Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:05-03-2016 01 Executado por fabio (2016-03-27 13:01:42) Executando a partir de C:\Users\fabio\Desktop Windows 10 Pro Versão 1511 (X64) (2016-01-26 01:50:46) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-4017182254-3727914778-2727900313-500 - Administrator - Disabled) Convidado (S-1-5-21-4017182254-3727914778-2727900313-501 - Limited - Disabled) DefaultAccount (S-1-5-21-4017182254-3727914778-2727900313-503 - Limited - Disabled) fabio (S-1-5-21-4017182254-3727914778-2727900313-1001 - Administrator - Enabled) => C:\Users\fabio HomeGroupUser$ (S-1-5-21-4017182254-3727914778-2727900313-1002 - Limited - Enabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-4017182254-3727914778-2727900313-1001\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.) Anno 2205 v.1.3.2441 (HKLM-x32\...\Anno 2205_is1) (Version: - ) Aplicativo Itaú (HKLM-x32\...\{F88F4F33-A3C7-4B34-AFEA-944E29A95F62}) (Version: 1.0.58 - Banco Itaú) BitTorrent (HKU\S-1-5-21-4017182254-3727914778-2727900313-1001\...\BitTorrent) (Version: 7.9.5.41203 - BitTorrent Inc.) Camtasia Studio 8 (HKLM-x32\...\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}) (Version: 8.6.0.2054 - TechSmith Corporation) CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform) CtrlAltStudio-Viewer-Alpha (remove only) (HKLM-x32\...\CtrlAltStudio-Viewer-Alpha) (Version: 1.2.5.43397 - CtrlAltStudio) DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd) FileViewPro (HKLM\...\FileViewPro_is1) (Version: 4.0 - Solvusoft Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.108 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden IP Camera Adapter (HKLM-x32\...\{6D140BFF-7CC5-4BFE-AD6D-47035FFE5F14}) (Version: 2.0.0.0 - Pavel Khlebovich) Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation) LOOT versão 0.8.1 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.8.1 - LOOT Team) Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0416-0000-0000000FF1CE}) (Version: 12.0.6334.5000 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Mortal Kombat X (HKLM\...\bW9ydGFsa29tYmF0eA_is1) (Version: 1 - ) MyBestOffersToday 000.037050280 (HKLM-x32\...\mbot_en_037050280_is1) (Version: - MYBESTOFFERSTODAY) <==== ATENÇÃO NEKOPARA Vol. 2 (HKLM\...\bmVrb3BhcmF2b2wy_is1) (Version: 1 - ) Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.15 - Black Tree Gaming) Painel de controle da NVIDIA 361.43 (Version: 361.43 - NVIDIA Corporation) Hidden Platform (x32 Version: 1.43 - VIA Technologies, Inc.) Hidden Python 3.5.1 (64-bit) (HKU\S-1-5-21-4017182254-3727914778-2727900313-1001\...\{0ee0d38a-fb40-4780-a8f8-73a57f4df39c}) (Version: 3.5.1150.0 - Python Software Foundation) Python 3.5.1 Core Interpreter (64-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Development Libraries (64-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Documentation (64-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Executables (64-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Launcher (32-bit) (HKLM-x32\...\{EC00AEF9-6544-4FEC-8152-C8949CDDCC85}) (Version: 3.5.150.0 - Python Software Foundation) Python 3.5.1 pip Bootstrap (64-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Standard Library (64-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Tcl/Tk Support (64-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Test Suite (64-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden Python 3.5.1 Utility Scripts (64-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATENÇÃO Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.) Skyrim NPC Editor (HKLM-x32\...\{5BA9357B-E876-4FB2-8F1B-C7E63AC90E6F}) (Version: 0.75.1 - foretrenty) Skyrim Script Extender (SKSE) (HKLM\...\Steam App 365720) (Version: - The SKSE Team) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios) Uplay (HKLM-x32\...\Uplay) (Version: 17.1 - Ubisoft) VIA Gerenciador de dispositivo de plataforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.43 - VIA Technologies, Inc.) Warsaw 1.8.0.10356 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.8.0.10356 - GAS Tecnologia) WindApp (HKU\S-1-5-21-4017182254-3727914778-2727900313-1001\...