Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:07-02-2016 Executado por WILLIAN T. VIANA (2016-02-10 20:35:36) Executando a partir de D:\Downloads Windows 7 Ultimate Service Pack 1 (X64) (2015-02-10 14:47:06) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-4212798887-716950412-2700413985-500 - Administrator - Disabled) Convidado (S-1-5-21-4212798887-716950412-2700413985-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-4212798887-716950412-2700413985-1002 - Limited - Enabled) WILLIAN T. VIANA (S-1-5-21-4212798887-716950412-2700413985-1000 - Administrator - Enabled) => C:\Users\WILLIAN T. VIANA ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-4212798887-716950412-2700413985-1000\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.) Adobe Acrobat X Pro - Italiano, Español, Nederlands, Português (HKLM-x32\...\{AC76BA86-1040-7D70-7760-000000000005}) (Version: 10.1.1 - Adobe Systems) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated) Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Reader XI - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated) Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.) Advanced Calendar 2.0.0.11189 (HKLM\...\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}) (Version: 2.0.0.11189 - MEIXIAN XIE) <==== ATENÇÃO Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ArcSoft WebCam Suite for LGE (HKLM-x32\...\{45C0A20C-E6EB-4BA5-8510-B35CAE80185B}) (Version: 1.0.0.1 - ArcSoft) Atualizações da NVIDIA 17.12.8 (Version: 17.12.8 - NVIDIA Corporation) Hidden Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2223 - AVAST Software) bl (x32 Version: 1.0.0 - Your Company Name) Hidden Body Text Feathering (HKLM-x32\...\PopupProduct) (Version: 1.0.0.0 - Body Text Feathering) <==== ATENÇÃO CGS17_Setup_x64 (Version: 17.0 - Corel Corporation) Hidden CINEMA 4D 13.016 (HKLM\...\MAXON7767D654) (Version: 13.016 - MAXON Computer GmbH) Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation) Corel Graphics - Windows Shell Extension (Version: 17.0.491 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.0.491 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 64 Bit (Version: 16.0.707 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - BR (x32 Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Capture (x32 Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Common (x32 Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Connect (x32 Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Custom Data (x32 Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Draw (x32 Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Filters (x32 Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - FontNav (x32 Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - IPM (x32 Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x32 Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Photozoom Plugin (x32 Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Redist (x32 Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Setup Files (x32 Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VBA (x32 Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VideoBrowser (x32 Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VSTA (x32 Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Writing Tools (x32 Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 (HKLM-x32\...\_{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}) (Version: 16.0.0.707 - Corel Corporation) CorelDRAW Graphics Suite X6 (x32 Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - EN (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Dropbox (HKU\S-1-5-21-4212798887-716950412-2700413985-1000\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.) FormatFactory 2.30 (HKLM-x32\...\FormatFactory) (Version: 2.30 - Free Time) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) K-Lite Codec Pack 9.8.5 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.8.5 - ) LG United Mobile Drivers (HKLM-x32\...\{55031CEF-CE75-4A5C-8DEA-60577820529B}) (Version: 3.10.1.0 - LG Electronics) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation) Nero 7 Essentials (HKLM-x32\...\{9B4E6CB9-E54D-47F7-A414-E2D5740E1046}) (Version: 7.02.8507 - Nero AG) NET Render Client 13.051 (HKLM\...\MAXON87C63F22) (Version: 13.051 - MAXON Computer GmbH) NVIDIA Driver de gráficos 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation) NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden Painel de controle da NVIDIA 347.52 (Version: 347.52 - NVIDIA Corporation) Hidden PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden ph (x32 Version: 1.0.0 - Your Company Name) Hidden Platform (x32 Version: 1.38 - VIA Technologies, Inc.) Hidden QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.) RealDownloader (x32 Version: 17.0.15.4 - RealNetworks, Inc.) Hidden RealDownloader (x32 Version: 17.0.15.7 - RealNetworks) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden seekmx (HKLM-x32\...