Addition.txt

Document joint : FFlayZ8lRap_Addition.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:10-06-2016
Executado por PAULO (2016-06-10 21:20:42)
Executando a partir de C:\Users\PAULO\Desktop
Windows 10 Pro Versão 1511 (X64) (2016-04-13 00:48:35)
Modo da Inicialização: Normal
==========================================================

==================== Contas: =============================

Administrador (S-1-5-21-3024616143-3309111996-383524719-500 - Administrator - Disabled)
Convidado (S-1-5-21-3024616143-3309111996-383524719-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3024616143-3309111996-383524719-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3024616143-3309111996-383524719-1005 - Limited - Enabled)
PAULO (S-1-5-21-3024616143-3309111996-383524719-1001 - Administrator - Enabled) => C:\Users\PAULO

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-3024616143-3309111996-383524719-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
7-Zip 15.06 beta (x64) (HKLM\...\7-Zip) (Version: 15.06 - Igor Pavlov)
7-Zip 15.14 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1514-000001000000}) (Version: 15.14.00.0 - Igor Pavlov)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Atualizações da NVIDIA 2.11.3.5 (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Belarc Advisor 8.5c (HKLM-x32\...\Belarc Advisor) (Version: 8.5.3.0 - Belarc Inc.)
BMW M3 Challenge (HKLM-x32\...\{C4CD208D-E3A2-488B-A4F4-FD8DE3DADD25}_is1) (Version: BMW M3 Challenge v1.0.0.0 - 10TACLE STUDIOS AG)
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Combined Community Codec Pack 2015-10-18 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2015.10.19.0 - CCCP Project)
COMODO Programs Manager (HKLM\...\{D968E920-3A49-48EB-BA1D-8964DCDF0CA9}) (Version: 1.3_build_30 - COMODO)
DARK SOULS III (HKLM\...\Steam App 374320) (Version: - FromSoftware, Inc.)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version: - Vigil Games)
Devil May Cry 4 (HKLM-x32\...\Steam App 45700) (Version: - Capcom)
DirectVobSub 2.40.4209 (HKLM-x32\...\vsfilter_is1) (Version: 2.40.4209 - MPC-HC Team)
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.42.13482.16 - Electronic Arts)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.12.0.2 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
i-Menu version 4.0.8 (HKLM-x32\...\{0121C0BD-363C-4B1D-8B64-FE7681A37D0A}_is1) (Version: 4.0.8 - AOC)
Instalação do DivX (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3910 - Intel Corporation)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java SE Development Kit 8 Update 73 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180730}) (Version: 8.0.730.2 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{F46A1003-7E9A-418C-8149-C6AF1EAF6B89}) (Version: 8.0.4.394 - Kaspersky Lab)
Kaspersky Password Manager (x32 Version: 8.0.4.394 - Kaspersky Lab) Hidden
K-Lite Codec Pack 11.4.0 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.4.0 - )
KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - )
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 pt-BR)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
NVIDIA Áudio Virtual Miracast 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.62 - NVIDIA Corporation)
NVIDIA Driver de áudio HD 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA Driver de controle do 3D Vision 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA Driver de gráficos 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Painel de controle da NVIDIA 368.39 (Version: 368.39 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.4.0.1023 - Lenovo)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.0.2 - IObit)
Software de dispositivo do Chipset Intel® (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0416-0000-0000000FF1CE}_Office15.PROPLUS_{7BDD179E-C954-438B-937D-EB411B701EAB}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.30 - VSO-Software SARL)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Warsaw 1.11.1.24 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.11.1.24 - GAS Tecnologia)
Xerox WorkCentre 3045B (HKLM-x32\...\InstallShield_{645082D0-144F-42A1-B7CD-1419DC7BA06D}) (Version: 1.006.00 - Xerox)
Xerox WorkCentre 3045B (x32 Version: 1.006.00 - Xerox) Hidden

