Remoção de vírus

Anderots · 19/12/2015

Lightman disse:

nem seu sabia, fui surpreendido :wall:

caedurodrigues · 20/12/2015

Bom dia Anderots, vamos fazer um check em certos serviços, atualizações e programas de segurança

Baixe: <> (...by glax24)
Salve-a na Desktop (Área de trabalho)
Para Windows 7, 8, e 10 clique direito em SecurityCheck e clique em
Aguarde enquanto a ferramenta faz o exame.
Ao término clique em "OK".
Ao final, abrirá um log, o SecurityCheck.txt.Este log é salvo em C: (Disco local) na pasta SecurityCheck que foi criada.
Não Anexe, apenas Copie e cole o relatório!.

Anderots · 20/12/2015

caedurodrigues disse:
Bom dia Anderots, vamos fazer um check em certos serviços, atualizações e programas de segurança

Baixe: <> (...by glax24)

Salve-a na Desktop (Área de trabalho)

Para Windows 7, 8, e 10 clique direito em SecurityCheck e clique em

Aguarde enquanto a ferramenta faz o exame.

Ao término clique em "OK".

Ao final, abrirá um log, o SecurityCheck.txt.Este log é salvo em C: (Disco local) na pasta SecurityCheck que foi criada.

Não Anexe, apenas Copie e cole o relatório!.

SecurityCheck by glax24 v.1.4.0.32 [01.11.15]
WebSite: www.safezone.cc
DateLog: 20.12.2015 01:04:38
Path starting: C:\Users\Usuario\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Ander
VersionXML: 2.19is-15.12.2015
___________________________________________________________________________

Windows 10(6.3.10240) (x64) Professional Lang: Portuguese(0416)
Installation date OS: 06.08.2015 00:26:43
LicenseStatus: Windows(R), Professional edition Volume activation will expire : 127163 minutes
Boot Mode: Normal
Default Browser: C:\Users\Usuario\AppData\Local\Google\Chrome\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [240.6 Gb] Used: [214.4 Gb] Free: [26.2 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.10240.16603 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
User Account Control enabled
Automatic download and scheduled installation
Windows Update (wuauserv) - The service is running
Central de Segurança (wscsvc) - The service is running
Registro remoto (RemoteRegistry) - The service has stopped
---------------------------- [ Antivirus_WMI ] ----------------------------
Bitdefender Antivirus (enabled and up to date)
Windows Defender (disabled)
---------------------------- [ Firewall_WMI ] -----------------------------
Bitdefender Firewall (enabled)
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Bitdefender Antispyware (enabled and up to date)
Windows Defender (disabled)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Bitdefender Internet Security 2016 v.20.0.23.1252
Bitdefender Agent v.20.0.23.1252
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware versão 2.2.0.1024 v.2.2.0.1024
--------------------------- [ OtherUtilities ] ----------------------------
Arquivo do WinRAR
Microsoft Silverlight v.5.1.40728.0 Warning! Download Update
TeamViewer 10 v.10.0.47484 Warning! Download Update
^Optional update.^
VLC media player v.2.2.1
--------------------------------- [ IM ] ----------------------------------
Skype™ 7.17 v.7.17.105 [+]
--------------------------------- [ P2P ] ---------------------------------
µTorrent v.3.4.5.41372 Warning! P2P-client.
-------------------------------- [ Java ] ---------------------------------
Java 7 Update 80 (64-bit) v.7.0.800
Java 7 Update 72 v.7.0.720 Warning! Download Update
Uninstall old version and install new one. Should install Java 8.
Java 8 Update 31 v.8.0.310 Warning! Download Update
Uninstall old version and install new one.
Java 8 Update 40 v.8.0.400 Warning! Download Update
Uninstall old version and install new one.
Java 8 Update 45 v.8.0.450 Warning! Download Update
Uninstall old version and install new one.
Java 8 Update 60 v.8.0.600.27 Warning! Download Update
Uninstall old version and install new one.
Java 8 Update 66 v.8.0.660.17 Warning! Download Update
Uninstall old version and install new one.
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Flash Player 20 NPAPI v.20.0.0.235
Adobe Shockwave Player 12.2 v.12.2.2.172
------------------------------- [ Browser ] -------------------------------
Google Chrome v.47.0.2526.80
Mozilla Firefox 41.0.1 (x86 pt-BR) v.41.0.1 Warning! Download Update
----------------------------- [ EmailClient ] -----------------------------
Windows Live Mail v.16.4.3528.0331
--------------------------- [ RunningProcess ] ----------------------------
C:\Users\Usuario\AppData\Local\Google\Chrome\Application\chrome.exe v.47.0.2526.80
C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe v.20.0.24.1281
C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe v.20.0.24.1281
C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxcr.exe v.20.0.24.1281
C:\Program Files\Bitdefender Agent\ProductAgentService.exe v.20.0.20.47
C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe v.20.0.19.1092
C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe v.20.0.24.1276
---------------------------- [ UnwantedApps ] -----------------------------
Driver Booster 3.0 v.3.0 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
----------------------------- [ End of Log ] ------------------------------

caedurodrigues · 20/12/2015

Como está o PC ?

Anderots · 20/12/2015

caedurodrigues disse:
Como está o PC ?

Ta lisinho lisinho, não tive mais problemas e nem demoras na inicialização.

tizzo.lucas · 20/12/2015

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:15:11, on 20/12/2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Lucas Tizzo\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = search.mpc.am
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?linkid=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = search.mpc.am
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 93.184.216.34 example.com
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\coIEPlg.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [RazerCortex] C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Ultra Agent] "C:\Program Files\DAEMON Tools Ultra\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [NitroPC] "C:\Program Files (x86)\NitroPC\NitroPC.exe" -minimized
O4 - Global Startup: OSD.lnk = ?
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{04BFA4B6-A989-481A-BA69-2F9D1E462538}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{04BFA4B6-A989-481A-BA69-2F9D1E462538}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Ultra Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Tecnologia de armazenamento Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\WINDOWS\system32\msiexec.exe (file missing)
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\ccSvcHst.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Update service - Company - C:\Program Files (x86)\Popcorn Time\Updater.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9143 bytes

não consegui abrir o OTL pois meu notebook não está abrindo nenhum .exe,não entra no regedit,no gerenciador de tarefas e no cmd modo adm

caedurodrigues · 20/12/2015

Boa noite Anderots, siga os passos abaixo para encerrar o tópico.
Agora vamos remover as ferramentas utilizadas na desinfecção.

