Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:05-03-2016 01
Executado por Vinícius (2016-04-10 02:03:50)
Executando a partir de C:\Users\Vinícius\Desktop
Windows 10 Home Single Language Versão 1511 (X64) (2015-12-08 11:53:46)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-2875663355-2338593923-3469501032-500 - Administrator - Disabled)
Convidado (S-1-5-21-2875663355-2338593923-3469501032-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-2875663355-2338593923-3469501032-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2875663355-2338593923-3469501032-1003 - Limited - Enabled)
Vinícius (S-1-5-21-2875663355-2338593923-3469501032-1001 - Administrator - Enabled) => C:\Users\Vinícius
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Antivírus e antispyware da McAfee (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Antivírus e antispyware da McAfee (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\uTorrent) (Version: 3.4.6.42094 - BitTorrent Inc.)
Age of Mythology: Extended Edition (HKLM-x32\...\Steam App 266840) (Version: - SkyBox Labs)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
AP Tuner 3.08 (HKLM-x32\...\AP Tuner 3.08) (Version: - )
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dell System Detect (HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\58d94f3ce2c27db0) (Version: 6.11.0.2 - Dell)
DriverIdentifier 5.1 (HKLM-x32\...\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1) (Version: - DriverIdentifier)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Drive (HKLM-x32\...\{895D0391-459F-4D45-B8DD-13F0DE70C66E}) (Version: 1.28.1549.1322 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4281 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.1.1030 - Intel Corporation)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LibreOffice 5.0.2.2 (HKLM-x32\...\{71508AE2-346A-4E56-AE95-DBB8DE692258}) (Version: 5.0.2.2 - The Document Foundation)
Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Maxx Audio Installer (x64) (Version: 2.6.6570.1 - Waves Audio Ltd.) Hidden
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 14.0.7086 - McAfee, Inc.)
McAfee SafeKey(somente desinstalação) (HKLM-x32\...\SafeKey) (Version: 2.2.3 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.141 - McAfee, Inc.)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Minecraft1.8.8 (HKLM-x32\...\Minecraft1.8.8) (Version: - )
NARUTO SHIPPUDEN Ultimate Ninja STORM 4 (HKLM-x32\...\NARUTO SHIPPUDEN Ultimate Ninja STORM 4_is1) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.11.2.10120 - Electronic Arts, Inc.)
Pacote de Driver do Windows - Dell Inc (DellRbtn) HIDClass (05/04/2015 1.4.2) (HKLM\...\70CCEEBCDF8A7D01F9CCA083F90CBABE40EAC5EB) (Version: 05/04/2015 1.4.2 - Dell Inc)
Pro Evolution Soccer 2016 (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - )
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7628 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Software de dispositivo do Chipset Intel® (x32 Version: 10.1.1.11 - Intel(R) Corporation) Hidden
Software Intel® PROSet/Wireless (HKLM-x32\...\{4c8b7360-62a2-4339-b745-41323055d0bb}) (Version: 18.20.0 - Intel Corporation)
Spotify (HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\Spotify) (Version: 1.0.26.132.ga4e3ccee - Spotify AB)
Spotydl 0.9.37.0 (HKLM-x32\...\Spotydl_is1) (Version: 0.9.37.0 - spotydl.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
TeamSpeak 3 Client (HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
The Sims 4 Get Together Addon Pack (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Tree of Savior (English Ver.) (HKLM-x32\...\Steam App 372000) (Version: - )
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.9.0 - Elaborate Bytes)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-2875663355-2338593923-3469501032-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Vinícius\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {05AFFC09-AA3C-4FF0-9710-22655A89EE04} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation)
Task: {0C09C53A-07D9-46DA-B07D-552410B3515E} - System32\Tasks\Ezushouu => C:\PROGRA~1\GROOVE~1\Cobmhbi.bat
Task: {256F44BF-EB7E-48B7-B490-44D814867A70} - System32\Tasks\Microsoft Office 15 Sync Maintenance for VVINICIUSSF-Vinícius VviniciusSF => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {2FFBF843-19A8-43AC-B575-2C2F24194440} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {3B1D0F91-B92B-43AA-84D5-B7B0763B90CC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {4E50FE9E-96CF-4B52-8DC0-21668BEB460B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {5F9EC601-96C1-438E-95B0-C8FAD905639E} - System32\Tasks\Ueoov => C:\PROGRA~1\GROOVE~1\Vibor.bat
Task: {60365CB6-F4C6-4E94-8979-C9A057B95543} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-02-16] (McAfee, Inc.)