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\PAULO\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\PAULO\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\PAULO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {01AC682B-0058-4318-A0E0-0C2C565EA2C3} - System32\Tasks\SafeZone scheduled Autoupdate 1456184566 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {1474425B-EC75-4F09-8280-E64E5CE061FC} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {186ED3E5-C94B-48E0-80FE-DF390985DB14} - System32\Tasks\SafeZone scheduled Autoupdate 1451431727 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {1A33D4AA-4B9B-4216-A2CE-B825B77D307C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-04-15] (Piriform Ltd)
Task: {238E391B-77A6-423C-A4BC-1C884FC57542} - System32\Tasks\{B3F96D29-1135-4038-BDB6-C39434087B93} => pcalua.exe -a C:\Users\PAULO\Desktop\CPM_SETUP_1.3.2.30_xp_vista_server2003_win7.exe -d C:\Users\PAULO\Desktop
Task: {2CCF1373-8617-4D61-A44A-D1F793323EFD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-11] (Microsoft Corporation)
Task: {4FED72AA-3585-4BFD-B2A4-DB56A02F41B9} - System32\Tasks\{F05BEFB2-495D-4152-99B2-8542C1B89A03} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {51AAF806-EBCA-4853-9C6D-957B972FAEDD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {53081C05-9A26-4E08-93CB-AE8174081B91} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {6610E1F5-15A9-4339-BEA6-9FFF8DDA4DC8} - System32\Tasks\{6D13DCED-2294-4FF9-B29D-DEE76E2D5F07} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {6ACE2B94-257B-42C7-B35C-154D4A69E437} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {89FE7362-F53F-40EE-BD11-431F1B69B82C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {8C4D41D8-EA94-4641-BFE6-028218155427} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-08-24] ()
Task: {8C883DAF-766B-44A8-8A49-E820AC89FC62} - System32\Tasks\{84016D63-C0E3-421E-8B71-9D9343BBB46C} => pcalua.exe -a C:\PROGRA~2\WSE_AS~1\\uninstall.exe
Task: {943F738A-FF9E-462F-BB8C-306A65CCD39F} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2016-03-23] (IObit)
Task: {96AFF688-61A2-4B26-B6FE-B7FCDDE067E9} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {9B953841-8C55-47E9-9E4A-A3220CF8DE96} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {A59C1564-7877-4E65-9C3D-49CD84CF0827} - System32\Tasks\{C26B5FFA-FAD7-4AF5-BE84-8A8DA43F09AB} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {B88DA3DB-C6F9-4721-ADDE-ACD93D682603} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {C8996A91-1654-43F9-BF71-49C361DD1006} - System32\Tasks\Driver Booster SkipUAC (PAULO) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {C9F536A7-B843-4A51-B716-ADF957FDBDCB} - System32\Tasks\{841843E4-782A-4933-BC62-E1311650F293} => pcalua.exe -a C:\Users\PAULO\Desktop\CSC_3.0.172695.53_xp_vista_server2003_server2008_win7.exe -d C:\Users\PAULO\Desktop
Task: {D934EF78-6B25-4CF8-8C1A-BAD71ED14471} - System32\Tasks\{E066C28C-6946-49DE-8BF2-1FA302394993} => pcalua.exe -a "C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe" -d "C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86"
Task: {E5E7662B-C2E3-4153-B05C-A7BC20149B5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {E817CCF8-C487-44C7-BD06-F948E41BF9B1} - System32\Tasks\SafeZone scheduled Autoupdate 1456355717 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

ShortcutWithArgument: C:\Users\PAULO\Desktop\Emissor de Nota Fiscal Eletronica (NF-e) 3.10 - Versao de Teste.lnk -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://www.emissornfehom.fazenda.sp.gov.br/v310/aplicativo/emissorNFe.jnlp "C:\Users\PAULO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\1735e12a-366fe556"
ShortcutWithArgument: C:\Users\PAULO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas Secretaria da Fazenda\Emissor de Nota Fiscal Eletronica (NF-e) 3.10 - Versao de Teste.lnk -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://www.emissornfehom.fazenda.sp.gov.br/v310/aplicativo/emissorNFe.jnlp "C:\Users\PAULO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\1735e12a-366fe556"
ShortcutWithArgument: C:\Users\PAULO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