Baixe: <> (...par Xplode)
Salve-a na sua área de trabalho.
Dê dois cliques no delfix.exe para executá-lo.
Usuários do Windows Vista ou Windows 7,clique com o direito do mouse sobre o arquivo delfix.exe,depois clique em:
Marque as caixinhas, de acordo com a imagem.
Clique no botão Executar.
Reinicie o computador!
Tudo OK ?

Cartilha de Segurança > << Link!
Leia as várias dicas que estão contidas na Cartilha de Segurança e fique livre de infecções!
Instale a extensão Adblock, para se ver livre das propagandas:
>>

Para Google Chrome clique aqui
>>

Para Firefox clique aqui
>>

Para Internet Explorer: 32 bits clique aqui 64 bits clique aqui
Worms USB (Vírus de pendrive) podem infectar qualquer tipo de dispositivo de armazenamento removível (pendrives, mp3, mp4, celulares, cartões de memória, câmeras fotográficas). Este tipo de malware explora um recurso nativo do Windows chamado Autorun, ou Autoplay. O Autoplay precisa de um arquivo chamado autorun.inf para funcionar.
Mantenha um cópia limpa e protegida do arquivo autorun.inf em todos os dispositivos removíveis e em todas as unidades do sistema. Deste modo, se acaso você plugar o seu pendrive em algum pc infectado, o malware não vai conseguir sobreescrever o arquivo pré-existente. Mas ainda assim ele poderá copiar seus executáveis maliciosos para o pendrive, tais como .EXE, .SCR, .CMD, .PIF, .BAT, .COM.
Se você plugar este pendrive em uma máquina limpa e executar algum desses arquivos maliciosos, esse sistema será infectado da mesma forma. Portanto, tenha cuidado e use o bom senso.
Para criar um arquivo autorun.inf protegido: Panda USB Vacine.
Previna-se da instalação de PUPs com o Unchecky.
Existe um vídeo demonstrando o programa.
Baixe o programa Ccleaner:
IMPORTANTE: Após a instalação vá até o local onde o programa foi instalado, C:\Arquivos de programas\CCleaner,
clique duas vezes na pasta, numa área vazia desta janela, clique com o botão direito do mouse e escolha Novo >> pasta e crie uma nova pasta; coloque o nome de backups!
Abra o programa e clique em Executar Limpeza;
clique no botão Registro >> Procurar Erros >> Corrigir erro(s) selecionados(s).
Obs: Não se esqueça de aceitar o backup das correções, e salvá-los nas pasta criada acima!
Versões antigas de programas têm vulnerabilidades que alguns malwares podem usar para infectar o seu sistema.
Por isso, é recomendável atualizar os programas que o Security Check apontou como desatualizados (os updates opcionais ficam ao seu critério).
Basta clicar no Download Update de cada aviso, que irá para o site do desenvolvedor.
Visite o Windows Update regularmente e verifique por atualizações.
Novas brechas de segurança são descobertas com frequência. Muitos malwares exploram essas brechas, infectando sistemas sem depender de nenhuma ação do usuário. A Microsoft corrige essas brechas através das atualizações.
Por isso é fundamental manter o seu sistema atualizado.

caedurodrigues · 20/12/2015

Boa noite tizzo.lucas, vamos utilizar uma ferramenta mais avançada para verificar o seu PC.

Baixe: <ZHPDiag3 ><

> ( ...Nicolas Coolman)
Na página, clique
Salve-a no Desktop (Área de trabalho)
Dê um duplo clique para executar

.
Para Windows 7, 8 clique direito e depois em
Clique "Eu"
Clique em Scanner
Após a Conclusão
Clique em Relatório
Obs: O relatório por ser extenso deve ser postado em um desses sites:
Acesse: <>
Ou acesse:<>
Ou utilize o Spoiler.
Maiores informações:<Link> << Hospedagem !

tizzo.lucas · 21/12/2015

não consegui executar o ZHPDiag3 no meu notebook por causa do problema(vírus) que não deixa abrir nenhum .exe

caedurodrigues · 21/12/2015

Boa noite tizzo.lucas, execute a ferramenta ZHPDiag em modo de segurança com rede. Um grande abraço.

Anderots · 22/12/2015

caedurodrigues disse:
Boa noite Anderots, siga os passos abaixo para encerrar o tópico.
Agora vamos remover as ferramentas utilizadas na desinfecção.

Baixe: <> (...par Xplode)

Salve-a na sua área de trabalho.

Dê dois cliques no delfix.exe para executá-lo.

Usuários do Windows Vista ou Windows 7,clique com o direito do mouse sobre o arquivo delfix.exe,depois clique em:

Marque as caixinhas, de acordo com a imagem.

Clique no botão Executar.

Reinicie o computador!

Tudo OK ?

Cartilha de Segurança > << Link!

Leia as várias dicas que estão contidas na Cartilha de Segurança e fique livre de infecções!

Instale a extensão Adblock, para se ver livre das propagandas:
>>

Para Google Chrome clique aqui
>>

Para Firefox clique aqui
>>

Para Internet Explorer: 32 bits clique aqui 64 bits clique aqui

Worms USB (Vírus de pendrive) podem infectar qualquer tipo de dispositivo de armazenamento removível (pendrives, mp3, mp4, celulares, cartões de memória, câmeras fotográficas). Este tipo de malware explora um recurso nativo do Windows chamado Autorun, ou Autoplay. O Autoplay precisa de um arquivo chamado autorun.inf para funcionar.
Mantenha um cópia limpa e protegida do arquivo autorun.inf em todos os dispositivos removíveis e em todas as unidades do sistema. Deste modo, se acaso você plugar o seu pendrive em algum pc infectado, o malware não vai conseguir sobreescrever o arquivo pré-existente. Mas ainda assim ele poderá copiar seus executáveis maliciosos para o pendrive, tais como .EXE, .SCR, .CMD, .PIF, .BAT, .COM.
Se você plugar este pendrive em uma máquina limpa e executar algum desses arquivos maliciosos, esse sistema será infectado da mesma forma. Portanto, tenha cuidado e use o bom senso.
Para criar um arquivo autorun.inf protegido: Panda USB Vacine.

Previna-se da instalação de PUPs com o Unchecky.
Existe um vídeo demonstrando o programa.

Baixe o programa Ccleaner:

IMPORTANTE: Após a instalação vá até o local onde o programa foi instalado, C:\Arquivos de programas\CCleaner,
clique duas vezes na pasta, numa área vazia desta janela, clique com o botão direito do mouse e escolha Novo >> pasta e crie uma nova pasta; coloque o nome de backups!

Abra o programa e clique em Executar Limpeza;

clique no botão Registro >> Procurar Erros >> Corrigir erro(s) selecionados(s).
Obs: Não se esqueça de aceitar o backup das correções, e salvá-los nas pasta criada acima!

