Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão: 21-08-2016 01
Executado por RENATO (25-08-2016 08:51:57)
Executando a partir de D:\BITCOMET\Media
Microsoft Windows 7 Ultimate (X86) (2016-01-14 21:11:15)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3850583260-549020504-3808328360-500 - Administrator - Disabled)
Convidado (S-1-5-21-3850583260-549020504-3808328360-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3850583260-549020504-3808328360-1002 - Limited - Enabled)
RENATO (S-1-5-21-3850583260-549020504-3808328360-1000 - Administrator - Enabled) => C:\Users\RENATO
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: IObit Malware Fighter (Enabled - Up to date) {4D381C57-3C7A-6F22-07EB-639F49E836D4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Flash Player 22 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\{0E3C52E0-B4F1-4D1E-B172-E390813BD9FE}) (Version: 12.1.8.158 - Adobe Systems, Inc)
Advanced SystemCare 9 (HKLM\...\Advanced SystemCare_is1) (Version: 9.4.0 - IObit)
BitComet 1.37 (HKLM\...\BitComet) (Version: 1.37 - CometNetwork)
Cheat Engine 6.5.1 (HKLM\...\Cheat Engine 6.5.1_is1) (Version: - Cheat Engine)
Command & Conquer Red Alert 2 (HKLM\...\Red Alert 2) (Version: - )
Command and Conquer Red Alert 3 - Uprising (HKLM\...\Command and Conquer Red Alert 3 - Uprising_is1) (Version: - )
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 5.0.0316.0317 - DT Soft Ltd)
Dashlane (HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\Dashlane) (Version: 4.5.2.16147 - Dashlane SAS)
DFX (HKLM\...\DFX) (Version: 11.200.0.0 - Power Technology)
DLL Suite 9.0 (HKLM\...\{E557052E-9828-40E4-BFF6-311D3E89DB81}_is1) (Version: 9.0.0.0 - )
Download Accelerator Plus (DAP) (HKLM\...\Download Accelerator Plus (DAP)) (Version: 10059 (Build 2593) - Speedbit Ltd.)
Driver Booster 3.3 (HKLM\...\Driver Booster_is1) (Version: 3.3 - IObit)
Driver Easy 5.0.6 (HKLM\...\DriverEasy_is1) (Version: 5.0.6 - Easeware)
Dungeon Siege 2 (HKLM\...\DungeonSiege2) (Version: - Microsoft)
EagleGet version 2.0.4.11 (HKLM\...\{F6D8142A-B30B-454B-9EE0-08A7B997DFE4}_is1) (Version: 2.0.4.11 - EagleGet)
Facebook Games Arcade 0.8.1.0 (HKLM\...\{AA936BCA-D4C1-41ED-BBB5-DFFC384E6DF2}) (Version: 0.8.1.0 - Facebook)
FormatFactory 3.6.0.0 (HKLM\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
GameRanger (HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\GameRanger) (Version: - GameRanger Technologies)
Google Chrome (HKLM\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
HP Deskjet 2050 J510 series Ajuda (HKLM\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Deskjet 2050 J510 series Estudo de aprimoramento de produtos (HKLM\...\{D63C6E54-882C-478B-91AB-53D1E89C80BA}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Software básico do dispositivo (HKLM\...\{6A653EE1-F8B9-4885-BB4A-E9D9481F626C}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Photo Creations (HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\HP Photo Creations) (Version: 1.0.0.19802 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
IObit Malware Fighter 4 (HKLM\...\IObit Malware Fighter_is1) (Version: 4.2 - IObit)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 6.0.2.143 - IObit)
Java 8 Update 102 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java 8 Update 77 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 92 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218092F0}) (Version: 8.0.920.14 - Oracle Corporation)
Jumpstart Installation Program (HKLM\...\{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}) (Version: - Atheros)
K-Lite Mega Codec Pack 11.8.0 (HKLM\...\KLiteCodecPack_is1) (Version: 11.8.0 - )
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Max Recorder (HKLM\...\Max Recorder) (Version: 1.026.0.0 - Silver Vine, LLC)
MEGAsync (HKLM\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.5.2 (HKLM\...\{3911CF56-9EF2-39BA-846A-C27BD3CD0685}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
Mozilla Firefox 48.0.1 (x86 pt-BR) (HKLM\...\Mozilla Firefox 48.0.1 (x86 pt-BR)) (Version: 48.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 48.0.1 - Mozilla)
Oracle VM VirtualBox 4.3.12 (HKLM\...\{D90E08B8-E7BB-4D29-8249-8670D4CC24BD}) (Version: 4.3.12 - Oracle Corporation)
PCSX2 - Playstation 2 Emulator (HKLM\...\pcsx2) (Version: - )
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Samsung_MonSetup (HKLM\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.22 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.104 - Skype Technologies S.A.)
Smart Defrag 4 (HKLM\...\Smart Defrag 4_is1) (Version: 4.3 - IObit)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sudden Strike 2 (HKLM\...\Sudden Strike 2_is1) (Version: 1.0 - Media Contact LLC)
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.3 - IObit)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.65 - Nullsoft, Inc)
Winamp Detectar Aplicação (HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-3850583260-549020504-3808328360-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\RENATO\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-3850583260-549020504-3808328360-1000_Classes\CLSID\{9356e2bb-6c9a-43c0-a771-5cacbdab6afe}\InprocServer32 -> C:\Users\RENATO\AppData\Roaming\HP Photo Creations\RLPNUpload.dll (RocketLife)
CustomCLSID: HKU\S-1-5-21-3850583260-549020504-3808328360-1000_Classes\CLSID\{9843d1f9-641f-5b9a-bc7c-f59bba9a8f25}\InprocServer32 -> C:\Program Files\EagleGet\npEagleget.dll (EagleGet)
CustomCLSID: HKU\S-1-5-21-3850583260-549020504-3808328360-1000_Classes\CLSID\{A10E0335-AFCA-4E7E-975F-CA30235FB29A}\InprocServer32 -> C:\Users\RENATO\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
CustomCLSID: HKU\S-1-5-21-3850583260-549020504-3808328360-1000_Classes\CLSID\{cc05a616-ddb3-4cc0-9a21-dc0e9962b444}\InprocServer32 -> C:\Users\RENATO\AppData\Roaming\HP Photo Creations\ContentMan.dll (RocketLife)
CustomCLSID: HKU\S-1-5-21-3850583260-549020504-3808328360-1000_Classes\CLSID\{ff280b55-14f1-49ae-b40f-15f5294ce630}\InprocServer32 -> C:\Users\RENATO\AppData\Roaming\HP Photo Creations\RocketEngine.dll (Visan inc.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {25D479BA-CFA6-40D9-B79C-297F8799D46E} - System32\Tasks\{440449E1-7721-4D10-B750-78C4948A8816} => pcalua.exe -a "D:\PROGRAMAS\HACKER\WIRILESS WEP KEY\Wireless WEP Key Password Spy [aram89] [H33T]\Wepkey.exe" -d "D:\PROGRAMAS\HACKER\WIRILESS WEP KEY\Wireless WEP Key Password Spy [aram89] [H33T]"
Task: {26D6568A-87C0-4E0D-ADA2-15C56208E58D} - \svchost -> Nenhum Arquivo <==== ATENÇÃO
Task: {2AF23CEB-A829-40FC-B992-D9CD82563706} - System32\Tasks\{D32A909C-3302-463D-9DE1-322732CD376F} => pcalua.exe -a C:\Users\RENATO\Desktop\cohtrn.exe -d C:\Users\RENATO\Desktop
Task: {3785A04D-1D37-4011-92E1-6A6C755FA416} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-08-20] (Adobe Systems Incorporated)
Task: {3C045673-0EB1-47EC-8355-921C92C2EB5D} - System32\Tasks\HP Photo Creations Communicator => C:\Users\RENATO\AppData\Roaming\HP Photo Creations\Communicator.exe [2016-03-07] ()
Task: {4CAA9CB7-2F34-476B-A286-E9180A7B88FB} - System32\Tasks\{C6278960-8166-4603-93E4-884FC18056D0} => pcalua.exe -a C:\Users\RENATO\Desktop\zoek\zoek.scr -d C:\Users\RENATO\Desktop\zoek -c /S
Task: {511891BC-C050-400B-B297-FCD533895A31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-02] (Google Inc.)
