Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 11-10-2017
Executado por lfsou (13-10-2017 11:03:24)
Executando a partir de C:\Users\lfsou\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads
Windows 10 Home Single Language Versão 1703 170317-1834 (X64) (2017-06-03 03:49:07)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3459989675-2130957159-2498462711-500 - Administrator - Disabled)
Convidado (S-1-5-21-3459989675-2130957159-2498462711-501 - Limited - Disabled)
debor (S-1-5-21-3459989675-2130957159-2498462711-1003 - Limited - Enabled) => C:\Users\debor
DefaultAccount (S-1-5-21-3459989675-2130957159-2498462711-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3459989675-2130957159-2498462711-1000 - Limited - Disabled) => C:\Users\defaultuser0
lfsou (S-1-5-21-3459989675-2130957159-2498462711-1001 - Administrator - Enabled) => C:\Users\lfsou
luisf (S-1-5-21-3459989675-2130957159-2498462711-1002 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton Security (Enabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2017 (HKLM-x32\...\DRWV_17_5_0) (Version: 17.5.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
BioShock Infinite: The Complete Edition (HKLM-x32\...\BioShock Infinite: The Complete Edition_is1) (Version: - )
BitTorrent (HKU\S-1-5-21-3459989675-2130957159-2498462711-1001\...\BitTorrent) (Version: 7.10.0.43917 - BitTorrent Inc.)
ColorEngine (HKLM-x32\...\{0B48E952-494A-408B-8D9D-5F3331F96659}) (Version: 4.3 - Samsung Electronics Co., Ltd.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
ELAN Touchpad driver X64 15.7.10.1_WHQL (HKLM\...\Elantech) (Version: 15.7.10.1 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.11.1056 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Metal.Gear.Solid.V.The.Phantom.Pain-ALI213 versão 1.10 (HKLM-x32\...\{AB06B397-689B-4FD6-9EB9-22030005D845}}_is1) (Version: 1.10 - Ali213.net)
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.8431.2079 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3459989675-2130957159-2498462711-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Norton Security (HKLM-x32\...\NS) (Version: 22.11.0.41 - Symantec Corporation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.1 - Notepad++ Team)
NVIDIA Driver de gráficos 375.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.63 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8431.2079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Open XML SDK 2.5 for Microsoft Office (HKLM-x32\...\{3EA16E23-14D2-466A-8268-D7CD40DC46B6}) (Version: 2.5.5631 - Microsoft Corporation)
Painel de controle da NVIDIA 375.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 375.63 - NVIDIA Corporation) Hidden
Peak Time Power Manager (HKLM-x32\...\{64D42C63-02D5-4129-A546-42BEC0D5AA77}) (Version: 1.0.0 - Samsung Electronics Co., Ltd.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.6 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.8.311.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7968 - Realtek Semiconductor Corp.)
S Agent (HKLM\...\{0052BF58-5307-4F7D-A379-8F4EC9212FA8}) (Version: 1.1.58 - Samsung Electronics Co., Ltd.) Hidden
Samsung PC Cleaner Service (HKLM-x32\...\{97B0F67E-189B-4544-BAA9-C7B43F0D2AE1}) (Version: 1.0.10 - Samsung Electronics Co., Ltd.)
Samsung Power Plan (HKLM-x32\...\{996EC895-5B1B-4A80-917F-85723A204C64}) (Version: 1.0.0 - Samsung Electronics Co., Ltd.)
Samsung Recovery (HKLM\...\{D21EED26-59C0-4315-BDCC-D682496465E9}) (Version: 7.3.0 - Samsung Electronics Co., Ltd.)
Samsung Settings (HKLM-x32\...\{CDADE666-B188-4406-9C0A-FF4CA1582D40}) (Version: 3.0.0 - Samsung Electronics Co., Ltd.)
Samsung SideSync (HKLM-x32\...\Samsung SideSync) (Version: 4.5.0.86_2 - Samsung Electronics Co., Ltd.)
Samsung Update (HKLM-x32\...\{06E8E156-6993-4A23-805A-B95C0012D743}) (Version: 2.2.44 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Software de dispositivo do Chipset Intel® (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
teamPL (HKLM\...\{09B0CD9C-5058-4D17-AC2C-6B4737900A08}) (Version: 1.0.15 - Samsung Electronics Co., Ltd.)
The Sims 4: City Living (HKLM\...\dGhlc2ltczRjaXR5bGl2aW5n_is1) (Version: 1 - )
User Manual (HKLM-x32\...\{DA11CC4A-5E90-4EA9-8E7B-29D5328E35F0}) (Version: 2.0.00 - Samsung Electronics Co., Ltd.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Warsaw 2.0.3.2 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.0.3.2 - GAS Tecnologia)
Wi-Fi Camera (HKLM\...\{EF3E6EB4-DCD9-4EBC-9889-17AF4DDB0A50}) (Version: 1.0 - Samsung Electronics Co., Ltd)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Zotero (HKLM-x32\...\Zotero 5.0.7 (x86 en-US)) (Version: 5.0.7 - Corporation for Digital Scholarship)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-3459989675-2130957159-2498462711-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-7C5906823869}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-3459989675-2130957159-2498462711-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-03] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-03] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-03] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-03] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-03] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-03] (Symantec Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-08-28] ()
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-03] (Symantec Corporation)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.11.0.41\NavShExt.dll [2017-10-04] (Symantec Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.11.0.41\NavShExt.dll [2017-10-04] (Symantec Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-25] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-10-22] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-03] (Symantec Corporation)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.11.0.41\NavShExt.dll [2017-10-04] (Symantec Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {01DC1F8A-956D-4180-87DF-1EE2842236C0} - System32\Tasks\Samsung\Settings\SettingsPatternLoginMonitor => C:\Program Files (x86)\Samsung\Settings\SMessage.exe [2016-10-10] (Samsung Electronics Co., Ltd.)