Task: {608B99A5-4C7E-4736-A3F6-37DF4E67649E} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {6FDBA1F0-311C-4144-9994-9F2B7DF48F24} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {782DC380-EE7F-4825-A1E6-8653DB846B22} - System32\Tasks\Dumbod => C:\PROGRA~1\SHOPPE~1\Cirli.bat
Task: {7B521381-ECDC-49C1-9C63-ECFA2DB80E60} - System32\Tasks\WinTsks => C:\Program Files (x86)\WinTsks\WinTsks\WinTsks.exe [2016-04-09] ()
Task: {7B57D8EF-DB71-48B3-9711-95309F8AFF45} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {8D907357-EE73-4AC6-BBF6-9E5F61B6D29E} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {946DB1D4-D218-4C48-8AA7-F1CACBC9635F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {976136D6-6787-4B2D-806E-89107C480F07} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-02] (Google Inc.)
Task: {B28C7E19-2266-474F-8807-6C958D577C7C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-02] (Google Inc.)
Task: {C13AB2BA-B106-4906-B39E-CF1E0057CA2C} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-30] (Realtek Semiconductor)
Task: {CC800021-41EE-474B-AD0E-3654FE200CFB} - System32\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935} => C:\Users\Vinícius\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe [2015-05-15] () <==== ATENÇÃO
Task: {D3351BBF-25F6-4102-B49D-6292AC1B525A} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {DC94AE52-BFD9-4E88-B92F-010B2A9D81A3} - System32\Tasks\ttwifi => C:\Program Files (x86)\ttwifi\tiantianwifi.exe
Task: {EBF7A7F3-CCD2-4144-9FE2-1D241BE2EC94} - System32\Tasks\{C7CB8F32-2051-4469-98FD-194F5DC65918} => pcalua.exe -a "C:\Program Files (x86)\WeatherTool\2.0.0.11150\InstallHelper.exe" -c -Uninstall English
Task: {F4D35A99-BEE3-4535-8320-33E202F84096} - System32\Tasks\Pritc => C:\Users\Vinícius\AppData\Local\Temp\00019038\casrss.exe <==== ATENÇÃO
Task: {F73D5075-8151-4487-98A9-CE2F7887F9D6} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-02-16] (McAfee, Inc.)
Task: {F83C5F98-9A2C-4E03-BD22-949A48D42B5C} - System32\Tasks\svchost => C:\Users\Vinícius\AppData\Local\Temp\2KMQ990HP\XZ4X1DQZK.exe <==== ATENÇÃO
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job => C:\Users\Vinícius\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe›-RunCheckUpdate C:\Users\Vinícius\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\CheckUpdate.exe <==== ATENÇÃO
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
Shortcut: C:\Users\Vinícius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\Vinícius\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat ()
==================== Módulos Carregados (Whitelisted) ==============
2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-03-01 23:16 - 2016-02-23 08:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-01 23:16 - 2016-02-23 08:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-11-28 14:37 - 2015-11-28 14:37 - 00405416 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-09-16 16:34 - 2015-09-16 16:34 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll
2016-04-10 01:59 - 2016-04-10 01:59 - 00098816 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\win32api.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00110080 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\pywintypes27.dll
2016-04-10 01:59 - 2016-04-10 01:59 - 00364544 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\pythoncom27.dll
2016-04-10 01:59 - 2016-04-10 01:59 - 00320512 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\win32com.shell.shell.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00776704 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\_hashlib.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 01176576 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\wx._core_.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00806400 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\wx._gdi_.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00816128 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\wx._windows_.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 01067008 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\wx._controls_.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00733184 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\wx._misc_.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00682496 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\pysqlite2._sqlite.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00088064 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\_ctypes.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00119808 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\win32file.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00108544 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\win32security.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00007168 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\hashobjs_ext.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00017920 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\thumbnails_ext.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00088064 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\usb_ext.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00167936 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\win32gui.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00018432 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\win32event.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00046080 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\_socket.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 01208320 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\_ssl.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00128512 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\_elementtree.