Task: {51B1E40B-4298-4F05-AA66-C8116BAF6AE5} - System32\Tasks\{F719E7B3-9624-439A-9F14-85E5257C4568} => pcalua.exe -a D:\JOGOS\diablo_2_lord_dest_br-tradução.exe -d D:\JOGOS
Task: {61BF8758-E566-4339-B8AE-3C2F9AD9D359} - System32\Tasks\Uninstaller_SkipUac_RENATO => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-08-12] (IObit)
Task: {7850D397-57C0-4D64-89F3-50487A1D2624} - System32\Tasks\Driver Booster SkipUAC (RENATO) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe [2016-04-01] (IObit)
Task: {8C9C597A-6C4B-4182-8411-EC9A641C7F88} - \Apple\AppleSoftwareUpdate -> Nenhum Arquivo <==== ATENÇÃO
Task: {919DD528-00FA-4743-BB9B-DE8613E4F89A} - System32\Tasks\{C4546757-702D-44F7-953B-25E01B76DACC} => pcalua.exe -a "D:\PROGRAMAS\HACKER TOTAL\JUMPSTART WPS\setup.exe" -d "D:\PROGRAMAS\HACKER TOTAL\JUMPSTART WPS"
Task: {B2AE09E3-9B15-47AB-81F3-D27A8DA55DA4} - System32\Tasks\Driver Booster Scheduler => C:\Program Files\IObit\Driver Booster\Scheduler.exe [2016-03-28] (IObit)
Task: {CE1B0397-7B1F-4D9A-A6F2-8E5CC3411F16} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-02] (Google Inc.)
Task: {D4269670-B71A-4C1B-B64C-15088AB8CA8F} - System32\Tasks\ASC9_SkipUac_RENATO => C:\Program Files\IObit\Advanced SystemCare\ASC.exe [2016-08-16] (IObit)
Task: {D597F2CD-6C62-42E8-A730-BA33D48944B3} - \Advanced System~Protector -> Nenhum Arquivo <==== ATENÇÃO
Task: {D7487F98-F22D-4616-8CD3-342B72AD33F6} - System32\Tasks\{780F29EA-028C-4FE7-AF9B-23F1CEC1B765} => pcalua.exe -a "D:\PROGRAMAS\ANTI VIRUS -Spywares e Adwares\zoek\zoek.scr" -d "D:\PROGRAMAS\ANTI VIRUS -Spywares e Adwares\zoek" -c /S
Task: {D96886C6-FC8C-4197-B96A-779FBFA50BB9} - System32\Tasks\{0CA83007-F698-481D-9FF5-F73B51DC7112} => pcalua.exe -a C:\Users\RENATO\Downloads\Programs\jxpiinstall.exe -d C:\Users\RENATO\AppData\Roaming\IDM
Task: {D9AD869E-C1CD-4CC9-80FD-6791617107E0} - System32\Tasks\{E561669D-D03A-426A-A3EA-9D4BA9028548} => pcalua.exe -a "D:\PROGRAMAS\HACKER TOTAL\JUMPSTART\setup.exe" -d "D:\PROGRAMAS\HACKER TOTAL\JUMPSTART"
Task: {DDBAB3CF-4957-43C2-852B-645BE9439B62} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2016-06-11] (Easeware)
Task: {DED5555B-7BC4-48C4-B2B3-89C4892E22D1} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2016-06-11] (Easeware)
Task: {F1E85DFD-93AD-4BC0-B4DF-84962846C2F9} - \Pritc -> Nenhum Arquivo <==== ATENÇÃO
Task: {F4F09FAE-0F3C-48E3-9930-5EEF8B6CF11C} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare\Monitor.exe [2016-07-20] (IObit)
Task: {F609C0F3-1E41-423A-9147-15EB154116B1} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
Task: {FE4AB775-8206-4FE9-859B-745747538DF1} - System32\Tasks\{5756FD7A-7EBB-4024-8789-7BDC3F08102B} => pcalua.exe -a "F:\PROGRAMAS\KEEP TUBE\KeepTubeSetUp.exe" -d "F:\PROGRAMAS\KEEP TUBE"
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\Users\RENATO\AppData\Roaming\HP Photo Creations\Communicator.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
Shortcut: C:\Users\RENATO\AppData\Local\Microsoft\Windows\GameExplorer\{E44B0615-4896-4E44-BDDD-13A601A9EE45}\SupportTasks\0\Suporte.lnk -> hxxp://www.take2games.com/support/
Shortcut: C:\Users\RENATO\AppData\Local\Microsoft\Windows\GameExplorer\{78FE6483-2DD6-4427-91A8-AE5350A238BB}\SupportTasks\1\Suporte.lnk -> hxxp://www.take2games.com/support/
Shortcut: C:\Users\RENATO\AppData\Local\Microsoft\Windows\GameExplorer\{78FE6483-2DD6-4427-91A8-AE5350A238BB}\SupportTasks\0\Mais Jogos da Microsoft.lnk -> hxxp://www.civiv.com/
ShortcutWithArgument: C:\Users\RENATO\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\RENATO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\RENATO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\RENATO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
==================== Módulos Carregados (Whitelisted) ==============
2014-05-01 11:15 - 2016-07-25 14:39 - 00564224 _____ () C:\ProgramData\MEGAsync\ShellExtX32.dll
2010-01-09 19:18 - 2010-01-09 19:18 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 00:34 - 2010-01-21 00:34 - 08793952 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-01-17 10:30 - 2015-12-23 18:32 - 00355616 _____ () C:\Program Files\IObit\Advanced SystemCare\madExcept_.bpl
2016-01-17 10:30 - 2015-12-23 18:32 - 00190240 _____ () C:\Program Files\IObit\Advanced SystemCare\madBasic_.bpl
2016-01-17 10:30 - 2015-12-23 18:32 - 00057632 _____ () C:\Program Files\IObit\Advanced SystemCare\madDisAsm_.bpl
2016-01-17 10:30 - 2015-12-28 13:50 - 00899872 _____ () C:\Program Files\IObit\Advanced SystemCare\webres.dll
2016-01-17 10:30 - 2015-12-28 13:49 - 00629536 _____ () C:\Program Files\IObit\Advanced SystemCare\ProductStatistics.dll
2016-08-20 15:32 - 2016-06-21 19:30 - 00442144 _____ () C:\Program Files\IObit\IObit Uninstaller\madExcept_.bpl
2016-08-20 15:32 - 2016-06-21 19:29 - 00210720 _____ () C:\Program Files\IObit\IObit Uninstaller\madBasic_.bpl
2016-08-20 15:32 - 2016-06-21 19:29 - 00059680 _____ () C:\Program Files\IObit\IObit Uninstaller\madDisAsm_.bpl
2016-03-05 11:26 - 2016-05-23 21:49 - 00899872 _____ () C:\Program Files\IObit\IObit Uninstaller\webres.dll
2016-08-20 15:32 - 2016-06-14 16:35 - 00625440 _____ () C:\Program Files\IObit\IObit Uninstaller\ProductStatistics.dll
2016-08-20 15:47 - 2016-08-12 13:19 - 00347520 _____ () C:\Users\RENATO\AppData\Roaming\Dashlane\4.5.2.16147\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebugDll_win32.4.5.2.16147.dll
2016-08-20 15:47 - 2016-08-12 13:19 - 00436096 _____ () C:\Users\RENATO\AppData\Roaming\Dashlane\4.5.2.16147\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebug.4.5.2.16147.dll
2016-08-20 15:47 - 2016-08-12 13:19 - 00469376 _____ () C:\Users\RENATO\AppData\Roaming\Dashlane\4.5.2.16147\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWUtils.4.5.2.16147.dll
2016-08-20 15:47 - 2016-08-12 13:19 - 63125376 _____ () C:\Users\RENATO\AppData\Roaming\Dashlane\4.5.2.16147\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWExternLib.4.5.2.16147.dll
2016-08-20 15:47 - 2016-08-12 13:19 - 00292736 _____ () C:\Users\RENATO\AppData\Roaming\Dashlane\4.5.2.16147\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib_win.4.5.2.16147.dll
2016-08-20 15:47 - 2016-08-12 13:19 - 06256000 _____ () C:\Users\RENATO\AppData\Roaming\Dashlane\4.5.2.16147\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWData.4.5.2.16147.dll
2016-08-20 15:47 - 2016-08-12 13:19 - 07353728 _____ () C:\Users\RENATO\AppData\Roaming\Dashlane\4.5.2.16147\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWApplication.4.5.2.16147.dll
2016-07-28 11:22 - 2016-03-31 17:57 - 00899872 _____ () C:\Program Files\IObit\IObit Malware Fighter\webres.dll