Task: {08AEFD9B-F12A-4796-97E9-CFB81209CDA9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-26] (Google Inc.)
Task: {12181FA2-68D4-43A4-9F7C-DDDC0A9F72C3} - System32\Tasks\Samsung\SRS\SRS Logon => C:\Program Files\Samsung\Recovery\SRSMessages.exe [2016-11-02] (Samsung Electronics)
Task: {1847D043-7BF0-4150-A7CC-84E58E74AB41} - System32\Tasks\PowerManagement => C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlClient.exe [2016-08-04] (Samsung Electronics Co., Ltd.)
Task: {1BE01ED7-3A6D-4CD3-A8F6-1896A9905188} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2017-10-04] (Symantec Corporation)
Task: {1D5BDBD6-F288-4315-956B-F5A2BF4835D5} - System32\Tasks\Samsung\Settings\LaunchSettings => C:\Program Files (x86)\Samsung\Settings\Settings.exe [2016-10-10] (Samsung Electronics Co., Ltd.)
Task: {2032D062-DAED-472A-A6D4-3C68160E1156} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)
Task: {21E90343-71D4-4285-BC9F-5F571111FC76} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2016-02-23] (Samsung Electronics Co., Ltd.)
Task: {2E510F5B-6D41-4114-99C3-34F4B269AE4A} - System32\Tasks\MiraPlot for Pokki => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\MiraPlot for Pokki\MiraPlot for Pokki.dll",yZyzIof <==== ATENÇÃO
Task: {582930AE-CD0A-4CFD-8B0D-85DA2D792B8E} - System32\Tasks\Samsung\Wifi Camera\WiFi Camera Agent => C:\Program Files\Samsung\WiFiCamera\WiFiCameraAgent.exe [2016-11-07] (Samsung Electronics Co., Ltd)
Task: {582F90B1-C817-4244-A062-EF84F507C46A} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.11.0.41\SymErr.exe [2017-10-03] (Symantec Corporation)
Task: {5ABA0F9E-C387-4AB1-AB9E-71FDA37A4165} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.11.0.41\SymErr.exe [2017-10-03] (Symantec Corporation)
Task: {654E0E92-E003-4FDA-8CB8-C5A1651F1637} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)
Task: {65C08919-95AB-4AD2-9FBA-999932E32708} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-09-26] (Microsoft Corporation)
Task: {6D782E78-CDC1-44C8-9EF3-CFD4177C1B15} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-26] ()
Task: {93C8FB46-D451-40D0-AD2B-F8450381A59A} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.11.0.41\WSCStub.exe [2017-10-04] (Symantec Corporation)
Task: {981F3BA8-E57F-47AA-A8DB-E30E449F64E9} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-10-27] (Realtek Semiconductor)
Task: {99469B23-D082-418E-8A8A-85E90E233F44} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-26] (Google Inc.)
Task: {D008E14E-3412-498D-9051-B6C86853B0BB} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-lfsouza25@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {D9B2EEF0-3902-4BA7-8FD2-156C4CD648F6} - System32\Tasks\Samsung\SamsungPCCleaner\SamsungPCCleanerService => C:\Program Files (x86)\Samsung\SamsungPCCleaner\SamsungPCCleanerService.exe [2016-11-03] (Samsung Electronics Co., Ltd.)
Task: {DC7022E8-1753-4FB5-A9CA-6F1C5B25B1B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {DD78C4C7-4676-4047-90BB-2FB7A0C10252} - System32\Tasks\Samsung\Settings\SettingsHibernateMonitor => C:\Program Files (x86)\Samsung\Settings\SettingsHibernateMonitor.exe [2016-10-10] (Samsung Electronics Co., Ltd.)
Task: {E1693A6E-7237-4A52-B6B5-4FBF2256A453} - System32\Tasks\Samsung\Settings\SettingsPatternLoginAccountMonitor => C:\Program Files (x86)\Samsung\Settings\SMessage.exe [2016-10-10] (Samsung Electronics Co., Ltd.)
Task: {E353CC93-09EE-4CD4-88B6-F1CB17EE8BD4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-09-26] (Microsoft Corporation)
Task: {E3C4E13A-4C73-424B-B520-2F62196AA87C} - System32\Tasks\SecTimeSync\TimeSyncInit => C:\Windows\SecTimeSync.exe [2013-08-23] (Samsung Electronics CO., LTD.)