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00127488 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\pyexpat.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00013824 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\common.time34.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00038912 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\win32inet.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00036864 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\_psutil_windows.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00525208 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\windows._lib_cacheinvalidation.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00011264 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\win32crypt.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00077312 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\wx._html2.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00027136 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\_multiprocessing.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00020480 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\_yappi.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00035840 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\win32process.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00686080 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\unicodedata.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00078848 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\wx._animate.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00123392 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\wx._wizard.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00024064 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\win32pipe.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00010240 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\select.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00025600 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\win32pdh.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00017408 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\win32profile.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00022528 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\win32ts.pyd
2016-04-08 23:59 - 2016-04-06 07:04 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-08 23:59 - 2016-04-06 07:04 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2015-10-12 22:31 - 2016-04-09 23:16 - 00001149 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Vinícius\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 189.7.144.37 - 189.7.144.15
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{3AF6B6AD-D8F4-40B5-8ABB-AE5C71B29FF7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FBFE5CD6-8112-4F8E-9409-132FC326206B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2C8187F6-E2DE-4E04-9417-59EEE4670B0A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0E6580ED-E1D2-4694-9633-4E4F32BBAFB9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{9BA4BF48-56D0-45AA-BC66-2B90CC9CED63}C:\users\vinícius\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\vinícius\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{118454E1-DDBF-49D3-A1B1-8773FBF739A4}C:\users\vinícius\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\vinícius\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{8E810A60-F188-451E-93CB-7DB13587AE4B}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{C5E73F0B-EEE5-4022-B793-B715D1FBD385}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{9FEA5C83-28EB-455E-839B-7B3F1C711142}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{047A0A48-7611-4C80-A07E-CAD6C3D9F9D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe
FirewallRules: [{26A5BB84-30BA-4A4D-927A-DC7823E5AD0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe
FirewallRules: [{F9332BB1-6DEC-4364-BD79-DFF3BB59625A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{CAB21973-374C-44D6-8B68-E761A0E1C8F6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{0906F05E-123D-4265-8AB8-133C1CF9FA16}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{4CF78A1F-63DF-44E5-9372-946F870DE97C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{E0A258B8-DBD5-4224-8F19-55DAA80C8C9B}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{0AC6778A-98FB-4F4E-BC88-63BA9A4A9753}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{904787DE-D61C-4816-9438-DDC7841878F7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{02BC8D87-334D-4AF3-A31F-E845DBCE052E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{ABDD6C45-B7E0-4DB6-95FF-08EC8ED7FFAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
==================== Pontos de Restauração =========================
18-03-2016 13:48:10 McAfee Vulnerability Scanner
23-03-2016 15:10:33 Windows Update
02-04-2016 08:35:32 Ponto de Verificação Agendado
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (04/10/2016 02:04:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VVINICIUSSF)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/10/2016 02:04:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VVINICIUSSF)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/10/2016 02:04:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VVINICIUSSF)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/10/2016 02:04:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VVINICIUSSF)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/10/2016 02:04:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VVINICIUSSF)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/10/2016 02:04:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VVINICIUSSF)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/10/2016 02:04:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VVINICIUSSF)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/10/2016 02:04:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VVINICIUSSF)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/10/2016 02:04:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VVINICIUSSF)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/10/2016 02:04:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VVINICIUSSF)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Erros de Sistema:
=============
Error: (04/10/2016 02:04:50 AM) (Source: DCOM) (EventID: 10010) (User: VVINICIUSSF)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca
Error: (04/10/2016 02:04:49 AM) (Source: DCOM) (EventID: 10010) (User: VVINICIUSSF)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca
Error: (04/10/2016 02:04:49 AM) (Source: DCOM) (EventID: 10010) (User: VVINICIUSSF)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca
Error: (04/10/2016 02:04:49 AM) (Source: DCOM) (EventID: 10010) (User: VVINICIUSSF)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca
Error: (04/10/2016 02:04:49 AM) (Source: DCOM) (EventID: 10010) (User: VVINICIUSSF)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca
Error: (04/10/2016 02:04:49 AM) (Source: DCOM) (EventID: 10010) (User: VVINICIUSSF)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca
Error: (04/10/2016 02:04:49 AM) (Source: DCOM) (EventID: 10010) (User: VVINICIUSSF)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca
Error: (04/10/2016 02:04:49 AM) (Source: DCOM) (EventID: 10010) (User: VVINICIUSSF)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca
Error: (04/10/2016 02:04:49 AM) (Source: DCOM) (EventID: 10010) (User: VVINICIUSSF)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca
Error: (04/10/2016 02:04:49 AM) (Source: DCOM) (EventID: 10010) (User: VVINICIUSSF)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca
CodeIntegrity:
===================================
Date: 2016-03-24 02:12:24.216
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-13 01:28:12.947
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-12 12:04:15.490
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-10 11:03:16.504
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-03 11:29:28.783
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-02 14:26:26.599
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-01 12:10:19.079
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-01 12:10:18.089
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\amdhdl64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-01 10:39:22.144
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\amdhdl64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-29 17:56:50.501
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentagem de memória em uso: 26%
RAM física total: 8106.45 MB
RAM física disponível: 5929.44 MB
Virtual Total: 9386.45 MB
Virtual disponível: 7128.87 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:921.97 GB) (Free:621.36 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DC3745C5)
Partition: GPT.
==================== Fim de Addition.txt ============================
Executado por Vinícius (2016-04-10 02:03:50)
Executando a partir de C:\Users\Vinícius\Desktop
Windows 10 Home Single Language Versão 1511 (X64) (2015-12-08 11:53:46)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-2875663355-2338593923-3469501032-500 - Administrator - Disabled)
Convidado (S-1-5-21-2875663355-2338593923-3469501032-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-2875663355-2338593923-3469501032-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2875663355-2338593923-3469501032-1003 - Limited - Enabled)
Vinícius (S-1-5-21-2875663355-2338593923-3469501032-1001 - Administrator - Enabled) => C:\Users\Vinícius
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Antivírus e antispyware da McAfee (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Antivírus e antispyware da McAfee (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\uTorrent) (Version: 3.4.6.42094 - BitTorrent Inc.)
Age of Mythology: Extended Edition (HKLM-x32\...\Steam App 266840) (Version: - SkyBox Labs)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
AP Tuner 3.08 (HKLM-x32\...\AP Tuner 3.08) (Version: - )
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dell System Detect (HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\58d94f3ce2c27db0) (Version: 6.11.0.2 - Dell)
DriverIdentifier 5.1 (HKLM-x32\...\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1) (Version: - DriverIdentifier)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Drive (HKLM-x32\...\{895D0391-459F-4D45-B8DD-13F0DE70C66E}) (Version: 1.28.1549.1322 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4281 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.1.1030 - Intel Corporation)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LibreOffice 5.0.2.2 (HKLM-x32\...\{71508AE2-346A-4E56-AE95-DBB8DE692258}) (Version: 5.0.2.2 - The Document Foundation)
Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Maxx Audio Installer (x64) (Version: 2.6.6570.1 - Waves Audio Ltd.) Hidden
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 14.0.7086 - McAfee, Inc.)
McAfee SafeKey(somente desinstalação) (HKLM-x32\...\SafeKey) (Version: 2.2.3 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.141 - McAfee, Inc.)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Minecraft1.8.8 (HKLM-x32\...\Minecraft1.8.8) (Version: - )
NARUTO SHIPPUDEN Ultimate Ninja STORM 4 (HKLM-x32\...\NARUTO SHIPPUDEN Ultimate Ninja STORM 4_is1) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.11.2.10120 - Electronic Arts, Inc.)