2016-01-20 19:59 - 2016-03-31 17:57 - 00188704 _____ () C:\Program Files\IObit\IObit Malware Fighter\unrar.dll
2016-01-20 19:59 - 2016-03-31 17:57 - 00151840 _____ () C:\Program Files\IObit\IObit Malware Fighter\zlibwapi.dll
2016-01-20 19:59 - 2016-03-31 17:57 - 00625440 _____ () C:\Program Files\IObit\IObit Malware Fighter\ProductStatistics.dll
2016-08-20 15:48 - 2016-08-12 13:22 - 00286080 _____ () C:\Users\RENATO\AppData\Roaming\Dashlane\DashlanePlugin.exe
2016-08-20 15:47 - 2016-08-12 13:19 - 13617536 _____ () C:\Users\RENATO\AppData\Roaming\Dashlane\4.5.2.16147\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib.4.5.2.16147.dll
2016-08-20 15:47 - 2016-08-12 13:19 - 02284928 _____ () C:\Users\RENATO\AppData\Roaming\Dashlane\4.5.2.16147\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLibData.4.5.2.16147.dll
2016-08-20 15:47 - 2016-08-12 13:19 - 00342912 _____ () C:\Users\RENATO\AppData\Roaming\Dashlane\4.5.2.16147\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Kwift_DP.4.5.2.16147.dll
2016-07-22 21:08 - 2016-06-03 18:19 - 00220672 _____ () C:\Program Files\EagleGet\CrashRpt.dll
2016-07-22 21:08 - 2016-06-03 18:19 - 01014272 _____ () C:\Program Files\EagleGet\util.dll
2016-07-22 21:08 - 2013-09-15 10:31 - 00053760 _____ () C:\Program Files\EagleGet\zlib.dll
2016-07-22 21:08 - 2014-07-17 15:13 - 00397312 _____ () C:\Program Files\EagleGet\sqlite3.dll
2016-07-22 21:08 - 2016-06-03 18:19 - 00845312 _____ () C:\Program Files\EagleGet\ssl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [121]
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:56E2E879 [121]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Existem ainda 7868 sites a mais.
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\1000gratisproben.com -> www.1000gratisproben.com
Existem ainda 11403 sites a mais.
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:04 - 2016-07-10 19:31 - 00000329 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3850583260-549020504-3808328360-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\RENATO\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall do Windows está desabilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: LavasoftAdAwareService11 => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\startupreg: AdAwareTray =>
MSCONFIG\startupreg: ApnTBMon =>
MSCONFIG\startupreg: BitComet => "C:\Program Files\BitComet\BitComet.exe" /tray
MSCONFIG\startupreg: FlashGet 3 => "c:\program files\flashget network\flashget 3\flashget3.exe" -minimize
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [TCP Query User{B4DAD628-7F7D-4EF7-BAB3-6F577B0501D2}C:\windows\system32\dwm.exe] => (Block) C:\windows\system32\dwm.exe
FirewallRules: [UDP Query User{3440C72B-B16A-476F-BF87-991684B5F008}C:\windows\system32\dwm.exe] => (Block) C:\windows\system32\dwm.exe
FirewallRules: [{E493559E-B276-4B07-A0FB-0A941D743DE2}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{12764D33-8E53-483E-AD9C-F5ED764422CB}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{71471FE5-1603-4F3D-902F-FD9152B98387}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{DCA793F8-B7C7-4D0A-A877-D0BFB06CCFFE}] => (Allow) C:\Program Files\Winamp\winamp.exe
FirewallRules: [{A029BCDE-42C8-414E-90B7-E7A5AA362F53}] => (Allow) C:\Program Files\Winamp\winamp.exe
FirewallRules: [{842F4435-7B7A-46DE-BCEA-3734D52C0274}] => (Allow) LPort=24411
FirewallRules: [{09983080-DF81-4D84-91A3-D22769DAB760}] => (Allow) LPort=24411
FirewallRules: [{197F77D6-FC56-446B-BB6A-2C464E81F21F}] => (Allow) C:\Program Files\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{F75CF03E-73F5-4D37-97C6-E4F1D4559EB0}] => (Allow) C:\Program Files\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{6F037225-6358-461A-A966-78F6695F30F2}] => (Allow) C:\Program Files\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{AB54F543-FD62-43F2-8762-F13BC67ADE63}] => (Allow) C:\Program Files\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{3C49A874-CAAD-4A18-9DBC-532B2BE40C59}] => (Allow) C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{62933770-F8BC-4D7A-9F8B-4ECA38880E36}] => (Allow) C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [TCP Query User{6D64B421-A6B1-4AFD-9059-56A386FBA069}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{16A519DB-E1F9-48F4-A790-F49557360222}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [{9851CD97-8CFB-40AC-8734-6C8E7E8D91DA}] => (Allow) LPort=1542
FirewallRules: [{4369B530-9C62-4FDA-B1C3-B722604D72A6}] => (Allow) LPort=1542
FirewallRules: [{242F4CE1-3E94-4EB4-A2D0-E808FA3BF33B}] => (Allow) LPort=53
FirewallRules: [{CE88883C-F4FF-4A49-87BA-58F6E8C0DC10}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{E2876D36-549B-484D-8677-21F76DDC368A}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{916B7813-85C3-4844-902E-BCAB0495A515}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{87D1644E-2BDC-43D4-855E-8B2902C651D7}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{C78E6BBE-2E7D-4046-9F73-74E4800B43A8}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{796761CA-DCC3-4E60-931F-CD93D7C97AA3}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{F8A58F6B-706C-41B0-A88E-2A06136B37E5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B86FBA27-B05B-474A-BDCE-E2D02DD5786D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4AE437DE-0354-4B54-B1E8-E1C2448214C5}] => (Allow) C:\Program Files\DAP\dapupd.exe
FirewallRules: [{75F6F82E-53B6-4FE9-8F93-8EAC3A1B9E47}] => (Allow) C:\Program Files\DAP\dapupd.exe
FirewallRules: [{6E3E7D26-C12F-4B8B-8009-F16DAD89DF2E}] => (Allow) C:\Program Files\DAP\dapupd.exe
FirewallRules: [{8BA251E9-4693-4DE1-8410-3A0D7D3B5702}] => (Allow) C:\Program Files\DAP\dapupd.exe
FirewallRules: [{756DF390-9137-4718-A81C-46F7DD764254}] => (Allow) LPort=20428
FirewallRules: [{CADA5C63-AEDD-42B5-89D7-557AB91A30B4}] => (Allow) LPort=20428
FirewallRules: [{B571FDEF-A9E6-4DF7-B604-C3B456D0C381}] => (Allow) C:\Users\RENATO\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
FirewallRules: [{F0D5647C-9137-4933-A80A-367DFF9B0B31}] => (Allow) C:\Users\RENATO\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
FirewallRules: [{D5239ADD-0055-48F7-976F-A58B9B9DAA82}] => (Allow) C:\Users\RENATO\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
FirewallRules: [{A32421C2-23CA-4CDF-A1E0-7AA547BC6AF2}] => (Allow) C:\Users\RENATO\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
FirewallRules: [{CE38DE0F-E509-4898-94B9-FF53C6E2C8EB}] => (Allow) C:\Program Files\MyPublicWiFi\MyPublicWiFi.exe
FirewallRules: [{EB36F62E-2D4A-4BEB-B184-FCF80DAFA92E}] => (Allow) C:\Program Files\MyPublicWiFi\MyPublicWiFi.exe
