post4038291","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4038291&postcount=19","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063665&postcount=24","hxxp://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4038363&postcount=20","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063639&postcount=22","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063650&postcount=23","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4077985&postcount=60","hxxps://pitzi.com.br/","hxxp://produto.mercadolivre.com.br/MLB-729972915-mata-insetos-pernilongos-moscas-e-mosquitos-zika-dengue-_JM","hxxp://www.probuilds.net/guide/show/KR/2214984472/1561528","hxxp://www.probuilds.net/guide/show/KR/2217666300/1268315","hxxp://www.procon.sp.gov.br/","hxxp://www.leagueoflegendsmath.com/Articles/Common_Build_Mistakes.html","hxxp://www.probuilds.net/guide/show/EUW/2453503356/19806326","hxxp://ddowiki.com/page/Adventure_Packs","hxxp://ddowiki.com/page/Vault_of_Night_(story_arc)","hxxp://ddowiki.com/page/Litany_of_the_Dead_Part_3","hxxp://ddowiki.com/page/The_Shadow_Crypt","hxxps://www.ddo.com/forums/archive/index.php/t-442813.html?s=349b7415d277efc7c0b7e3469ac30f9d","hxxp://ddowiki.com/page/Talk:Augment_Slot","hxxp://ddowiki.com/page/Augment_Slot","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Level_12","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Ruskin_Blackboot_.28Level_12.29","hxxp://ddowiki.com/page/Devil_Assault_(quest)","hxxp://ddowiki.com/page/Astral_Diamond","hxxp://ddowiki.com/page/Item:Shard_of_Great_Power","hxxp://ddowiki.com/page/Pure_Shavarath_Iron","hxxp://crafting.cubicleninja.com/","hxxps://www.ddo.com/en/U29","hxxp://speedtest.copel.net/" CHR Session Restore: Profile 1 -> est� habilitado. Task: {259305D0-7F98-4C24-B8ED-BF0B6F0480D0} - \Microsoft\Windows\UNP\RunCampaignManager -> Nenhum Arquivo <==== ATEN��O ShortcutWithArgument: C:\Users\Rog�rio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Google Keep - notas e listas.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki ShortcutWithArgument: C:\Users\Rog�rio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ShortcutWithArgument: C:\Users\Rog�rio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5803ea45d7990e6f\WhatsChrome Extension.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kbhfoiaobflocffnclkigpkeoagheimn FirewallRules: [{ABCD9D2A-0DFE-4358-9423-01F4F44C72F3}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{57D8FA44-EA07-4055-9456-CB42096EA039}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{9DAB21CC-1E4D-4278-A4E2-A2B392FBE09E}] => (Allow) C:\Users\Rog�rio\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{FFDA303C-81CA-4CF2-A422-4B9CFAB17FA7}] => (Allow) C:\Users\Rog�rio\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0B766991-26F1-4D1C-97C4-915D25E44F89}] => (Allow) C:\Users\Rog�rio\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0882A8CA-958F-432A-A538-B6114228BD4D}] => (Allow) C:\Users\Rog�rio\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{15A5C0D4-F649-45A1-8F6E-6596F2F74419}] => (Allow) C:\Users\Rog�rio\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{998EB994-61B4-4439-BF4E-23A85A072D5E}] => (Allow) C:\Users\Rog�rio\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{21830394-2C27-469C-8897-E36ABE86CA30}] => (Allow) C:\Users\Rog�rio\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{EA7D2852-20F7-4C3B-A678-35D975C25831}] => (Allow) C:\Users\Rog�rio\AppData\Roaming\uTorrent\uTorrent.exe ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Rog�rio\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Rog�rio\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Rog�rio\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Nenhum Arquiv PowerShell: $app = Get-WmiObject -Class Win32_Product -ComputerName . | Where-Object -FilterScript {$_.Name -eq "�Torrent "} PowerShell: $app.Uninstall() CMD: ipconfig /flushdns RemoveProxy: EmptyTemp: CreateRestorePoint: ***************** Erro: (0) Falha ao criar um ponto de restauração. Processos fechados com sucesso. ========= $app = Get-WmiObject -Class Win32_Product -ComputerName . | Where-Object -FilterScript {$_.Name -eq "�Torrent "} ========= ========= Fim de Powershell: ========= ========= $app.Uninstall() ========= ========= Fim de Powershell: ========= HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => valor restaurado com sucesso HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor removido (a) com sucesso. "HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removido (a) com sucesso. HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => chave não encontrado (a) "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}" => removido (a) com sucesso. HKLM\Software\Classes\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} => chave Não pode ser removido. Acesso Negado. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}" => removido (a) com sucesso. "HKLM\Software\Classes\CLSID\{AF949550-9094-4807-95EC-D1C317803333}" => removido (a) com sucesso. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} => chave Não pode ser removido. Acesso Negado. HKLM\Software\Wow6432Node\Classes\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} => chave Não pode ser removido. Acesso Negado. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => removido (a) com sucesso. "HKLM\Software\Wow6432Node\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => removido (a) com sucesso. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}" => removido (a) com sucesso. "HKLM\Software\Wow6432Node\Classes\CLSID\{AF949550-9094-4807-95EC-D1C317803333}" => removido (a) com sucesso. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => removido (a) com sucesso. "HKLM\Software\Wow6432Node\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => removido (a) com sucesso. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => valor removido (a) com sucesso. HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => chave Não pode ser removido. Acesso Negado. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => valor removido (a) com sucesso. HKLM\Software\Wow6432Node\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => chave Não pode ser removido. Acesso Negado. Edge: => Erro: Nenhuma correção automática foi encontrada para esta entrada. ====== => Erro: Nenhuma correção automática foi encontrada para esta entrada. "HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ContinuousBrowsing" => removido (a) com sucesso. "HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{79afff2b-bb4e-11e7-ad9a-902b34ff64cf}" => removido (a) com sucesso. HKLM\Software\Classes\CLSID\{79afff2b-bb4e-11e7-ad9a-902b34ff64cf} => chave não encontrado (a) CHR DefaultProfile: Profile 1 => Erro: Nenhuma correção automática foi encontrada para esta entrada. "Chrome HomePage" => removido (a) com sucesso. "Chrome StartupUrls" => removido (a) com sucesso. Chrome Session Restore: => não encontrado (a). HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{259305D0-7F98-4C24-B8ED-BF0B6F0480D0} => Não pode ser removido chave. ErrorCode1: 0x00000002 "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{259305D0-7F98-4C24-B8ED-BF0B6F0480D0}" => removido (a) com sucesso. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => chave não encontrado (a) C:\Users\Rog�rio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Google Keep - notas e listas.lnk => não encontrado (a). C:\Users\Rog�rio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk => não encontrado (a). C:\Users\Rog�rio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5803ea45d7990e6f\WhatsChrome Extension.lnk => não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ABCD9D2A-0DFE-4358-9423-01F4F44C72F3} => valor removido (a) com sucesso. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{57D8FA44-EA07-4055-9456-CB42096EA039} => valor removido (a) com sucesso. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9DAB21CC-1E4D-4278-A4E2-A2B392FBE09E} => valor removido (a) com sucesso. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FFDA303C-81CA-4CF2-A422-4B9CFAB17FA7} => valor removido (a) com sucesso. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0B766991-26F1-4D1C-97C4-915D25E44F89} => valor removido (a) com sucesso. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0882A8CA-958F-432A-A538-B6114228BD4D} => valor removido (a) com sucesso. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{15A5C0D4-F649-45A1-8F6E-6596F2F74419} => valor removido (a) com sucesso. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{998EB994-61B4-4439-BF4E-23A85A072D5E} => valor removido (a) com sucesso. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{21830394-2C27-469C-8897-E36ABE86CA30} => valor removido (a) com sucesso. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EA7D2852-20F7-4C3B-A678-35D975C25831} => valor removido (a) com sucesso. "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => removido (a) com sucesso. HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => chave não encontrado (a) "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => removido (a) com sucesso. HKLM\Software\Wow6432Node\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => chave não encontrado (a) "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => removido (a) com sucesso. HKLM\Software\Wow6432Node\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => chave não encontrado (a) "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => removido (a) com sucesso. HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => chave não encontrado (a) "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => removido (a) com sucesso. HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => chave não encontrado (a) "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6" => removido (a) com sucesso. HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => chave não encontrado (a) "HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}" => removido (a) com sucesso. "HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}" => removido (a) com sucesso. "HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => removido (a) com sucesso. HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => chave não encontrado (a) "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => removido (a) com sucesso. HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => chave não encontrado (a) "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => removido (a) com sucesso. HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => chave não encontrado (a) "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => removido (a) com sucesso. HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => chave não encontrado (a) "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => removido (a) com sucesso. HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => chave não encontrado (a) "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6" => removido (a) com sucesso. HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => chave não encontrado (a) ========= $app = Get-WmiObject -Class Win32_Product -ComputerName . | Where-Object -FilterScript {$_.Name -eq "�Torrent "} ========= ========= Fim de Powershell: ========= ========= $app.Uninstall() ========= ========= Fim de Powershell: ========= ========= ipconfig /flushdns ========= Configura‡Æo de IP do Windows Libera‡Æo do Cache do DNS Resolver bem-sucedida. ========= Fim de CMD: ========= ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso. HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso. HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso. HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso. ========= Fim de RemoveProxy: ========= Erro: (0) Falha ao criar um ponto de restauração. =========== EmptyTemp: ========== BITS transfer queue => 8151040 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4351281 B Java, Flash, Steam htmlcache => 65751425 B Windows/system/drivers => 3520636 B Edge => 29403735 B Chrome => 662994797 B Firefox => 380659142 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 50842 B NetworkService => 0 B Rogério => 21855654 B rapha_000 => 86436 B RecycleBin => 115327886 B EmptyTemp: => 1.2 GB de dados temporários Removidos. ================================ Resultado dos arquivos que foram agendados para serem movidos (Modo de Inicialização: Normal) (Data&Hora: 16-12-2017 17:59:27) Resultado dos registros marcados para excluir será exibido após a reinicialização: HKLM\Software\Classes\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} => chave Não pode ser removido. Acesso Negado. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} => chave Não pode ser removido. Acesso Negado. HKLM\Software\Wow6432Node\Classes\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} => chave Não pode ser removido. Acesso Negado. HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => chave Não pode ser removido. Acesso Negado. HKLM\Software\Wow6432Node\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => chave Não pode ser removido. Acesso Negado. ==== Fim de Fixlog 17:59:27 ====