\seekmx) (Version: - Navigation) SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-4212798887-716950412-2700413985-1000\...\Spotify) (Version: 1.0.10.107.gd0dfca3a - Spotify AB) Suporte para Aplicativos Apple (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.14.0 - Synaptics Incorporated) Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{BA357941-25A7-410C-A47E-9AAF7DE1248B}) (Version: 12.0.0 - Red Giant Software) Trapcode Suite 64-bit (Version: 12.0.0 - Red Giant Software) Hidden UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden VIA Gerenciador de dispositivo de plataforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.38 - VIA Technologies, Inc.) Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH) Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-4212798887-716950412-2700413985-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4212798887-716950412-2700413985-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4212798887-716950412-2700413985-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4212798887-716950412-2700413985-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4212798887-716950412-2700413985-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4212798887-716950412-2700413985-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4212798887-716950412-2700413985-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4212798887-716950412-2700413985-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4212798887-716950412-2700413985-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4212798887-716950412-2700413985-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4212798887-716950412-2700413985-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {016C473C-6D4F-4BD3-A5E5-E3CD6DBCAD34} - System32\Tasks\Muwluoma => C:\ProgramData\Muwluoma\1.0.7.1\wewlolap.exe [2016-02-01] () Task: {0806DABF-23BF-49AF-A214-5DC37572FE8F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-20] (AVAST Software) Task: {52B2D2EF-5F9A-49D4-941A-CF4CDFF3AEEF} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-4212798887-716950412-2700413985-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-10-26] (RealNetworks, Inc.) Task: {6032CB0C-6AB1-433E-AC62-88585BE380D1} - System32\Tasks\Run_Bobby_Browser => C:\Users\WILLIAN T. VIANA\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ATENÇÃO Task: {6114DA36-8269-4DE8-B8A3-D1D733CD07BC} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-01-19] (AVAST Software) Task: {652EB451-693E-4E63-92E6-364006BCD4CE} - System32\Tasks\AdobeAAMUpdater-1.0-3640WTV-WILLIAN T. VIANA => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated) Task: {72A596F6-8DF6-4B44-B881-45FF6741FA1C} - System32\Tasks\{6C94980E-FEE0-4DF2-8224-ED6F9A7CC374} => pcalua.exe -a D:\Downloads\1\nVidia\Display.Driver\dbInstaller.exe -d D:\Downloads\1\nVidia\Display.Driver Task: {75724CD1-CA9E-46EC-B44F-DF935FAC6190} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {77CBF936-D5C2-4FCF-92E1-6FAAF8DFC498} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4212798887-716950412-2700413985-1000UA => C:\Users\WILLIAN T. VIANA\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-15] (Dropbox, Inc.) Task: {7A442B09-94B8-423E-A59D-EB3D658F4D96} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-05] (Google Inc.) Task: {7E7B4B64-3CE7-4C20-9C07-67A57FA4950B} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2014-10-29] () Task: {91E0F56D-D099-4BDF-8E06-47F3819C894B} - System32\Tasks\Uumoejuk => C:\PROGRA~1\SHOPPE~2\Kalfan.bat Task: {93B30CAA-F151-4F8C-8E9E-422E1224097E} - System32\Tasks\Ruavmylu => C:\PROGRA~1\SHOPPE~1\Fefrhep.bat Task: {A50E7450-7133-4156-AC33-3FD3E1A90243} - System32\Tasks\BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B} => C:\Program Files (x86)\baidu\update\baidujp_update.exe [2015-07-08] (Baidu) Task: {B32D0296-E553-45CB-8816-F4409CAA23A1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {B4D62B63-8751-4555-B875-3A7C5C9C15EB} - System32\Tasks\osTip => C:\ProgramData\WindowsMsg\osmsg.exe [2016-02-02] () Task: {B7438B26-34E2-4D74-87AF-4E9D1D75FC2F} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4212798887-716950412-2700413985-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-10-26] (RealNetworks, Inc.) Task: {C0B5E7C2-4E6F-4596-928B-EFB887DAC593} - System32\Tasks\Neqraelf => C:\PROGRA~1\SHOPPE~3\Iqaooebk.bat Task: {CC140204-B6E9-4211-B37C-5002FA6676D9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {DFD2C3B2-0FE2-4BF6-BF1F-612050A13B84} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-05] (Google Inc.) Task: {E3045395-4E2A-4364-B22C-88669A5C868F} - System32\Tasks\Xawmin => C:\PROGRA~1\SHOPPE~1\Ligaotof.bat Task: {E32B07AD-8B25-4FCA-9DE0-A4EF79D904FC} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4212798887-716950412-2700413985-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-10-26] (RealNetworks, Inc.) Task: {F224A130-084C-4D81-A3DC-CDCAF3B75D88} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4212798887-716950412-2700413985-1000Core => C:\Users\WILLIAN T. VIANA\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-15] (Dropbox, Inc.) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B}.job => C:\Program Files (x86)\baidu\update\baidujp_update.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4212798887-716950412-2700413985-1000Core.job => C:\Users\WILLIAN T. VIANA\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4212798887-716950412-2700413985-1000UA.job => C:\Users\WILLIAN T. VIANA\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\WILLIAN T. VIANA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.seekmx.com/?bd=sc&oem=209&uid=ST500LM012XHN-M500MBB_S2ZAJ5EDB04250&version=2.3.0.10324&pid=414031160&tid=657 ShortcutWithArgument: C:\Users\WILLIAN T. VIANA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.seekmx.com/?bd=sc&oem=209&uid=ST500LM012XHN-M500MBB_S2ZAJ5EDB04250&version=2.3.0.10324&pid=414031160&tid=657 ShortcutWithArgument: C:\Users\WILLIAN T. VIANA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.seekmx.com/?bd=sc&oem=209&uid=ST500LM012XHN-M500MBB_S2ZAJ5EDB04250&version=2.3.0.10324&pid=414031160&tid=657 ShortcutWithArgument: C:\Users\WILLIAN T. VIANA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.seekmx.com/?bd=sc&oem=209&uid=ST500LM012XHN-M500MBB_S2ZAJ5EDB04250&version=2.3.0.10324&pid=414031160&tid=657 ShortcutWithArgument: C:\Users\WILLIAN T. VIANA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.seekmx.com/?bd=sc&oem=209&uid=ST500LM012XHN-M500MBB_S2ZAJ5EDB04250&version=2.3.0.10324&pid=414031160&tid=657 ShortcutWithArgument: C:\Users\WILLIAN T. VIANA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.seekmx.com/?bd=sc&oem=209&uid=ST500LM012XHN-M500MBB_S2ZAJ5EDB04250&version=2.3.0.10324&pid=414031160&tid=657 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.seekmx.com/?bd=sc&oem=209&uid=ST500LM012XHN-M500MBB_S2ZAJ5EDB04250&version=2.3.0.10324&pid=414031160&tid=657 ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.seekmx.com/?bd=sc&oem=209&uid=ST500LM012XHN-M500MBB_S2ZAJ5EDB04250&version=2.3.0.10324&pid=414031160&tid=657 ==================== Módulos Carregados (Whitelisted) ============== 2015-02-10 14:09 - 2013-08-02 00:12 - 00043520 _____ () C:\Windows\system32\CSRSRV.dll 2009-07-13 21:19 - 2009-07-13 23:41 - 00036864 _____ () C:\Windows\system32\pcwum.dll 2009-07-13 21:19 - 2009-07-13 23:41 - 00036864 _____ () C:\Windows\system32\pcwum.DLL 2009-07-13 21:19 - 2009-07-13 23:41 - 00036864 _____ () C:\Windows\System32\pcwum.dll 2009-07-13 21:19 - 2009-07-13 23:41 - 00036864 _____ () c:\windows\system32\pcwum.dll 2015-02-11 08:35 - 2015-02-05 19:01 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2015-02-11 08:36 - 2015-02-05 17:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-01-03 14:22 - 2016-01-03 14:22 - 00266240 _____ () C:\Program Files (x86)\4C2D9377-1451824213-CE43-A567-E89A8FC8A32B\knscEFF8.tmp 2014-10-26 22:59 - 2014-10-26 22:59 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe 2014-10-30 05:41 - 2014-10-30 05:41 - 00031856 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe 2015-12-25 06:42 - 2015-12-25 06:42 - 00141960 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarServ.exe 2015-12-25 06:42 - 2015-12-25 06:42 - 03934344 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\Calendar.exe 2015-12-25 06:42 - 2015-12-25 06:42 - 00148104 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarEntry.dll 2014-01-29 23:02 - 2014-01-29 23:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2016-01-31 21:42 - 2016-02-01 01:49 - 00158720 _____ () C:\ProgramData\Muwluoma\1.0.7.1\wewlolap.exe 2016-02-08 13:11 - 2016-02-08 13:11 - 01632256 _____ () C:\Windows\Temp\57F2.tmp 2015-02-19 01:02 - 2015-02-19 01:02 - 00865880 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll 2014-10-30 05:41 - 2014-10-30 05:41 - 00035976 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll 2014-10-30 05:41 - 2014-10-30 05:41 - 00039560 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll 2014-10-30 05:41 - 2014-10-30 05:41 - 00032888 _____ () C:\Program Files (x86)\Real\UpdateService\RPDSUpdatePlugin.dll 2015-12-25 06:42 - 2015-12-25 06:42 - 00543368 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\EVPTask.dll 2015-12-25 06:42 - 2015-12-25 06:42 - 00406664 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\EVPNet.dll 2015-12-25 06:41 - 2015-12-25 06:41 - 00428680 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\EVPDR.dll 2015-02-11 08:35 - 2015-02-05 19:01 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2015-03-17 14:25 - 2015-04-02 17:52 - 40506936 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Spotify\libcef.dll 2015-12-13 01:49 - 2015-10-30 22:59 - 00034768 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd 2015-12-13 01:49 - 2015-10-30 23:00 - 00019408 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\faulthandler.