Pacote de Driver do Windows - Dell Inc (DellRbtn) HIDClass (05/04/2015 1.4.2) (HKLM\...\70CCEEBCDF8A7D01F9CCA083F90CBABE40EAC5EB) (Version: 05/04/2015 1.4.2 - Dell Inc)
Pro Evolution Soccer 2016 (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - )
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7628 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Software de dispositivo do Chipset Intel® (x32 Version: 10.1.1.11 - Intel(R) Corporation) Hidden
Software Intel® PROSet/Wireless (HKLM-x32\...\{4c8b7360-62a2-4339-b745-41323055d0bb}) (Version: 18.20.0 - Intel Corporation)
Spotify (HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\Spotify) (Version: 1.0.26.132.ga4e3ccee - Spotify AB)
Spotydl 0.9.37.0 (HKLM-x32\...\Spotydl_is1) (Version: 0.9.37.0 - spotydl.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
TeamSpeak 3 Client (HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
The Sims 4 Get Together Addon Pack (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Tree of Savior (English Ver.) (HKLM-x32\...\Steam App 372000) (Version: - )
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.9.0 - Elaborate Bytes)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-2875663355-2338593923-3469501032-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Vinícius\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {05AFFC09-AA3C-4FF0-9710-22655A89EE04} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation)
Task: {0C09C53A-07D9-46DA-B07D-552410B3515E} - System32\Tasks\Ezushouu => C:\PROGRA~1\GROOVE~1\Cobmhbi.bat
Task: {256F44BF-EB7E-48B7-B490-44D814867A70} - System32\Tasks\Microsoft Office 15 Sync Maintenance for VVINICIUSSF-Vinícius VviniciusSF => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {2FFBF843-19A8-43AC-B575-2C2F24194440} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {3B1D0F91-B92B-43AA-84D5-B7B0763B90CC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {4E50FE9E-96CF-4B52-8DC0-21668BEB460B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {5F9EC601-96C1-438E-95B0-C8FAD905639E} - System32\Tasks\Ueoov => C:\PROGRA~1\GROOVE~1\Vibor.bat
Task: {60365CB6-F4C6-4E94-8979-C9A057B95543} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-02-16] (McAfee, Inc.)
Task: {608B99A5-4C7E-4736-A3F6-37DF4E67649E} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {6FDBA1F0-311C-4144-9994-9F2B7DF48F24} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {782DC380-EE7F-4825-A1E6-8653DB846B22} - System32\Tasks\Dumbod => C:\PROGRA~1\SHOPPE~1\Cirli.bat
Task: {7B521381-ECDC-49C1-9C63-ECFA2DB80E60} - System32\Tasks\WinTsks => C:\Program Files (x86)\WinTsks\WinTsks\WinTsks.exe [2016-04-09] ()
Task: {7B57D8EF-DB71-48B3-9711-95309F8AFF45} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {8D907357-EE73-4AC6-BBF6-9E5F61B6D29E} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {946DB1D4-D218-4C48-8AA7-F1CACBC9635F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {976136D6-6787-4B2D-806E-89107C480F07} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-02] (Google Inc.)
Task: {B28C7E19-2266-474F-8807-6C958D577C7C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-02] (Google Inc.)