  12. E estão: segue print da minha área de trabalho. Tentei novamente e o resultado foi o mesmo. Não precisa mudar nada nas opções do Farbar?
  13. Olá. Eu já tinha feito isso, mas pra me certificar depois da sua postagem, exclui (não apenas desativei) todas as extensões. Pediu pra eu postar o Fixlog.txt? Não apareceu esse arquivo, e sim os dois de antes. FRST.txt e Addition.txt. De qualquer forma, vou colar ambos os logs aqui: ============================================================================ Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 13-12-2017 Executado por Rogério (administrador) em ROGÉRIO (16-12-2017 07:19:21) Executando a partir de C:\Users\Rogério\Desktop Perfis Carregados: Rogério (Perfis Disponíveis: Rogério & rapha_000) Platform: Windows 10 Home Versão 1709 16299.125 (X64) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\ns.exe (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\ns.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1712.3351.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe (Microsoft Corporation) C:\Windows\System32\bcastdvr.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech, Inc.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-07-11] (Intel Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation) HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe [20763320 2017-11-03] (Corsair Components, Inc.) HKLM\...\RunOnce: [RealProtect] => C:\Program Files\McAfee\Real Protect\RealProtect.exe [7214800 2017-12-06] (McAfee, Inc.) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation) HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545048 2017-03-14] (Skype Technologies S.A.) HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Rogério\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.) HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Run: [Spotify Web Helper] => C:\Users\Rogério\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-11-27] (Spotify Ltd) HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_187_pepper.exe -update pepperplugin HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\MountPoints2: {79afff2b-bb4e-11e7-ad9a-902b34ff64cf} - "F:\iStudio.exe" ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 189.38.95.95 189.38.95.96 Tcpip\..\Interfaces\{1cccdaf1-4209-4f93-9225-dd69cf1164d9}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{1cccdaf1-4209-4f93-9225-dd69cf1164d9}: [DhcpNameServer] 189.38.95.95 189.38.95.96 Tcpip\..\Interfaces\{2748ca79-bce9-4d38-959b-7b3cd42ef846}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Internet Explorer: ================== HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP SearchScopes: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 SearchScopes: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.) BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-28] (Oracle Corporation) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-28] (Oracle Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation) Edge: ====== Edge Session Restore: HKU\S-1-5-21-2442392909-140579935-1769747838-1001 -> está habilitado. FireFox: ======== FF DefaultProfile: ycdepkaz.default FF ProfilePath: C:\Users\Rogério\AppData\Roaming\Mozilla\Firefox\Profiles\ycdepkaz.default [2017-12-07] FF Homepage: Mozilla\Firefox\Profiles\ycdepkaz.default -> about:home FF Session Restore: Mozilla\Firefox\Profiles\ycdepkaz.default -> está habilitado. FF Extension: (Video DownloadHelper) - C:\Users\Rogério\AppData\Roaming\Mozilla\Firefox\Profiles\ycdepkaz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-11-24] FF Extension: (Flash and Video Download) - C:\Users\Rogério\AppData\Roaming\Mozilla\Firefox\Profiles\ycdepkaz.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}.xpi [2017-12-01] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2017-04-01] [Legacy] [não assinado] FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> D:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-28] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-28] (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-11-27] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-11-27] (NVIDIA Corporation) FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-24] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-24] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Profile 1 CHR HomePage: Profile 1 -> hxxp://192.168.2.1/ CHR StartupUrls: Profile 1 -> "hxxps://www.oculus.com/en-us/rift/","hxxp://www.shoptime.com.br/produto/124255321/geladeira-refrigerador-frost-free-brastemp-ative-brm50-429-litros-platinum?epar=9381&opn=COMPARADORES","hxxp://www.shoptime.com.br/produto/124255291/geladeira-refrigerador-frost-free-brastemp-ative-brm48-403-litros-platinum?opn=GOOGLEXML&loja=01&WT.srch=1&epar=bp_pl_00_go_pla-ed-refrigerador-todas-geral","hxxps://www.balaodainformatica.com.br/Cliente/MinhaConta","hxxp://carinhas.com.br/produto/caneca-personalizada-3/","hxxp://www.bastter.com/Mercado/BastterBlue/como-obter-acesso.aspx","hxxp://www.bastter.com/Mercado/Loja/Categoria/5/Revista-Bastter-Com.aspx","hxxp://guides.gamepressure.com/batmanarkhamasylum/guide.asp?ID=8059","hxxp://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns&p=4038291&viewfull=1#post4038291","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4038291&postcount=19","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063665&postcount=24","hxxp://www.giantitp.com/forums/showthread.php?74519-Descent-of-Shadows-Project-Shadow-Returns","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4038363&postcount=20","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063639&postcount=22","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4063650&postcount=23","hxxp://www.giantitp.com/forums/showsinglepost.php?p=4077985&postcount=60","hxxps://pitzi.com.br/","hxxp://produto.mercadolivre.com.br/MLB-729972915-mata-insetos-pernilongos-moscas-e-mosquitos-zika-dengue-_JM","hxxp://www.probuilds.net/guide/show/KR/2214984472/1561528","hxxp://www.probuilds.net/guide/show/KR/2217666300/1268315","hxxp://www.procon.sp.gov.br/","hxxp://www.leagueoflegendsmath.com/Articles/Common_Build_Mistakes.html","hxxp://www.probuilds.net/guide/show/EUW/2453503356/19806326","hxxp://ddowiki.com/page/Adventure_Packs","hxxp://ddowiki.com/page/Vault_of_Night_(story_arc)","hxxp://ddowiki.com/page/Litany_of_the_Dead_Part_3","hxxp://ddowiki.com/page/The_Shadow_Crypt","hxxps://www.ddo.com/forums/archive/index.php/t-442813.html?s=349b7415d277efc7c0b7e3469ac30f9d","hxxp://ddowiki.com/page/Talk:Augment_Slot","hxxp://ddowiki.com/page/Augment_Slot","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Level_12","hxxp://ddowiki.com/page/Augment_Slot/Purchasable_Augments#Ruskin_Blackboot_.28Level_12.29","hxxp://ddowiki.com/page/Devil_Assault_(quest)","hxxp://ddowiki.com/page/Astral_Diamond","hxxp://ddowiki.com/page/Item:Shard_of_Great_Power","hxxp://ddowiki.com/page/Pure_Shavarath_Iron","hxxp://crafting.cubicleninja.com/","hxxps://www.ddo.com/en/U29","hxxp://speedtest.copel.net/" CHR Session Restore: Profile 1 -> está habilitado. CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default [2017-11-25] CHR Extension: (Apresentações) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-25] CHR Extension: (Documentos) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-25] CHR Extension: (Google Drive) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-25] CHR Extension: (YouTube) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-25] CHR Extension: (Norton Security Toolbar) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-11-25] CHR Extension: (Adobe Acrobat) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-11-25] CHR Extension: (Planilhas) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-25] CHR Extension: (SearchVZ) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhmeggicckjohfhgocjieomdmmanmocd [2017-11-25] CHR Extension: (Documentos Google off-line) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-25] CHR Extension: (Norton Identity Safe) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2017-11-25] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-25] CHR Extension: (Gmail) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-25] CHR Extension: (Chrome Media Router) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-25] CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-11-24] CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-12-16] CHR Extension: (Duolingo na Web) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2017-11-24] CHR Extension: (Google Drive) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-24] CHR Extension: (YouTube) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-24] CHR Extension: (Facebook) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2017-11-24] CHR Extension: (Adblock Plus) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-11-24] CHR Extension: (Google Agenda) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-11-24] CHR Extension: (Video Downloader professional) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2017-12-16] CHR Extension: (Planilhas) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-16] CHR Extension: (hxxp://www.netflix.com/browse) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hjaaapkoiljkjpgpfgckfielajkdjhik [2017-11-24] CHR Extension: (X-Men Blog - PASSA PRO BABAÇO!) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\miaklnakbdehkcfhmoohcocbifodpebf [2017-11-24] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-24] CHR Extension: (Gmail) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-24] CHR Extension: (Chrome Media Router) - C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-16] CHR Profile: C:\Users\Rogério\AppData\Local\Google\Chrome\User Data\System Profile [2017-11-24] CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\Exts\Chrome.crx <não encontrado (a)> CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-2442392909-140579935-1769747838-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fhmeggicckjohfhgocjieomdmmanmocd] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\Exts\Chrome.crx <não encontrado (a)> CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx ==================== Serviços (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530888 2017-08-25] () S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation) S4 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Arquivo não assinado] S4 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Arquivo não assinado] S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-11] (Intel Corporation) R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [343544 2017-12-06] (McAfee, Inc.) R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NS.exe [326144 2017-11-11] (Symantec Corporation) S4 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-15] (NVIDIA Corporation) S4 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-15] (NVIDIA Corporation) S4 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [463664 2017-11-27] (NVIDIA Corporation) S4 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-11-15] (NVIDIA Corporation) S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2134848 2017-11-22] (Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3014472 2017-11-22] (Electronic Arts) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\BASHDefs\20171213.001\BHDrvx64.sys [1872024 2017-10-11] (Symantec Corporation) R1 ccSet_NS; C:\WINDOWS\system32\drivers\NSx64\160B020.007\ccSetx64.sys [187544 2017-11-10] (Symantec Corporation) R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45528 2017-07-31] (Corsair) R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21968 2017-07-31] (Corsair) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [508056 2017-10-18] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [158360 2017-10-18] (Symantec Corporation) R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171215.001\IDSvia64.sys [1056920 2017-10-13] (Symantec Corporation) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [917008 2017-12-06] (McAfee, Inc.) S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [124432 2017-12-06] (McAfee, Inc.) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2d65b7647eff8c45\nvlddmkm.sys [17020720 2017-11-28] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-15] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-10] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-11-27] (NVIDIA Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2017-03-10] (Realtek ) R1 SRTSP; C:\WINDOWS\System32\Drivers\NSx64\160B020.007\SRTSP64.SYS [812696 2017-11-10] (Symantec Corporation) R1 SRTSPX; C:\WINDOWS\system32\drivers\NSx64\160B020.007\SRTSPX64.SYS [49304 2017-11-10] (Symantec Corporation) R0 SymEFASI; C:\WINDOWS\System32\drivers\NSx64\160B020.007\SYMEFASI64.SYS [1938584 2017-11-10] (Symantec Corporation) S0 SymELAM; C:\WINDOWS\System32\drivers\NSx64\160B020.007\SymELAM.sys [24608 2017-11-10] (Symantec Corporation) R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102600 2017-11-17] (Symantec Corporation) R1 SymIRON; C:\WINDOWS\system32\drivers\NSx64\160B020.007\Ironx64.SYS [309984 2017-11-10] (Symantec Corporation) R1 SymNetS; C:\WINDOWS\System32\Drivers\NSx64\160B020.007\SYMNETS.SYS [566936 2017-11-10] (Symantec Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2017-12-16 07:19 - 2017-12-16 07:19 - 000000000 ____D C:\Users\Rogério\Desktop\FRST-OlderVersion 2017-12-16 05:07 - 2017-12-16 05:07 - 000091303 _____ C:\Users\Rogério\Desktop\WhatsApp Image 2017-12-16 at 05.02.15.jpeg 2017-12-16 04:53 - 2017-12-16 04:53 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation 2017-12-16 03:09 - 2017-12-16 03:09 - 000009754 _____ C:\Users\Rogério\Desktop\Fixlist.txt 2017-12-13 07:57 - 2017-12-08 04:52 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll 2017-12-13 07:57 - 2017-12-07 21:34 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2017-12-13 07:57 - 2017-12-07 21:34 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2017-12-13 07:57 - 2017-12-07 21:34 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys 2017-12-13 07:57 - 2017-12-07 21:31 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-12-13 07:57 - 2017-12-07 21:31 - 000779440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2017-12-13 07:57 - 2017-12-07 21:30 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2017-12-13 07:57 - 2017-12-07 21:28 - 000710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2017-12-13 07:57 - 2017-12-07 21:28 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll 2017-12-13 07:57 - 2017-12-07 21:27 - 004504456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2017-12-13 07:57 - 2017-12-07 21:27 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2017-12-13 07:57 - 2017-12-07 21:27 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll 2017-12-13 07:57 - 2017-12-07 21:26 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-12-13 07:57 - 2017-12-07 21:26 - 002709200 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-12-13 07:57 - 2017-12-07 21:26 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe 2017-12-13 07:57 - 2017-12-07 21:25 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe 2017-12-13 07:57 - 2017-12-07 21:24 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll 2017-12-13 07:57 - 2017-12-07 21:24 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2017-12-13 07:57 - 2017-12-07 21:24 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2017-12-13 07:57 - 2017-12-07 21:23 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2017-12-13 07:57 - 2017-12-07 21:23 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-12-13 07:57 - 2017-12-07 21:22 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2017-12-13 07:57 - 2017-12-07 21:22 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2017-12-13 07:57 - 2017-12-07 21:22 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2017-12-13 07:57 - 2017-12-07 21:22 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys 2017-12-13 07:57 - 2017-12-07 21:21 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-12-13 07:57 - 2017-12-07 21:20 - 001170000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2017-12-13 07:57 - 2017-12-07 21:19 - 021352136 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-12-13 07:57 - 2017-12-07 21:16 - 001776272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2017-12-13 07:57 - 2017-12-07 21:16 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2017-12-13 07:57 - 2017-12-07 21:15 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2017-12-13 07:57 - 2017-12-07 21:15 - 000721592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2017-12-13 07:57 - 2017-12-07 21:14 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2017-12-13 07:57 - 2017-12-07 21:12 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys 2017-12-13 07:57 - 2017-12-07 21:10 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2017-12-13 07:57 - 2017-12-07 20:58 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll 2017-12-13 07:57 - 2017-12-07 20:57 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2017-12-13 07:57 - 2017-12-07 20:56 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2017-12-13 07:57 - 2017-12-07 20:55 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2017-12-13 07:57 - 2017-12-07 20:55 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll 2017-12-13 07:57 - 2017-12-07 20:39 - 006092664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-12-13 07:57 - 2017-12-07 20:37 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2017-12-13 07:57 - 2017-12-07 20:36 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll 2017-12-13 07:57 - 2017-12-07 20:34 - 003484840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2017-12-13 07:57 - 2017-12-07 20:34 - 002192112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-12-13 07:57 - 2017-12-07 20:33 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2017-12-13 07:57 - 2017-12-07 20:33 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll 2017-12-13 07:57 - 2017-12-07 20:32 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-12-13 07:57 - 2017-12-07 20:31 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2017-12-13 07:57 - 2017-12-07 20:31 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2017-12-13 07:57 - 2017-12-07 20:31 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2017-12-13 07:57 - 2017-12-07 20:23 - 006478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-12-13 07:57 - 2017-12-07 20:22 - 025245696 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-12-13 07:57 - 2017-12-07 20:13 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-12-13 07:57 - 2017-12-07 20:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll 2017-12-13 07:57 - 2017-12-07 20:12 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2017-12-13 07:57 - 2017-12-07 20:12 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2017-12-13 07:57 - 2017-12-07 20:12 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx 2017-12-13 07:57 - 2017-12-07 20:11 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-12-13 07:57 - 2017-12-07 20:10 - 018916352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-12-13 07:57 - 2017-12-07 20:10 - 006466048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-12-13 07:57 - 2017-12-07 20:10 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll 2017-12-13 07:57 - 2017-12-07 20:10 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2017-12-13 07:57 - 2017-12-07 20:10 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2017-12-13 07:57 - 2017-12-07 20:10 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll 2017-12-13 07:57 - 2017-12-07 20:10 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2017-12-13 07:57 - 2017-12-07 20:10 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2017-12-13 07:57 - 2017-12-07 20:09 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll 2017-12-13 07:57 - 2017-12-07 20:09 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll 2017-12-13 07:57 - 2017-12-07 20:09 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe 2017-12-13 07:57 - 2017-12-07 20:09 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe 2017-12-13 07:57 - 2017-12-07 20:09 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll 2017-12-13 07:57 - 2017-12-07 20:08 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-12-13 07:57 - 2017-12-07 20:08 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll 2017-12-13 07:57 - 2017-12-07 20:08 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll 2017-12-13 07:57 - 2017-12-07 20:08 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2017-12-13 07:57 - 2017-12-07 20:08 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll 2017-12-13 07:57 - 2017-12-07 20:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2017-12-13 07:57 - 2017-12-07 20:07 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-12-13 07:57 - 2017-12-07 20:07 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll 2017-12-13 07:57 - 2017-12-07 20:07 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2017-12-13 07:57 - 2017-12-07 20:07 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys 2017-12-13 07:57 - 2017-12-07 20:07 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll 2017-12-13 07:57 - 2017-12-07 20:07 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe 2017-12-13 07:57 - 2017-12-07 20:07 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2017-12-13 07:57 - 2017-12-07 20:06 - 023652864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-12-13 07:57 - 2017-12-07 20:06 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll 2017-12-13 07:57 - 2017-12-07 20:06 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2017-12-13 07:57 - 2017-12-07 20:06 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll 2017-12-13 07:57 - 2017-12-07 20:06 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe 2017-12-13 07:57 - 2017-12-07 20:05 - 006037504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-12-13 07:57 - 2017-12-07 20:05 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll 2017-12-13 07:57 - 2017-12-07 20:05 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2017-12-13 07:57 - 2017-12-07 20:05 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll 2017-12-13 07:57 - 2017-12-07 20:05 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll 2017-12-13 07:57 - 2017-12-07 20:05 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll 2017-12-13 07:57 - 2017-12-07 20:05 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-12-13 07:57 - 2017-12-07 20:05 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2017-12-13 07:57 - 2017-12-07 20:05 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll 2017-12-13 07:57 - 2017-12-07 20:05 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll 2017-12-13 07:57 - 2017-12-07 20:05 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll 2017-12-13 07:57 - 2017-12-07 20:05 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll 2017-12-13 07:57 - 2017-12-07 20:05 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe 2017-12-13 07:57 - 2017-12-07 20:05 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll 2017-12-13 07:57 - 2017-12-07 20:04 - 003678208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-12-13 07:57 - 2017-12-07 20:04 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2017-12-13 07:57 - 2017-12-07 20:04 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2017-12-13 07:57 - 2017-12-07 20:04 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll 2017-12-13 07:57 - 2017-12-07 20:03 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2017-12-13 07:57 - 2017-12-07 20:03 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-12-13 07:57 - 2017-12-07 20:03 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll 2017-12-13 07:57 - 2017-12-07 20:03 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2017-12-13 07:57 - 2017-12-07 20:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll 2017-12-13 07:57 - 2017-12-07 20:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2017-12-13 07:57 - 2017-12-07 20:03 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-12-13 07:57 - 2017-12-07 20:03 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2017-12-13 07:57 - 2017-12-07 20:03 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2017-12-13 07:57 - 2017-12-07 20:03 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll 2017-12-13 07:57 - 2017-12-07 20:02 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-12-13 07:57 - 2017-12-07 20:02 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2017-12-13 07:57 - 2017-12-07 20:02 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2017-12-13 07:57 - 2017-12-07 20:02 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2017-12-13 07:57 - 2017-12-07 20:02 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2017-12-13 07:57 - 2017-12-07 20:02 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll 2017-12-13 07:57 - 2017-12-07 20:01 - 008097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-12-13 07:57 - 2017-12-07 20:01 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2017-12-13 07:57 - 2017-12-07 20:01 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll 2017-12-13 07:57 - 2017-12-07 20:01 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2017-12-13 07:57 - 2017-12-07 20:01 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll 2017-12-13 07:57 - 2017-12-07 20:00 - 004740608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-12-13 07:57 - 2017-12-07 20:00 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2017-12-13 07:57 - 2017-12-07 20:00 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2017-12-13 07:57 - 2017-12-07 19:59 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll 2017-12-13 07:57 - 2017-12-07 19:59 - 002105856 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-12-13 07:57 - 2017-12-07 19:59 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2017-12-13 07:57 - 2017-12-07 19:59 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2017-12-13 07:57 - 2017-12-07 19:59 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2017-12-13 07:57 - 2017-12-07 19:58 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2017-12-13 07:57 - 2017-12-07 19:58 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2017-12-13 07:57 - 2017-12-07 19:58 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-12-13 07:57 - 2017-12-07 19:58 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2017-12-13 07:57 - 2017-12-07 19:58 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2017-12-13 07:57 - 2017-12-07 19:57 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-12-13 07:57 - 2017-12-07 19:57 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-12-13 07:57 - 2017-12-07 19:56 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2017-12-13 07:57 - 2017-12-07 19:56 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2017-12-13 07:57 - 2017-12-07 19:56 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-12-13 07:57 - 2017-12-07 19:54 - 002510336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2017-12-13 07:57 - 2017-12-07 19:54 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2017-12-13 07:57 - 2017-12-07 19:54 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2017-12-13 07:57 - 2017-11-26 18:35 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll 2017-12-13 07:57 - 2017-11-26 18:32 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll 2017-12-13 07:57 - 2017-11-26 18:15 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll 2017-12-13 07:57 - 2017-11-26 14:43 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll 2017-12-13 07:57 - 2017-11-26 11:48 - 001200536 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-12-13 07:57 - 2017-11-26 11:47 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-12-13 07:57 - 2017-11-26 11:45 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2017-12-13 07:57 - 2017-11-26 11:45 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2017-12-13 07:57 - 2017-11-26 11:45 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe 2017-12-13 07:57 - 2017-11-26 11:45 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2017-12-13 07:57 - 2017-11-26 11:41 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2017-12-13 07:57 - 2017-11-26 11:38 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-12-13 07:57 - 2017-11-26 11:37 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2017-12-13 07:57 - 2017-11-26 11:35 - 001090440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2017-12-13 07:57 - 2017-11-26 11:35 - 000924136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2017-12-13 07:57 - 2017-11-26 11:33 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-12-13 07:57 - 2017-11-26 11:33 - 001208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2017-12-13 07:57 - 2017-11-26 11:33 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2017-12-13 07:57 - 2017-11-26 11:33 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys 2017-12-13 07:57 - 2017-11-26 11:32 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2017-12-13 07:57 - 2017-11-26 11:32 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys 2017-12-13 07:57 - 2017-11-26 11:31 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2017-12-13 07:57 - 2017-11-26 11:30 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2017-12-13 07:57 - 2017-11-26 11:29 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2017-12-13 07:57 - 2017-11-26 11:29 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-12-13 07:57 - 2017-11-26 11:29 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-12-13 07:57 - 2017-11-26 11:29 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll 2017-12-13 07:57 - 2017-11-26 11:29 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2017-12-13 07:57 - 2017-11-26 11:29 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2017-12-13 07:57 - 2017-11-26 11:29 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2017-12-13 07:57 - 2017-11-26 11:28 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2017-12-13 07:57 - 2017-11-26 11:28 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll 2017-12-13 07:57 - 2017-11-26 11:28 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2017-12-13 07:57 - 2017-11-26 11:28 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2017-12-13 07:57 - 2017-11-26 11:28 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys 2017-12-13 07:57 - 2017-11-26 11:27 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll 2017-12-13 07:57 - 2017-11-26 11:27 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2017-12-13 07:57 - 2017-11-26 11:27 - 001413760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2017-12-13 07:57 - 2017-11-26 11:27 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2017-12-13 07:57 - 2017-11-26 11:27 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2017-12-13 07:57 - 2017-11-26 11:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2017-12-13 07:57 - 2017-11-26 11:26 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2017-12-13 07:57 - 2017-11-26 11:25 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2017-12-13 07:57 - 2017-11-26 11:23 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2017-12-13 07:57 - 2017-11-26 11:23 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2017-12-13 07:57 - 2017-11-26 11:23 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2017-12-13 07:57 - 2017-11-26 11:22 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-12-13 07:57 - 2017-11-26 11:21 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2017-12-13 07:57 - 2017-11-26 11:21 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2017-12-13 07:57 - 2017-11-26 11:20 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2017-12-13 07:57 - 2017-11-26 11:20 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe 2017-12-13 07:57 - 2017-11-26 10:57 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2017-12-13 07:57 - 2017-11-26 10:55 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-12-13 07:57 - 2017-11-26 10:55 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll 2017-12-13 07:57 - 2017-11-26 10:55 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll 2017-12-13 07:57 - 2017-11-26 10:55 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2017-12-13 07:57 - 2017-11-26 10:55 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll 2017-12-13 07:57 - 2017-11-26 10:55 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll 2017-12-13 07:57 - 2017-11-26 10:54 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2017-12-13 07:57 - 2017-11-26 10:54 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll 2017-12-13 07:57 - 2017-11-26 10:48 - 012829696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-12-13 07:57 - 2017-11-26 10:47 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-12-13 07:57 - 2017-11-26 10:43 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll 2017-12-13 07:57 - 2017-11-26 10:36 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2017-12-13 07:57 - 2017-11-26 10:36 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2017-12-13 07:57 - 2017-11-26 10:36 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll 2017-12-13 07:57 - 2017-11-26 10:36 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys 2017-12-13 07:57 - 2017-11-26 10:35 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll 2017-12-13 07:57 - 2017-11-26 10:35 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll 2017-12-13 07:57 - 2017-11-26 10:34 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll 2017-12-13 07:57 - 2017-11-26 10:33 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll 2017-12-13 07:57 - 2017-11-26 10:31 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2017-12-13 07:57 - 2017-11-26 10:31 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2017-12-13 07:57 - 2017-11-26 10:31 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2017-12-13 07:57 - 2017-11-26 10:31 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe 2017-12-13 07:57 - 2017-11-26 10:29 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll 2017-12-13 07:57 - 2017-11-26 10:29 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2017-12-13 07:57 - 2017-11-26 10:29 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2017-12-13 07:57 - 2017-11-26 10:29 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll 2017-12-13 07:57 - 2017-11-26 10:28 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys 2017-12-13 07:57 - 2017-11-26 10:26 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll 2017-12-13 07:57 - 2017-11-26 10:26 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2017-12-13 07:57 - 2017-11-26 10:26 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2017-12-13 07:57 - 2017-11-26 10:25 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll 2017-12-13 07:57 - 2017-11-26 10:25 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2017-12-13 07:57 - 2017-11-26 10:25 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll 2017-12-13 07:57 - 2017-11-26 10:25 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll 2017-12-13 07:57 - 2017-11-26 10:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe 2017-12-13 07:57 - 2017-11-26 10:23 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2017-12-13 07:57 - 2017-11-26 10:22 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-12-13 07:57 - 2017-11-26 10:19 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll 2017-12-13 07:57 - 2017-11-26 10:19 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll 2017-12-13 07:57 - 2017-11-26 10:19 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll 2017-12-13 07:57 - 2017-11-26 10:18 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll 2017-12-13 07:57 - 2017-11-26 10:18 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2017-12-13 07:57 - 2017-11-26 10:18 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll 2017-12-13 07:57 - 2017-11-26 10:17 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-12-13 07:57 - 2017-11-26 10:17 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-12-13 07:57 - 2017-11-26 10:17 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-12-13 07:57 - 2017-11-26 10:08 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-12-13 07:57 - 2017-11-26 10:05 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-12-13 07:57 - 2017-11-26 10:04 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2017-12-13 