\WindApp) (Version: - Store) <==== ATENÇÃO WinRAR 5.30 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.4 - win.rar GmbH) yoursearching (HKLM-x32\...\yoursearching) (Version: 1.0.0.60 - ) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-4017182254-3727914778-2727900313-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\fabio\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {0ED29B7B-92A8-403B-8C13-E771EFEFC005} - System32\Tasks\{DC547DF4-9543-48D5-AC2F-AD55A788168B} => pcalua.exe -a "D:\Darksiders II\Darksiders2.exe" -d "D:\Darksiders II" Task: {2783CD2B-E7FB-4203-80C6-D7BD8500DDF7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-26] (Google Inc.) Task: {40459F6C-9831-4846-BB74-77BDAC0527AC} - System32\Tasks\{520F39FC-2960-4598-8182-5CA3C959FF26} => pcalua.exe -a "C:\Program Files (x86)\WeatherTool\2.0.0.11150\InstallHelper.exe" -c -Uninstall English Task: {4B8D63DF-8A06-481D-BB5D-39AFFD4DAF2E} - System32\Tasks\{4401CDE8-B1FA-4BFD-A08D-596C890332F3} => pcalua.exe -a "C:\Program Files (x86)\SunnyDay21\unins000.exe" Task: {7A658D37-4DD5-49D5-B699-A5EA50D8C922} - System32\Tasks\Ugerqut => C:\Program Files\Ribdaujjokghima\Nadpor.bat [2016-03-27] () Task: {81964E1A-66FF-4A16-857D-3CF6F4F37021} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-11] (Microsoft Corporation) Task: {865A265E-EE6B-47B8-9CA1-C70FAA22FE50} - System32\Tasks\{9A4D1F0D-9D94-4990-845B-10E9D99A6F52} => pcalua.exe -a F:\Setup.exe -d F:\ Task: {8777F61E-A7CA-45EC-9A01-6AA69BAB2B52} - System32\Tasks\WindApp Update => C:\Users\fabio\AppData\Roaming\Store\WindApp\WindApp Update.exe [2016-02-11] (Nosibay) <==== ATENÇÃO Task: {8BC967D0-41A7-4686-AB9B-831B65995EC1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-26] (Google Inc.) Task: {BB962D72-0650-4FA9-A8A5-E2052E20641F} - System32\Tasks\Bokau => C:\Program Files\Ogiitodujpo\Faczaa.bat [2016-03-27] () Task: {CD92A532-0663-490E-9EC9-BE3B96F2D664} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yeabests.cc/ ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yeabests.cc/ ==================== Módulos Carregados (Whitelisted) ============== 2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 ____N () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-03-27 10:43 - 2016-03-27 10:43 - 03587000 _____ () C:\ProgramData\System32\SafeGuard64.dll 2016-01-25 22:41 - 2015-12-16 11:54 - 00126256 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-03-27 09:44 - 2016-03-27 10:10 - 00232816 _____ () C:\Program Files\Ribdaujjokghima\Tabjikc.exe 2016-03-27 09:44 - 2016-03-27 10:10 - 00425840 _____ () C:\Program Files\Ribdaujjokghima\RudugMajjuw.exe 2016-03-26 08:24 - 2016-03-26 08:24 - 00125816 _____ () C:\Users\fabio\AppData\Roaming\RaimdEoemeav\Kuvmewu.exe 2016-03-27 09:43 - 2016-03-27 09:43 - 00174448 _____ () C:\Users\fabio\AppData\Roaming\Rasagupr\Rasagupr.exe 2016-03-26 08:25 - 2016-03-27 10:36 - 00169336 _____ () C:\Program Files\Ogiitodujpo\Jismaot.exe 2016-03-27 09:44 - 2016-03-27 10:10 - 00169840 _____ () C:\Program Files\Ribdaujjokghima\Pohoden.exe 2016-03-27 09:09 - 2016-03-27 09:09 - 00219136 _____ () C:\Program Files (x86)\00000000-1459084880-0000-0000-6C626DFD7643\knsbE2EF.tmpfs 2015-12-26 05:59 - 2015-12-26 05:59 - 00158720 _____ () C:\Users\fabio\AppData\Local\00000000-1459075499-0000-0000-6C626DFD7643\qnsq4C78.tmp 2016-03-26 08:24 - 2016-03-26 08:24 - 00174456 _____ () C:\Users\fabio\AppData\Roaming\Cekhikj\Cekhikj.exe 2015-12-26 08:39 - 2015-11-22 07:47 - 02653816 ____N () C:\WINDOWS\system32\CoreUIComponents.dll 2016-03-26 08:24 - 2016-03-26 08:24 - 00670584 _____ () C:\Users\fabio\AppData\Roaming\Cekhikj\Biwip.dll 2016-03-27 09:43 - 2016-03-27 09:43 - 00670576 _____ () C:\Users\fabio\AppData\Roaming\Rasagupr\Phxhnafmog.dll 2016-03-26 08:25 - 2016-03-27 10:36 - 00329592 _____ () C:\Program Files\Ogiitodujpo\Disrop64.DLL 2015-12-26 08:39 - 2015-11-22 07:47 - 02653816 ____N () C:\WINDOWS\System32\CoreUIComponents.dll 2016-03-27 09:43 - 2016-03-27 09:43 - 00115568 _____ () C:\Users\fabio\AppData\Roaming\Rasagupr\Sanion.exe 2016-03-26 08:24 - 