Task: {C13AB2BA-B106-4906-B39E-CF1E0057CA2C} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-30] (Realtek Semiconductor)
Task: {CC800021-41EE-474B-AD0E-3654FE200CFB} - System32\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935} => C:\Users\Vinícius\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe [2015-05-15] () <==== ATENÇÃO
Task: {D3351BBF-25F6-4102-B49D-6292AC1B525A} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {DC94AE52-BFD9-4E88-B92F-010B2A9D81A3} - System32\Tasks\ttwifi => C:\Program Files (x86)\ttwifi\tiantianwifi.exe
Task: {EBF7A7F3-CCD2-4144-9FE2-1D241BE2EC94} - System32\Tasks\{C7CB8F32-2051-4469-98FD-194F5DC65918} => pcalua.exe -a "C:\Program Files (x86)\WeatherTool\2.0.0.11150\InstallHelper.exe" -c -Uninstall English
Task: {F4D35A99-BEE3-4535-8320-33E202F84096} - System32\Tasks\Pritc => C:\Users\Vinícius\AppData\Local\Temp\00019038\casrss.exe <==== ATENÇÃO
Task: {F73D5075-8151-4487-98A9-CE2F7887F9D6} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-02-16] (McAfee, Inc.)
Task: {F83C5F98-9A2C-4E03-BD22-949A48D42B5C} - System32\Tasks\svchost => C:\Users\Vinícius\AppData\Local\Temp\2KMQ990HP\XZ4X1DQZK.exe <==== ATENÇÃO
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job => C:\Users\Vinícius\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe›-RunCheckUpdate C:\Users\Vinícius\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\CheckUpdate.exe <==== ATENÇÃO
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
Shortcut: C:\Users\Vinícius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\Vinícius\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat ()
==================== Módulos Carregados (Whitelisted) ==============
2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-03-01 23:16 - 2016-02-23 08:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-01 23:16 - 2016-02-23 08:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-11-28 14:37 - 2015-11-28 14:37 - 00405416 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-09-16 16:34 - 2015-09-16 16:34 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll
2016-04-10 01:59 - 2016-04-10 01:59 - 00098816 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\win32api.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00110080 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\pywintypes27.dll
2016-04-10 01:59 - 2016-04-10 01:59 - 00364544 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\pythoncom27.dll
2016-04-10 01:59 - 2016-04-10 01:59 - 00320512 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\win32com.shell.shell.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00776704 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\_hashlib.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 01176576 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\wx._core_.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00806400 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\wx._gdi_.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00816128 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\wx._windows_.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 01067008 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\wx._controls_.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00733184 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\wx._misc_.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00682496 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\pysqlite2._sqlite.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00088064 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\_ctypes.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00119808 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\win32file.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00108544 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\win32security.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00007168 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\hashobjs_ext.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00017920 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\thumbnails_ext.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00088064 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\usb_ext.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00167936 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\win32gui.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00018432 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\win32event.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00046080 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\_socket.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 01208320 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\_ssl.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00128512 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\_elementtree.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00127488 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\pyexpat.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00013824 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\common.time34.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00038912 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\win32inet.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00036864 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\_psutil_windows.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00525208 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\windows._lib_cacheinvalidation.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00011264 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\win32crypt.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00077312 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\wx._html2.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00027136 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\_multiprocessing.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00020480 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\_yappi.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00035840 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\win32process.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00686080 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\unicodedata.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00078848 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\wx._animate.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00123392 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\wx._wizard.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00024064 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\win32pipe.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00010240 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\select.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00025600 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\win32pdh.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00017408 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\win32profile.pyd