Versões antigas de programas têm vulnerabilidades que alguns malwares podem usar para infectar o seu sistema.
Por isso, é recomendável atualizar os programas que o Security Check apontou como desatualizados (os updates opcionais ficam ao seu critério).
Basta clicar no Download Update de cada aviso, que irá para o site do desenvolvedor.

Visite o Windows Update regularmente e verifique por atualizações.
Novas brechas de segurança são descobertas com frequência. Muitos malwares exploram essas brechas, infectando sistemas sem depender de nenhuma ação do usuário. A Microsoft corrige essas brechas através das atualizações.
Por isso é fundamental manter o seu sistema atualizado.

Muito obrigado pela ajuda, excelente mesmo, muito profissional ta de parabéns!
:mr:

, ocorreu tudo certo e recuperei o espaço no HD que o vírus havia tomado e creio que não ha vestígios dele no PC!
Instalei os programas recomendados que vale ressaltar muito melhor do que qualquer Advanced, pois pesa menos no sistema e trás mais segurança. :melior2:

tfarina · 19/01/2016

Bom Dia, podem me ajudar?

Um pouco de lentidão aqui....
Pode ser algum virus?

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 10:26:47, on 19/01/2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18163)

Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avpui.exe
C:\Users\Gamer\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Gamer\AppData\Roaming\Spotify\SpotifyCrashService.exe
C:\Users\Gamer\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Gamer\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\Gamer\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\Users\Gamer\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://br.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Safe Money Plugin - {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ASUS ShellProcess Execute] C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Gamer\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Gamer\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SISTEMA')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: Teclado Virtual - {5547CE1F-74E9-41E5-9CBF-5211ECC37341} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.12\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AAHM\1.00.09\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.10\AsSysCtrlService.exe
O23 - Service: Serviço do Kaspersky Anti-Virus 15.0.2 (AVP15.0.2) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - D:\Jogos\GalaxyClient\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareService.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 11935 bytes

caedurodrigues · 24/01/2016

Boa noite tfarina,

Baixe:<> <(...by Farbar)>
Ou aqui:<Farbar Recovery Scan Tool 64-bits>
Salve-a na Área de trabalho !
Execute a ferramenta ! Clique "Yes" >> "Scan".
Verifique se as caixinhas em "Whitelist" estão assinaladas.
Em "Optional Scan",deixe marcada a checkbox "Addition.txt".
Marque também a checkbox 90 Days Files
Será gerado o relatório! (FRST.txt)
Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na 1ª execução da ferramenta.
Acesse: <>
Ou acesse:<>
Ou utilize o spoiler.
Maiores informações:<Link> << Hospedagem !

ATENÇÃO: para o correto funcionamento da ferramenta, ela tem de estar diretamente na área de trabalho, não pode ficar em uma pasta.

Vektorios · 28/01/2016

Boa noite!

Aqui apareceu uma janela quadrada e pequena do nada na minha tela, passou submarino e outra propagandas, primeira vez que vi que peguei um vírus, não uso nenhuma proteção a muito tempo...
=/

passei rogue killer, to passando malwarebytes e outros aqui... depois vou apagar.

Alguma indicação?

caedurodrigues · 28/01/2016

Bom dia Vektorios, vamos analisar o seu PC.

Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Baixe:<> <(...by Farbar)>
Ou aqui:<Farbar Recovery Scan Tool 64-bits>
Salve-a na Área de trabalho !
Execute a ferramenta ! Clique "Yes" >> "Scan".
Verifique se as caixinhas em "Whitelist" estão assinaladas.
Em "Optional Scan",deixe marcada a checkbox "Addition.txt".
Marque também a checkbox 90 Days Files
Será gerado o relatório! (FRST.txt)
Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na 1ª execução da ferramenta.
Acesse: <>
Ou acesse:<>
Ou utilize o spoiler
Maiores informações:<Link> << Hospedagem !

ATENÇÃO: para o correto funcionamento da ferramenta, ela tem de estar diretamente na área de trabalho, não pode ficar em uma pasta.

Vektorios · 28/01/2016

caedurodrigues disse:
Bom dia Vektorios, vamos analisar o seu PC.

Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Baixe:<> <(...by Farbar)>

Ou aqui:<Farbar Recovery Scan Tool 64-bits>

Salve-a na Área de trabalho !

Execute a ferramenta ! Clique "Yes" >> "Scan".

Verifique se as caixinhas em "Whitelist" estão assinaladas.

Em "Optional Scan",deixe marcada a checkbox "Addition.txt".

Marque também a checkbox 90 Days Files

Será gerado o relatório! (FRST.txt)

Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na 1ª execução da ferramenta.

Acesse: <>

Ou acesse:<>

Ou utilize o spoiler

Maiores informações:<Link> << Hospedagem !

ATENÇÃO: para o correto funcionamento da ferramenta, ela tem de estar diretamente na área de trabalho, não pode ficar em uma pasta.

ok, vou tentar aqui

Imagem do "virus"...

caedurodrigues · 28/01/2016

Não deixe de postar o relatório para que seja analisado, e à partir daí nós possamos tomar as primeiras medidas para a solução do problema. Fico aguardando.

Vektorios · 28/01/2016

caedurodrigues disse:
Bom dia Vektorios, vamos analisar o seu PC.

Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Baixe:<> <(...by Farbar)>

Ou aqui:<Farbar Recovery Scan Tool 64-bits>

Salve-a na Área de trabalho !

Execute a ferramenta ! Clique "Yes" >> "Scan".

Verifique se as caixinhas em "Whitelist" estão assinaladas.

Em "Optional Scan",deixe marcada a checkbox "Addition.txt".

Marque também a checkbox 90 Days Files

Será gerado o relatório! (FRST.txt)

Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na 1ª execução da ferramenta.

Acesse: <>

Ou acesse:<>

Ou utilize o spoiler

Maiores informações:<Link> << Hospedagem !

ATENÇÃO: para o correto funcionamento da ferramenta, ela tem de estar diretamente na área de trabalho, não pode ficar em uma pasta.