Task: {E451A810-F405-4AE3-B35B-CFD396DFDA48} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.11.0.41\SymErr.exe [2017-10-03] (Symantec Corporation)
Task: {F8CFB6FB-A631-4AD8-8382-A870C57822ED} - System32\Tasks\Rerun Warsaw's CoreFixer => C:\WINDOWS\TEMP\is-JUVPA.tmp\corefixer.exe <==== ATENÇÃO
Task: {FB862682-260E-4923-A613-5CCB674DCE2F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-26] ()
Task: {FF33AF1A-92AA-4DFD-80D6-1AEF384860C6} - System32\Tasks\ColorEngine => C:\Program Files (x86)\Samsung\ColorEngine\ColorEngine.exe [2016-10-12] (Samsung Electronics Co., Ltd.)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2017-06-26 12:45 - 2015-06-01 08:42 - 002425856 _____ () C:\Program Files\MiraPlot for Pokki\MiraPlot for Pokki.dll
2017-06-02 23:20 - 2016-10-22 02:04 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-10-13 10:46 - 2017-10-13 10:46 - 000570880 _____ () C:\WINDOWS\TEMP\gE7B1.tmp.exe
2017-03-18 16:58 - 2017-03-18 16:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-09-26 02:52 - 2017-09-26 02:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2017-03-18 16:59 - 2017-03-20 00:02 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-05-27 00:24 - 2017-05-27 00:25 - 001695440 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8600.40525.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2017-10-11 00:48 - 2017-10-11 00:52 - 001226416 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8600.40525.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2017-09-14 13:50 - 2017-09-14 13:50 - 003553704 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8600.40525.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-09-26 02:52 - 2017-09-26 02:52 - 034879568 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2017-08-23 03:15 - 2017-08-23 03:16 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-23 03:15 - 2017-08-23 03:16 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-23 03:15 - 2017-08-23 03:16 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-08-23 03:15 - 2017-08-23 03:16 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
2016-08-04 20:04 - 2016-08-04 20:04 - 000023360 _____ () C:\Program Files (x86)\Samsung\PowerCtrlManager\WSABI.dll
2016-04-07 02:44 - 2016-04-07 02:44 - 000032432 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WSABI.dll
2017-01-04 23:56 - 2016-06-14 16:03 - 000018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-12 22:28 - 2016-10-12 22:28 - 000217776 _____ () C:\Program Files (x86)\Samsung\ColorEngine\WinMove.dll
2017-09-20 02:42 - 2017-09-20 02:42 - 067115616 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\pt_br\acrotray.ptb
2017-09-06 18:11 - 2017-09-06 18:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-20 03:04 - 2017-09-20 03:04 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-09-06 18:11 - 2017-09-06 18:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-09-12 20:11 - 2017-09-12 20:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-12 20:10 - 2017-09-12 20:10 - 000117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2017-09-12 20:11 - 2017-09-12 20:11 - 000125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-12 20:11 - 2017-09-12 20:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-20 02:59 - 2017-09-20 02:59 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-09-12 20:11 - 2017-09-12 20:11 - 000098816 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2017-09-12 20:11 - 2017-09-12 20:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
HKU\S-1-5-21-3459989675-2130957159-2498462711-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATENÇÃO
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2016-07-16 07:47 - 2017-06-26 08:42 - 000013472 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 gf.tools.avast.com
127.0.0.1 pair.ff.avast.com
127.0.0.1 ipm-provider.ff.avast.com
127.0.0.1 ipm-provider.ff.avast.com
127.0.0.1 ipm-provider.ff.avast.com
127.0.0.1 id.avast.com
127.0.0.1 v4618535.iavs9x.u.avast.com
127.0.0.1 v4618535.ivps9x.u.avast.com
127.0.0.1 v4618535.ivps9tiny.u.avast.com
127.0.0.1 v4618535.vpsnitro.u.avast.com
127.0.0.1 v4618535.vpsnitrotiny.u.avast.com
127.0.0.1 v4618535.iavs5x.u.avast.com
127.0.0.1 v7.stats.avast.com
127.0.0.1 v7.stats.avast.com
127.0.0.1 v7event.stats.avast.com
127.0.0.1 sm00.avast.com
127.0.0.1 submit5.avast.com
127.0.0.1 geoip.avast.com
127.0.0.1 w9448963.iavs9x.u.avast.com
127.0.0.1 w9448963.ivps9x.u.avast.com
127.0.0.1 w9448963.ivps9tiny.u.avast.com
127.0.0.1 w9448963.vpsnitro.u.avast.com
127.0.0.1 w9448963.vpsnitrotiny.u.avast.com
127.0.0.1 w9448963.iavs5x.u.avast.com
127.0.0.1 v7.stats.avast.com
127.0.0.1 v7.stats.avast.com
127.0.0.1 v7event.stats.avast.com
127.0.0.1 sm00.avast.com
127.0.0.1 submit5.avast.com
127.0.0.1 geoip.avast.com
Existem ainda 332 mais linhas.
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3459989675-2130957159-2498462711-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\lfsou\OneDrive\Imagens\ep77fc6dceeypt.jpg
DNS Servers: 187.123.29.51 - 187.123.29.56
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
HKU\S-1-5-21-3459989675-2130957159-2498462711-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{4A232CD2-0FF2-474D-8657-249C33112B7F}] => (Allow) C:\Games\SimCity 2013 Offline\SimCity\SimCity.exe
FirewallRules: [{51A92EC7-B6A8-40A7-A12D-4860581575B0}] => (Allow) C:\Games\SimCity 2013 Offline\SimCity\SimCity.exe
FirewallRules: [{64EAA2A3-C56E-4C43-9DE7-7F93722CB265}] => (Allow) C:\Program Files\Samsung\WiFiCamera\WiFiCameraAgent.exe
FirewallRules: [{2603D0D4-421A-4CAB-9C83-670E9C4C3F72}] => (Allow) C:\Program Files\Samsung\WiFiCamera\WiFiCameraAgent.exe
FirewallRules: [{B2833E83-14BA-45B0-B91E-12C9004FCA80}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [{0FC46CB6-40FE-459B-972A-0BED782FC7BC}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [{2B6B214C-A34B-48D7-8B49-FE80D2F2727E}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{7F82E4C4-328F-48A3-9A3C-AB53D01B6D11}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{9F718613-9A68-4B05-9AA2-C3760A9EBA0D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{FCB9AFCA-9AC9-40BD-AA26-17B57DDF89EC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{8AE551EF-31B0-43C5-9CC8-5BABDE4A208A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{E1978188-852F-4C69-B852-CAE1806CB35C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FAC88C2C-BEBE-4B05-BD21-9A7112DF633A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{679CE5EB-C4D2-4695-AECA-BFCE1829AB12}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{97A31CAE-159D-4027-9CC4-CCF6C6EC7CEB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{4CB90825-F2EC-4396-9B78-F0A7D5D9D143}C:\users\lfsou\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\lfsou\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [UDP Query User{5B7841C7-CE5D-4B15-866C-3888322839CF}C:\users\lfsou\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\lfsou\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [{BF8D72E2-505F-4E20-AE3C-89557ACEF489}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{E551EB3A-DF8D-4660-AD29-FD5749BF878F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1BB6DECE-4954-42EA-B672-7980CACB6DDB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.64.403.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{79DCA697-14DF-466B-906B-34E7B269A040}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.64.403.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{651B8BC9-3D5F-4BF0-B8E2-9EAC6A283CA0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.64.403.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{34EF1153-521B-4C88-A097-A275215B43B4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.64.403.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{22B3A49A-5023-4C9F-A709-1C4D9B2FB70B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.64.403.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{2821F10A-234E-45C5-A2F7-02F2D0675D55}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.64.403.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{EB75DC6F-31FB-4DAC-A193-5F2E0C075CC3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.64.403.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{07E9A3B7-F3E9-44DF-9462-0F8F44AE1E4F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.64.403.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{9537E5D9-D202-4627-AE51-B1D2A35E9869}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.64.403.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{430FF890-3331-434F-80B8-9537EF5AB1AE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.64.403.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [TCP Query User{B743137A-27A9-473B-8A3A-30E7140A1321}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe
FirewallRules: [UDP Query User{D7632E1C-4302-4A0E-8D36-FE442F6541EF}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe
FirewallRules: [{E1F0B338-F63A-4EFC-8394-70CD60E413DB}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{80E8D597-A992-43FA-BBA3-5645F1AD4180}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{E290E788-417C-4D38-A22A-EADB4F6DC4B2}] => (Allow) C:\Windows\System32\rundll32.exe
==================== Pontos de Restauração =========================
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (10/13/2017 10:37:30 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina QueryFullProcessImageNameW. hr = 0x8007001f, Um dispositivo conectado ao sistema não está funcionando.