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 00022848 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\Crypto.Random.OSRNG.winrandom.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 00023352 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\Crypto.Util._counter.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 00042296 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\Crypto.Cipher._AES.pyd 2015-12-13 01:49 - 2015-10-30 22:59 - 00116688 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\pywintypes27.dll 2015-12-13 01:49 - 2015-10-30 22:59 - 00093640 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\_ctypes.pyd 2015-12-13 01:49 - 2015-10-30 22:59 - 00018376 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\select.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 00019760 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd 2015-12-13 01:49 - 2015-10-30 23:00 - 00105928 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\win32api.pyd 2015-12-13 01:49 - 2015-10-30 22:59 - 00392144 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\pythoncom27.dll 2015-12-13 01:49 - 2015-12-08 19:36 - 00381752 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd 2015-12-13 01:49 - 2015-10-30 22:59 - 00692688 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\unicodedata.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 00020816 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd 2015-12-13 01:49 - 2015-10-30 23:00 - 00109520 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 01737032 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 00020808 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 00020800 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 00021840 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 00038696 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\fastpath.pyd 2015-12-13 01:49 - 2015-10-30 23:00 - 00024528 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\win32event.pyd 2015-12-13 01:49 - 2015-10-30 23:00 - 00020936 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\mmapfile.pyd 2015-12-13 01:49 - 2015-10-30 23:00 - 00114640 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\win32security.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 00021320 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd 2015-12-13 01:49 - 2015-10-30 23:00 - 00124880 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\win32file.pyd 2015-12-13 01:49 - 2015-10-30 23:00 - 00030160 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\win32pipe.pyd 2015-12-13 01:49 - 2015-10-30 23:00 - 00043472 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\win32process.pyd 2015-12-13 01:49 - 2015-10-30 23:00 - 00175560 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\win32gui.pyd 2015-12-13 01:49 - 2015-10-30 23:00 - 00028616 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\win32ts.pyd 2015-12-13 01:49 - 2015-10-30 23:00 - 00024016 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\win32clipboard.pyd 2015-12-13 01:49 - 2015-10-30 23:00 - 00048592 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\win32service.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 00024392 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd 2015-12-13 01:49 - 2015-10-30 23:00 - 00036296 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\librsync.dll 2015-12-13 01:49 - 2015-10-30 23:00 - 00024016 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\win32profile.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 00117056 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 00023376 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd 2015-12-13 01:49 - 2015-10-30 22:59 - 00134608 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\_elementtree.pyd 2015-12-13 01:49 - 2015-10-30 22:59 - 00134088 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\pyexpat.pyd 2015-12-13 01:49 - 2015-10-30 23:00 - 00240584 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\jpegtran.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 00020280 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 00052024 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 00021304 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\Crypto.Util.strxor.pyd 2015-12-13 01:49 - 2015-10-30 23:00 - 00350152 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\winxpgui.