FirewallRules: [{F412E09D-3079-492A-89F6-65E0C649190A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\BitComet\tools\BitCometService.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Program Files\BitComet\tools\UPNP.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Windows\system32\winlogon.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Windows\system32\csrss.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Program Files\QuickTime\QTTask.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Windows\system32\SearchProtocolHost.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Windows\system32\taskmgr.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Windows\System32\spoolsv.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Program Files\VideoLAN\VLC\vlc.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [F:\PROGRAMAS\K-Lite_Codec_Pack_1180_Full\K-Lite_Codec_Pack_1180_Full.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Windows\system32\taskhost.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Windows\system32\taskeng.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Windows\Explorer.EXE] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Windows\system32\wininit.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Program Files\IObit\Advanced SystemCare\display.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Program Files\IObit\Advanced SystemCare\Suo12_StartupManager.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Program Files\IObit\Advanced SystemCare\smBootTime.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Windows\system32\Dwm.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Windows\system32\wbem\wmiprvse.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Windows\system32\services.exe] => Enabled:ipsec
==================== Pontos de Restauração =========================
24-08-2016 13:27:04 Ponto de Verificação Agendado
25-08-2016 02:56:43 Windows Update
25-08-2016 03:17:55 Windows Update
25-08-2016 03:24:47 Windows Update
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Atheros L2 Fast Ethernet 10/100Base-T Controller
Description: Atheros L2 Fast Ethernet 10/100Base-T Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros
Service: Atc002
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Kaspersky Lab power events provider
Description: Kaspersky Lab power events provider
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: KL
Service: klhk
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (08/25/2016 05:44:35 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (08/25/2016 05:44:25 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (08/25/2016 05:43:18 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (08/25/2016 05:42:34 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (08/24/2016 05:14:23 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (08/24/2016 05:14:07 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (08/24/2016 05:12:58 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (08/24/2016 05:12:12 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (08/23/2016 04:43:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Explorer.EXE versão 6.1.7600.16385 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: 69c
Hora de Início: 01d1fd2d1af4ba9a
Hora de Término: 11823
Caminho do Aplicativo: C:\Windows\Explorer.EXE
Id do Relatório: cb39515d-6969-11e6-a601-00e04c20aadf
Error: (08/23/2016 10:50:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: LolClient.exe, versão: 0.0.0.0, carimbo de hora: 0x515663e0
Nome do módulo de falhas: Adobe AIR.dll, versão: 21.0.0.176, carimbo de hora: 0x56de3058
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0006e3db
Identificação do processo com falha: 0x1958
Hora de início do aplicativo com falha: 0xLolClient.exe0
Caminho do aplicativo com falha: LolClient.exe1
FCaminho do módulo de falhas: LolClient.exe2
Identificação do Relatório: LolClient.exe3
Erros de Sistema:
=============
Error: (08/25/2016 08:49:12 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
asfilterdrv
crfilterdrv
ssfilterdrv
Error: (08/25/2016 06:45:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço IMF Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (08/25/2016 06:44:31 AM) (Source: cdrom) (EventID: 7) (User: )
Description: O dispositivo, \Device\CdRom0, possui um bloco defeituoso.
Error: (08/25/2016 06:44:17 AM) (Source: cdrom) (EventID: 7) (User: )
Description: O dispositivo, \Device\CdRom0, possui um bloco defeituoso.
Error: (08/25/2016 06:44:12 AM) (Source: cdrom) (EventID: 7) (User: )
Description: O dispositivo, \Device\CdRom0, possui um bloco defeituoso.
Error: (08/25/2016 06:44:06 AM) (Source: cdrom) (EventID: 7) (User: )
Description: O dispositivo, \Device\CdRom0, possui um bloco defeituoso.
Error: (08/25/2016 06:44:01 AM) (Source: cdrom) (EventID: 7) (User: )
Description: O dispositivo, \Device\CdRom0, possui um bloco defeituoso.
Error: (08/25/2016 06:43:46 AM) (Source: cdrom) (EventID: 7) (User: )
Description: O dispositivo, \Device\CdRom0, possui um bloco defeituoso.
Error: (08/25/2016 06:43:41 AM) (Source: cdrom) (EventID: 7) (User: )
Description: O dispositivo, \Device\CdRom0, possui um bloco defeituoso.
Error: (08/25/2016 06:43:35 AM) (Source: cdrom) (EventID: 7) (User: )
Description: O dispositivo, \Device\CdRom0, possui um bloco defeituoso.
CodeIntegrity:
===================================
Date: 2016-08-20 13:03:01.473
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-20 13:03:01.468
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-07-28 12:38:59.718
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-07-28 12:38:59.714
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-07-28 11:22:09.668
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\IObit\IObit Malware Fighter\IWsIMF.exe because the set of per-page image hashes could not be found on the system.
Date: 2016-07-28 11:09:24.441
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\IObit\IObit Malware Fighter\IWsIMF.exe because the set of per-page image hashes could not be found on the system.
Date: 2016-07-28 05:25:30.976
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\IObit\IObit Malware Fighter\IWsIMF.exe because the set of per-page image hashes could not be found on the system.
Date: 2016-07-28 05:25:30.964
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\IObit\IObit Malware Fighter\IWsIMF.exe because the set of per-page image hashes could not be found on the system.
Date: 2016-07-28 05:25:30.949
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\IObit\IObit Malware Fighter\IWsIMF.exe because the set of per-page image hashes could not be found on the system.