2016-03-26 08:24 - 00115576 _____ () C:\Users\fabio\AppData\Roaming\Cekhikj\Fopesad.exe 2016-03-27 09:43 - 2016-03-27 09:43 - 00146288 _____ () C:\Users\fabio\AppData\Roaming\Rasagupr\Phxhnafmog.exe 2016-03-26 08:24 - 2016-03-26 08:24 - 00146296 _____ () C:\Users\fabio\AppData\Roaming\Cekhikj\Biwip.exe 2016-03-27 10:45 - 2016-03-26 09:16 - 02007040 _____ () C:\ProgramData\WindowsMsg\osmsg.exe 2016-03-27 10:40 - 2016-03-02 10:49 - 01888256 _____ () c:\programdata\msiql.exe 2016-03-26 08:25 - 2016-03-27 10:36 - 00235896 _____ () C:\Program Files\Ogiitodujpo\Qhsomk.exe 2016-03-26 08:25 - 2016-03-27 10:36 - 00428920 _____ () C:\Program Files\Ogiitodujpo\HacsYlhth.exe 2016-03-26 08:25 - 2016-03-27 10:36 - 00467320 _____ () C:\Program Files\Ogiitodujpo\Femrypc64.exe 2016-03-26 08:25 - 2016-03-27 10:36 - 00645496 _____ () C:\Program Files\Ogiitodujpo\Boriacoo64.DLL 2016-03-26 08:25 - 2016-03-27 10:36 - 00312696 _____ () C:\Program Files\Ogiitodujpo\Jypwubpi64.DLL 2016-03-26 08:25 - 2016-03-27 10:36 - 00375808 _____ () C:\Program Files\Ogiitodujpo\Lemse64.DLL 2016-01-26 12:55 - 2016-01-26 12:55 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-12-26 08:39 - 2015-12-07 01:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-12-26 08:40 - 2015-12-07 01:00 - 00472064 ____N () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-01-12 22:10 - 2016-01-04 22:29 - 07992832 ____N () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-01-12 22:10 - 2016-01-04 22:23 - 00591360 ____N () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-01-28 17:30 - 2016-01-16 02:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-01-28 17:30 - 2016-01-16 02:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-01-28 20:33 - 2012-11-14 03:22 - 00078456 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll 2016-01-28 20:33 - 2012-11-14 03:22 - 00386168 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll 2016-02-12 18:13 - 2016-02-12 18:13 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll 2016-03-24 22:41 - 2015-09-29 17:23 - 03336704 _____ () D:\Nexus Mod Manager\GameModes\data\loot64.dll 2016-03-27 10:41 - 2016-03-27 10:41 - 00115904 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMAntiInject.dll 2016-03-27 10:42 - 2016-03-27 10:42 - 00088416 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\zlib.dll 2016-03-27 10:42 - 2016-03-27 10:42 - 00488640 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\sqlite.dll 2016-03-27 10:43 - 2016-03-27 10:43 - 02771896 _____ () C:\ProgramData\System32\SafeGuard32.dll 2016-03-27 10:42 - 2016-03-27 10:42 - 00100704 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\tinyxml.dll 2016-03-27 10:42 - 2016-03-27 10:42 - 00046784 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll 2016-03-27 10:41 - 2016-02-19 13:36 - 00065008 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll 2016-03-27 10:41 - 2016-02-27 19:55 - 00036128 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\oDayProtect.dll 2016-03-27 10:41 - 2016-03-27 10:41 - 00128192 _____ () c:\program files (x86)\tencent\qqpcmgr\11.4.17347.218\qmrtpcontroller.dll 2016-03-26 08:24 - 2016-03-27 10:36 - 00183672 _____ () C:\Users\fabio\AppData\Roaming\RaimdEoemeav\Upimd.din 2016-03-27 09:43 - 2016-03-27 09:43 - 00262000 _____ () C:\Users\fabio\AppData\Roaming\Rasagupr\Sanion.dll 2016-03-26 08:24 - 2016-03-26 08:24 - 00262008 _____ () C:\Users\fabio\AppData\Roaming\Cekhikj\Fopesad.dll 2016-03-27 10:41 - 2016-03-27 10:41 - 00342368 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\arkGraphic.dll 2016-03-27 10:42 - 2016-03-27 10:42 - 00194912 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\xImage.dll 2016-03-27 10:42 - 2016-03-27 10:42 - 00092512 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\xGraphic32.dll 2016-03-27 10:41 - 2016-03-27 10:41 - 02156896 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\GF.dll 2016-03-27 10:41 - 2016-03-27 10:41 - 00137568 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\libexpatw.dll 2016-03-27 10:41 - 2016-03-27 10:41 - 00285024 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\libjpegturbo.dll 