Adicional

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:27-01-2016
Executado por Belens (2016-01-28 22:42:17)
Executando a partir de C:\Users\wfbel\Desktop
Windows 10 Pro (X64) (2015-12-10 12:47:20)
Modo da Inicialização: Normal
==========================================================

==================== Contas: =============================

Administrador (S-1-5-21-1318128271-906303683-316216538-500 - Administrator - Disabled)
Belens (S-1-5-21-1318128271-906303683-316216538-1002 - Administrator - Enabled) => C:\Users\wfbel
Convidado (S-1-5-21-1318128271-906303683-316216538-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1318128271-906303683-316216538-503 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: FortiClient AntiVirus (Enabled - Up to date) {71629DC5-BE6F-CCD3-C5A5-014980643264}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: FortiClient AntiVirus (Enabled - Up to date) {CA037C21-9855-C35D-FF15-3A3BFBE378D9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Aarklash: Legacy (HKLM-x32\...\Steam App 222640) (Version: - Cyanide)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Atualizações da NVIDIA 2.9.1.35 (Version: 2.9.1.35 - NVIDIA Corporation) Hidden
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Company of Heroes (New Steam Version) (HKLM-x32\...\Steam App 228200) (Version: - Relic)
DiRT Rally (HKLM\...\ZGlydHJhbGx5_is1) (Version: 1 - )
Discord (HKU\S-1-5-21-1318128271-906303683-316216538-1002\...\Discord) (Version: 0.0.283 - Hammer & Chisel, Inc.)
Dr. Langeskov, The Tiger, and The Terribly Cursed Emerald: A Whirlwind Heist (HKLM-x32\...\Steam App 409160) (Version: - Crows Crows Crows)
Enemy Front (HKLM-x32\...\Steam App 256190) (Version: - CI Games)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Everything 1.2.1.371 (HKLM-x32\...\Everything) (Version: - )
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - )
Fallout 4 Portuguese-Brazil Language Pack (HKLM-x32\...\Fallout 4 Portuguese-Brazil Language Pack_is1) (Version: - )
foobar2000 v1.0.1 (HKLM-x32\...\foobar2000) (Version: 1.0.1 - Peter Pawlowski)
FormatFactory 3.2.1.0 (HKLM-x32\...\FormatFactory) (Version: 3.2.1.0 - Format Factory)
FortiClient (HKLM\...\{B5E0B33F-91D4-408B-BE40-46BCA75F3914}) (Version: 5.4.0.0780 - Fortinet Inc)
Google Update Helper (x32 Version: 1.2.183.13 - Google Inc.) Hidden
Grim Fandango Remastered (HKLM-x32\...\Steam App 316790) (Version: - Double Fine Productions)
IdleMaster (HKU\S-1-5-21-1318128271-906303683-316216538-1002\...\1d85483b1c982d8c) (Version: 1.4.0.0 - IdleMaster)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Lightshot-5.3.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.3.0.0 - Skillbrains)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.6366.2056 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version: - Monolith Productions, Inc.)
Mozilla Firefox 43.0.4 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 pt-BR)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
NVIDIA Driver de áudio HD 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Driver de controle do 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Driver de gráficos 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.35 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Office 2016 KMS Activator Ultimate v1.1 Final (HKLM\...\Office 2016 KMS Activator Ultimate v1.1 Final_is1) (Version: v1.1 Final - )
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Outland (HKLM-x32\...\Steam App 305050) (Version: - Housemarque)
Painel de controle da NVIDIA 361.75 (Version: 361.75 - NVIDIA Corporation) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.4.1.0 - Popcorn Time)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
qBittorrent 3.3.1 (HKLM-x32\...\qBittorrent) (Version: 3.3.1 - The qBittorrent project)
Resident Evil 0 HD Remaster (HKLM-x32\...\Resident Evil 0 HD Remaster_is1) (Version: - )
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.35 - NVIDIA Corporation) Hidden
Sine Mora (HKLM-x32\...\Steam App 207040) (Version: - Digital Reality)
SmoothTranscode (HKLM-x32\...\SmoothTranscode) (Version: 0.6 - Atomic Wasteland)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-1318128271-906303683-316216538-1002\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
The Talos Principle (HKLM-x32\...\Steam App 257510) (Version: - Croteam)
This War of Mine (HKLM-x32\...\Steam App 282070) (Version: - 11 bit studios)
Tom Clancy's The Division Beta (HKLM-x32\...\Uplay Install 2036) (Version: - Ubisoft)
Unchecky v0.4.2 (HKLM-x32\...\Unchecky) (Version: 0.4.2 - RaMMicHaeL)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {01B522A4-41B7-4574-AF0E-3A864E261344} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)
Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {11757A41-2A0B-467D-AC56-D0F999979217} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-01-08] (Microsoft Corporation)
Task: {3BA2C7E7-C291-4881-806C-7D9C3D74703E} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [2015-12-10] (MSFree Inc.)
Task: {4ADDECD7-42B7-41AC-8BEF-F596C0C30BFD} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-08-17] (@ByELDI)
Task: {5177AA21-4329-483F-A043-E8CF82B5C149} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-01-08] (Microsoft Corporation)
Task: {523631CD-196A-4073-B1F0-64FA77D2984E} - System32\Tasks\update-S-1-5-21-1318128271-906303683-316216538-1002 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-29] ()
Task: {54FA821B-BE10-4BDB-903E-B81C4A17AF79} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-07] (Microsoft Corporation)
Task: {91CEEC2F-3430-4A0F-A27D-0140FFFA89E2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {922E1F95-82ED-4308-9E15-132F8E444545} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-07] (Microsoft Corporation)
Task: {A22A86A3-4FEA-45A9-B896-F515B43D443E} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2015-12-07] ()
Task: {B9B5545D-270A-4A7A-9A3B-7601AE762CEB} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-29] ()
Task: {F2464843-1AA0-46B6-9086-3B2D75950426} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-01-17] (Microsoft Corporation)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\update-S-1-5-21-1318128271-906303683-316216538-1002.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