2016-04-10 01:59 - 2016-04-10 01:59 - 00022528 _____ () C:\Users\Vinícius\AppData\Local\Temp\_MEI61122\win32ts.pyd
2016-04-08 23:59 - 2016-04-06 07:04 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-08 23:59 - 2016-04-06 07:04 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2015-10-12 22:31 - 2016-04-09 23:16 - 00001149 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Vinícius\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 189.7.144.37 - 189.7.144.15
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{3AF6B6AD-D8F4-40B5-8ABB-AE5C71B29FF7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FBFE5CD6-8112-4F8E-9409-132FC326206B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2C8187F6-E2DE-4E04-9417-59EEE4670B0A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0E6580ED-E1D2-4694-9633-4E4F32BBAFB9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{9BA4BF48-56D0-45AA-BC66-2B90CC9CED63}C:\users\vinícius\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\vinícius\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{118454E1-DDBF-49D3-A1B1-8773FBF739A4}C:\users\vinícius\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\vinícius\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{8E810A60-F188-451E-93CB-7DB13587AE4B}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{C5E73F0B-EEE5-4022-B793-B715D1FBD385}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{9FEA5C83-28EB-455E-839B-7B3F1C711142}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{047A0A48-7611-4C80-A07E-CAD6C3D9F9D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe
FirewallRules: [{26A5BB84-30BA-4A4D-927A-DC7823E5AD0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe
FirewallRules: [{F9332BB1-6DEC-4364-BD79-DFF3BB59625A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{CAB21973-374C-44D6-8B68-E761A0E1C8F6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{0906F05E-123D-4265-8AB8-133C1CF9FA16}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{4CF78A1F-63DF-44E5-9372-946F870DE97C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{E0A258B8-DBD5-4224-8F19-55DAA80C8C9B}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{0AC6778A-98FB-4F4E-BC88-63BA9A4A9753}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{904787DE-D61C-4816-9438-DDC7841878F7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{02BC8D87-334D-4AF3-A31F-E845DBCE052E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{ABDD6C45-B7E0-4DB6-95FF-08EC8ED7FFAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
==================== Pontos de Restauração =========================
18-03-2016 13:48:10 McAfee Vulnerability Scanner
23-03-2016 15:10:33 Windows Update
02-04-2016 08:35:32 Ponto de Verificação Agendado
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (04/10/2016 02:04:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VVINICIUSSF)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/10/2016 02:04:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VVINICIUSSF)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/10/2016 02:04:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VVINICIUSSF)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/10/2016 02:04:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VVINICIUSSF)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/10/2016 02:04:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VVINICIUSSF)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/10/2016 02:04:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VVINICIUSSF)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/10/2016 02:04:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VVINICIUSSF)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/10/2016 02:04:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VVINICIUSSF)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/10/2016 02:04:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VVINICIUSSF)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/10/2016 02:04:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VVINICIUSSF)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Erros de Sistema:
=============
Error: (04/10/2016 02:04:50 AM) (Source: DCOM) (EventID: 10010) (User: VVINICIUSSF)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca
Error: (04/10/2016 02:04:49 AM) (Source: DCOM) (EventID: 10010) (User: VVINICIUSSF)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca
Error: (04/10/2016 02:04:49 AM) (Source: DCOM) (EventID: 10010) (User: VVINICIUSSF)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca
Error: (04/10/2016 02:04:49 AM) (Source: DCOM) (EventID: 10010) (User: VVINICIUSSF)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca
Error: (04/10/2016 02:04:49 AM) (Source: DCOM) (EventID: 10010) (User: VVINICIUSSF)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca
Error: (04/10/2016 02:04:49 AM) (Source: DCOM) (EventID: 10010) (User: VVINICIUSSF)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca
Error: (04/10/2016 02:04:49 AM) (Source: DCOM) (EventID: 10010) (User: VVINICIUSSF)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca
Error: (04/10/2016 02:04:49 AM) (Source: DCOM) (EventID: 10010) (User: VVINICIUSSF)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca
Error: (04/10/2016 02:04:49 AM) (Source: DCOM) (EventID: 10010) (User: VVINICIUSSF)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca
Error: (04/10/2016 02:04:49 AM) (Source: DCOM) (EventID: 10010) (User: VVINICIUSSF)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca
CodeIntegrity:
===================================
Date: 2016-03-24 02:12:24.216
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-13 01:28:12.947
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-12 12:04:15.490
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-10 11:03:16.504
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-03 11:29:28.783
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-02 14:26:26.599
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-01 12:10:19.079
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-01 12:10:18.089
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\amdhdl64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-01 10:39:22.144
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\amdhdl64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-29 17:56:50.501
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentagem de memória em uso: 26%
RAM física total: 8106.45 MB
RAM física disponível: 5929.44 MB
Virtual Total: 9386.45 MB
Virtual disponível: 7128.87 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:921.97 GB) (Free:621.36 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DC3745C5)
Partition: GPT.
==================== Fim de Addition.txt ============================