.
Operação:
Executando Operação Assíncrona
Contexto:
Estado Atual: DoSnapshotSet
Error: (10/13/2017 06:08:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: McUpdate.exe, versão: 15.4.4053.0, carimbo de data/hora: 0x58f51623
Nome do módulo com falha: McUpdate.exe, versão: 15.4.4053.0, carimbo de data/hora: 0x58f51623
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000000000006bbfe
ID do processo com falha: 0x1864
Hora de início do aplicativo com falha: 0x01d3440b46f2f760
Caminho do aplicativo com falha: c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
Caminho do módulo com falha: c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
ID do Relatório: c796da9c-d1ab-41ba-b673-caa52d2fb908
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (10/13/2017 05:59:20 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina QueryFullProcessImageNameW. hr = 0x8007001f, Um dispositivo conectado ao sistema não está funcionando.
.
Operação:
Executando Operação Assíncrona
Contexto:
Estado Atual: DoSnapshotSet
Error: (10/13/2017 05:58:18 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddWin32ServiceFiles: Unable to back up image of service Service KMSELDI since QueryServiceConfig API failed
System Error:
O sistema não pode encontrar o arquivo especificado.
.
Error: (10/13/2017 04:21:07 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Erro no arquivo de manifesto ou de política C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL", na linha 1.
Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Use o arquivo sxstrace.exe para obter um dignóstico detalhado.
Error: (10/13/2017 04:21:05 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.
Error: (10/13/2017 03:53:12 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Erro no arquivo de manifesto ou de política C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL", na linha 1.
Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Use o arquivo sxstrace.exe para obter um dignóstico detalhado.
Error: (10/13/2017 03:52:52 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.
Error: (10/13/2017 03:43:54 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erro ao atualizar o status para SECURITY_PRODUCT_STATE_SNOOZED.
Error: (10/13/2017 03:43:51 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erro ao atualizar o status para SECURITY_PRODUCT_STATE_SNOOZED.
Erros de Sistema:
=============
Error: (10/13/2017 10:49:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço McAfee Proxy Service depende do serviço McAfee Firewall Core Service, mas não foi possível iniciá-lo devido ao seguinte erro:
Não foi possível iniciar o serviço ou grupo de dependência.
Error: (10/13/2017 10:49:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço McAfee Firewall Core Service depende do serviço McAfee Validation Trust Protection Service, mas não foi possível iniciá-lo devido ao seguinte erro:
A operação foi concluída com êxito.
Error: (10/13/2017 10:49:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço McAfee AP Service depende do serviço McAfee Validation Trust Protection Service, mas não foi possível iniciá-lo devido ao seguinte erro:
A operação foi concluída com êxito.
Error: (10/13/2017 10:46:19 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (10/13/2017 10:46:19 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (10/13/2017 10:45:37 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço HomeNetSvc depende do serviço mfevtp, mas não foi possível iniciá-lo devido ao seguinte erro:
A operação foi concluída com êxito.
Error: (10/13/2017 10:45:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço ModuleCoreService devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (10/13/2017 10:45:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço CldFlt devido ao seguinte erro:
Não há suporte para o pedido.
Error: (10/13/2017 10:27:29 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-1URP96V5)
Description: As configurações de permissão padrão-computador não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
e APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
ao usuário LAPTOP-1URP96V5\lfsou SID (S-1-5-21-3459989675-2130957159-2498462711-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (10/13/2017 10:27:14 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-1URP96V5)
Description: As configurações de permissão padrão-computador não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
e APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
ao usuário LAPTOP-1URP96V5\lfsou SID (S-1-5-21-3459989675-2130957159-2498462711-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
CodeIntegrity:
===================================
Date: 2017-10-13 10:55:41.373
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2017-10-13 10:54:54.113
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2017-10-13 10:53:11.847
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2017-10-13 10:52:30.139
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2017-10-13 10:51:47.913
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2017-10-13 10:50:40.723
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2017-10-13 10:50:38.889
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2017-10-13 10:50:38.303
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2017-10-13 10:50:37.867
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2017-10-13 06:27:43.436
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentagem de memória em uso: 44%
RAM física total: 8094.49 MB
RAM física disponível: 4500.07 MB
Virtual Total: 9374.49 MB
Virtual disponível: 5423.99 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:917.25 GB) (Free:575.22 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 26EA9241)
Partition: GPT.