==================== Módulos Carregados (Whitelisted) ==============

2015-10-30 15:17 - 2015-10-30 15:17 - 00028672 _____ () C:\Windows\SYSTEM32\efsext.dll
2015-10-30 15:18 - 2015-10-30 15:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2015-12-10 21:02 - 2016-01-23 09:01 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-23 00:20 - 2016-01-23 10:55 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2015-12-16 08:39 - 2016-01-26 08:17 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2015-12-10 21:37 - 2015-11-22 18:47 - 02653816 _____ () C:\Windows\system32\CoreUIComponents.dll
2015-11-24 00:44 - 2015-11-24 00:44 - 00403456 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
2015-12-07 10:37 - 2015-12-07 10:37 - 00580296 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2015-12-10 21:37 - 2015-11-22 18:47 - 02653816 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-01-22 19:53 - 2016-01-22 19:53 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-11 01:13 - 2016-01-07 17:13 - 00162472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2016-01-13 08:28 - 2015-12-07 12:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-01-13 08:28 - 2015-12-07 12:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-02 17:19 - 2015-12-02 17:19 - 00205000 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
2015-11-24 00:43 - 2015-11-24 00:43 - 00026112 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
2015-11-24 00:44 - 2015-11-24 00:44 - 00088576 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
2016-01-13 08:29 - 2016-01-05 09:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 08:28 - 2016-01-05 09:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-28 16:21 - 2016-01-16 13:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-28 16:22 - 2016-01-16 13:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-10-06 11:08 - 2015-10-06 11:08 - 00552978 _____ () C:\Program Files (x86)\Fortinet\FortiClient\sqlite3.dll
2015-12-06 14:55 - 2015-12-06 14:55 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2015-12-06 14:55 - 2015-12-06 14:55 - 00057856 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2015-12-06 14:55 - 2015-12-06 14:55 - 00225792 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2015-12-06 14:55 - 2015-12-06 14:55 - 00657408 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2015-12-06 14:55 - 2015-12-06 14:55 - 00357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2015-11-24 00:43 - 2015-11-24 00:43 - 00356864 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll
2016-01-22 19:53 - 2016-01-22 19:53 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 19:53 - 2016-01-22 19:53 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-12-11 00:35 - 2016-01-23 10:55 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-11-24 00:43 - 2015-11-24 00:43 - 00056832 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2015-11-24 00:43 - 2015-11-24 00:43 - 00353792 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2015-11-24 00:43 - 2015-11-24 00:43 - 00071680 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2014-06-17 06:29 - 2015-12-15 13:54 - 00782336 _____ () G:\Steam\SDL2.dll
2014-12-04 08:28 - 2015-07-04 00:12 - 04962816 _____ () G:\Steam\v8.dll
2014-06-17 06:29 - 2016-01-28 09:12 - 02546768 _____ () G:\Steam\video.dll
2014-12-04 08:28 - 2015-07-04 00:12 - 01556992 _____ () G:\Steam\icui18n.dll
2014-12-04 08:28 - 2015-07-04 00:12 - 01187840 _____ () G:\Steam\icuuc.dll
2014-08-22 10:11 - 2015-09-24 08:33 - 02549248 _____ () G:\Steam\libavcodec-56.dll
2014-08-22 10:11 - 2015-09-24 08:33 - 00491008 _____ () G:\Steam\libavformat-56.dll
2014-08-22 10:11 - 2015-09-24 08:33 - 00332800 _____ () G:\Steam\libavresample-2.dll
2014-08-22 10:11 - 2015-09-24 08:33 - 00442880 _____ () G:\Steam\libavutil-54.dll
2014-08-22 10:11 - 2015-09-24 08:33 - 00485888 _____ () G:\Steam\libswscale-3.dll
2014-06-17 06:29 - 2016-01-28 09:12 - 00802896 _____ () G:\Steam\bin\chromehtml.DLL
2015-07-15 01:32 - 2015-12-30 09:51 - 00208896 _____ () G:\Steam\bin\openvr_api.dll
2016-01-13 21:08 - 2016-01-13 21:08 - 50648576 _____ () C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libcef.dll
2014-06-17 06:29 - 2016-01-06 09:52 - 48387872 _____ () G:\Steam\bin\libcef.dll
2014-12-16 19:18 - 2015-09-25 07:56 - 00119208 _____ () G:\Steam\winh264.dll
2016-01-28 22:40 - 2016-01-28 22:40 - 01507840 _____ () C:\Users\wfbel\Desktop\ADWCLE~1.EXE

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

==================== EXE Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)

==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2015-10-30 15:24 - 2016-01-28 22:09 - 00002024 ____A C:\Windows\system32\Drivers\etc\hosts

0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com

Existem ainda 4 mais linhas.