Date: 2016-07-28 05:25:30.933
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\IObit\IObit Malware Fighter\IWsIMF.exe because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Pentium(R) Dual-Core CPU E5700 @ 3.00GHz
Percentagem de memória em uso: 52%
RAM física total: 3318.24 MB
RAM física disponível: 1583.55 MB
Virtual Total: 6932.7 MB
Virtual disponível: 4899.97 MB
==================== Drives ================================
Drive c: (WINDOWSL 7) (Fixed) (Total:69.21 GB) (Free:35.03 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)]
Drive d: (DOWLOADS) (Fixed) (Total:862.3 GB) (Free:118.14 GB) NTFS
Drive g: (ELVIS) (Removable) (Total:15.67 GB) (Free:15.67 GB) FAT32
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CF16339C)
Partition 1: (Active) - (Size=69.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=862.3 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 15.7 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Fim de Addition.txt ============================
Executado por RENATO (25-08-2016 08:51:57)
Executando a partir de D:\BITCOMET\Media
Microsoft Windows 7 Ultimate (X86) (2016-01-14 21:11:15)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3850583260-549020504-3808328360-500 - Administrator - Disabled)
Convidado (S-1-5-21-3850583260-549020504-3808328360-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3850583260-549020504-3808328360-1002 - Limited - Enabled)
RENATO (S-1-5-21-3850583260-549020504-3808328360-1000 - Administrator - Enabled) => C:\Users\RENATO
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: IObit Malware Fighter (Enabled - Up to date) {4D381C57-3C7A-6F22-07EB-639F49E836D4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Flash Player 22 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\{0E3C52E0-B4F1-4D1E-B172-E390813BD9FE}) (Version: 12.1.8.158 - Adobe Systems, Inc)
Advanced SystemCare 9 (HKLM\...\Advanced SystemCare_is1) (Version: 9.4.0 - IObit)
BitComet 1.37 (HKLM\...\BitComet) (Version: 1.37 - CometNetwork)
Cheat Engine 6.5.1 (HKLM\...\Cheat Engine 6.5.1_is1) (Version: - Cheat Engine)
Command & Conquer Red Alert 2 (HKLM\...\Red Alert 2) (Version: - )
Command and Conquer Red Alert 3 - Uprising (HKLM\...\Command and Conquer Red Alert 3 - Uprising_is1) (Version: - )
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 5.0.0316.0317 - DT Soft Ltd)
Dashlane (HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\Dashlane) (Version: 4.5.2.16147 - Dashlane SAS)
DFX (HKLM\...\DFX) (Version: 11.200.0.0 - Power Technology)
DLL Suite 9.0 (HKLM\...\{E557052E-9828-40E4-BFF6-311D3E89DB81}_is1) (Version: 9.0.0.0 - )
Download Accelerator Plus (DAP) (HKLM\...\Download Accelerator Plus (DAP)) (Version: 10059 (Build 2593) - Speedbit Ltd.)
Driver Booster 3.3 (HKLM\...\Driver Booster_is1) (Version: 3.3 - IObit)
Driver Easy 5.0.6 (HKLM\...\DriverEasy_is1) (Version: 5.0.6 - Easeware)
Dungeon Siege 2 (HKLM\...\DungeonSiege2) (Version: - Microsoft)
EagleGet version 2.0.4.11 (HKLM\...\{F6D8142A-B30B-454B-9EE0-08A7B997DFE4}_is1) (Version: 2.0.4.11 - EagleGet)
Facebook Games Arcade 0.8.1.0 (HKLM\...\{AA936BCA-D4C1-41ED-BBB5-DFFC384E6DF2}) (Version: 0.8.1.0 - Facebook)
FormatFactory 3.6.0.0 (HKLM\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
GameRanger (HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\GameRanger) (Version: - GameRanger Technologies)
Google Chrome (HKLM\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
HP Deskjet 2050 J510 series Ajuda (HKLM\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Deskjet 2050 J510 series Estudo de aprimoramento de produtos (HKLM\...\{D63C6E54-882C-478B-91AB-53D1E89C80BA}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Software básico do dispositivo (HKLM\...\{6A653EE1-F8B9-4885-BB4A-E9D9481F626C}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Photo Creations (HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\HP Photo Creations) (Version: 1.0.0.19802 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
IObit Malware Fighter 4 (HKLM\...\IObit Malware Fighter_is1) (Version: 4.2 - IObit)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 6.0.2.143 - IObit)
Java 8 Update 102 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java 8 Update 77 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 92 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218092F0}) (Version: 8.0.920.14 - Oracle Corporation)
Jumpstart Installation Program (HKLM\...\{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}) (Version: - Atheros)
K-Lite Mega Codec Pack 11.8.0 (HKLM\...\KLiteCodecPack_is1) (Version: 11.8.0 - )
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Max Recorder (HKLM\...\Max Recorder) (Version: 1.026.0.0 - Silver Vine, LLC)
MEGAsync (HKLM\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.5.2 (HKLM\...\{3911CF56-9EF2-39BA-846A-C27BD3CD0685}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
Mozilla Firefox 48.0.1 (x86 pt-BR) (HKLM\...\Mozilla Firefox 48.0.1 (x86 pt-BR)) (Version: 48.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 48.0.1 - Mozilla)
Oracle VM VirtualBox 4.3.12 (HKLM\...\{D90E08B8-E7BB-4D29-8249-8670D4CC24BD}) (Version: 4.3.12 - Oracle Corporation)
PCSX2 - Playstation 2 Emulator (HKLM\...\pcsx2) (Version: - )
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Samsung_MonSetup (HKLM\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.22 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.104 - Skype Technologies S.A.)
Smart Defrag 4 (HKLM\...\Smart Defrag 4_is1) (Version: 4.3 - IObit)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sudden Strike 2 (HKLM\...\Sudden Strike 2_is1) (Version: 1.0 - Media Contact LLC)
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.3 - IObit)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.65 - Nullsoft, Inc)
Winamp Detectar Aplicação (HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-3850583260-549020504-3808328360-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\RENATO\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-3850583260-549020504-3808328360-1000_Classes\CLSID\{9356e2bb-6c9a-43c0-a771-5cacbdab6afe}\InprocServer32 -> C:\Users\RENATO\AppData\Roaming\HP Photo Creations\RLPNUpload.dll (RocketLife)
CustomCLSID: HKU\S-1-5-21-3850583260-549020504-3808328360-1000_Classes\CLSID\{9843d1f9-641f-5b9a-bc7c-f59bba9a8f25}\InprocServer32 -> C:\Program Files\EagleGet\npEagleget.dll (EagleGet)
CustomCLSID: HKU\S-1-5-21-3850583260-549020504-3808328360-1000_Classes\CLSID\{A10E0335-AFCA-4E7E-975F-CA30235FB29A}\InprocServer32 -> C:\Users\RENATO\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
CustomCLSID: HKU\S-1-5-21-3850583260-549020504-3808328360-1000_Classes\CLSID\{cc05a616-ddb3-4cc0-9a21-dc0e9962b444}\InprocServer32 -> C:\Users\RENATO\AppData\Roaming\HP Photo Creations\ContentMan.dll (RocketLife)
CustomCLSID: HKU\S-1-5-21-3850583260-549020504-3808328360-1000_Classes\CLSID\{ff280b55-14f1-49ae-b40f-15f5294ce630}\InprocServer32 -> C:\Users\RENATO\AppData\Roaming\HP Photo Creations\RocketEngine.dll (Visan inc.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {25D479BA-CFA6-40D9-B79C-297F8799D46E} - System32\Tasks\{440449E1-7721-4D10-B750-78C4948A8816} => pcalua.exe -a "D:\PROGRAMAS\HACKER\WIRILESS WEP KEY\Wireless WEP Key Password Spy [aram89] [H33T]\Wepkey.exe" -d "D:\PROGRAMAS\HACKER\WIRILESS WEP KEY\Wireless WEP Key Password Spy [aram89] [H33T]"
Task: {26D6568A-87C0-4E0D-ADA2-15C56208E58D} - \svchost -> Nenhum Arquivo <==== ATENÇÃO
Task: {2AF23CEB-A829-40FC-B992-D9CD82563706} - System32\Tasks\{D32A909C-3302-463D-9DE1-322732CD376F} => pcalua.exe -a C:\Users\RENATO\Desktop\cohtrn.exe -d C:\Users\RENATO\Desktop
Task: {3785A04D-1D37-4011-92E1-6A6C755FA416} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-08-20] (Adobe Systems Incorporated)
Task: {3C045673-0EB1-47EC-8355-921C92C2EB5D} - System32\Tasks\HP Photo Creations Communicator => C:\Users\RENATO\AppData\Roaming\HP Photo Creations\Communicator.exe [2016-03-07] ()
Task: {4CAA9CB7-2F34-476B-A286-E9180A7B88FB} - System32\Tasks\{C6278960-8166-4603-93E4-884FC18056D0} => pcalua.exe -a C:\Users\RENATO\Desktop\zoek\zoek.scr -d C:\Users\RENATO\Desktop\zoek -c /S
Task: {511891BC-C050-400B-B297-FCD533895A31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-02] (Google Inc.)