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 00084792 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL 2015-12-13 01:49 - 2015-12-08 19:36 - 01826608 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd 2015-12-13 01:49 - 2015-10-30 23:00 - 00083912 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\sip.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 03891504 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 01950000 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 00519984 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 00133936 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 00225080 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 00207672 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 00024904 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 00486704 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd 2015-12-13 01:49 - 2015-12-08 19:36 - 00357680 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd 2015-07-20 23:53 - 2015-10-30 23:01 - 00019920 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll 2015-03-04 19:45 - 2015-10-30 23:00 - 00786904 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-07-30 18:45 - 2015-10-30 23:00 - 00063448 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll 2015-07-20 23:53 - 2015-10-30 23:00 - 00019408 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll 2015-07-20 21:05 - 2015-07-20 21:05 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-07-20 21:05 - 2015-07-20 21:05 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-07-20 21:05 - 2015-07-20 21:05 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-03-17 14:25 - 2015-04-02 17:52 - 01365560 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Spotify\libglesv2.dll 2015-03-17 14:25 - 2015-04-02 17:52 - 00219192 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Spotify\libegl.dll 2015-03-17 14:25 - 2015-03-21 22:02 - 09305656 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Spotify\pdf.dll 2015-03-17 14:25 - 2015-04-02 17:52 - 00990776 _____ () C:\Users\WILLIAN T. VIANA\AppData\Roaming\Spotify\ffmpegsumo.dll 2016-02-10 16:02 - 2016-02-09 09:58 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libglesv2.dll 2016-02-10 16:02 - 2016-02-09 09:58 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libegl.dll 2016-02-10 16:02 - 2016-02-09 09:58 - 16810824 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Users\WILLIAN T. VIANA\Local Settings:init ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== EXE Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) ==================== Hosts Conteúdo: ========================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-14 00:34 - 2016-01-05 20:06 - 00001110 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-4212798887-716950412-2700413985-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\WILLIAN T. VIANA\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 189.168.100.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) mpsdrv => O Serviço Firewall não está sendo executado. MpsSvc => O Serviço Firewall não está sendo executado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: cphs => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk => C:\Windows\pss\RealPlayer Cloud Service UI.lnk.CommonStartup MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe MSCONFIG\startupreg: BoBrowser => "C:\Users\WILLIAN T. VIANA\AppData\Local\BoBrowser\Application\bobrowser.exe" --no-proxy-server --allow-outdated-plugins --location=0 MSCONFIG\startupreg: CrashService => "C:\Users\WILLIAN T. VIANA\AppData\Local\BoBrowser\Application\crash_service.exe" --max-reports=50 --no-window MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe MSCONFIG\startupreg: gmsd_br_005010197 => "C:\Program Files (x86)\gmsd_br_005010197\gmsd_br_005010197.exe" MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: RealDownloader => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe MSCONFIG\startupreg: SpaceSoundPro => "C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe" MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot MSCONFIG\startupreg: uTorrent => "C:\Users\WILLIAN T. VIANA\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED MSCONFIG\startupreg: Wondershare Helper Compact.exe => "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelperSetup.exe" ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{95A05F7B-C514-46E3-BC04-604B0D17CC29}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{5E08A1D2-ABE5-499F-B1DD-4592847231B1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{CE4B597C-7AA8-4AE5-9B41-65C8139D3E75}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{7F755FFC-8CED-4D78-AF3D-DCA104F607A0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{65BA3821-EDC2-41EC-953A-0FEAB99B7DBD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{D5E5B099-504A-47FA-B695-CD0E92A54593}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{429F71A7-BDE9-46E4-A7EA-CF10DC7A25A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{8006E100-7614-41C2-8360-0B2A25B70EFA}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe FirewallRules: [{FC42C699-8FE9-4B8C-87E4-9EEC5D1DCE9F}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe FirewallRules: [{A2B2FD06-759A-47D4-8ED0-18C99F8AFC07}] => (Allow) LPort=7935 FirewallRules: [{CF15B25C-F15B-4366-A316-D8AE7C792084}] => (Allow) C:\Users\WILLIAN T. VIANA\AppData\Roaming\Spotify\spotify.exe FirewallRules: [{F94EEE36-789B-4170-AA12-3BC7863F48F0}] => (Allow) C:\Users\WILLIAN T. VIANA\AppData\Roaming\Spotify\spotify.exe FirewallRules: [TCP Query User{CDFA2877-8AD5-4B3C-87CE-17811D800446}D:\cinema 4d\net render client 64 bit.exe] => (Allow) D:\cinema 4d\net render client 64 bit.exe FirewallRules: [UDP Query User{50834255-19DE-4F28-9AA2-16DA3D196055}D:\cinema 4d\net render client 64 bit.exe] => (Allow) D:\cinema 4d\net render client 64 bit.exe FirewallRules: [{BC09D134-A3F9-4102-A986-2777F9C40D25}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{17987C73-F882-41FC-ABD8-1B85147E845E}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{C6027FC7-741F-4900-9A85-4419231B26E5}] => (Allow) C:\Users\WILLIAN T. VIANA\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{1F113A6F-04A2-4273-B156-D05BAD93B803}] => (Allow) C:\Users\WILLIAN T. VIANA\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{A0A54288-B75E-44A0-8D81-BFF71AF0E335}] => (Allow) C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{6A5B5191-3A68-432E-9C50-375687584F6F}] => (Allow) C:\Users\WILLIAN T. VIANA\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{14AB2F0C-5AA6-4B6B-80D8-C2FDF02A92E4}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe FirewallRules: [{A3261EE4-2003-4391-985D-ADD05A3A4E4B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [{FF5CC30A-48AD-4A28-B840-EEDDED6C0507}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe FirewallRules: [TCP Query User{A5F91C39-E273-4728-B122-1BE32344C9A1}C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe FirewallRules: [UDP Query User{D5AF3644-FA99-4C4B-858B-58FAAC8B611B}C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe FirewallRules: [TCP Query User{F84571C3-6EDF-452D-A2F2-2D4FBBF048D1}C:\users\spotify.exe] => (Block) C:\users\spotify.exe FirewallRules: [UDP Query User{11CCB5F9-6E9D-43AF-95C7-C82B0577B0DA}C:\users\spotify.exe] => (Block) C:\users\spotify.exe FirewallRules: [TCP Query User{B5566333-1EFF-4542-A51D-734D2DA1D0A7}C:\users\willian t. viana\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\willian t. viana\appdata\local\popcorn time\nw.exe FirewallRules: [UDP Query User{75937E4C-55BF-4F9F-A731-B80043FA7ABC}C:\users\willian t. viana\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\willian t. viana\appdata\local\popcorn time\nw.exe FirewallRules: [{A625F622-A4FC-4ECB-892C-0091490BD88D}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe FirewallRules: [{E14C061D-3CCB-45D4-A688-C5A13DE11155}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe FirewallRules: [{DB4B1D5B-3608-4C6E-B389-A12400E74BD1}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe FirewallRules: [{EA7B758D-2883-4518-8923-299732E5121D}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe FirewallRules: [{0498C3AD-52F6-482E-831D-28C127889B53}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe FirewallRules: [{FF3EBA97-12E8-466B-875B-B8B3960C4957}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe FirewallRules: [TCP Query User{F3E70A6C-193C-4B56-B72C-6AFEE371682C}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe FirewallRules: [UDP Query User{F225CF09-8018-444B-971A-081269E50F4D}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe FirewallRules: [{78B9E4C6-4C9F-4551-8DD7-7330942F77D1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Pontos de Restauração ========================= Cheque o serviço "winmgmt" ou repare o WMI. ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: Teredo Tunneling Pseudo-Interface Description: Adaptador de Túnel Teredo da Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (02/10/2016 03:24:57 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418225 Error: (02/09/2016 01:46:50 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418225 Error: (02/09/2016 12:00:00 AM) (Source: System Restore) (EventID: 8211) (User: ) Description: O ponto de restauração agendado não pôde ser criado. Informações adicionais: (0x80042302). Error: (02/09/2016 12:00:00 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Falha ao criar ponto de restauração (Processo = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Descrição = Ponto de Verificação Agendado; Erro = 0x80042302). Error: (02/09/2016 12:00:00 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina Error calling CreateFile on volume '\\?