07:57 - 2017-11-26 10:04 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe 2017-12-13 07:57 - 2017-11-26 10:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2017-12-13 07:57 - 2017-11-26 10:03 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-12-13 07:57 - 2017-11-26 10:01 - 003163648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-12-13 07:57 - 2017-11-26 10:00 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2017-12-13 07:57 - 2017-11-26 09:59 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2017-12-13 07:57 - 2017-11-26 09:59 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2017-12-13 07:57 - 2017-11-26 09:59 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2017-12-13 07:57 - 2017-11-26 09:59 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2017-12-13 07:57 - 2017-11-26 09:58 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll 2017-12-13 07:57 - 2017-11-26 09:48 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll 2017-12-13 07:57 - 2017-11-26 09:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll 2017-12-13 07:57 - 2017-11-26 09:21 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2017-12-13 07:57 - 2017-11-26 09:21 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-12-13 07:57 - 2017-11-26 09:02 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll 2017-12-13 07:57 - 2017-11-26 09:01 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2017-12-13 07:57 - 2017-11-26 09:01 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-12-13 07:57 - 2017-11-26 09:01 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll 2017-12-13 07:57 - 2017-11-26 09:01 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2017-12-13 07:57 - 2017-11-26 09:01 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll 2017-12-13 07:57 - 2017-11-26 09:01 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2017-12-13 07:57 - 2017-11-26 09:00 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2017-12-13 07:57 - 2017-11-26 09:00 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2017-12-13 07:57 - 2017-11-26 08:59 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2017-12-13 07:57 - 2017-11-26 08:58 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2017-12-13 07:57 - 2017-11-26 08:58 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2017-12-13 07:57 - 2017-11-26 08:51 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2017-12-13 07:57 - 2017-11-26 08:51 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2017-12-13 07:57 - 2017-11-26 08:41 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll 2017-12-13 07:57 - 2017-11-26 08:41 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2017-12-13 07:57 - 2017-11-26 08:41 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll 2017-12-13 07:57 - 2017-11-26 08:41 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll 2017-12-13 07:57 - 2017-11-26 08:41 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll 2017-12-13 07:57 - 2017-11-26 08:40 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll 2017-12-13 07:57 - 2017-11-26 08:38 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll 2017-12-13 07:57 - 2017-11-26 08:37 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2017-12-13 07:57 - 2017-11-26 08:36 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-12-13 07:57 - 2017-11-26 08:36 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll 2017-12-13 07:57 - 2017-11-26 08:36 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll 2017-12-13 07:57 - 2017-11-26 08:36 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-12-13 07:57 - 2017-11-26 08:35 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll 2017-12-13 07:57 - 2017-11-26 08:35 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll 2017-12-13 07:57 - 2017-11-26 08:35 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2017-12-13 07:57 - 2017-11-26 08:35 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll 2017-12-13 07:57 - 2017-11-26 08:32 - 011923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-12-13 07:57 - 2017-11-26 08:31 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll 2017-12-13 07:57 - 2017-11-26 08:31 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll 2017-12-13 07:57 - 2017-11-26 08:30 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2017-12-13 07:57 - 2017-11-26 08:30 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2017-12-13 07:57 - 2017-11-26 08:29 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-12-13 07:57 - 2017-11-26 08:29 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-12-13 07:57 - 2017-11-26 08:28 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2017-12-13 07:57 - 2017-11-26 08:24 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll 2017-12-13 07:57 - 2017-11-26 08:24 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll 2017-12-13 07:57 - 2017-11-19 05:35 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll 2017-12-13 07:57 - 2017-11-19 00:20 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll 2017-12-12 05:47 - 2017-12-12 05:48 - 000051349 _____ C:\Users\Rogério\Desktop\Addition.txt 2017-12-12 05:46 - 2017-12-16 07:19 - 000023736 _____ C:\Users\Rogério\Desktop\FRST.txt 2017-12-12 05:46 - 2017-12-16 07:19 - 000000000 ____D C:\FRST 2017-12-12 05:45 - 2017-12-16 07:19 - 002392064 _____ (Farbar) C:\Users\Rogério\Desktop\FRST64.exe 2017-12-12 05:44 - 2017-12-12 07:00 - 000000000 ____D C:\Users\Rogério\AppData\Local\PlaceholderTileLogoFolder 2017-12-07 03:42 - 2017-12-07 03:42 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2017-12-07 03:42 - 2017-11-27 22:16 - 000137200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2017-12-07 03:42 - 2017-09-13 21:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2017-12-07 03:42 - 2017-09-13 21:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2017-12-07 03:42 - 2017-09-13 21:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll 2017-12-07 03:42 - 2017-09-13 21:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe 2017-12-07 03:40 - 2017-11-27 23:56 - 040238576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 036348400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 035159072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 029378960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 023266584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 019039304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 013866792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 013255032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 011780888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 010883744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 004202808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 003615024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 001991016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438843.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 001674552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438843.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 001331016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 001321264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 001135464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 001101296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 001044848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 001038680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 001032688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 000982000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 000932424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 000794392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 000740152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 000634224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 000618744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 000616240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 000599536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 000506864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2017-12-07 03:40 - 2017-11-27 23:56 - 000045496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll 2017-12-06 19:20 - 2017-12-06 19:20 - 000917008 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfehidk.sys 2017-12-06 19:20 - 2017-12-06 19:20 - 000343544 _____ (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe 2017-12-06 19:20 - 2017-12-06 19:20 - 000124432 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mferkdet.sys 2017-12-06 19:16 - 2017-12-06 22:11 - 000000000 ____D C:\Program Files\stinger 2017-12-06 19:16 - 2017-12-06 19:16 - 000000000 ____D C:\Program Files\McAfee 2017-12-06 19:14 - 2017-12-06 19:14 - 000009018 _____ C:\Users\Rogério\Desktop\ROGUEKILLER.txt 2017-12-06 17:59 - 2017-12-06 17:59 - 000000000 ____D C:\Users\rapha_000\Desktop\Backup 2017-12-05 18:21 - 2017-12-06 07:22 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys 2017-12-05 18:20 - 2017-12-05 18:46 - 000000000 ____D C:\Users\Todos os Usuários\RogueKiller 2017-12-05 18:20 - 2017-12-05 18:46 - 000000000 ____D C:\ProgramData\RogueKiller 2017-11-29 19:28 - 2017-11-29 19:28 - 000015578 _____ C:\ZA-Scan.txt 2017-11-29 18:06 - 2017-11-29 18:06 - 000000000 ____D C:\zoek_backup 2017-11-29 17:55 - 2017-11-29 17:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine 2017-11-29 17:55 - 2017-11-29 17:55 - 000000000 ____D C:\Program Files (x86)\Corsair 2017-11-29 17:42 - 2017-12-02 07:00 - 000000000 ____D C:\AdwCleaner 2017-11-24 08:58 - 2017-12-14 21:35 - 000002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-11-24 08:58 - 2017-11-24 08:58 - 000003586 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2017-11-24 08:58 - 2017-11-24 08:58 - 000003462 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2017-11-20 15:08 - 2017-11-20 16:54 - 715231211 _____ C:\Users\rapha_000\Downloads\dragon_ball_super_116_FULLHD_fast.mp4 2017-11-17 23:30 - 2017-11-09 04:43 - 000540784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2017-11-17 23:30 - 2017-11-09 04:43 - 000446392 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2017-11-17 18:24 - 2017-11-17 18:24 - 000001603 _____ C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\release.lnk 2017-11-17 12:29 - 2017-11-17 12:29 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory 2017-11-17 10:31 - 2017-11-17 10:31 - 000003386 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2017-12-16 07:09 - 2016-10-14 20:18 - 000000000 ____D C:\Users\Rogério\Desktop\Panda Network 2017-12-16 07:08 - 2017-10-20 15:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-12-16 07:07 - 2017-09-29 11:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-12-16 05:22 - 2017-10-20 15:15 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security 2017-12-16 05:07 - 2017-06-17 09:39 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\WhatsApp 2017-12-16 05:06 - 2017-06-21 04:51 - 000000000 ____D C:\Program Files (x86)\Steam 2017-12-16 05:06 - 2017-06-17 09:39 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2017-12-16 05:06 - 2017-06-17 09:39 - 000000000 ____D C:\Users\Rogério\AppData\Local\WhatsApp 2017-12-16 05:06 - 2017-02-10 07:51 - 000000000 ____D C:\Users\Rogério\AppData\Local\CrashDumps 2017-12-16 05:05 - 2017-05-02 15:47 - 000000000 ____D C:\Users\Rogério\AppData\Local\SquirrelTemp 2017-12-16 02:12 - 2017-10-20 15:15 - 000004672 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2017-12-16 02:12 - 2017-03-10 07:47 - 000000000 ____D C:\Users\Rogério\AppData\Local\Adobe 2017-12-16 02:12 - 2017-02-19 03:35 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\uTorrent 2017-12-16 02:11 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-12-16 02:11 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\Macromed 2017-12-15 16:31 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization 2017-12-15 16:30 - 2017-09-29 11:46 - 000000000 ___HD C:\Program Files\WindowsApps 2017-12-15 16:30 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-12-15 16:28 - 2017-05-08 16:26 - 000000000 ____D C:\Users\Todos os Usuários\NVIDIA 2017-12-15 16:28 - 2017-05-08 16:26 - 000000000 ____D C:\ProgramData\NVIDIA 2017-12-14 08:45 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\rescache 2017-12-14 08:10 - 2017-10-20 15:13 - 000000000 ____D C:\Users\Rogério\AppData\Local\Packages 2017-12-14 08:05 - 2017-10-20 15:22 - 002623580 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-12-14 