2016-03-27 10:41 - 2016-03-27 10:41 - 00158048 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\libpng.dll 2016-03-27 10:41 - 2016-03-27 10:41 - 00045408 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\jgImage.dll 2016-03-27 10:41 - 2016-03-27 10:41 - 00014176 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\jgIOStub.dll 2016-03-27 10:41 - 2016-03-27 10:41 - 00169152 _____ () c:\program files (x86)\tencent\qqpcmgr\11.4.17347.218\qmhipslogpolicy.dll 2016-03-27 10:41 - 2016-03-27 10:41 - 00083136 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\MemDefrag.dll 2016-03-27 10:41 - 2016-03-27 10:41 - 00267456 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMTrayPlugin\QMAutoTaskPlugin\SubPlugins\OperationFileCloudMgr.dll 2016-03-27 10:41 - 2016-03-27 10:41 - 00379232 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\DlForQd.dll 2016-03-27 10:42 - 2016-03-27 10:42 - 00264896 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\Win10ToastNotification.dll 2016-03-27 10:41 - 2016-03-27 10:41 - 00251072 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMWlanMacDll.dll 2016-01-26 12:55 - 2016-01-26 12:55 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-03-17 18:04 - 2016-02-09 22:17 - 00782336 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2016-03-17 18:04 - 2015-07-03 13:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2016-03-17 18:04 - 2016-03-10 16:02 - 02547792 _____ () C:\Program Files (x86)\Steam\video.dll 2016-03-17 18:04 - 2015-07-03 13:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2016-03-17 18:04 - 2015-07-03 13:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2016-03-17 18:04 - 2016-02-08 20:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2016-03-17 18:04 - 2016-02-08 20:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2016-03-17 18:04 - 2016-02-08 20:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2016-03-17 18:04 - 2016-02-08 20:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2016-03-17 18:04 - 2016-02-08 20:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2016-03-17 18:04 - 2016-03-10 16:02 - 00802896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2016-03-17 18:04 - 2016-02-17 19:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2016-03-27 10:41 - 2016-03-27 10:41 - 02156896 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\GF.dll 2016-03-27 10:42 - 2016-03-27 10:42 - 00092512 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\xGraphic32.dll 2016-03-27 10:42 - 2016-03-27 10:42 - 00088416 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\zlib.dll 2016-03-27 10:41 - 2016-03-27 10:41 - 00137568 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\libexpatw.dll 2016-03-27 10:42 - 2016-03-27 10:42 - 00100704 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\tinyxml.dll 2016-03-27 10:41 - 2016-03-27 10:41 - 00342368 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\arkGraphic.dll 2016-03-27 10:41 - 2016-03-27 10:41 - 00045408 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\jgImage.dll 2016-03-27 10:41 - 2016-03-27 10:41 - 00014176 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\jgIOStub.dll 2016-03-27 10:41 - 2016-03-27 10:41 - 00158048 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\libpng.dll 2016-03-27 10:41 - 2016-03-27 10:41 - 00285024 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\libjpegturbo.dll 2016-03-17 18:04 - 2016-02-08 22:33 - 48400672 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2016-03-25 14:27 - 2016-03-04 15:51 - 00096768 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.108\chrome_elf.dll 2016-03-27 11:03 - 2016-03-04 15:51 - 00732160 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.108\chrome_elf_wk.dll 2014-04-17 02:27 - 2014-04-17 02:27 - 00087552 _____ () E:\IPCameraAdapter.dll 2016-03-25 14:27 - 2016-03-23 01:31 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.108\libglesv2.dll 2016-03-25 14:27 - 2016-03-23 01:31 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.108\libegl.dll 2016-03-25 14:27 - 2016-03-23 01:31 - 17545880 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.108\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10] AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32] AlternateDataStreams: C:\WINDOWS\System32:A37CD33B_Uni.gbp [2] AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [2286] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service" ==================== EXE Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-4017182254-3727914778-2727900313-1001\...