==================== Módulos Carregados (Whitelisted) ==============

2012-03-09 14:34 - 2012-03-09 14:34 - 00022528 _____ () C:\WINDOWS\System32\xrhr3aLM.DLL
2014-10-11 23:02 - 2012-03-15 14:36 - 15054336 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\xrhr3aRC.DLL
2011-09-05 12:11 - 2011-09-05 12:11 - 00116032 _____ () C:\Program Files\COMODO\COMODO Programs Manager\CPMService.exe
2016-03-01 20:18 - 2016-05-02 02:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2015-12-25 00:28 - 2016-05-02 02:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-03-01 20:18 - 2016-05-02 02:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-05-02 21:59 - 2016-05-02 02:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2012-01-03 10:04 - 2012-01-03 10:04 - 00095744 _____ () C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe
2016-05-02 21:59 - 2016-05-02 02:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-02 21:59 - 2016-05-02 02:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-02 21:59 - 2016-05-02 02:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-01-27 20:19 - 2016-05-02 02:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-04-12 21:24 - 2016-06-03 00:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-13 00:27 - 2016-03-29 07:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 00:27 - 2016-03-29 07:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-14 19:50 - 2016-05-14 19:50 - 00959168 _____ () C:\Users\PAULO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-02-13 14:39 - 2016-02-13 14:39 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-10 21:09 - 2016-04-23 01:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-10 21:10 - 2016-04-23 01:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-10 21:10 - 2016-04-23 00:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-10 21:10 - 2016-04-23 00:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-10 21:10 - 2016-04-23 01:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-15 15:07 - 2016-04-15 15:07 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll
2014-10-14 21:55 - 2016-05-02 03:00 - 00167480 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2014-10-14 21:55 - 2016-05-02 03:01 - 00862776 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2012-01-03 10:04 - 2012-01-03 10:04 - 00247296 _____ () C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmW.exe
2012-01-03 10:04 - 2012-01-03 10:04 - 00227840 _____ () C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmwj.exe
2012-01-03 10:05 - 2012-01-03 10:05 - 04476928 _____ () C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe
2016-05-02 21:59 - 2016-05-02 02:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-02 21:59 - 2016-05-02 02:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-04-19 20:13 - 2016-04-19 20:13 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2016-02-25 08:11 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-03-31 00:47 - 2016-05-02 03:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-05-14 19:50 - 2016-05-14 19:50 - 00679624 _____ () C:\Users\PAULO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-04-19 20:13 - 2016-04-19 20:13 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 20:13 - 2016-04-19 20:13 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:DocumentSummaryInformation [63]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:SummaryInformation [63]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [1518]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1434]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)

==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-3024616143-3309111996-383524719-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-3024616143-3309111996-383524719-1001\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-3024616143-3309111996-383524719-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-3024616143-3309111996-383524719-1001\...\caixa.gov.br -> imagem.caixa.gov.br

==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2013-08-22 10:25 - 2015-07-30 18:38 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-3024616143-3309111996-383524719-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PAULO\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\iracemacpd - 0052.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está desabilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

MSCONFIG\Services: lfsvc => 3
HKLM\...\StartupApproved\Run: => "mylbx"
HKU\S-1-5-21-3024616143-3309111996-383524719-1001\...\StartupApproved\Run: => "kpm.exe"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{70992762-3BA0-40D4-80A4-684BBB2946C2}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{CDD00C71-8CD0-45D0-BE14-068CB5E7DED3}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{BED4442C-7193-412B-B5DB-44383F94AC6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{A28C09E9-4739-4DFB-9C76-2B0A2E5247D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{59960DAD-1506-4485-A0CA-AEA84EEC8BA9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{076591BD-14F7-4414-9D32-1C3B543CE53D}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [TCP Query User{B7492C26-A7B0-47F4-9091-A926C1A555A1}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [{46CE5ED2-F940-478E-9A19-912708FF5ED9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B0D771F0-D1B5-4B4F-9DC2-8AEBA520552C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CFBEDA21-8737-4D5B-AEF5-C0DC5EFB7098}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{02EA8F3C-B3B4-4045-920B-90CF60413596}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{5F693EDE-A902-442A-ACAB-4E3772F78D27}C:\users\paulo\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\paulo\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{31E7C612-A623-4CD8-ABAB-2FE1FA6C47FA}C:\users\paulo\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\paulo\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{1435A851-C5CE-4749-8272-E297C02EA597}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{B50FB35C-3A75-4EF0-8DF0-AB16669F2F0C}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8571810C-4B54-47B6-AA43-D987DA40D00B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{1CCFEA4D-C30C-4768-A992-D0DFD4EBB1D5}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [UDP Query User{6A3ADBD9-516A-4B33-A4A9-6107958BD049}C:\program files (x86)\origin games\fifa 14\game\fifa14.exe] => (Allow) C:\program files (x86)\origin games\fifa 14\game\fifa14.exe
FirewallRules: [TCP Query User{EC7FBFD3-E97F-4060-B692-BF1A63837826}C:\program files (x86)\origin games\fifa 14\game\fifa14.exe] => (Allow) C:\program files (x86)\origin games\fifa 14\game\fifa14.exe
FirewallRules: [{2C350990-7BC7-46B2-83C3-4B257412B65F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C45D91B2-6150-476A-B4F5-0CA992D6A731}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E2319F5B-463F-4089-A210-F3BC82AC511C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5886A641-6688-4B54-A894-5E5E8946C1AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{04AECA1E-6ABC-4D4C-8394-7F52880DFBA2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{FC753F3E-B84D-4AD0-99C0-FC889C915FC5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C7297453-F70B-4B45-962B-1617561DA624}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F0BFA825-8E7D-436F-A7F9-B68CF64732B5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{863AED56-E399-4CD1-876A-F4852E8AB7BD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [UDP Query User{97224895-1F9F-4A39-835E-451A1A08CDB2}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [TCP Query User{BC9EA770-629C-467E-9C19-7E3D9740B68C}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [{D7E1B93A-2E42-47EF-B3CB-E2F813432D8E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0072C9E3-472A-4493-914D-1D9FFB386C26}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3BA9A58D-BA49-4242-BC2F-FAFB84D14988}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{E870D2B8-E61B-4FC0-8B37-FA5007400BB4}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{7ADED71D-FA64-44AF-8F19-C0C08F345DA4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5C4DBA71-228F-4033-833A-54967C57BA6B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8F94E0E9-2C05-4E33-A004-B63CD1894DA9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{F7E3E0E0-2EA9-4801-A67B-3A81A6733E11}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{8AA7745C-5DFE-4859-8B7F-5405B1BE1C85}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{C3F46FA0-06A4-44C7-996E-B7B013142B69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{ADE4B922-C693-44D0-86C0-F48AC35E4F35}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{040F207F-3B1E-4EA0-B59D-155099187013}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{6E8171EB-9482-4D8C-AF2E-E3A0A235E983}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{6BE20879-7C74-4B36-A3E7-DB98C6027ED4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{34E00C70-37C7-452F-8442-6D4BC20B39AA}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{C1F2B17F-FFA1-4E4B-B169-0856D32B86FF}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{FB54A959-2A26-4177-A1BE-C733ACA27418}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{EA3C6CCA-C67E-4D26-AC9E-2A54F511B57D}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{6EB655C3-7726-49F8-83FC-22A29546B12F}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe

==================== Pontos de Restauração =========================

17-05-2016 19:59:47 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
02-06-2016 10:48:28 Ponto de Verificação Agendado

==================== Dispositivos Apresentando Falhas No Gerenciador =============

==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (06/10/2016 12:09:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: dwm.exe, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d756
Nome do módulo com falha: combase.dll, versão: 10.0.10586.103, carimbo de data/hora: 0x56a849ab
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000067e3c
ID do processo com falha: 0x2330
Hora de início do aplicativo com falha: 0xdwm.exe0
Caminho do aplicativo com falha: dwm.exe1
Caminho do módulo com falha: dwm.exe2
ID do Relatório: dwm.exe3
Nome completo do pacote com falha: dwm.exe4
ID do aplicativo relativo ao pacote com falha: dwm.exe5

Error: (06/07/2016 02:14:12 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (06/06/2016 10:29:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: IEXPLORE.EXE, versão: 11.0.10586.20, carimbo de data/hora: 0x56541caa
Nome do módulo com falha: MSHTML.dll, versão: 11.0.10586.306, carimbo de data/hora: 0x571af7f7
Código de exceção: 0xc0000005
Deslocamento da falha: 0x006414af
ID do processo com falha: 0x1df0
Hora de início do aplicativo com falha: 0xIEXPLORE.EXE0
Caminho do aplicativo com falha: IEXPLORE.EXE1
Caminho do módulo com falha: IEXPLORE.EXE2
ID do Relatório: IEXPLORE.EXE3
Nome completo do pacote com falha: IEXPLORE.EXE4
ID do aplicativo relativo ao pacote com falha: IEXPLORE.EXE5

Error: (06/06/2016 10:28:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: IEXPLORE.EXE, versão: 11.0.10586.20, carimbo de data/hora: 0x56541caa
Nome do módulo com falha: MSHTML.dll, versão: 11.0.10586.306, carimbo de data/hora: 0x571af7f7
Código de exceção: 0xc0000005
Deslocamento da falha: 0x006414af
ID do processo com falha: 0x2954
Hora de início do aplicativo com falha: 0xIEXPLORE.EXE0
Caminho do aplicativo com falha: IEXPLORE.EXE1
Caminho do módulo com falha: IEXPLORE.EXE2
ID do Relatório: IEXPLORE.EXE3
Nome completo do pacote com falha: IEXPLORE.EXE4
ID do aplicativo relativo ao pacote com falha: IEXPLORE.EXE5

