Addition.txt

Document joint : HBicIO6AkOd_Addition.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 07.02.2018 01
Executado por Gabriel (08-02-2018 00:19:14)
Executando a partir de C:\Users\Gabriel\Desktop
Windows 10 Pro Versão 1709 16299.19 (X64) (2017-11-19 20:47:26)
Modo da Inicialização: Normal
==========================================================

==================== Contas: =============================

Administrador (S-1-5-21-2632644192-1408514412-1536991636-500 - Administrator - Disabled)
Convidado (S-1-5-21-2632644192-1408514412-1536991636-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-2632644192-1408514412-1536991636-503 - Limited - Disabled)
Gabriel (S-1-5-21-2632644192-1408514412-1536991636-1001 - Administrator - Enabled) => C:\Users\Gabriel
WDAGUtilityAccount (S-1-5-21-2632644192-1408514412-1536991636-504 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-2632644192-1408514412-1536991636-1001\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe After (HKLM\...\{6A915992-D887-4897-82F5-950EDD12DEB1}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_0_1) (Version: 14.0.1 - Adobe Systems Incorporated)
Adobe Audition CC 2017 (HKLM-x32\...\AUDT_10_0_2) (Version: 10.0.2 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.5.353 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Master Collection CC 2015 (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C3}) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere (HKLM\...\{C1CB876C-A08E-4692-B525-42848BD154D7}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_1) (Version: 11.0.1 - Adobe Systems Incorporated)
Age Of Empires III Complete version 1.14.0.0 (HKLM-x32\...\Age Of Empires III Complete_is1) (Version: 1.14.0.0 - Mr DJ)
Akamai NetSession Interface (HKU\S-1-5-21-2632644192-1408514412-1536991636-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Aplicativo da área de trabalho Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.5.154 - Autodesk)
Apple Mobile Device Support (HKLM\...\{E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5}) (Version: 11.0.0.30 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Atualizações da NVIDIA 31.0.11.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.11.0 - NVIDIA Corporation) Hidden
Audition (HKLM\...\{52452272-9233-4A27-AA7A-E05C2E7A61BD}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Autodesk License Service (x64) - 4.1 (HKLM\...\{B827D6B7-7731-43BA-92EC-916C89C88964}) (Version: 4.1.1.0 - Autodesk)
Autodesk Maya 2017 (HKLM\...\{847DE41D-1C5A-4A52-ADD4-AE708757EDBD}) (Version: 17.0.1720.0 - Autodesk) Hidden
Autodesk Maya 2017 (HKLM\...\Autodesk Maya 2017) (Version: 17.0.1720.0 - Autodesk)
Beneath a Steel Sky (HKLM-x32\...\1207658695_is1) (Version: 2.1.0.11 - GOG.com)
Bio Menace (HKLM-x32\...\1449569170_is1) (Version: 2.0.0.2 - GOG.com)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version: - dvd8n)
Cuphead (HKLM-x32\...\1963513391_is1) (Version: 20170929 - GOG.com)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.77 - NVIDIA Corporation) Hidden
Fallout (HKLM-x32\...\1_is1) (Version: 2.1.0.18 - GOG.com)
Fallout 2 Unofficial Patch 1.02.31 (HKLM-x32\...\Fallout 2 Unofficial Patch_is1) (Version: - killap)
FO2 Restoration Project 2.3.3 (HKLM-x32\...\Fallout 2 Restoration Project_is1) (Version: - killap)
Full Throttle Remastered (HKLM-x32\...\1325415523_is1) (Version: 1.1.879806 - GOG.com)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Guardians (HKLM\...\{E1D837DD-5A2D-45B9-AAA0-4CBE71E3E5E6}_is1) (Version: 2017.4.17.10855 - Telltale Games)
Imperium Galactica II - Alliances (HKLM-x32\...\1254614904_is1) (Version: 2.0.0.6 - GOG.com)
Indiana Jones® and the Emperor's Tomb™ (HKLM-x32\...\1425034773_is1) (Version: 2.0.0.7 - GOG.com)
Indiana Jones® and the Fate of Atlantis™ (HKLM-x32\...\1207666293_is1) (Version: 2.1.0.8 - GOG.com)
Indiana Jones® and The Last Crusade™ (HKLM-x32\...\1440410803_is1) (Version: 2.0.0.2 - GOG.com)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
iTunes (HKLM\...\{0FE72666-4982-4570-85EE-B5ED05B3418A}) (Version: 12.7.0.166 - Apple Inc.)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Killer Bandwidth Control Filter Driver (HKLM\...\{B7E3FD6A-264E-47A7-96C3-59BB9CFD51D0}) (Version: 1.1.57.1346 - Rivet Networks) Hidden
Killer E220x Drivers (HKLM\...\{110332EE-48D4-4741-8606-FFBCD53E3B85}) (Version: 1.1.57.1346 - Rivet Networks) Hidden
Killer Network Manager (HKLM\...\{2FF1AE25-2625-449A-AB47-E133BAB4996E}) (Version: 1.1.57.1346 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{009DF489-4590-4579-BAB2-0136BB829E4A}) (Version: 1.1.57.1346 - Rivet Networks)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.1.1.5 - PandoraTV)
Leisure Suit Larry - Magna Cum Laude (HKLM-x32\...\{A31289C6-04EF-4437-A35B-7CC96167145C}) (Version: 1.00.0001 - )
Leisure Suit Larry 7 - Love for Sail! (HKLM-x32\...\GOGPACKLARRY7WIN_is1) (Version: 2.0.0.11 - GOG.com)