\google.com -> www.google.com IE trusted site: HKU\S-1-5-21-4017182254-3727914778-2727900313-1001\...\google.com.br -> www.google.com.br IE trusted site: HKU\S-1-5-21-4017182254-3727914778-2727900313-1001\...\itau.b.br -> www.itau.b.br IE trusted site: HKU\S-1-5-21-4017182254-3727914778-2727900313-1001\...\itau.com.br -> hxxps://bankline.itau.com.br IE trusted site: HKU\S-1-5-21-4017182254-3727914778-2727900313-1001\...\itau.com.br -> bankline.itau.com.br IE trusted site: HKU\S-1-5-21-4017182254-3727914778-2727900313-1001\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br IE trusted site: HKU\S-1-5-21-4017182254-3727914778-2727900313-1001\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br ==================== Hosts Conteúdo: ========================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2016-01-25 23:21 - 2016-03-27 11:33 - 00001626 ____N C:\WINDOWS\system32\Drivers\etc\hosts 107.178.255.88 www.google-analytics.com 107.178.255.88 www.statcounter.com 107.178.255.88 statcounter.com 107.178.255.88 ssl.google-analytics.com 107.178.255.88 partner.googleadservices.com 107.178.255.88 google-analytics.com 107.178.248.130 static.doubleclick.net 107.178.247.130 connect.facebook.net 107.178.255.88 www.google-analytics.com 107.178.255.88 www.statcounter.com 107.178.255.88 statcounter.com 107.178.255.88 ssl.google-analytics.com 107.178.255.88 partner.googleadservices.com 107.178.255.88 google-analytics.com 107.178.248.130 static.doubleclick.net 107.178.247.130 connect.facebook.net127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-4017182254-3727914778-2727900313-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\fabio\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: O Suporte não está conectado à internet. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [TCP Query User{1D70FF93-C291-4B0C-A64A-5184D2EBDA1C}C:\users\fabio\singularity\slvoice.exe] => (Allow) C:\users\fabio\singularity\slvoice.exe FirewallRules: [UDP Query User{55FA330B-291E-40E8-BC23-88651781418A}C:\users\fabio\singularity\slvoice.exe] => (Allow) C:\users\fabio\singularity\slvoice.exe FirewallRules: [{137A5DF2-E7DA-498B-B5FC-D6E71838EEBD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{FB32C073-741B-4016-AD3A-ABBFFAE0D2FB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{A51876A9-3E2F-4575-9AA8-7AF753A4C9F0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{79A04EDD-B71B-4DF7-838D-7FB54483C3EC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{6FB657EE-6DE9-43B9-8EAD-6630C3A632B2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{5A1C52FB-01A4-401B-AA41-365845AB1A0A}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe FirewallRules: [{36A6FA44-7785-4B0F-9317-1118AE74CCF6}] => (Allow) LPort=8317 FirewallRules: [TCP Query User{B5DE1941-97DF-4DFF-9694-815254F1CCD8}E:\ctrlaltstudio-viewer-alpha\slvoice.exe] => (Allow) E:\ctrlaltstudio-viewer-alpha\slvoice.exe FirewallRules: [UDP Query User{A46F88CE-820B-4BA2-A8E4-8DABD9D05F83}E:\ctrlaltstudio-viewer-alpha\slvoice.exe] => (Allow) E:\ctrlaltstudio-viewer-alpha\slvoice.exe FirewallRules: [TCP Query User{57E73609-BF0E-4D86-9907-208E39D00F20}C:\users\fabio\appdata\roaming\bittorrent\updates\7.9.5_41866.exe] => (Allow) C:\users\fabio\appdata\roaming\bittorrent\updates\7.9.5_41866.exe FirewallRules: [UDP Query User{14A2A2DA-C20A-40C2-93AB-D4233042B552}C:\users\fabio\appdata\roaming\bittorrent\updates\7.9.5_41866.exe] => (Allow) C:\users\fabio\appdata\roaming\bittorrent\updates\7.9.5_41866.exe FirewallRules: [TCP Query User{FFB676AE-1C7F-4727-B120-EBC4D9F1FC48}C:\users\fabio\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\fabio\appdata\roaming\bittorrent\bittorrent.exe