08:05 - 2017-09-30 12:34 - 000984900 _____ C:\WINDOWS\system32\prfh0416.dat 2017-12-14 08:05 - 2017-09-30 12:34 - 000341314 _____ C:\WINDOWS\system32\prfc0416.dat 2017-12-14 08:00 - 2017-10-20 15:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-12-14 08:00 - 2017-09-29 06:45 - 000008192 _____ C:\WINDOWS\system32\config\ELAM 2017-12-13 21:23 - 2017-09-29 06:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2017-12-13 21:15 - 2017-09-29 11:44 - 000000000 ____D C:\WINDOWS\INF 2017-12-13 21:13 - 2017-02-10 13:35 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-12-13 21:11 - 2017-10-10 22:50 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2017-12-13 21:11 - 2017-02-10 13:35 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-12-13 21:05 - 2017-10-20 15:48 - 000000000 ___RD C:\Users\Rogério\3D Objects 2017-12-13 21:05 - 2017-10-20 15:11 - 000230616 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-12-13 21:05 - 2017-02-10 07:40 - 000000000 __RHD C:\Users\Public\AccountPictures 2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\TextInput 2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\oobe 2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\appraiser 2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\ShellExperiences 2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\Provisioning 2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\Program Files\Windows Defender 2017-12-13 21:04 - 2017-09-29 11:46 - 000000000 ____D C:\PerfLogs 2017-12-13 21:04 - 2017-09-29 06:45 - 000000000 ____D C:\WINDOWS\system32\Dism 2017-12-13 07:58 - 2017-09-29 11:42 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2017-12-13 07:58 - 2017-09-29 11:41 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2017-12-13 07:58 - 2017-09-29 11:41 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys 2017-12-13 07:58 - 2017-09-29 11:41 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll 2017-12-11 02:07 - 2017-08-17 09:18 - 000000000 ____D C:\Dungeons & Dragons Online 2017-12-11 01:31 - 2017-04-16 18:37 - 000000000 ____D C:\Users\Rogério\AppData\Local\Turbine 2017-12-10 02:40 - 2017-02-15 08:04 - 000000000 ____D C:\Program Files (x86)\Origin 2017-12-10 02:15 - 2017-02-15 04:51 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Origin 2017-12-10 02:08 - 2017-02-15 04:47 - 000000000 ____D C:\Users\Todos os Usuários\Origin 2017-12-10 02:08 - 2017-02-15 04:47 - 000000000 ____D C:\ProgramData\Origin 2017-12-08 05:19 - 2017-02-10 20:58 - 000000000 ____D C:\Users\Rogério\AppData\Local\Ubisoft Game Launcher 2017-12-07 22:40 - 2017-05-22 14:54 - 000000000 ____D C:\Users\Rogério\AppData\LocalLow\Mozilla 2017-12-07 21:07 - 2017-02-15 04:42 - 000000000 ____D C:\Users\Rogério\AppData\Local\NVIDIA Corporation 2017-12-07 07:05 - 2017-10-20 15:12 - 000000000 ____D C:\Users\Rogério 2017-12-07 03:48 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2017-12-07 03:43 - 2017-02-10 07:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2017-12-07 03:42 - 2017-02-15 04:45 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\NVIDIA 2017-12-07 03:40 - 2017-05-08 16:26 - 000000000 ____D C:\Users\Todos os Usuários\NVIDIA Corporation 2017-12-07 03:40 - 2017-05-08 16:26 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2017-12-07 03:25 - 2017-08-17 09:19 - 000000000 ____D C:\Users\Rogério\AppData\Local\Akamai 2017-12-05 18:39 - 2015-10-30 05:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2017-12-04 19:46 - 2017-05-22 14:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-12-03 20:38 - 2017-09-29 11:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-12-03 20:38 - 2017-09-29 11:49 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-12-02 19:57 - 2017-05-22 14:54 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-12-02 19:57 - 2017-05-22 14:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-12-01 04:19 - 2017-03-07 04:08 - 000000000 ____D C:\Users\Rogério\AppData\Local\Spotify 2017-12-01 01:29 - 2017-03-07 04:08 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Spotify 2017-11-30 08:32 - 2017-08-07 03:00 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-11-28 19:28 - 2017-05-02 15:47 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\discord 2017-11-28 18:20 - 2017-03-10 22:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-11-28 18:20 - 2017-03-10 22:53 - 000000000 ____D C:\Users\Todos os Usuários\Oracle 2017-11-28 18:20 - 2017-03-10 22:53 - 000000000 ____D C:\ProgramData\Oracle 2017-11-28 18:20 - 2017-03-10 22:53 - 000000000 ____D C:\Program Files (x86)\Java 2017-11-28 18:18 - 2017-03-10 22:54 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2017-11-27 23:56 - 2017-10-09 11:14 - 001615472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll 2017-11-27 23:56 - 2017-10-09 11:14 - 000225208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2017-11-27 23:56 - 2017-10-09 11:06 - 004485560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2017-11-27 23:56 - 2017-10-09 11:06 - 003817584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2017-11-27 23:56 - 2017-10-09 10:47 - 000048442 _____ C:\WINDOWS\system32\nvinfo.pb 2017-11-27 23:56 - 2017-09-29 18:51 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys 2017-11-27 22:37 - 2017-05-08 16:26 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2017-11-27 22:06 - 2017-05-08 16:26 - 005965624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2017-11-27 22:06 - 2017-05-08 16:26 - 002588976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2017-11-27 22:06 - 2017-05-08 16:26 - 001766288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2017-11-27 22:06 - 2017-05-08 16:26 - 000608240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2017-11-27 22:06 - 2017-05-08 16:26 - 000450544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2017-11-27 22:06 - 2017-05-08 16:26 - 000122768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2017-11-27 22:06 - 2017-05-08 16:26 - 000082736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2017-11-25 04:49 - 2017-09-29 11:46 - 000000000 ____D C:\WINDOWS\system32\NDF 2017-11-24 20:17 - 2017-05-08 16:25 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-11-24 17:14 - 2017-05-22 14:54 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Mozilla 2017-11-24 09:20 - 2017-10-20 15:15 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-11-24 09:20 - 2017-10-20 15:15 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-11-24 09:20 - 2017-10-20 15:15 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-11-24 09:20 - 2017-10-20 15:15 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-11-24 09:20 - 2017-10-20 15:15 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-11-24 09:20 - 2017-10-20 15:15 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-11-24 09:20 - 2017-10-20 15:15 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-11-24 09:20 - 2017-10-20 15:15 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-11-24 09:20 - 2017-05-08 16:25 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2017-11-24 08:58 - 2017-02-10 08:00 - 000000000 ____D C:\Program Files (x86)\Google 2017-11-23 21:48 - 2017-07-08 20:02 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2017-11-23 21:29 - 2017-02-10 07:42 - 000000000 ____D C:\Users\Rogério\AppData\Roaming\Skype 2017-11-20 09:04 - 2017-05-08 16:26 - 007874971 _____ C:\WINDOWS\system32\nvcoproc.bin 2017-11-17 12:30 - 2017-02-15 04:19 - 000000000 ____D C:\Users\Rogério\AppData\Local\NPE 2017-11-17 12:28 - 2017-02-13 06:59 - 000000000 ____D C:\Program Files\Common Files\AV 2017-11-17 10:31 - 2017-09-29 11:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2017-11-17 10:31 - 2017-02-13 04:15 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security 2017-11-17 10:31 - 2017-02-13 04:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\NSx64 2017-11-17 08:36 - 2017-10-19 01:56 - 000102600 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS 2017-11-17 08:36 - 2017-10-19 01:56 - 000008471 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT ==================== Bamital & volsnap ====================== (Não há correção automática para arquivos que não passaram na verificação.) C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2017-12-12 07:09 ==================== Fim de FRST.txt ============================ ---------------------------------------------------------------------------------------------------------------------------------------------- Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 13-12-2017 Executado por Rogério (16-12-2017 07:19:47) Executando a partir de C:\Users\Rogério\Desktop Windows 10 Home Versão 1709 16299.125 (X64) (2017-10-20 17:19:06) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-2442392909-140579935-1769747838-500 - Administrator - Disabled) ASPNET (S-1-5-21-2442392909-140579935-1769747838-1004 - Limited - Enabled) Convidado (S-1-5-21-2442392909-140579935-1769747838-501 - Limited - Disabled) DefaultAccount (S-1-5-21-2442392909-140579935-1769747838-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2442392909-140579935-1769747838-1006 - Limited - Enabled) Momar (S-1-5-21-2442392909-140579935-1769747838-1007 - Limited - Disabled) rapha_000 (S-1-5-21-2442392909-140579935-1769747838-1003 - Limited - Enabled) => C:\Users\rapha_000 Rogério (S-1-5-21-2442392909-140579935-1769747838-1001 - Administrator - Enabled) => C:\Users\Rogério WDAGUtilityAccount (S-1-5-21-2442392909-140579935-1769747838-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Norton Security (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton Security (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117} FW: Norton Security (Enabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\uTorrent) (Version: 3.5.0.44294 - BitTorrent Inc.) Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated) Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated) Akamai NetSession Interface (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Akamai) (Version: - Akamai Technologies, Inc) Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation) Atualizações da NVIDIA 31.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.1.0 - NVIDIA Corporation) Hidden Corsair Utility Engine (HKLM-x32\...\{B6784863-ACC5-4BB6-AC26-485FAF3A8E4C}) (Version: 2.20.72 - Corsair) Curse (HKLM-x32\...\{A20BFF62-AE3C-42BD-9C52-841CAB96BC49}) (Version: 6.0.0.0 - Curse) Discord (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Discord) (Version: 0.0.298 - Discord Inc.) Dungeons & Dragons Online v2600.0045.9717.4070 (HKLM-x32\...\bc8a6440-918f-11dd-ad8b-0800200c9a66_is1) (Version: 2600.0045.9717.4070 - Standing Stone Games, LLC) Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version: - Ubisoft) FormatFactory 4.1.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.1.0.0 - Free Time) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.0.16 - Riot Games, Inc.) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2016) (Version: 1.3 - Receita Federal do Brasil) IRPF2017 (HKLM-x32\...\IRPF2017) (Version: 1.1 - Receita Federal do Brasil) Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation) League of Legends (HKLM-x32\...\{8CCCD0E7-56E4-45FB-B3FB-9F5183C2F4F0}) (Version: 4.1.2 - Riot Games) Hidden League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games) Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech) LoLReplay2 (HKLM-x32\...\{9D5BAC5A-EDBF-4A34-AC2D-139C84B7E050}_is1) (Version: v2.8.2 - Aequus Gaming Ltd.) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mozilla Firefox 57.0.1 (x64 pt-BR) (HKLM\...\Mozilla Firefox 57.0.1 (x64 pt-BR)) (Version: 57.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3 - Mozilla) MPC-HC 1.7.11 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.11 - MPC-HC Team) Norton Security (HKLM-x32\...\NS) (Version: 22.11.2.7 - Symantec Corporation) NVIDIA Driver de áudio HD 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation) NVIDIA Driver de controle do 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA Driver de gráficos 388.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.43 - NVIDIA Corporation) NVIDIA Driver do 3D Vision 388.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.43 - NVIDIA Corporation) NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 10.5.8.11002 - Electronic Arts, Inc.) Painel de controle da NVIDIA 388.