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-1318128271-906303683-316216538-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\wfbel\AppData\Roaming\Mozilla\Firefox\Papel de parede.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "Everything"
HKLM\...\StartupApproved\Run32: => "Lightshot"
HKU\S-1-5-21-1318128271-906303683-316216538-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1318128271-906303683-316216538-1002\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1318128271-906303683-316216538-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1318128271-906303683-316216538-1002\...\StartupApproved\Run: => "Discord"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{FD42471F-FEB8-48D8-B5EB-B9336B9D9A57}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{94E1089B-8B21-488E-A2FC-8D8097856561}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AB1ED6A4-35FF-4DB0-9F87-B109F5CDCEAB}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{2BCF88DC-CACB-48E4-B8BA-6F0E8ACB60B6}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{B0F7970D-A744-4D92-95C8-103E78225AEA}] => (Allow) G:\Steam\bin\steamwebhelper.exe
FirewallRules: [{BF766082-D7BD-4BB3-8EBC-FEEBEACE91B9}] => (Allow) G:\Steam\bin\steamwebhelper.exe
FirewallRules: [{562E0632-9DE8-4F4A-8B2E-53FBE44B3A19}] => (Allow) G:\Steam\steamapps\common\Dr Langeskov The Tiger and The Terribly Cursed Emerald A Whirlwind Heist\DrLangeskov.exe
FirewallRules: [{D1A11E9E-E679-4B76-A890-A501193BF6AE}] => (Allow) G:\Steam\steamapps\common\Dr Langeskov The Tiger and The Terribly Cursed Emerald A Whirlwind Heist\DrLangeskov.exe
FirewallRules: [{DC5C868C-C97A-4612-96F7-27BDB0B7AE33}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{C5D4728A-2990-40CD-A3F5-4B5C857740E1}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{7A80FC88-A1E4-4944-BA21-C6281B31A236}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B3551AB8-9585-4C01-9B51-91FCCB42433C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0351FB73-7257-4E48-B3F6-2AA3B8EB45CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{9972D48D-3CAD-4246-8DF7-67786D7FEED1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{7449BA51-BF0C-4168-A6C4-75637A9358F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D0F7A8C8-3ADB-4CDE-8463-D462695AC46E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B5D7358C-D473-4FF6-85FE-1E45C579A06D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FA84417E-0A92-412D-A1FA-8E6C9A3EA22F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{BF7B2415-6070-4410-BF48-4508BD377423}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{DFD32B33-92F4-4E78-8839-EEAE741D2320}] => (Allow) G:\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{C122E8E1-829C-4DC9-B88F-4AF2135E52DA}] => (Allow) G:\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{9BCDBA49-0829-4FC5-9623-5CC013A1AB8C}] => (Allow) G:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{98569E5A-27D3-4E10-88E0-0FECA1669EDD}] => (Allow) G:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6CF80E5E-F992-47F6-BF9A-664879773697}] => (Allow) G:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{2812BA5F-D21C-40DC-8CC0-247AD0DF0803}] => (Allow) G:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{3032FB61-ECF4-4FFD-870E-4AA342DDF5B7}] => (Allow) G:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{CDA62A54-418C-4702-83DC-D6ED960767E2}] => (Allow) G:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{1F234900-6A9E-4705-9991-20C72CB273E2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{EEABF3C7-5617-4B33-B885-0F8A5339810E}] => (Allow) G:\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{DFA917C3-78D5-4820-8288-7CB5B821D836}] => (Allow) G:\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{D4F41551-EC7C-4005-B273-BBE2ADF05390}] => (Allow) G:\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{7296AB0C-9749-4059-B5F4-2BAEFBA9BE06}] => (Allow) G:\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{DCFC2C2C-35DF-40C2-8916-F662E42669D7}] => (Allow) G:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{6A985584-7938-4F68-94BA-29A3589ABFFE}] => (Allow) G:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{7CE681CB-7489-427A-A9FD-63921E8276B8}] => (Allow) G:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{05847F77-F9D5-4047-BE65-31E5BAD9A778}] => (Allow) G:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{7A08BD60-52A1-4180-9B25-A5F8EE57B278}] => (Allow) G:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{0CF1C3A4-A300-4FEB-83FF-AAD18C92E1F3}] => (Allow) G:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{AC038609-FF4F-4418-8AE7-3A1C24580FBA}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{4BB73859-3021-4188-9464-F5D9092E4180}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{F9E9EEB5-DBFB-4829-A11D-7B614761E9BF}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{F1639385-2C21-4C74-B913-925A0163E410}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{930381C8-91AC-4DCC-92F5-D35917452D22}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{3D67292F-CA55-46E3-81C0-2F4EC020771F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [TCP Query User{5079C263-9E14-4768-969C-1308BA12F6FE}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{37675035-9D84-458A-9FDF-74A8EAA72778}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{40A8D9AC-B7B4-49DA-8041-14194C8B11D8}] => (Allow) G:\Steam\steamapps\common\FightTheDragon\FightTheDragon.exe
FirewallRules: [{9E74900F-DC60-4D17-B38A-B2AF4019CB1F}] => (Allow) G:\Steam\steamapps\common\FightTheDragon\FightTheDragon.exe
FirewallRules: [{4AC4B733-E657-4021-A986-29C790B32864}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A13FE3F8-1338-46E3-BA6F-F20DD2DA63E9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{45CF61C3-CF01-48DD-A839-4069719A2FB0}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{EE63A661-9928-44B9-891B-6CD78BE9B6CB}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{77EB44F0-6422-497B-8A5A-43C7994E0C67}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{9405A3EB-60FF-4108-9F9C-164246BCFCB7}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{33CA4994-A3BA-4B53-9E3F-65CF99DC4DD4}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{A28D9065-A8E6-48A1-8402-087403D8A91C}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{21A40A36-A91B-4B01-B32C-5F7713608589}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{22BB6170-C67B-4A5C-9D7B-1AABF1730D49}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{F8986E26-7DBB-4D56-8B7D-D10390A76902}] => (Allow) G:\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{3A396FFD-68A7-41E9-9E3B-8C2385805399}] => (Allow) G:\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{F3F93B1E-2CA2-4E86-B71D-EA4CC381D8BF}] => (Allow) G:\Steam\steamapps\common\Unepic\unepic.exe
FirewallRules: [{0ECA824E-8023-4F5B-A262-7DC5906D100E}] => (Allow) G:\Steam\steamapps\common\Unepic\unepic.exe
FirewallRules: [{3E0EB739-E8B8-468F-8C4F-D9F202BE54CE}] => (Allow) G:\Steam\steamapps\common\Fishing Planet\FishingPlanet.exe
FirewallRules: [{0BC995F0-CD1E-44CF-9741-69F1DC58029B}] => (Allow) G:\Steam\steamapps\common\Fishing Planet\FishingPlanet.exe
FirewallRules: [{E726C44D-9718-4C50-A47B-AEF1F8875B5B}] => (Allow) G:\Steam\steamapps\common\Aarklash Legacy\Aarklash.exe
FirewallRules: [{31A378C2-4E19-43FD-B661-A9D381906ACE}] => (Allow) G:\Steam\steamapps\common\Aarklash Legacy\Aarklash.exe