\Volume{92b7e3a5-b131-11e4-969b-806e6f6e6963}\'. hr = 0x8000ffff, Falha catastrófica . Operação: Consultar a área de comparação deste volume Contexto: Nome do Volume: \\?\Volume{92b7e3a5-b131-11e4-969b-806e6f6e6963}\ Error: (02/08/2016 03:00:25 PM) (Source: System Restore) (EventID: 8211) (User: ) Description: O ponto de restauração agendado não pôde ser criado. Informações adicionais: (0x80042302). Error: (02/08/2016 03:00:25 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Falha ao criar ponto de restauração (Processo = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Descrição = Ponto de Verificação Agendado; Erro = 0x80042302). Error: (02/08/2016 03:00:25 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina Error calling CreateFile on volume '\\?\Volume{92b7e3a5-b131-11e4-969b-806e6f6e6963}\'. hr = 0x8000ffff, Falha catastrófica . Operação: Consultar a área de comparação deste volume Contexto: Nome do Volume: \\?\Volume{92b7e3a5-b131-11e4-969b-806e6f6e6963}\ Error: (02/08/2016 12:41:19 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: MustangSer242.exe, versão: 1.0.0.6, carimbo de hora: 0x567001d1 Nome do módulo de falhas: MustangSer242.exe, versão: 1.0.0.6, carimbo de hora: 0x567001d1 Código de exceção: 0x40000015 Deslocamento com falha: 0x00012d34 Identificação do processo com falha: 0x760 Hora de início do aplicativo com falha: 0xMustangSer242.exe0 Caminho do aplicativo com falha: MustangSer242.exe1 FCaminho do módulo de falhas: MustangSer242.exe2 Identificação do Relatório: MustangSer242.exe3 Error: (02/08/2016 12:40:28 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Erros de Sistema: ============= Error: (02/10/2016 08:06:37 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {87DC457B-B35D-48AC-BD42-BDF35EF623CE} Error: (02/10/2016 03:07:06 AM) (Source: volsnap) (EventID: 36) (User: ) Description: \Device\HarddiskVolumeShadowCopy1C: Error: (02/09/2016 01:12:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Net Service Event Handler devido ao seguinte erro: %%193 Error: (02/08/2016 12:53:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: O serviço Avast Antivirus depende do serviço aswMonFlt, mas não foi possível iniciá-lo devido ao seguinte erro: %%31 Error: (02/08/2016 12:53:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço aswMonFlt devido ao seguinte erro: %%31 Error: (02/08/2016 12:53:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: O serviço Avast Antivirus depende do serviço aswMonFlt, mas não foi possível iniciá-lo devido ao seguinte erro: %%31 Error: (02/08/2016 12:53:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço aswMonFlt devido ao seguinte erro: %%31 Error: (02/08/2016 12:53:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: O serviço Avast Antivirus depende do serviço aswMonFlt, mas não foi possível iniciá-lo devido ao seguinte erro: %%31 Error: (02/08/2016 12:53:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço aswMonFlt devido ao seguinte erro: %%31 Error: (02/08/2016 12:53:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: O serviço Avast Antivirus depende do serviço aswMonFlt, mas não foi possível iniciá-lo devido ao seguinte erro: %%31 CodeIntegrity: =================================== Date: 2016-02-08 12:20:18.866 Description: N/A Date: 2016-02-08 12:20:13.849 Description: N/A Date: 2016-02-08 12:20:08.578 Description: N/A Date: 2016-02-08 12:20:08.498 Description: N/A Date: 2016-02-08 12:19:02.335 Description: N/A Date: 2016-02-08 12:19:02.258 Description: N/A Date: 2016-02-08 12:18:56.972 Description: N/A Date: 2016-02-08 12:15:44.705 Description: N/A Date: 2016-02-08 12:15:44.693 Description: N/A Date: 2016-02-08 12:15:44.614 Description: N/A ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz Percentagem de memória em uso: 57% RAM física total: 6091.86 MB RAM física disponível: 2616.84 MB Virtual Total: 12181.91 MB Virtual disponível: 8287.4 MB ==================== Drives ================================ Drive c: (WINDOWS 7 x64) (Fixed) (Total:114.1 GB) (Free:3.88 GB) NTFS Drive d: (ARQUIVOS) (Fixed) (Total:351.56 GB) (Free:171.4 GB) NTFS Drive f: (SAMSUNG) (Fixed) (Total:931.51 GB) (Free:115.72 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F14BA95C) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=114.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=351.6 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 3F60152B) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================