FirewallRules: [UDP Query User{FFC188CF-5381-4252-8ABA-B4630234B482}C:\users\fabio\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\fabio\appdata\roaming\bittorrent\bittorrent.exe FirewallRules: [{F7AC8CFB-6D16-4B30-AF41-E85C75D8C5D6}] => (Allow) C:\Users\fabio\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{22C70845-9D16-4A25-9153-B9F8D56F64A9}] => (Allow) C:\Users\fabio\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{EED0CDD7-9574-4DB7-B24C-23C1D6B82ACF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{6932E1C4-45FF-4592-BB51-02E440E18809}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{CE43B2D9-D758-4525-81DD-EFA9F56B9343}] => (Allow) D:\Steam\steamapps\common\Skyrim\skse_steam_boot.exe FirewallRules: [{4A50191E-F5EE-410F-95FE-640C5058271F}] => (Allow) D:\Steam\steamapps\common\Skyrim\skse_steam_boot.exe FirewallRules: [{9988FA6A-0CE6-44E6-814D-D3EA90BD9745}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{5AE1A11B-676F-4C53-8D0B-1DB292D25F98}] => (Allow) C:\Program Files (x86)\SprgFiles\SprgFiles.exe FirewallRules: [{9C7A5739-6BE1-4194-8ABA-8D90F3AFA17F}] => (Allow) C:\Program Files (x86)\SprgFiles\SprgFiles.exe FirewallRules: [{3BAC17C0-9094-486D-85E6-C46F9E283993}] => (Allow) C:\Program Files (x86)\SprgFiles\downloader.exe FirewallRules: [{05D28102-F528-4867-9609-0DADC642D46B}] => (Allow) C:\Program Files (x86)\SprgFiles\downloader.exe FirewallRules: [{85F1DF0A-1FD6-4C5B-909C-D1C9454B7E76}] => (Allow) C:\Program Files (x86)\Max Driver Updater\maxdu.exe FirewallRules: [{2265CB97-7BBC-48B8-80BD-94C221EDBE89}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCmgrInstallGuide.exe FirewallRules: [{69CE580F-435E-44B6-BCBB-C609DF9F2251}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTray.exe FirewallRules: [{2B4F0B54-3E4E-4BBF-BF97-A6FA07916FFA}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCMgr.exe FirewallRules: [{7AD6B45E-C32C-4EAB-8142-EC2D08F94D71}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCRTP.exe FirewallRules: [{97CE9DDD-511B-46D1-8CC3-842D937A4717}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMDL.exe FirewallRules: [{77B8EA65-87FB-4C32-ACB8-189AE7C000A0}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\bugreport.exe FirewallRules: [{07670ADD-82A3-4238-9A98-6D9C8070314A}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCFileOpen.exe FirewallRules: [{3A745E04-5F91-4DA2-A1AC-F10AE65CCC08}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCLeakScan.exe FirewallRules: [{3FF20A39-E84C-41A7-9877-C6F28983266D}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPConfig.exe FirewallRules: [{FD797CF1-7E78-4D06-886D-F6D7A8392136}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCSoftMgr.exe FirewallRules: [{3F6C3C1B-DD76-4C8B-9665-39075031DF2B}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\plugins\QMNetMon\QQPCNetFlow.exe FirewallRules: [{6F9A8BEE-A51F-4630-9F80-C6E06A6529EB}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCBTU.exe FirewallRules: [{251858FE-3C36-465B-85C6-20B12BF181E8}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCClinic.exe FirewallRules: [{DD71F66B-8408-49DF-9012-50F8789D1216}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCLaunch.exe FirewallRules: [{493769E8-C547-46A0-91BE-847253B025DC}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMUpdate\QQPCMgrUpdate.exe FirewallRules: [{EE104142-5577-4D61-95DE-9E6FD6B80DDE}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCSoftGame.exe FirewallRules: [{CA10C11F-DFB8-4906-B7A5-967AA14572E1}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCSysOptimize.exe FirewallRules: [{D0B2BAB0-8029-4E16-99CB-911E975A59AB}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCUpdateAVLib.exe FirewallRules: [{93BE3366-CE23-4468-95F2-F838AEA74686}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQRepair.exe FirewallRules: [{D042A630-2DB5-49B5-BBF8-E54848FA9857}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\Uninst.exe FirewallRules: [{44A4340A-1304-45DE-B4E1-214A83C2E2F0}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCPatch.exe FirewallRules: [{AFA3BE95-D002-49FD-B9C0-536BB2016D32}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TpkUpdate.exe FirewallRules: [{94BAC768-26FD-47A9-AD2E-164AB01F8F79}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMRouterMgr.exe FirewallRules: [{3E17430E-E838-4613-9864-A93B858E661E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMAccountProtection.exe FirewallRules: [{45674A8E-A7E4-452E-B65D-3209474E6E2E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QMAdBlock.exe FirewallRules: [{0971BE11-D37E-47FD-A626-981D2F3255E8}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe FirewallRules: [{FF6F4869-2604-4754-8714-A9125AFC86C2}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe FirewallRules: [{24DC0A48-9400-4DFD-80DA-2A49E9D5CEBF}] => (Allow) C:\Users\fabio\AppData\Roaming\BitTorrent\updates\7.9.5_41866.exe FirewallRules: [{204BB6A7-1F7B-460A-8A9E-1F5ABD4DCD28}] => (Allow) C:\Users\fabio\AppData\Roaming\BitTorrent\updates\7.9.5_41866.exe FirewallRules: [{7EA73077-4440-45A5-BCC3-C78BF572BC2B}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{0A086A19-61FB-43E7-9E42-8AC1E8B776D1}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{DD6E7F3F-5471-4EFA-B2B3-8894C503EBF5}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{C8FF24BB-4880-4638-B9E0-F9B29B52673D}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{96D3F4DB-E763-4C5E-AB54-3F7757E311E8}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{0134E643-7B05-4668-96E0-6194866B38E9}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{D8552B14-2BA5-430B-A5C1-BDF8BD4AF498}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{73201EA5-17F9-47D9-9389-AAC722259949}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{578F8ED0-7670-4F21-81A5-ECED05D8393B}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{324ED4A2-1CC3-46DD-81B9-6E2D9F54B993}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{1DAF53E2-E76A-4454-81CA-37A69976E527}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{75B65FF9-99F0-4045-AA08-96DA904AF53F}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{77910B5D-C02A-4111-AC73-82448CBC397F}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{A197F8E1-F9C2-4353-B6AE-C05C0190C09A}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{5E044D00-92A8-4FEF-91FB-88DF6896140C}] => (Allow) C:\Program Files\NewExt\jsinjector.exe ==================== Pontos de Restauração ========================= 09-03-2016 14:32:21 Windows Update 14-03-2016 18:09:44 Installed QuickTime 7 20-03-2016 15:48:00 DirectX instalado 23-03-2016 00:25:28 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 25-03-2016 07:35:12 Removed Suporte para Aplicativos Apple ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (03/27/2016 01:03:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FABIO-PC) Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927149. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (03/27/2016 01:03:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FABIO-PC) Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927149. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (03/27/2016 12:59:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FABIO-PC) Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927149. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (03/27/2016 12:59:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FABIO-PC) Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927149. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (03/27/2016 12:49:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FABIO-PC) Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927149. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (03/27/2016 12:49:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FABIO-PC) Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927149. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (03/27/2016 12:46:56 PM) (Source: ESENT) (EventID: 474) (User: ) Description: Catalog Database (1384) Catalog Database: Falha na verificação da leitura de página do banco de dados do arquivo "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" no deslocamento 18284544 (0x0000000001170000) (página do banco de dados Catalog Database0) para 4096 (0x00001000) bytes devido a uma incompatibilidade de soma de verificação da página. A soma de verificação esperada era [00030030454c4946] e a real foi [0000116f9e9e00bd]. A operação de leitura falhará com o erro -1018 (0xfffffc06). Se essa condição persistir, restaure o banco de dados por meio de um backup anterior. É bem provável que seja um problema de hardware com defeito. Contate o fornecedor do hardware para mais assistência no diagnóstico do problema. Error: (03/27/2016 12:42:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FABIO-PC) Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927149. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (03/27/2016 12:42:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FABIO-PC) Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927149. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (03/27/2016 12:42:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FABIO-PC) Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927149. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Erros de Sistema: ============= Error: (03/27/2016 12:07:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço MPC Core Protect Service foi encerrado inesperadamente. Isso aconteceu 2 vez(es). Error: (03/27/2016 11:45:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço MPC Core Protect Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (03/27/2016 11:45:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Experiências e Telemetria de Usuário Conectado foi encerrado inesperadamente. Isso aconteceu 3 vez(es). Error: (03/27/2016 11:43:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Experiências e Telemetria de Usuário Conectado foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço. Error: (03/27/2016 11:39:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Experiências e Telemetria de Usuário Conectado foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço. Error: (03/27/2016 11:39:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Serviço do Google Update (gupdate) devido ao seguinte erro: %%1053 Error: (03/27/2016 11:39:27 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Serviço do Google Update (gupdate). Error: (03/27/2016 11:35:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Util Checked List devido ao seguinte erro: %%1053 Error: (03/27/2016 11:35:52 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Util Checked List. Error: (03/27/2016 11:35:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço SkypeUpdateEx devido ao seguinte erro: %%1053 CodeIntegrity: =================================== Date: 2016-03-27 11:06:15.210 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-23 08:14:49.225 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-14 18:11:48.531 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-12 00:06:27.477 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-11 05:40:41.233 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-03 06:36:27.403 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-13 14:42:31.274 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-12 08:53:09.352 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-04 18:49:52.303 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-29 18:34:05.457 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz Percentagem de memória em uso: 48% RAM física total: 8191.18 MB RAM física disponível: 4207.95 MB Virtual Total: 9471.18 MB Virtual disponível: 5082.18 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:232.35 GB) (Free:159.67 GB) NTFS Drive d: (Novo volume) (Fixed) (Total:931.51 GB) (Free:246.02 GB) NTFS Drive e: (Novo volume) (Fixed) (Total:74.53 GB) (Free:35.93 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 0647951E) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=232.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 94309430) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: 4C5C9D97) Partition 1: (Not Active) - (Size=74.5 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================