==================== Fim de Addition.txt ============================
Executado por lfsou (13-10-2017 11:03:24)
Executando a partir de C:\Users\lfsou\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads
Windows 10 Home Single Language Versão 1703 170317-1834 (X64) (2017-06-03 03:49:07)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3459989675-2130957159-2498462711-500 - Administrator - Disabled)
Convidado (S-1-5-21-3459989675-2130957159-2498462711-501 - Limited - Disabled)
debor (S-1-5-21-3459989675-2130957159-2498462711-1003 - Limited - Enabled) => C:\Users\debor
DefaultAccount (S-1-5-21-3459989675-2130957159-2498462711-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3459989675-2130957159-2498462711-1000 - Limited - Disabled) => C:\Users\defaultuser0
lfsou (S-1-5-21-3459989675-2130957159-2498462711-1001 - Administrator - Enabled) => C:\Users\lfsou
luisf (S-1-5-21-3459989675-2130957159-2498462711-1002 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton Security (Enabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2017 (HKLM-x32\...\DRWV_17_5_0) (Version: 17.5.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
BioShock Infinite: The Complete Edition (HKLM-x32\...\BioShock Infinite: The Complete Edition_is1) (Version: - )
BitTorrent (HKU\S-1-5-21-3459989675-2130957159-2498462711-1001\...\BitTorrent) (Version: 7.10.0.43917 - BitTorrent Inc.)
ColorEngine (HKLM-x32\...\{0B48E952-494A-408B-8D9D-5F3331F96659}) (Version: 4.3 - Samsung Electronics Co., Ltd.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
ELAN Touchpad driver X64 15.7.10.1_WHQL (HKLM\...\Elantech) (Version: 15.7.10.1 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.11.1056 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Metal.Gear.Solid.V.The.Phantom.Pain-ALI213 versão 1.10 (HKLM-x32\...\{AB06B397-689B-4FD6-9EB9-22030005D845}}_is1) (Version: 1.10 - Ali213.net)
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.8431.2079 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3459989675-2130957159-2498462711-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Norton Security (HKLM-x32\...\NS) (Version: 22.11.0.41 - Symantec Corporation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.1 - Notepad++ Team)
NVIDIA Driver de gráficos 375.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.63 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8431.2079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Open XML SDK 2.5 for Microsoft Office (HKLM-x32\...\{3EA16E23-14D2-466A-8268-D7CD40DC46B6}) (Version: 2.5.5631 - Microsoft Corporation)
Painel de controle da NVIDIA 375.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 375.63 - NVIDIA Corporation) Hidden
Peak Time Power Manager (HKLM-x32\...\{64D42C63-02D5-4129-A546-42BEC0D5AA77}) (Version: 1.0.0 - Samsung Electronics Co., Ltd.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.6 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.8.311.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7968 - Realtek Semiconductor Corp.)
S Agent (HKLM\...\{0052BF58-5307-4F7D-A379-8F4EC9212FA8}) (Version: 1.1.58 - Samsung Electronics Co., Ltd.) Hidden
Samsung PC Cleaner Service (HKLM-x32\...\{97B0F67E-189B-4544-BAA9-C7B43F0D2AE1}) (Version: 1.0.10 - Samsung Electronics Co., Ltd.)
Samsung Power Plan (HKLM-x32\...\{996EC895-5B1B-4A80-917F-85723A204C64}) (Version: 1.0.0 - Samsung Electronics Co., Ltd.)
Samsung Recovery (HKLM\...\{D21EED26-59C0-4315-BDCC-D682496465E9}) (Version: 7.3.0 - Samsung Electronics Co., Ltd.)
Samsung Settings (HKLM-x32\...\{CDADE666-B188-4406-9C0A-FF4CA1582D40}) (Version: 3.0.0 - Samsung Electronics Co., Ltd.)
Samsung SideSync (HKLM-x32\...\Samsung SideSync) (Version: 4.5.0.86_2 - Samsung Electronics Co., Ltd.)
Samsung Update (HKLM-x32\...\{06E8E156-6993-4A23-805A-B95C0012D743}) (Version: 2.2.44 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Software de dispositivo do Chipset Intel® (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
teamPL (HKLM\...\{09B0CD9C-5058-4D17-AC2C-6B4737900A08}) (Version: 1.0.15 - Samsung Electronics Co., Ltd.)
The Sims 4: City Living (HKLM\...\dGhlc2ltczRjaXR5bGl2aW5n_is1) (Version: 1 - )
User Manual (HKLM-x32\...\{DA11CC4A-5E90-4EA9-8E7B-29D5328E35F0}) (Version: 2.0.00 - Samsung Electronics Co., Ltd.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Warsaw 2.0.3.2 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.0.3.2 - GAS Tecnologia)
Wi-Fi Camera (HKLM\...\{EF3E6EB4-DCD9-4EBC-9889-17AF4DDB0A50}) (Version: 1.0 - Samsung Electronics Co., Ltd)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Zotero (HKLM-x32\...\Zotero 5.0.7 (x86 en-US)) (Version: 5.0.7 - Corporation for Digital Scholarship)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-3459989675-2130957159-2498462711-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-7C5906823869}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-3459989675-2130957159-2498462711-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-03] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-03] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-03] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-03] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-03] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-03] (Symantec Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-08-28] ()
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-03] (Symantec Corporation)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.11.0.41\NavShExt.dll [2017-10-04] (Symantec Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.11.0.41\NavShExt.dll [2017-10-04] (Symantec Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-25] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-10-22] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-03] (Symantec Corporation)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.11.0.41\NavShExt.dll [2017-10-04] (Symantec Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {01DC1F8A-956D-4180-87DF-1EE2842236C0} - System32\Tasks\Samsung\Settings\SettingsPatternLoginMonitor => C:\Program Files (x86)\Samsung\Settings\SMessage.exe [2016-10-10] (Samsung Electronics Co., Ltd.)