FirewallRules: [{6E0D23C0-2C32-40CC-8838-87E4885FCEEE}] => (Allow) G:\Steam\steamapps\common\Outland\Outland.exe
FirewallRules: [{A402C7F9-EE68-420B-9957-B05A3F0F6555}] => (Allow) G:\Steam\steamapps\common\Outland\Outland.exe
FirewallRules: [{C4985E40-F123-4455-A524-A582C8927095}] => (Allow) G:\Steam\steamapps\common\Enemy Front\Bin32\EnemyFront.exe
FirewallRules: [{B6036C13-E796-4785-A8D2-3068E4DE3A33}] => (Allow) G:\Steam\steamapps\common\Enemy Front\Bin32\EnemyFront.exe
FirewallRules: [{B2253712-4774-4569-ACF0-3E9520779A85}] => (Allow) G:\Steam\steamapps\common\Enemy Front\Bin32\DedicatedServer.exe
FirewallRules: [{C399345D-DEEA-4BB8-8F00-A3643EC8F42C}] => (Allow) G:\Steam\steamapps\common\Enemy Front\Bin32\DedicatedServer.exe
FirewallRules: [{18794DB3-5E93-46EA-80AC-850574131EF0}] => (Allow) G:\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{471290E2-DFFC-4CC6-8A77-54662734A6D6}] => (Allow) G:\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{5195FD15-C6C6-47E4-92DA-FAC23EC6D153}] => (Allow) G:\Steam\steamapps\common\Grim Fandango Remastered\GrimFandango.exe
FirewallRules: [{B0CC1C1D-1D27-488A-96EB-1B744040DD8C}] => (Allow) G:\Steam\steamapps\common\Grim Fandango Remastered\GrimFandango.exe
FirewallRules: [TCP Query User{CCB21137-E89E-4BD4-B1AA-E5A1EBCE470E}G:\steam\steamapps\common\alien isolation\ai.exe] => (Allow) G:\steam\steamapps\common\alien isolation\ai.exe
FirewallRules: [UDP Query User{1753AA69-E847-4BE3-95A0-6B451EDC485C}G:\steam\steamapps\common\alien isolation\ai.exe] => (Allow) G:\steam\steamapps\common\alien isolation\ai.exe
FirewallRules: [{33BD9FD7-2649-4504-99EB-B91BF9A9DB54}] => (Allow) G:\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{7E37BC6F-EDCE-4C7C-AAF5-AB53977C35C3}] => (Allow) G:\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{9C4CE307-9FAA-42A8-B12E-2A19E5471884}] => (Allow) G:\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{4E1B3D24-2A1C-41AE-B092-A2A889A4608F}] => (Allow) G:\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{4557354C-3E82-41AA-B2AC-21C429F7614A}] => (Allow) G:\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{6A6194A4-1740-4AD6-ADB6-46B01BD91CB2}] => (Allow) G:\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{A5D32AC4-3B58-443A-BDD7-C790D1E55563}] => (Allow) G:\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{3DAD5EE3-4515-40E5-AD80-91B0737E0912}] => (Allow) G:\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{2F85C3AA-4F44-41BE-8E69-2A5D822496CF}] => (Allow) G:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{343BDF68-E944-456C-B5BA-532352A17E62}] => (Allow) G:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{D3036622-30BD-4160-805C-400D093861F0}] => (Allow) G:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{EC682330-5082-4C20-8F26-99AA54A16D59}] => (Allow) G:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{53A68BE8-4672-4AC7-83F9-DB6A207822B4}] => (Allow) G:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{EF37A3B6-6EB2-4EAC-8815-76592B839291}] => (Allow) G:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{42C15B15-1081-4155-9807-45059AD27F9A}] => (Allow) G:\Steam\steamapps\common\Sine Mora\SineMora.exe
FirewallRules: [{42838C98-3AC9-4E6F-ACD5-26B741B15493}] => (Allow) G:\Steam\steamapps\common\Sine Mora\SineMora.exe
FirewallRules: [{69EFFC78-9EA7-434F-93F2-DD0C2FF78A46}] => (Allow) G:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{A3A39081-80CD-4799-B9D1-A35739653980}] => (Allow) G:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{AE8C09F2-D493-49F3-ADDD-376931D76EC5}] => (Allow) G:\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{1C6FA69A-96F3-4D59-BA7B-1AB3FA3C3E24}] => (Allow) G:\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{669352E0-D8F5-45AF-AD27-032E8B0331C5}] => (Allow) G:\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{CC915ED4-E8FF-40D7-910D-C71AD799CEAA}] => (Allow) G:\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{FF5F6013-91B4-402A-9C4E-E3235FBECE47}] => (Allow) G:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{640793A3-A1F4-45D8-852B-8DDC3BA836C6}] => (Allow) G:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{3CA248BC-8634-47BC-9FC2-725594F2A486}] => (Allow) G:\Steam\steamapps\common\Portal Stories Mel\portal2.exe
FirewallRules: [{AA1AC673-9DF3-48DA-9E00-346B40370635}] => (Allow) G:\Steam\steamapps\common\Portal Stories Mel\portal2.exe
FirewallRules: [{B6BEC067-49E2-4479-B067-B08D639212C3}] => (Allow) G:\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{87AF7623-9A91-4C70-88D7-F57108D0EB33}] => (Allow) G:\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{78920A90-70DE-4DB9-8A85-D905BFD4BBF2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E9C1BB53-33DA-4331-8EFD-8E4CF3B8FE02}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F9CF40C8-1BA3-49BA-B40B-A7BCCD784658}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{75B5A349-A39B-4B82-A833-3AEE28782E42}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{CA232177-A64E-4B5D-B3C3-888BB15AB5A5}G:\steam\steamapps\common\brothers - a tale of two sons\binaries\win32\brothers.exe] => (Allow) G:\steam\steamapps\common\brothers - a tale of two sons\binaries\win32\brothers.exe
FirewallRules: [UDP Query User{AC28FDBE-3629-490E-8B2A-854C97A63A71}G:\steam\steamapps\common\brothers - a tale of two sons\binaries\win32\brothers.exe] => (Allow) G:\steam\steamapps\common\brothers - a tale of two sons\binaries\win32\brothers.exe
FirewallRules: [{CF523FB7-595C-4699-B3F1-3BBDEF9520E1}] => (Allow) G:\Steam\steamapps\common\STALKER Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{071B54BE-892A-475C-83B1-25364E2168A2}] => (Allow) G:\Steam\steamapps\common\STALKER Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{E431557D-D172-4C28-A3FF-4CCDDF0ADD10}] => (Allow) G:\Steam\steamapps\common\Stalker Call of Pripyat\bin\xrEngine.exe
FirewallRules: [{AD90C0E9-9898-48E6-8791-883D1622F7D9}] => (Allow) G:\Steam\steamapps\common\Stalker Call of Pripyat\bin\xrEngine.exe
FirewallRules: [{0EEE8938-E3EB-4F38-AD0A-729F9098AE1B}] => (Allow) G:\Steam\steamapps\common\STALKER Clear Sky\bin\xrEngine.exe
FirewallRules: [{1E2B2003-BC23-4CBC-B9ED-946C81DFEEF9}] => (Allow) G:\Steam\steamapps\common\STALKER Clear Sky\bin\xrEngine.exe
FirewallRules: [TCP Query User{D9A6F2BC-83E9-474C-AB66-73E51C32D903}G:\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Allow) G:\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe
FirewallRules: [UDP Query User{89E0D69C-6277-4C0E-AEE6-7E747FD34E63}G:\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Allow) G:\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe
FirewallRules: [{3FC77D1A-C9BF-498B-8E38-53DBC7B8DE6A}] => (Allow) G:\Steam\steamapps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{5F347A47-2DB8-4B85-A76B-BC12BB4F606E}] => (Allow) G:\Steam\steamapps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{5A278CA6-9719-427B-B673-7EED79A98005}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiProxy.exe
FirewallRules: [{59EE39DA-9F2A-4623-8BBF-6DAD295E94FC}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\ipsec.exe
FirewallRules: [{D7E4804A-25BA-4B1D-B9CB-FCA4E71D5552}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiWad.exe
FirewallRules: [{C0296E17-9817-43E9-9549-62705CE5E102}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\fortiesnac.exe