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.43 - NVIDIA Corporation) Hidden PBE (HKLM-x32\...\PBE 1.0) (Version: 1.0 - Riot Games, Inc) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.) PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server) Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - ) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek) Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.10 - Serpro - Serviço Federal de Processamento de Dados) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games) SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts) Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.) Software de dispositivo do Chipset Intel® (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden Spotify (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\Spotify) (Version: 1.0.68.407.g6864aaaf - Spotify AB) STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Twitch (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.) Uplay (HKLM-x32\...\Uplay) (Version: 36.0 - Ubisoft) Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden WhatsApp (HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\WhatsApp) (Version: 0.2.7315 - WhatsApp) WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) WinX DVD Ripper Platinum 7.5.12 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version: - Digiarty Software, Inc.) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-2442392909-140579935-1769747838-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Nenhum Arquivo ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Nenhum Arquivo ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation) ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-11-27] (NVIDIA Corporation) ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation) ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {03214716-56C0-49CF-869D-7EF8F06F0757} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-11-15] (NVIDIA Corporation) Task: {037AEFEB-5D66-4EF9-B6C4-C4793FB932B0} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_126_pepper.exe [2017-12-16] (Adobe Systems Incorporated) Task: {04FD295A-E7E2-4DBB-9CF5-E8639BDA73C5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-11-15] (NVIDIA Corporation) Task: {127B2546-4D19-4740-B9E2-24408205DD9C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-15] (NVIDIA Corporation) Task: {13B73632-6084-4B4D-AC0B-4ED21DF68351} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation) Task: {22D60B90-C7EA-4290-8A98-6DE268CFA0BD} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation) Task: {259305D0-7F98-4C24-B8ED-BF0B6F0480D0} - \Microsoft\Windows\UNP\RunCampaignManager -> Nenhum Arquivo <==== ATENÇÃO Task: {55CC33AE-9FE7-4F6D-86D2-49CFD4389F12} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation) Task: {611231A8-9628-43F5-BC66-5E7CE9710B3B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2442392909-140579935-1769747838-1003 => C:\Users\Rogério\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {6B290029-748C-41D8-80FD-AD53EF15F9A2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-15] (NVIDIA Corporation) Task: {6B83EC29-CC43-473C-A4AF-2FCA65A4BC43} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated) Task: {80D5ACF1-DB3B-4BD5-AB11-1FBC5F7C9BCD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-24] (Google Inc.) Task: {9148A3CE-4670-4246-9B86-854BEA005418} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-15] (NVIDIA Corporation) Task: {9785E5D8-92F8-4F2F-A430-F9EBDD57342F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-24] (Google Inc.) Task: {9CCB7E14-9012-4BC5-8983-7525E84DE981} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-11-15] (NVIDIA Corporation) Task: {A144C735-0CC3-4A62-8607-06D084C16A0C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-11-15] (NVIDIA Corporation) Task: {A68DAC04-3BCB-4FCE-9C70-930D1B607243} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-15] (NVIDIA Corporation) Task: {BECFF8D3-95BC-4FC6-8499-B387044C5FD0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-16] (Adobe Systems Incorporated) Task: {E42DB901-08F0-4A8D-B85D-63C4F4FFE226} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2017-11-10] (Symantec Corporation) Task: {E5A8BBB3-FDFB-4345-9A2E-6F92534CA64A} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.11.2.7\WSCStub.exe [2017-11-10] (Symantec Corporation) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Atalhos & WMI ======================== (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\Rogério\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ShortcutWithArgument: C:\Users\Rogério\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5803ea45d7990e6f\WhatsChrome Extension.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kbhfoiaobflocffnclkigpkeoagheimn ==================== Módulos Carregados (Whitelisted) ============== 2017-09-29 11:41 - 2017-09-29 11:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-12-13 07:57 - 2017-11-26 10:23 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-12-13 07:57 - 2017-11-26 10:01 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-12-14 08:07 - 2017-12-14 08:07 - 004307968 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1712.3351.0_x64__8wekyb3d8bbwe\Calculator.exe 2017-09-29 11:41 - 2017-09-29 11:41 - 001909248 _____ () C:\Windows\ShellExperiences\PeopleCommonControls.dll 2017-09-29 11:41 - 2017-09-29 11:41 - 001266176 _____ () C:\Windows\ShellExperiences\PeopleBarFlyout.dll 2017-12-13 07:57 - 2017-11-26 10:26 - 002988032 _____ () C:\Windows\ShellExperiences\WindowsInternal.People.PeoplePicker.dll 2017-09-29 11:41 - 2017-09-29 11:41 - 002459648 _____ () C:\Windows\ShellExperiences\WindowsInternal.People.Relevance.dll 2017-12-06 18:02 - 2017-12-06 18:02 - 004698848 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-12-06 18:02 - 2017-12-06 18:02 - 010262528 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll 2017-11-03 17:56 - 2017-11-03 17:56 - 000197120 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll 2017-11-03 17:52 - 2017-11-03 17:52 - 000044544 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\MacroRecording.dll 2017-11-03 18:09 - 2017-11-03 18:09 - 000151040 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairAudioDevice.dll 2017-11-03 17:50 - 2017-11-03 17:50 - 000097280 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\zlib.dll 2017-10-02 07:54 - 2017-10-02 07:54 - 000013312 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\libEGL.DLL 2017-10-02 07:54 - 2017-10-02 07:54 - 001950720 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\libGLESv2.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2015-10-30 05:24 - 2015-10-30 05:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-2442392909-140579935-1769747838-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rogério\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: BEService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3 MSCONFIG\Services: Intel(R) Security Assist => 3 MSCONFIG\Services: isaHelperSvc => 2 MSCONFIG\Services: jhi_service => 2 MSCONFIG\Services: LBTServ => 3 MSCONFIG\Services: LMS => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: NvContainerLocalSystem => 2 MSCONFIG\Services: NvContainerNetworkService => 3 MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2 MSCONFIG\Services: NvTelemetryContainer => 2 MSCONFIG\Services: Origin Client Service => 3 MSCONFIG\Services: Origin Web Helper Service => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: Steam Client Service => 3 HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "EvtMgr6" HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Corsair Utility Engine" HKLM\...\StartupApproved\Run32: => "IMSS" HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Akamai NetSession Interface" HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "OneDriveSetup" HKU\S-1-5-21-2442392909-140579935-1769747838-1001\...\StartupApproved\Run: => "Steam" ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{6A3AEA4A-6C2F-4DCF-8CED-8BF24273F186}] => (Allow) D:\Vuze\Azureus.exe FirewallRules: [{CCDC5F06-7575-4D7A-99D5-E547831D8D8D}] => (Allow) D:\Vuze\Azureus.exe FirewallRules: [{66B60690-A84D-43C1-B3E5-7E6570A8C4CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{3BCEA9B6-9EB8-4654-9EA2-C5EE356494E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{0F2D6EEE-D364-4F30-95DC-A268AEC7C69B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{4F17C9A2-4132-49A1-9610-02940CED6742}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{212F812C-3DF1-4F06-80C3-AEB3E785C207}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{07DDE512-9CCC-474A-A45C-5F60E353E097}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe FirewallRules: [{2C593F2A-99A0-4D01-8235-69F19632CA18}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe FirewallRules: [{6B49B98F-A6AE-437C-8DC9-1C689F0E3B66}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe FirewallRules: [{691A0892-A702-43D7-B2E4-AA3AC46BFC53}] => (Allow) D:\Games\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe FirewallRules: [{686B1685-0541-4F0D-9AB6-591228928201}] => (Allow) D:\Games\Origin\SimCity\SimCity\SimCity.exe FirewallRules: [{3A0FD541-ED64-4CEB-9BC5-E4B07D240681}] => (Allow) D:\Games\Origin\SimCity\SimCity\SimCity.exe FirewallRules: [{ACD7F6EE-AE74-4689-BE04-0FA721C1B0DD}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe FirewallRules: [{7BE5F36D-4B47-4BFE-9E8E-6316A8F563BC}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe FirewallRules: [{57E60006-667B-4127-8FFE-F0880A05772B}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe FirewallRules: [{17046295-58D9-43D7-83BA-F78A3E2B76DC}] => (Allow) D:\Games\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe FirewallRules: [{587B0D03-84D1-4CF4-B824-125CD26D68BB}] => (Allow) D:\Games\steamapps\common\Sword Coast Legends\SwordCoast.exe FirewallRules: [{D2A1E2FC-C7FD-4174-9921-518FAAF694AE}] => (Allow) D:\Games\steamapps\common\Sword Coast Legends\SwordCoast.exe FirewallRules: [{A6E57C5E-A0EA-467B-BEB3-E9BB5AB9F786}] => (Allow) D:\Games\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe FirewallRules: [{8504C1E4-6897-4FCD-A727-5FDE8E63293A}] => (Allow) D:\Games\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe FirewallRules: [{88A614AE-D977-4267-B58F-F7AB8B991491}] => (Allow) D:\Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe FirewallRules: [{708FDAC7-D9E8-44E4-BF33-F9A61FD7669B}] => (Allow) D:\Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe FirewallRules: [{7505F984-C705-44A6-86E1-FF8079F671CE}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\IGE_WPF64.exe FirewallRules: [{977AB962-91B9-4EAD-8988-8796730D9C63}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\IGE_WPF64.exe FirewallRules: [{3B73638A-4E23-43D8-B02D-7E9F79215723}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\FarCry4.exe FirewallRules: [{8B7D40A5-CA48-4CDF-8FF8-991E903B9EA3}] => (Allow) D:\Games\Ubisoft Game Launcher\Far Cry 4\bin\FarCry4.exe FirewallRules: [{E4FB541D-F96A-4DB0-B6B2-8016A0CC2632}] => (Allow) D:\Games\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{AE266EFE-5C69-4C32-9674-15855D489BED}] => (Allow) D:\Games\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{BD2B9DB2-8BB0-40D0-82E5-1D1A8DAA1998}] => (Allow) D:\Games\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe FirewallRules: [{DE951DEB-87AE-4FF2-9F6D-7503C2ADC803}] => (Allow) D:\Games\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe FirewallRules: [{910A18F5-1557-43A5-AD2E-3F6E2DA658B6}] => (Allow) D:\Games\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe FirewallRules: [{A39BED4D-E47D-4C1A-B1CE-B5A3677A08F1}] => (Allow) D:\Games\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe FirewallRules: [{79950C39-6643-4DE1-B59C-28CA25216DE1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{1A3EFCCB-2809-4389-97A3-B3B818BACE03}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{627532CD-D967-4A6E-A8E0-1F63B7194A82}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{AF0748BD-259C-4F8D-9520-B02EB4F06E2F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{FFB1C619-937F-4820-9F4C-64418CE152A3}] => (Allow) C:\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe FirewallRules: [{A3A70C65-01F3-486B-8B75-A980A69F6F66}] => (Allow) C:\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe FirewallRules: [{765609D5-7494-4E93-9CA2-83A23540743E}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{AC0027CD-298C-4070-AA83-A7169A16F1D3}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{DC495A06-4183-476A-9DD4-69D43172CB0A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{71E0BAEE-872A-47A1-82E4-C978866389C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{992908C0-D632-462F-8B1B-660EA43AB307}] => (Allow) E:\Steam\Steam.exe FirewallRules: [{562016B1-6276-47E4-89F4-0E7047913FA6}] => (Allow) E:\Steam\Steam.exe FirewallRules: [{E5E99778-A929-415B-BBCA-B317AC521E27}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{D2A938C8-9B98-4C5F-AFCC-AE593E4FEC3B}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{D40BEE31-5F7B-4186-8BD4-9440D7D9A689}] => (Allow) E:\Steam\SteamApps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe FirewallRules: [{D4085136-777D-487C-9614-59DC29C6E4BC}] => (Allow) E:\Steam\SteamApps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe FirewallRules: [{671CFEB2-13D7-4C81-9F39-6B01F94DD4D3}] => (Allow) E:\Steam\SteamApps\common\Sword Coast Legends\SwordCoast.exe FirewallRules: [{B5BB585F-3FAE-4B5C-8FDA-25C188E40F92}] => (Allow) E:\Steam\SteamApps\common\Sword Coast Legends\SwordCoast.exe FirewallRules: [{0C0BEC0A-EBB1-46F2-8504-AA3D039071E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{5D366CB0-329E-4492-B892-FDD6F6424DBD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{23FD4592-0A1E-4ED7-B33B-84D9FF32ECE1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{6C0D5192-F0B3-496A-937B-95BF2C42A008}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{694775E2-71C6-4F92-95C1-CE30B7384F58}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{D40465AA-A88C-4BC9-B2BA-2F51B20CF5D8}] => (Allow) E:\Origin Games\SimCity\SimCity\SimCity.exe FirewallRules: [{7522DCBD-351D-4CA9-932B-2085EE8331A7}] => (Allow) E:\Origin Games\SimCity\SimCity\SimCity.exe FirewallRules: [{ABCD9D2A-0DFE-4358-9423-01F4F44C72F3}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{57D8FA44-EA07-4055-9456-CB42096EA039}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{9DAB21CC-1E4D-4278-A4E2-A2B392FBE09E}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{FFDA303C-81CA-4CF2-A422-4B9CFAB17FA7}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0B766991-26F1-4D1C-97C4-915D25E44F89}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0882A8CA-958F-432A-A538-B6114228BD4D}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{15A5C0D4-F649-45A1-8F6E-6596F2F74419}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{998EB994-61B4-4439-BF4E-23A85A072D5E}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{11EA87D8-3820-499D-8D11-2E9F472F6283}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{80B75330-A2F8-4231-AB67-B6D52A03BDFD}] => (Allow) E:\Steam\SteamApps\common\TreeOfSavior\release\patch\tos.exe FirewallRules: [{B4FDB7D3-8A77-46A8-8D8D-C21D9924C7E6}] => (Allow) E:\Steam\SteamApps\common\TreeOfSavior\release\patch\tos.exe FirewallRules: [{21830394-2C27-469C-8897-E36ABE86CA30}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{EA7D2852-20F7-4C3B-A678-35D975C25831}] => (Allow) C:\Users\Rogério\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{D3E18C15-52A3-4096-B48A-B121EC01D840}C:\users\rogério\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\rogério\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{87E64EE3-FF2C-4D2F-844A-4A407623700A}C:\users\rogério\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\rogério\appdata\local\akamai\netsession_win.exe FirewallRules: [{2D6CABFD-A41D-4EAF-B5FA-4B347A0D272A}] => (Allow) D:\FormatFactory\FormatFactory.exe FirewallRules: [{AC0A28C6-20CB-4877-8457-2CF3F589BC38}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{C9F054A8-9EE4-4182-B9FE-CA93EFD8F3C6}] => (Allow) D:\FormatFactory\FormatFactory.exe FirewallRules: [{D1EC6DFB-E4F2-42E3-8F06-3E7B73C6308A}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{5FEEDB86-69E0-4D54-A47B-3CD256347BBA}] => (Allow) D:\FormatFactory\FormatFactory.exe FirewallRules: [{6FEC8C01-9A2E-4634-81BC-AC3E009090CA}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{783F3379-67BD-452B-B7E4-1BC3076A56A4}] => (Allow) D:\FormatFactory\FFModules\Package\PTInstOnline.exe FirewallRules: [{A6C69910-5338-4288-8F2E-601FF9D0A76A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe FirewallRules: [{9E7F09B8-B141-4EA2-807D-4021A23E54D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe FirewallRules: [{6A7C1CCD-6203-464F-848E-79879F9F0CD1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Pontos de Restauração ========================= ATENÇÃO: A Restauração do Sistema está desabilitada ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: Logitech Cordless Device Description: Logitech Cordless Device Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da} Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Logitech Cordless Device Description: Logitech Cordless Device Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da} Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Logitech Cordless Device Description: Logitech Cordless Device Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da} Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (12/16/2017 05:06:12 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: WhatsApp_ExecutionStub.exe, versão: 0.2.6426.0, carimbo de data/hora: 0x5931cd5c Nome do módulo com falha: WhatsApp_ExecutionStub.exe, versão: 0.2.6426.0, carimbo de data/hora: 0x5931cd5c Código de exceção: 0xc0000005 Deslocamento da falha: 0x00004729 ID do processo com falha: 0x3648 Hora de início do aplicativo com falha: 0x01d3763c5b57da40 Caminho do aplicativo com falha: C:\Users\Rogério\AppData\Local\WhatsApp\app-0.2.6426\WhatsApp_ExecutionStub.exe Caminho do módulo com falha: C:\Users\Rogério\AppData\Local\WhatsApp\app-0.2.6426\WhatsApp_ExecutionStub.exe ID do Relatório: 8e59dd86-f9b4-4cf9-b79c-a854fd4fd207 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (12/16/2017 02:12:38 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: explorer.exe, versão: 10.0.16299.125, carimbo de data/hora: 0x98ed27dd Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000 Código de exceção: 0xc0000005 Deslocamento da falha: 0x10868bd0 ID do processo com falha: 0xeb8 Hora de início do aplicativo com falha: 0x01d37624158cb638 Caminho do aplicativo com falha: C:\WINDOWS\SysWOW64\explorer.exe Caminho do módulo com falha: unknown ID do Relatório: 687b9a1d-aaf8-40cd-925d-aafb720265e9 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (12/13/2017 09:15:25 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: Falha no Procedimento Open para o serviço "BITS" na DLL "C:\Windows\System32\bitsperf.dll". Os dados de desempenho para este serviço não estarão disponíveis. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código do erro. Error: (12/12/2017 05:32:00 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa CUE.exe versão 2.20.72.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção. ID do Processo: 27a4 Hora de Início: 01d3731cb991a6d0 Hora de Término: 0 Caminho do Aplicativo: C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe ID do Relatório: f05352b1-a49a-4d37-9f9f-4b32fdd7175c Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (12/12/2017 05:42:01 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa CUE.exe versão 2.20.72.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção. ID do Processo: 2c7c Hora de Início: 01d3722684d33bd3 Hora de Término: 4294967295 Caminho do Aplicativo: C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe ID do Relatório: 2073f252-bdd1-47f0-8878-2ffe901f68f3 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (12/12/2017 05:38:19 AM) (Source: COM) (EventID: 10031) (User: ) Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {41FD88F7-F295-4D39-91AC-A85F3149A05B} foi rejeitada Error: (12/12/2017 05:38:19 AM) (Source: COM) (EventID: 10031) (User: ) Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {95CABCC9-BC57-4C12-B8DF-BA193232AA01} foi rejeitada Error: (12/12/2017 05:38:19 AM) (Source: COM) (EventID: 10031) (User: ) Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {41FD88F7-F295-4D39-91AC-A85F3149A05B} foi rejeitada Error: (12/12/2017 05:38:19 AM) (Source: COM) (EventID: 10031) (User: ) Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {95CABCC9-BC57-4C12-B8DF-BA193232AA01} foi rejeitada Error: (12/11/2017 10:11:30 PM) (Source: COM) (EventID: 10031) (User: ) Description: Uma verificação de política de unmarshaling foi executada ao realizar unmarshaling em um objeto de marshaling personalizado, e a classe {41FD88F7-F295-4D39-91AC-A85F3149A05B} foi rejeitada Erros de Sistema: ============= Error: (12/16/2017 04:58:19 AM) (Source: DCOM) (EventID: 10016) (User: ROGÉRIO) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} e APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} ao usuário Rogério\Rogério SID (S-1-5-21-2442392909-140579935-1769747838-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (12/16/2017 02:12:53 AM) (Source: DCOM) (EventID: 10016) (User: ROGÉRIO) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} e APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} ao usuário Rogério\Rogério SID (S-1-5-21-2442392909-140579935-1769747838-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (12/15/2017 07:09:41 PM) (Source: DCOM) (EventID: 10016) (User: ROGÉRIO) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} e APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} ao usuário Rogério\Rogério SID (S-1-5-21-2442392909-140579935-1769747838-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (12/15/2017 04:35:30 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (12/15/2017 04:29:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9P086NHDNB9W-Microsoft.XboxSpeechtoTextOverlay. Error: (12/15/2017 04:29:28 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH5FV99-Microsoft.MSPaint. Error: (12/15/2017 04:29:28 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH42THS-Microsoft.Microsoft3DViewer. Error: (12/15/2017 04:28:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070003: 9NBLGGH537C2-Microsoft.XboxGameOverlay. Error: (12/15/2017 01:29:59 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (12/14/2017 05:57:29 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 CodeIntegrity: =================================== Date: 2017-12-16 01:40:09.007 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171215.001\IPSEng64.dll that did not meet the Microsoft signing level requirements. Date: 2017-12-14 08:22:13.441 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171213.001\IPSEng64.dll that did not meet the Microsoft signing level requirements. Date: 2017-12-11 22:21:35.053 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171211.001\IPSEng64.dll that did not meet the Microsoft signing level requirements. Date: 2017-12-10 02:09:18.787 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171208.001\IPSEng64.dll that did not meet the Microsoft signing level requirements. Date: 2017-12-08 03:38:14.718 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171207.001\IPSEng64.dll that did not meet the Microsoft signing level requirements. Date: 2017-12-07 02:41:20.966 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171206.001\IPSEng64.dll that did not meet the Microsoft signing level requirements. Date: 2017-12-06 02:31:42.546 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171205.001\IPSEng64.dll that did not meet the Microsoft signing level requirements. Date: 2017-12-05 17:21:55.985 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20171204.001\IPSEng64.dll that did not meet the Microsoft signing level requirements. Date: 2017-12-03 19:29:14.466 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-12-03 19:29:13.740 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz Percentagem de memória em uso: 16% RAM física total: 16327.89 MB RAM física disponível: 13658.15 MB Virtual Total: 18759.89 MB Virtual disponível: 15464.68 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:118.46 GB) (Free:25.89 GB) NTFS Drive d: (Rogério) (Fixed) (Total:2794.39 GB) (Free:2013.78 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 8A6487A7) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=118.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ==================== Fim de Addition.txt ============================

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×