Task: {08AEFD9B-F12A-4796-97E9-CFB81209CDA9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-26] (Google Inc.)
Task: {12181FA2-68D4-43A4-9F7C-DDDC0A9F72C3} - System32\Tasks\Samsung\SRS\SRS Logon => C:\Program Files\Samsung\Recovery\SRSMessages.exe [2016-11-02] (Samsung Electronics)
Task: {1847D043-7BF0-4150-A7CC-84E58E74AB41} - System32\Tasks\PowerManagement => C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlClient.exe [2016-08-04] (Samsung Electronics Co., Ltd.)
Task: {1BE01ED7-3A6D-4CD3-A8F6-1896A9905188} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2017-10-04] (Symantec Corporation)
Task: {1D5BDBD6-F288-4315-956B-F5A2BF4835D5} - System32\Tasks\Samsung\Settings\LaunchSettings => C:\Program Files (x86)\Samsung\Settings\Settings.exe [2016-10-10] (Samsung Electronics Co., Ltd.)
Task: {2032D062-DAED-472A-A6D4-3C68160E1156} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)
Task: {21E90343-71D4-4285-BC9F-5F571111FC76} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2016-02-23] (Samsung Electronics Co., Ltd.)
Task: {2E510F5B-6D41-4114-99C3-34F4B269AE4A} - System32\Tasks\MiraPlot for Pokki => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\MiraPlot for Pokki\MiraPlot for Pokki.dll",yZyzIof <==== ATENÇÃO
Task: {582930AE-CD0A-4CFD-8B0D-85DA2D792B8E} - System32\Tasks\Samsung\Wifi Camera\WiFi Camera Agent => C:\Program Files\Samsung\WiFiCamera\WiFiCameraAgent.exe [2016-11-07] (Samsung Electronics Co., Ltd)
Task: {582F90B1-C817-4244-A062-EF84F507C46A} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.11.0.41\SymErr.exe [2017-10-03] (Symantec Corporation)
Task: {5ABA0F9E-C387-4AB1-AB9E-71FDA37A4165} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.11.0.41\SymErr.exe [2017-10-03] (Symantec Corporation)
Task: {654E0E92-E003-4FDA-8CB8-C5A1651F1637} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)
Task: {65C08919-95AB-4AD2-9FBA-999932E32708} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-09-26] (Microsoft Corporation)
Task: {6D782E78-CDC1-44C8-9EF3-CFD4177C1B15} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-26] ()
Task: {93C8FB46-D451-40D0-AD2B-F8450381A59A} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.11.0.41\WSCStub.exe [2017-10-04] (Symantec Corporation)
Task: {981F3BA8-E57F-47AA-A8DB-E30E449F64E9} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-10-27] (Realtek Semiconductor)
Task: {99469B23-D082-418E-8A8A-85E90E233F44} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-26] (Google Inc.)
Task: {D008E14E-3412-498D-9051-B6C86853B0BB} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-lfsouza25@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {D9B2EEF0-3902-4BA7-8FD2-156C4CD648F6} - System32\Tasks\Samsung\SamsungPCCleaner\SamsungPCCleanerService => C:\Program Files (x86)\Samsung\SamsungPCCleaner\SamsungPCCleanerService.exe [2016-11-03] (Samsung Electronics Co., Ltd.)
Task: {DC7022E8-1753-4FB5-A9CA-6F1C5B25B1B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {DD78C4C7-4676-4047-90BB-2FB7A0C10252} - System32\Tasks\Samsung\Settings\SettingsHibernateMonitor => C:\Program Files (x86)\Samsung\Settings\SettingsHibernateMonitor.exe [2016-10-10] (Samsung Electronics Co., Ltd.)
Task: {E1693A6E-7237-4A52-B6B5-4FBF2256A453} - System32\Tasks\Samsung\Settings\SettingsPatternLoginAccountMonitor => C:\Program Files (x86)\Samsung\Settings\SMessage.exe [2016-10-10] (Samsung Electronics Co., Ltd.)
Task: {E353CC93-09EE-4CD4-88B6-F1CB17EE8BD4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-09-26] (Microsoft Corporation)
Task: {E3C4E13A-4C73-424B-B520-2F62196AA87C} - System32\Tasks\SecTimeSync\TimeSyncInit => C:\Windows\SecTimeSync.exe [2013-08-23] (Samsung Electronics CO., LTD.)