Task: {51B1E40B-4298-4F05-AA66-C8116BAF6AE5} - System32\Tasks\{F719E7B3-9624-439A-9F14-85E5257C4568} => pcalua.exe -a D:\JOGOS\diablo_2_lord_dest_br-tradução.exe -d D:\JOGOS
Task: {61BF8758-E566-4339-B8AE-3C2F9AD9D359} - System32\Tasks\Uninstaller_SkipUac_RENATO => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-08-12] (IObit)
Task: {7850D397-57C0-4D64-89F3-50487A1D2624} - System32\Tasks\Driver Booster SkipUAC (RENATO) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe [2016-04-01] (IObit)
Task: {8C9C597A-6C4B-4182-8411-EC9A641C7F88} - \Apple\AppleSoftwareUpdate -> Nenhum Arquivo <==== ATENÇÃO
Task: {919DD528-00FA-4743-BB9B-DE8613E4F89A} - System32\Tasks\{C4546757-702D-44F7-953B-25E01B76DACC} => pcalua.exe -a "D:\PROGRAMAS\HACKER TOTAL\JUMPSTART WPS\setup.exe" -d "D:\PROGRAMAS\HACKER TOTAL\JUMPSTART WPS"
Task: {B2AE09E3-9B15-47AB-81F3-D27A8DA55DA4} - System32\Tasks\Driver Booster Scheduler => C:\Program Files\IObit\Driver Booster\Scheduler.exe [2016-03-28] (IObit)
Task: {CE1B0397-7B1F-4D9A-A6F2-8E5CC3411F16} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-02] (Google Inc.)
Task: {D4269670-B71A-4C1B-B64C-15088AB8CA8F} - System32\Tasks\ASC9_SkipUac_RENATO => C:\Program Files\IObit\Advanced SystemCare\ASC.exe [2016-08-16] (IObit)
Task: {D597F2CD-6C62-42E8-A730-BA33D48944B3} - \Advanced System~Protector -> Nenhum Arquivo <==== ATENÇÃO
Task: {D7487F98-F22D-4616-8CD3-342B72AD33F6} - System32\Tasks\{780F29EA-028C-4FE7-AF9B-23F1CEC1B765} => pcalua.exe -a "D:\PROGRAMAS\ANTI VIRUS -Spywares e Adwares\zoek\zoek.scr" -d "D:\PROGRAMAS\ANTI VIRUS -Spywares e Adwares\zoek" -c /S
Task: {D96886C6-FC8C-4197-B96A-779FBFA50BB9} - System32\Tasks\{0CA83007-F698-481D-9FF5-F73B51DC7112} => pcalua.exe -a C:\Users\RENATO\Downloads\Programs\jxpiinstall.exe -d C:\Users\RENATO\AppData\Roaming\IDM
Task: {D9AD869E-C1CD-4CC9-80FD-6791617107E0} - System32\Tasks\{E561669D-D03A-426A-A3EA-9D4BA9028548} => pcalua.exe -a "D:\PROGRAMAS\HACKER TOTAL\JUMPSTART\setup.exe" -d "D:\PROGRAMAS\HACKER TOTAL\JUMPSTART"
Task: {DDBAB3CF-4957-43C2-852B-645BE9439B62} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2016-06-11] (Easeware)
Task: {DED5555B-7BC4-48C4-B2B3-89C4892E22D1} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2016-06-11] (Easeware)
Task: {F1E85DFD-93AD-4BC0-B4DF-84962846C2F9} - \Pritc -> Nenhum Arquivo <==== ATENÇÃO
Task: {F4F09FAE-0F3C-48E3-9930-5EEF8B6CF11C} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare\Monitor.exe [2016-07-20] (IObit)
Task: {F609C0F3-1E41-423A-9147-15EB154116B1} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
Task: {FE4AB775-8206-4FE9-859B-745747538DF1} - System32\Tasks\{5756FD7A-7EBB-4024-8789-7BDC3F08102B} => pcalua.exe -a "F:\PROGRAMAS\KEEP TUBE\KeepTubeSetUp.exe" -d "F:\PROGRAMAS\KEEP TUBE"
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\Users\RENATO\AppData\Roaming\HP Photo Creations\Communicator.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
Shortcut: C:\Users\RENATO\AppData\Local\Microsoft\Windows\GameExplorer\{E44B0615-4896-4E44-BDDD-13A601A9EE45}\SupportTasks\0\Suporte.lnk -> hxxp://www.take2games.com/support/
Shortcut: C:\Users\RENATO\AppData\Local\Microsoft\Windows\GameExplorer\{78FE6483-2DD6-4427-91A8-AE5350A238BB}\SupportTasks\1\Suporte.lnk -> hxxp://www.take2games.com/support/
Shortcut: C:\Users\RENATO\AppData\Local\Microsoft\Windows\GameExplorer\{78FE6483-2DD6-4427-91A8-AE5350A238BB}\SupportTasks\0\Mais Jogos da Microsoft.lnk -> hxxp://www.civiv.com/
ShortcutWithArgument: C:\Users\RENATO\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\RENATO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\RENATO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\RENATO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
==================== Módulos Carregados (Whitelisted) ==============
2014-05-01 11:15 - 2016-07-25 14:39 - 00564224 _____ () C:\ProgramData\MEGAsync\ShellExtX32.dll
2010-01-09 19:18 - 2010-01-09 19:18 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 00:34 - 2010-01-21 00:34 - 08793952 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-01-17 10:30 - 2015-12-23 18:32 - 00355616 _____ () C:\Program Files\IObit\Advanced SystemCare\madExcept_.bpl
2016-01-17 10:30 - 2015-12-23 18:32 - 00190240 _____ () C:\Program Files\IObit\Advanced SystemCare\madBasic_.bpl
2016-01-17 10:30 - 2015-12-23 18:32 - 00057632 _____ () C:\Program Files\IObit\Advanced SystemCare\madDisAsm_.bpl
2016-01-17 10:30 - 2015-12-28 13:50 - 00899872 _____ () C:\Program Files\IObit\Advanced SystemCare\webres.dll
2016-01-17 10:30 - 2015-12-28 13:49 - 00629536 _____ () C:\Program Files\IObit\Advanced SystemCare\ProductStatistics.dll
2016-08-20 15:32 - 2016-06-21 19:30 - 00442144 _____ () C:\Program Files\IObit\IObit Uninstaller\madExcept_.bpl
2016-08-20 15:32 - 2016-06-21 19:29 - 00210720 _____ () C:\Program Files\IObit\IObit Uninstaller\madBasic_.bpl
2016-08-20 15:32 - 2016-06-21 19:29 - 00059680 _____ () C:\Program Files\IObit\IObit Uninstaller\madDisAsm_.bpl
2016-03-05 11:26 - 2016-05-23 21:49 - 00899872 _____ () C:\Program Files\IObit\IObit Uninstaller\webres.dll
2016-08-20 15:32 - 2016-06-14 16:35 - 00625440 _____ () C:\Program Files\IObit\IObit Uninstaller\ProductStatistics.dll
2016-08-20 15:47 - 2016-08-12 13:19 - 00347520 _____ () C:\Users\RENATO\AppData\Roaming\Dashlane\4.5.2.16147\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebugDll_win32.4.5.2.16147.dll
2016-08-20 15:47 - 2016-08-12 13:19 - 00436096 _____ () C:\Users\RENATO\AppData\Roaming\Dashlane\4.5.2.16147\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebug.4.5.2.16147.dll
2016-08-20 15:47 - 2016-08-12 13:19 - 00469376 _____ () C:\Users\RENATO\AppData\Roaming\Dashlane\4.5.2.16147\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWUtils.4.5.2.16147.dll
2016-08-20 15:47 - 2016-08-12 13:19 - 63125376 _____ () C:\Users\RENATO\AppData\Roaming\Dashlane\4.5.2.16147\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWExternLib.4.5.2.16147.dll
2016-08-20 15:47 - 2016-08-12 13:19 - 00292736 _____ () C:\Users\RENATO\AppData\Roaming\Dashlane\4.5.2.16147\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib_win.4.5.2.16147.dll
2016-08-20 15:47 - 2016-08-12 13:19 - 06256000 _____ () C:\Users\RENATO\AppData\Roaming\Dashlane\4.5.2.16147\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWData.4.5.2.16147.dll
2016-08-20 15:47 - 2016-08-12 13:19 - 07353728 _____ () C:\Users\RENATO\AppData\Roaming\Dashlane\4.5.2.16147\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWApplication.4.5.2.16147.dll
2016-07-28 11:22 - 2016-03-31 17:57 - 00899872 _____ () C:\Program Files\IObit\IObit Malware Fighter\webres.dll
2016-01-20 19:59 - 2016-03-31 17:57 - 00188704 _____ () C:\Program Files\IObit\IObit Malware Fighter\unrar.dll
2016-01-20 19:59 - 2016-03-31 17:57 - 00151840 _____ () C:\Program Files\IObit\IObit Malware Fighter\zlibwapi.dll
2016-01-20 19:59 - 2016-03-31 17:57 - 00625440 _____ () C:\Program Files\IObit\IObit Malware Fighter\ProductStatistics.dll