==================== Pontos de Restauração =========================

23-01-2016 04:20:53 Ponto de Verificação Agendado
25-01-2016 03:09:46 DirectX instalado
28-01-2016 00:07:27 Removed NVIDIA PhysX

==================== Dispositivos Apresentando Falhas No Gerenciador =============

==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (01/28/2016 02:03:09 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha na geração de contexto de ativação para "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1". Erro no arquivo de manifesto ou de política UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2", na linha UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Use o arquivo sxstrace.exe para obter um dignóstico detalhado.

Error: (01/28/2016 05:52:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-HAQNH0E)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (01/28/2016 01:46:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-HAQNH0E)
Description: O pacote Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy+CortanaUI foi terminado porque levou muito tempo para ser suspenso.

Error: (01/28/2016 01:45:55 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Erro no arquivo de manifesto ou de política "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2", na linha C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (01/28/2016 01:45:53 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Erro no arquivo de manifesto ou de política "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2", na linha C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (01/28/2016 12:38:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-HAQNH0E)
Description: O pacote Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy+App foi terminado porque levou muito tempo para ser suspenso.

Error: (01/28/2016 12:07:31 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.

System Error:
Acesso negado.
.

Error: (01/28/2016 12:07:07 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Erro no arquivo de manifesto ou de política "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2", na linha C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (01/28/2016 12:06:48 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Erro no arquivo de manifesto ou de política "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2", na linha C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (01/28/2016 12:02:15 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Erro no arquivo de manifesto ou de política "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2", na linha C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Erros de Sistema:
=============
Error: (01/28/2016 10:10:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço ClickToRunSvc devido ao seguinte erro:
%%1053

Error: (01/28/2016 10:10:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço ClickToRunSvc.

Error: (01/28/2016 10:09:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço WinDefend devido ao seguinte erro:
%%577

Error: (01/28/2016 10:05:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Acesso a Dados de Usuário_a98a5 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (01/28/2016 10:05:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Armazenamento de Dados de Usuário_a98a5 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (01/28/2016 10:05:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Dados de Contato_a98a5 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (01/28/2016 10:05:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_a98a5 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (01/28/2016 10:05:44 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível

Error: (01/28/2016 02:03:37 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-HAQNH0E)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-HAQNH0EBelensS-1-5-21-1318128271-906303683-316216538-1002LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (01/28/2016 02:03:35 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-HAQNH0E)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-HAQNH0EBelensS-1-5-21-1318128271-906303683-316216538-1002LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

CodeIntegrity:
===================================
Date: 2016-01-28 22:13:52.834
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-28 22:09:42.408
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-28 17:52:26.988
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\apagar depois\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7600.16385_none_9016c096ac966f13\userenv.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-28 17:52:26.978
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\apagar depois\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7600.16385_none_9016c096ac966f13\userenv.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-28 17:52:26.970
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\apagar depois\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7600.16385_none_9016c096ac966f13\userenv.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-28 17:52:26.960
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\apagar depois\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7600.16385_none_9016c096ac966f13\userenv.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-28 17:52:26.950
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\apagar depois\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7600.16385_none_9016c096ac966f13\userenv.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-28 17:52:26.942
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\apagar depois\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7600.16385_none_9016c096ac966f13\userenv.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-28 17:51:20.987
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\apagar depois\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7600.16385_none_34b0fc0c53728e43\fveapibase.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-28 17:51:20.978
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\apagar depois\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7600.16385_none_34b0fc0c53728e43\fveapibase.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Informações da Memória ===========================

Processador: Intel(R) Core(TM) i5-2310 CPU @ 2.90GHz
Percentagem de memória em uso: 37%
RAM física total: 8174.3 MB
RAM física disponível: 5125.49 MB
Virtual Total: 9454.3 MB
Virtual disponível: 5854.88 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.41 GB) (Free:43.46 GB) NTFS
Drive d: (Reservado pelo Sistema) (Fixed) (Total:0.35 GB) (Free:0.12 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]
Drive e: (tudo) (Fixed) (Total:372.51 GB) (Free:86.85 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]
Drive g: (Jogos e cia) (Fixed) (Total:931.41 GB) (Free:122.52 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F916D26B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: EA78C61B)
Partition 1: (Active) - (Size=356 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.4 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 372.6 GB) (Disk ID: 000777B1)
Partition 1: (Active) - (Size=372.5 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================

caedurodrigues · 28/01/2016

Poste o outro relatório que foi gerado pela ferramenta, e que se encontra também em sua Desktop. O nome do arquivo é FRST.

Vektorios · 28/01/2016

caedurodrigues disse:
Poste o outro relatório que foi gerado pela ferramenta, e que se encontra também em sua Desktop. O nome do arquivo é FRST.

http://wikisend.com/download/654088/FRST.txt

caedurodrigues · 28/01/2016

Vou analisar os relatórios, e o mais breve possível estarei retornando com outros procedimentos se assim se fizerem necessários. Um grande abraço.

Vektorios · 28/01/2016

caedurodrigues disse:
Vou analisar os relatórios, e o mais breve possível estarei retornando com outros procedimentos se assim se fizerem necessários. Um grande abraço.

passei o adw

# AdwCleaner v5.031 - Relatório criado 28/01/2016 às 23:27:14
# Atualizado 25/01/2016 por Xplode
# Banco de dados : 2016-01-25.3 [Servidor]
# Sistema operacional : Windows 10 Pro (x64)
# Usuário : Belens - DESKTOP-HAQNH0E
# Executando de : C:\Users\wfbel\Desktop\AdwCleaner.exe
# Opção : Limpar
# Apoio : http://toolslib.net/forum

***** [ Serviços ] *****

***** [ Pastas ] *****

***** [ Arquivos ] *****

***** [ DLLs ] *****

***** [ Atalhos ] *****

***** [ Tarefas agendadas ] *****

[-] Tarefa Excluída : update-sys
[-] Tarefa Excluída : update-S-1-5-21-1318128271-906303683-316216538-1002
[-] Tarefa Excluída : update-sys
[-] Tarefa Excluída : update-S-1-5-21-1318128271-906303683-316216538-1002
[-] Tarefa Excluída : update-sys

***** [ Registro ] *****

[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}

***** [ Navegadores ] *****

*************************

:: Chaves "Tracing" excluídas
:: Configurações Winsock restauradas

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1221 bytes] ##########

caedurodrigues · 28/01/2016

Poste o relatório das ferramentas que você executou até agora para que eu possa analisar, e não execute mais nenhuma ferramenta sem que seja solicitado, pois dessa maneira eu não tenho como lhe ajudar. Um grande abraço.

Vektorios · 28/01/2016

caedurodrigues disse:
Poste o relatório das ferramentas que você executou até agora para que eu possa analisar, e não execute mais nenhuma ferramenta sem que seja solicitado, pois dessa maneira eu não tenho como lhe ajudar. Um grande abraço.

tranquilo, vou ficar no aguardo. =/

caedurodrigues · 29/01/2016

Boa tarde você disse que utilizou o roguekiller, Malwarebytes, etc. Poste o relatório dessas ferramentas para que eu possa dar uma olhada no que foi detectado. Utilize o spoiler para isso. Fico aguardando.

Remoção de vírus

Diretor de Marketing em Esner Corp.

Member

Diretor de Marketing em Esner Corp.

Member

Diretor de Marketing em Esner Corp.

New Member

Member

Member

New Member

Member

Diretor de Marketing em Esner Corp.

Driver

Member

Banido

Member

Banido

Member

Banido

Member

Banido

Member

Banido

Member

Banido

Member

Users who are viewing this thread