Task: {E451A810-F405-4AE3-B35B-CFD396DFDA48} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.11.0.41\SymErr.exe [2017-10-03] (Symantec Corporation)
Task: {F8CFB6FB-A631-4AD8-8382-A870C57822ED} - System32\Tasks\Rerun Warsaw's CoreFixer => C:\WINDOWS\TEMP\is-JUVPA.tmp\corefixer.exe <==== ATENÇÃO
Task: {FB862682-260E-4923-A613-5CCB674DCE2F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-26] ()
Task: {FF33AF1A-92AA-4DFD-80D6-1AEF384860C6} - System32\Tasks\ColorEngine => C:\Program Files (x86)\Samsung\ColorEngine\ColorEngine.exe [2016-10-12] (Samsung Electronics Co., Ltd.)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2017-06-26 12:45 - 2015-06-01 08:42 - 002425856 _____ () C:\Program Files\MiraPlot for Pokki\MiraPlot for Pokki.dll
2017-06-02 23:20 - 2016-10-22 02:04 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-10-13 10:46 - 2017-10-13 10:46 - 000570880 _____ () C:\WINDOWS\TEMP\gE7B1.tmp.exe
2017-03-18 16:58 - 2017-03-18 16:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-09-26 02:52 - 2017-09-26 02:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2017-03-18 16:59 - 2017-03-20 00:02 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-05-27 00:24 - 2017-05-27 00:25 - 001695440 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8600.40525.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2017-10-11 00:48 - 2017-10-11 00:52 - 001226416 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8600.40525.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2017-09-14 13:50 - 2017-09-14 13:50 - 003553704 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8600.40525.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-09-26 02:52 - 2017-09-26 02:52 - 034879568 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2017-08-23 03:15 - 2017-08-23 03:16 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-23 03:15 - 2017-08-23 03:16 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-23 03:15 - 2017-08-23 03:16 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-08-23 03:15 - 2017-08-23 03:16 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
2016-08-04 20:04 - 2016-08-04 20:04 - 000023360 _____ () C:\Program Files (x86)\Samsung\PowerCtrlManager\WSABI.dll
2016-04-07 02:44 - 2016-04-07 02:44 - 000032432 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WSABI.dll
2017-01-04 23:56 - 2016-06-14 16:03 - 000018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-12 22:28 - 2016-10-12 22:28 - 000217776 _____ () C:\Program Files (x86)\Samsung\ColorEngine\WinMove.dll
2017-09-20 02:42 - 2017-09-20 02:42 - 067115616 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\pt_br\acrotray.ptb
2017-09-06 18:11 - 2017-09-06 18:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-20 03:04 - 2017-09-20 03:04 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-09-06 18:11 - 2017-09-06 18:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-09-12 20:11 - 2017-09-12 20:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-12 20:10 - 2017-09-12 20:10 - 000117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2017-09-12 20:11 - 2017-09-12 20:11 - 000125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-12 20:11 - 2017-09-12 20:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-20 02:59 - 2017-09-20 02:59 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-09-12 20:11 - 2017-09-12 20:11 - 000098816 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2017-09-12 20:11 - 2017-09-12 20:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
HKU\S-1-5-21-3459989675-2130957159-2498462711-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATENÇÃO
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2016-07-16 07:47 - 2017-06-26 08:42 - 000013472 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 gf.tools.avast.com
127.0.0.1 pair.ff.avast.com
127.0.0.1 ipm-provider.ff.avast.com
127.0.0.1 ipm-provider.ff.avast.com
127.0.0.1 ipm-provider.ff.avast.com
127.0.0.1 id.avast.com
127.0.0.1 v4618535.iavs9x.u.avast.com
127.0.0.1 v4618535.ivps9x.u.avast.com
127.0.0.1 v4618535.ivps9tiny.u.avast.com
127.0.0.1 v4618535.vpsnitro.u.avast.com
127.0.0.1 v4618535.vpsnitrotiny.u.avast.com
127.0.0.1 v4618535.iavs5x.u.avast.com
127.0.0.1 v7.stats.avast.com
127.0.0.1 v7.stats.avast.com
127.0.0.1 v7event.stats.avast.com
127.0.0.1 sm00.avast.com
127.0.0.1 submit5.avast.com
127.0.0.1 geoip.avast.com
127.0.0.1 w9448963.iavs9x.u.avast.com
127.0.0.1 w9448963.ivps9x.u.avast.com
127.0.0.1 w9448963.ivps9tiny.u.avast.com
127.0.0.1 w9448963.vpsnitro.u.avast.com
127.0.0.1 w9448963.vpsnitrotiny.u.avast.com
127.0.0.1 w9448963.iavs5x.u.avast.com
127.0.0.1 v7.stats.avast.com
127.0.0.1 v7.stats.avast.com
127.0.0.1 v7event.stats.avast.com
127.0.0.1 sm00.avast.com
127.0.0.1 submit5.avast.com
127.0.0.1 geoip.avast.com
Existem ainda 332 mais linhas.
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3459989675-2130957159-2498462711-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\lfsou\OneDrive\Imagens\ep77fc6dceeypt.jpg
DNS Servers: 187.123.29.51 - 187.123.29.56
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
HKU\S-1-5-21-3459989675-2130957159-2498462711-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{4A232CD2-0FF2-474D-8657-249C33112B7F}] => (Allow) C:\Games\SimCity 2013 Offline\SimCity\SimCity.exe
FirewallRules: [{51A92EC7-B6A8-40A7-A12D-4860581575B0}] => (Allow) C:\Games\SimCity 2013 Offline\SimCity\SimCity.exe
FirewallRules: [{64EAA2A3-C56E-4C43-9DE7-7F93722CB265}] => (Allow) C:\Program Files\Samsung\WiFiCamera\WiFiCameraAgent.exe
FirewallRules: [{2603D0D4-421A-4CAB-9C83-670E9C4C3F72}] => (Allow) C:\Program Files\Samsung\WiFiCamera\WiFiCameraAgent.exe
FirewallRules: [{B2833E83-14BA-45B0-B91E-12C9004FCA80}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [{0FC46CB6-40FE-459B-972A-0BED782FC7BC}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [{2B6B214C-A34B-48D7-8B49-FE80D2F2727E}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{7F82E4C4-328F-48A3-9A3C-AB53D01B6D11}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{9F718613-9A68-4B05-9AA2-C3760A9EBA0D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{FCB9AFCA-9AC9-40BD-AA26-17B57DDF89EC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{8AE551EF-31B0-43C5-9CC8-5BABDE4A208A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{E1978188-852F-4C69-B852-CAE1806CB35C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FAC88C2C-BEBE-4B05-BD21-9A7112DF633A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{679CE5EB-C4D2-4695-AECA-BFCE1829AB12}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{97A31CAE-159D-4027-9CC4-CCF6C6EC7CEB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{4CB90825-F2EC-4396-9B78-F0A7D5D9D143}C:\users\lfsou\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\lfsou\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [UDP Query User{5B7841C7-CE5D-4B15-866C-3888322839CF}C:\users\lfsou\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\lfsou\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [{BF8D72E2-505F-4E20-AE3C-89557ACEF489}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{E551EB3A-DF8D-4660-AD29-FD5749BF878F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1BB6DECE-4954-42EA-B672-7980CACB6DDB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.64.403.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{79DCA697-14DF-466B-906B-34E7B269A040}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.64.403.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{651B8BC9-3D5F-4BF0-B8E2-9EAC6A283CA0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.64.403.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{34EF1153-521B-4C88-A097-A275215B43B4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.64.403.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{22B3A49A-5023-4C9F-A709-1C4D9B2FB70B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.64.403.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{2821F10A-234E-45C5-A2F7-02F2D0675D55}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.64.403.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{EB75DC6F-31FB-4DAC-A193-5F2E0C075CC3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.64.403.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{07E9A3B7-F3E9-44DF-9462-0F8F44AE1E4F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.64.403.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{9537E5D9-D202-4627-AE51-B1D2A35E9869}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.64.403.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{430FF890-3331-434F-80B8-9537EF5AB1AE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.64.403.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [TCP Query User{B743137A-27A9-473B-8A3A-30E7140A1321}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe
FirewallRules: [UDP Query User{D7632E1C-4302-4A0E-8D36-FE442F6541EF}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe
FirewallRules: [{E1F0B338-F63A-4EFC-8394-70CD60E413DB}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{80E8D597-A992-43FA-BBA3-5645F1AD4180}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{E290E788-417C-4D38-A22A-EADB4F6DC4B2}] => (Allow) C:\Windows\System32\rundll32.exe
==================== Pontos de Restauração =========================
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (10/13/2017 10:37:30 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina QueryFullProcessImageNameW. hr = 0x8007001f, Um dispositivo conectado ao sistema não está funcionando.