2016-08-20 15:48 - 2016-08-12 13:22 - 00286080 _____ () C:\Users\RENATO\AppData\Roaming\Dashlane\DashlanePlugin.exe
2016-08-20 15:47 - 2016-08-12 13:19 - 13617536 _____ () C:\Users\RENATO\AppData\Roaming\Dashlane\4.5.2.16147\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib.4.5.2.16147.dll
2016-08-20 15:47 - 2016-08-12 13:19 - 02284928 _____ () C:\Users\RENATO\AppData\Roaming\Dashlane\4.5.2.16147\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLibData.4.5.2.16147.dll
2016-08-20 15:47 - 2016-08-12 13:19 - 00342912 _____ () C:\Users\RENATO\AppData\Roaming\Dashlane\4.5.2.16147\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Kwift_DP.4.5.2.16147.dll
2016-07-22 21:08 - 2016-06-03 18:19 - 00220672 _____ () C:\Program Files\EagleGet\CrashRpt.dll
2016-07-22 21:08 - 2016-06-03 18:19 - 01014272 _____ () C:\Program Files\EagleGet\util.dll
2016-07-22 21:08 - 2013-09-15 10:31 - 00053760 _____ () C:\Program Files\EagleGet\zlib.dll
2016-07-22 21:08 - 2014-07-17 15:13 - 00397312 _____ () C:\Program Files\EagleGet\sqlite3.dll
2016-07-22 21:08 - 2016-06-03 18:19 - 00845312 _____ () C:\Program Files\EagleGet\ssl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [121]
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:56E2E879 [121]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Existem ainda 7868 sites a mais.
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3850583260-549020504-3808328360-1000\...\1000gratisproben.com -> www.1000gratisproben.com
Existem ainda 11403 sites a mais.
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:04 - 2016-07-10 19:31 - 00000329 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3850583260-549020504-3808328360-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\RENATO\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall do Windows está desabilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: LavasoftAdAwareService11 => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\startupreg: AdAwareTray =>
MSCONFIG\startupreg: ApnTBMon =>
MSCONFIG\startupreg: BitComet => "C:\Program Files\BitComet\BitComet.exe" /tray
MSCONFIG\startupreg: FlashGet 3 => "c:\program files\flashget network\flashget 3\flashget3.exe" -minimize
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [TCP Query User{B4DAD628-7F7D-4EF7-BAB3-6F577B0501D2}C:\windows\system32\dwm.exe] => (Block) C:\windows\system32\dwm.exe
FirewallRules: [UDP Query User{3440C72B-B16A-476F-BF87-991684B5F008}C:\windows\system32\dwm.exe] => (Block) C:\windows\system32\dwm.exe
FirewallRules: [{E493559E-B276-4B07-A0FB-0A941D743DE2}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{12764D33-8E53-483E-AD9C-F5ED764422CB}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{71471FE5-1603-4F3D-902F-FD9152B98387}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{DCA793F8-B7C7-4D0A-A877-D0BFB06CCFFE}] => (Allow) C:\Program Files\Winamp\winamp.exe
FirewallRules: [{A029BCDE-42C8-414E-90B7-E7A5AA362F53}] => (Allow) C:\Program Files\Winamp\winamp.exe
FirewallRules: [{842F4435-7B7A-46DE-BCEA-3734D52C0274}] => (Allow) LPort=24411
FirewallRules: [{09983080-DF81-4D84-91A3-D22769DAB760}] => (Allow) LPort=24411
FirewallRules: [{197F77D6-FC56-446B-BB6A-2C464E81F21F}] => (Allow) C:\Program Files\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{F75CF03E-73F5-4D37-97C6-E4F1D4559EB0}] => (Allow) C:\Program Files\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{6F037225-6358-461A-A966-78F6695F30F2}] => (Allow) C:\Program Files\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{AB54F543-FD62-43F2-8762-F13BC67ADE63}] => (Allow) C:\Program Files\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{3C49A874-CAAD-4A18-9DBC-532B2BE40C59}] => (Allow) C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{62933770-F8BC-4D7A-9F8B-4ECA38880E36}] => (Allow) C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [TCP Query User{6D64B421-A6B1-4AFD-9059-56A386FBA069}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{16A519DB-E1F9-48F4-A790-F49557360222}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [{9851CD97-8CFB-40AC-8734-6C8E7E8D91DA}] => (Allow) LPort=1542
FirewallRules: [{4369B530-9C62-4FDA-B1C3-B722604D72A6}] => (Allow) LPort=1542
FirewallRules: [{242F4CE1-3E94-4EB4-A2D0-E808FA3BF33B}] => (Allow) LPort=53
FirewallRules: [{CE88883C-F4FF-4A49-87BA-58F6E8C0DC10}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{E2876D36-549B-484D-8677-21F76DDC368A}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{916B7813-85C3-4844-902E-BCAB0495A515}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{87D1644E-2BDC-43D4-855E-8B2902C651D7}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{C78E6BBE-2E7D-4046-9F73-74E4800B43A8}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{796761CA-DCC3-4E60-931F-CD93D7C97AA3}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{F8A58F6B-706C-41B0-A88E-2A06136B37E5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B86FBA27-B05B-474A-BDCE-E2D02DD5786D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4AE437DE-0354-4B54-B1E8-E1C2448214C5}] => (Allow) C:\Program Files\DAP\dapupd.exe
FirewallRules: [{75F6F82E-53B6-4FE9-8F93-8EAC3A1B9E47}] => (Allow) C:\Program Files\DAP\dapupd.exe
FirewallRules: [{6E3E7D26-C12F-4B8B-8009-F16DAD89DF2E}] => (Allow) C:\Program Files\DAP\dapupd.exe
FirewallRules: [{8BA251E9-4693-4DE1-8410-3A0D7D3B5702}] => (Allow) C:\Program Files\DAP\dapupd.exe
FirewallRules: [{756DF390-9137-4718-A81C-46F7DD764254}] => (Allow) LPort=20428
FirewallRules: [{CADA5C63-AEDD-42B5-89D7-557AB91A30B4}] => (Allow) LPort=20428
FirewallRules: [{B571FDEF-A9E6-4DF7-B604-C3B456D0C381}] => (Allow) C:\Users\RENATO\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
FirewallRules: [{F0D5647C-9137-4933-A80A-367DFF9B0B31}] => (Allow) C:\Users\RENATO\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
FirewallRules: [{D5239ADD-0055-48F7-976F-A58B9B9DAA82}] => (Allow) C:\Users\RENATO\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
FirewallRules: [{A32421C2-23CA-4CDF-A1E0-7AA547BC6AF2}] => (Allow) C:\Users\RENATO\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
FirewallRules: [{CE38DE0F-E509-4898-94B9-FF53C6E2C8EB}] => (Allow) C:\Program Files\MyPublicWiFi\MyPublicWiFi.exe
FirewallRules: [{EB36F62E-2D4A-4BEB-B184-FCF80DAFA92E}] => (Allow) C:\Program Files\MyPublicWiFi\MyPublicWiFi.exe