Error: (06/06/2016 01:03:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: WINWORD.EXE, versão: 15.0.4823.1000, carimbo de data/hora: 0x570cfab0
Nome do módulo com falha: wwlib.dll, versão: 15.0.4823.1000, carimbo de data/hora: 0x570cfaba
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00aef5eb
ID do processo com falha: 0x271c
Hora de início do aplicativo com falha: 0xWINWORD.EXE0
Caminho do aplicativo com falha: WINWORD.EXE1
Caminho do módulo com falha: WINWORD.EXE2
ID do Relatório: WINWORD.EXE3
Nome completo do pacote com falha: WINWORD.EXE4
ID do aplicativo relativo ao pacote com falha: WINWORD.EXE5

Error: (06/05/2016 06:09:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: bcastdvr.exe, versão: 10.0.10586.306, carimbo de data/hora: 0x571af8d9
Nome do módulo com falha: nvwgf2umx.dll, versão: 10.18.13.6822, carimbo de data/hora: 0x573e67a3
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000000000090d51d
ID do processo com falha: 0x1c20
Hora de início do aplicativo com falha: 0xbcastdvr.exe0
Caminho do aplicativo com falha: bcastdvr.exe1
Caminho do módulo com falha: bcastdvr.exe2
ID do Relatório: bcastdvr.exe3
Nome completo do pacote com falha: bcastdvr.exe4
ID do aplicativo relativo ao pacote com falha: bcastdvr.exe5

Error: (06/05/2016 03:02:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: bcastdvr.exe, versão: 10.0.10586.306, carimbo de data/hora: 0x571af8d9
Nome do módulo com falha: nvwgf2umx.dll, versão: 10.18.13.6822, carimbo de data/hora: 0x573e67a3
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000000000090d51d
ID do processo com falha: 0x2d1c
Hora de início do aplicativo com falha: 0xbcastdvr.exe0
Caminho do aplicativo com falha: bcastdvr.exe1
Caminho do módulo com falha: bcastdvr.exe2
ID do Relatório: bcastdvr.exe3
Nome completo do pacote com falha: bcastdvr.exe4
ID do aplicativo relativo ao pacote com falha: bcastdvr.exe5

Error: (06/05/2016 11:36:41 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (06/04/2016 01:37:38 PM) (Source: Microsoft Office 15) (EventID: 2001) (User: )
Description: Microsoft Word: Rejected Safe Mode action : O Word não pôde ser iniciado na última tentativa. O modo de segurança pode ajudá-lo a solucionar o problema, mas talvez alguns recursos não estejam disponíveis nesse modo.

Deseja iniciar no modo de segurança?.
Rejected Safe Mode action : Microsoft Word.

Error: (06/04/2016 01:37:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: WINWORD.EXE, versão: 15.0.4823.1000, carimbo de data/hora: 0x570cfab0
Nome do módulo com falha: MSPTLS.DLL, versão: 15.0.4745.1000, carimbo de data/hora: 0x55a4b35a
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000a7408
ID do processo com falha: 0x2b58
Hora de início do aplicativo com falha: 0xWINWORD.EXE0
Caminho do aplicativo com falha: WINWORD.EXE1
Caminho do módulo com falha: WINWORD.EXE2
ID do Relatório: WINWORD.EXE3
Nome completo do pacote com falha: WINWORD.EXE4
ID do aplicativo relativo ao pacote com falha: WINWORD.EXE5

Erros de Sistema:
=============
Error: (06/10/2016 09:16:16 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (06/10/2016 09:13:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2

Error: (06/10/2016 09:13:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2

Error: (06/10/2016 06:43:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Acesso a Dados de Usuário_c3053 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (06/10/2016 06:43:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Armazenamento de Dados de Usuário_c3053 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (06/10/2016 06:43:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Dados de Contato_c3053 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (06/10/2016 06:43:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_c3053 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (06/10/2016 06:43:13 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível

Error: (06/10/2016 02:52:51 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (06/10/2016 02:49:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2

CodeIntegrity:
===================================
Date: 2016-05-16 18:01:55.498
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-05-15 18:26:49.850
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-05-13 16:07:21.108
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-05-12 02:49:55.903
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-05-11 16:22:19.772
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-28 20:57:21.018
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-20 14:05:59.162
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-13 20:41:48.457
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-13 16:22:42.563
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-12 21:54:07.499
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Informações da Memória ===========================

Processador: Intel(R) Core(TM) i5-3340 CPU @ 3.10GHz
Percentagem de memória em uso: 17%
RAM física total: 16347.46 MB
RAM física disponível: 13469.44 MB
Virtual Total: 18779.46 MB
Virtual disponível: 15732.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.12 GB) (Free:664.17 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 000DB11A)

Partition: GPT.

==================== Fim de Addition.txt ============================

Signaler le contenu de ce document