.
Operação:
Executando Operação Assíncrona
Contexto:
Estado Atual: DoSnapshotSet
Error: (10/13/2017 06:08:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: McUpdate.exe, versão: 15.4.4053.0, carimbo de data/hora: 0x58f51623
Nome do módulo com falha: McUpdate.exe, versão: 15.4.4053.0, carimbo de data/hora: 0x58f51623
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000000000006bbfe
ID do processo com falha: 0x1864
Hora de início do aplicativo com falha: 0x01d3440b46f2f760
Caminho do aplicativo com falha: c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
Caminho do módulo com falha: c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
ID do Relatório: c796da9c-d1ab-41ba-b673-caa52d2fb908
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (10/13/2017 05:59:20 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina QueryFullProcessImageNameW. hr = 0x8007001f, Um dispositivo conectado ao sistema não está funcionando.
.
Operação:
Executando Operação Assíncrona
Contexto:
Estado Atual: DoSnapshotSet
Error: (10/13/2017 05:58:18 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddWin32ServiceFiles: Unable to back up image of service Service KMSELDI since QueryServiceConfig API failed
System Error:
O sistema não pode encontrar o arquivo especificado.
.
Error: (10/13/2017 04:21:07 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Erro no arquivo de manifesto ou de política C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL", na linha 1.
Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Use o arquivo sxstrace.exe para obter um dignóstico detalhado.
Error: (10/13/2017 04:21:05 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.
Error: (10/13/2017 03:53:12 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Erro no arquivo de manifesto ou de política C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL", na linha 1.
Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Use o arquivo sxstrace.exe para obter um dignóstico detalhado.
Error: (10/13/2017 03:52:52 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.
Error: (10/13/2017 03:43:54 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erro ao atualizar o status para SECURITY_PRODUCT_STATE_SNOOZED.
Error: (10/13/2017 03:43:51 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erro ao atualizar o status para SECURITY_PRODUCT_STATE_SNOOZED.
Erros de Sistema:
=============
Error: (10/13/2017 10:49:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço McAfee Proxy Service depende do serviço McAfee Firewall Core Service, mas não foi possível iniciá-lo devido ao seguinte erro:
Não foi possível iniciar o serviço ou grupo de dependência.
Error: (10/13/2017 10:49:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço McAfee Firewall Core Service depende do serviço McAfee Validation Trust Protection Service, mas não foi possível iniciá-lo devido ao seguinte erro:
A operação foi concluída com êxito.
Error: (10/13/2017 10:49:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço McAfee AP Service depende do serviço McAfee Validation Trust Protection Service, mas não foi possível iniciá-lo devido ao seguinte erro:
A operação foi concluída com êxito.
Error: (10/13/2017 10:46:19 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (10/13/2017 10:46:19 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (10/13/2017 10:45:37 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço HomeNetSvc depende do serviço mfevtp, mas não foi possível iniciá-lo devido ao seguinte erro:
A operação foi concluída com êxito.
Error: (10/13/2017 10:45:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço ModuleCoreService devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (10/13/2017 10:45:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço CldFlt devido ao seguinte erro:
Não há suporte para o pedido.
Error: (10/13/2017 10:27:29 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-1URP96V5)
Description: As configurações de permissão padrão-computador não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
e APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
ao usuário LAPTOP-1URP96V5\lfsou SID (S-1-5-21-3459989675-2130957159-2498462711-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (10/13/2017 10:27:14 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-1URP96V5)
Description: As configurações de permissão padrão-computador não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
e APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
ao usuário LAPTOP-1URP96V5\lfsou SID (S-1-5-21-3459989675-2130957159-2498462711-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
CodeIntegrity:
===================================
Date: 2017-10-13 10:55:41.373
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2017-10-13 10:54:54.113
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2017-10-13 10:53:11.847
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2017-10-13 10:52:30.139
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2017-10-13 10:51:47.913
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2017-10-13 10:50:40.723
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2017-10-13 10:50:38.889
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2017-10-13 10:50:38.303
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2017-10-13 10:50:37.867
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2017-10-13 06:27:43.436
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentagem de memória em uso: 44%
RAM física total: 8094.49 MB
RAM física disponível: 4500.07 MB
Virtual Total: 9374.49 MB
Virtual disponível: 5423.99 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:917.25 GB) (Free:575.22 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 26EA9241)
Partition: GPT.
==================== Fim de Addition.txt ============================