FirewallRules: [{F412E09D-3079-492A-89F6-65E0C649190A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\BitComet\tools\BitCometService.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Program Files\BitComet\tools\UPNP.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Windows\system32\winlogon.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Windows\system32\csrss.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Program Files\QuickTime\QTTask.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Windows\system32\SearchProtocolHost.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Windows\system32\taskmgr.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Windows\System32\spoolsv.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Program Files\VideoLAN\VLC\vlc.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [F:\PROGRAMAS\K-Lite_Codec_Pack_1180_Full\K-Lite_Codec_Pack_1180_Full.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Windows\system32\taskhost.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Windows\system32\taskeng.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Windows\Explorer.EXE] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Windows\system32\wininit.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Program Files\IObit\Advanced SystemCare\display.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Program Files\IObit\Advanced SystemCare\Suo12_StartupManager.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Program Files\IObit\Advanced SystemCare\smBootTime.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Windows\system32\Dwm.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Windows\system32\wbem\wmiprvse.exe] => Enabled:ipsec
StandardProfile\AuthorizedApplications: [C:\Windows\system32\services.exe] => Enabled:ipsec
==================== Pontos de Restauração =========================
24-08-2016 13:27:04 Ponto de Verificação Agendado
25-08-2016 02:56:43 Windows Update
25-08-2016 03:17:55 Windows Update
25-08-2016 03:24:47 Windows Update
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Atheros L2 Fast Ethernet 10/100Base-T Controller
Description: Atheros L2 Fast Ethernet 10/100Base-T Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros
Service: Atc002
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Kaspersky Lab power events provider
Description: Kaspersky Lab power events provider
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: KL
Service: klhk
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (08/25/2016 05:44:35 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (08/25/2016 05:44:25 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (08/25/2016 05:43:18 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (08/25/2016 05:42:34 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (08/24/2016 05:14:23 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (08/24/2016 05:14:07 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (08/24/2016 05:12:58 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (08/24/2016 05:12:12 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (08/23/2016 04:43:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Explorer.EXE versão 6.1.7600.16385 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: 69c
Hora de Início: 01d1fd2d1af4ba9a
Hora de Término: 11823
Caminho do Aplicativo: C:\Windows\Explorer.EXE
Id do Relatório: cb39515d-6969-11e6-a601-00e04c20aadf
Error: (08/23/2016 10:50:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: LolClient.exe, versão: 0.0.0.0, carimbo de hora: 0x515663e0
Nome do módulo de falhas: Adobe AIR.dll, versão: 21.0.0.176, carimbo de hora: 0x56de3058
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0006e3db
Identificação do processo com falha: 0x1958
Hora de início do aplicativo com falha: 0xLolClient.exe0
Caminho do aplicativo com falha: LolClient.exe1
FCaminho do módulo de falhas: LolClient.exe2
Identificação do Relatório: LolClient.exe3
Erros de Sistema:
=============
Error: (08/25/2016 08:49:12 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
asfilterdrv
crfilterdrv
ssfilterdrv
Error: (08/25/2016 06:45:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço IMF Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (08/25/2016 06:44:31 AM) (Source: cdrom) (EventID: 7) (User: )
Description: O dispositivo, \Device\CdRom0, possui um bloco defeituoso.
Error: (08/25/2016 06:44:17 AM) (Source: cdrom) (EventID: 7) (User: )
Description: O dispositivo, \Device\CdRom0, possui um bloco defeituoso.
Error: (08/25/2016 06:44:12 AM) (Source: cdrom) (EventID: 7) (User: )
Description: O dispositivo, \Device\CdRom0, possui um bloco defeituoso.
Error: (08/25/2016 06:44:06 AM) (Source: cdrom) (EventID: 7) (User: )
Description: O dispositivo, \Device\CdRom0, possui um bloco defeituoso.
Error: (08/25/2016 06:44:01 AM) (Source: cdrom) (EventID: 7) (User: )
Description: O dispositivo, \Device\CdRom0, possui um bloco defeituoso.
Error: (08/25/2016 06:43:46 AM) (Source: cdrom) (EventID: 7) (User: )
Description: O dispositivo, \Device\CdRom0, possui um bloco defeituoso.
Error: (08/25/2016 06:43:41 AM) (Source: cdrom) (EventID: 7) (User: )
Description: O dispositivo, \Device\CdRom0, possui um bloco defeituoso.
Error: (08/25/2016 06:43:35 AM) (Source: cdrom) (EventID: 7) (User: )
Description: O dispositivo, \Device\CdRom0, possui um bloco defeituoso.
CodeIntegrity:
===================================
Date: 2016-08-20 13:03:01.473
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-20 13:03:01.468
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-07-28 12:38:59.718
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-07-28 12:38:59.714
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-07-28 11:22:09.668
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\IObit\IObit Malware Fighter\IWsIMF.exe because the set of per-page image hashes could not be found on the system.
Date: 2016-07-28 11:09:24.441
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\IObit\IObit Malware Fighter\IWsIMF.exe because the set of per-page image hashes could not be found on the system.
Date: 2016-07-28 05:25:30.976
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\IObit\IObit Malware Fighter\IWsIMF.exe because the set of per-page image hashes could not be found on the system.
Date: 2016-07-28 05:25:30.964
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\IObit\IObit Malware Fighter\IWsIMF.exe because the set of per-page image hashes could not be found on the system.
Date: 2016-07-28 05:25:30.949
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\IObit\IObit Malware Fighter\IWsIMF.exe because the set of per-page image hashes could not be found on the system.
Date: 2016-07-28 05:25:30.933
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\IObit\IObit Malware Fighter\IWsIMF.exe because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Pentium(R) Dual-Core CPU E5700 @ 3.00GHz
Percentagem de memória em uso: 52%
RAM física total: 3318.24 MB
RAM física disponível: 1583.55 MB
Virtual Total: 6932.7 MB
Virtual disponível: 4899.97 MB
==================== Drives ================================
Drive c: (WINDOWSL 7) (Fixed) (Total:69.21 GB) (Free:35.03 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)]
Drive d: (DOWLOADS) (Fixed) (Total:862.3 GB) (Free:118.14 GB) NTFS
Drive g: (ELVIS) (Removable) (Total:15.67 GB) (Free:15.67 GB) FAT32
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CF16339C)
Partition 1: (Active) - (Size=69.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=862.3 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 15.7 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Fim de Addition.txt ============================