Leisure Suit Larry- Magna Cum Laude (HKLM-x32\...\GOGPACKLARRYMCL_is1) (Version: 2.0.0.3 - GOG.com)
Leisure Suit Larry's Greatest Hits and Misses! (HKLM-x32\...\GOGPACKLARRY16_is1) (Version: 2.0.0.15 - GOG.com)
Loom (HKLM-x32\...\1425293328_is1) (Version: 2.0.0.4 - GOG.com)
Marvels Guardians of the Galaxy Episode 2 (HKLM-x32\...\Marvels Guardians of the Galaxy Episode 2_is1) (Version: - )
Marvels Guardians of the Galaxy The Telltale Series (HKLM-x32\...\Marvels Guardians of the Galaxy The Telltale Series_is1) (Version: - )
Mass Effect (HKLM-x32\...\{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}) (Version: 1.00 - Electronic Arts, Inc.)
Master of Orion - Retro Fleets (HKLM-x32\...\1436385130_is1) (Version: 2.12.0.20 - GOG.com)
Master of Orion - Terran Khanate (HKLM-x32\...\1240899991_is1) (Version: 2.12.0.20 - GOG.com)
Master of Orion (HKLM-x32\...\1441029515_is1) (Version: 2.19.0.27 - GOG.com)
Microsoft Age of Empires Gold (HKLM-x32\...\Age of Empires Gold 1.0) (Version: - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2632644192-1408514412-1536991636-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Monkey Island 2 - Special Edition (HKLM-x32\...\1425039730_is1) (Version: 2.0.0.10 - GOG.com)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 57.0.4 (x64 pt-BR) (HKLM\...\Mozilla Firefox 57.0.4 (x64 pt-BR)) (Version: 57.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.3 - Mozilla)
MtoA for Maya 2017 (HKU\S-1-5-21-2632644192-1408514412-1536991636-1001\...\MtoA2017) (Version: 1.3.0.0 - Solid Angle)
NVIDIA Driver de áudio HD 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Driver de controle do 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Driver de gráficos 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.77 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 390.77 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Online Application (HKLM-x32\...\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}) (Version: 2.6.0 - Microleaves) Hidden <==== ATENÇÃO
Origin (HKLM-x32\...\Origin) (Version: 9.12.2.60376 - Electronic Arts, Inc.)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Painel de controle da NVIDIA 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 390.77 - NVIDIA Corporation) Hidden
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - )
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Pinnacle Game Profiler (HKLM-x32\...\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}) (Version: 8.1.7 - PowerUp Software)
RESIDENT EVIL 7, âåðñèÿ [build_172102] (HKLM-x32\...\RESIDENT EVIL 7_is1) (Version: [build_172102] - RePack by SEYTER)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shovel Knight (HKLM-x32\...\1207664823_is1) (Version: 2.3.0.9 - GOG.com)
Sid.Meiers.Civilization.VI.Deluxe.Edition+7DLC versão 1.0 (HKLM-x32\...\{2335A5A4-3ECA-4716-8D24-D57F6589D3E5}}_is1) (Version: 1.0 - Ali213.net)
Spotify (HKU\S-1-5-21-2632644192-1408514412-1536991636-1001\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.)
Star Trek Voyager Elite Force (HKLM-x32\...\Star Trek Voyager Elite Force) (Version: - )
Star Trek: The Next Generation – A Final Unity version 1.01a (HKLM-x32\...\{CB12D221-55A1-4A39-B1BE-10F9F6123C65}_is1) (Version: 1.01a - MicroProse)
Star Trek™ - 25th Anniversary (HKLM-x32\...\1427108887_is1) (Version: 2.0.0.5 - GOG.com)
Star Trek™ - Judgment Rites Limited Collector's Edition (HKLM-x32\...\1429089605_is1) (Version: 2.0.0.6 - GOG.com)
Star Trek™ - Starfleet Command Gold Edition (HKLM-x32\...\1429172763_is1) (Version: 2.0.0.6 - GOG.com)
STAR WARS® Jedi Knight - Mysteries of the Sith (HKLM-x32\...\1422285784_is1) (Version: 2.0.0.5 - GOG.com)
Starbound (HKLM-x32\...\1452598881_is1) (Version: 2.1.0.3 - GOG.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{D0E45DEC-F4B9-4370-A9DF-66837789C2EF}) (Version: 6.0.2 - Apple Inc.)
Tales from the Borderlands (HKLM-x32\...\1432213337_is1) (Version: 2.0.0.1 - GOG.com)
Tesla Effect - A Tex Murphy Adventure (HKLM-x32\...\1207664503_is1) (Version: 2.1.0.16 - GOG.com)
Tex Murphy - Overseer (HKLM-x32\...\1207658769_is1) (Version: 2.1.0.23 - GOG.com)
Tex Murphy - The Pandora Directive (HKLM-x32\...\1207658768_is1) (Version: 2.1.0.14 - GOG.com)
Tex Murphy 1 and 2 (HKLM-x32\...\Tex Murphy 1 and 2_is1) (Version: - GOG.com)
The Elder Scrolls V Skyrim Special Edition (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition_is1) (Version: - )
The Punisher (HKLM-x32\...\{329BF75E-4876-4687-9CAD-5AE7DE56EA22}) (Version: 1.00.0000 - THQ)
The Secret of Monkey Island™ - Special Edition (HKLM-x32\...\1207666253_is1) (Version: 2.0.0.6 - GOG.com)
The Wolf Among Us (HKLM-x32\...\1432213513_is1) (Version: 2.0.0.1 - GOG.com)
Tomb Raider: Anniversary 1.0 (HKLM-x32\...\Tomb Raider: Anniversary) (Version: - )
UltraISO Premium V9.7 (HKLM-x32\...\UltraISO_is1) (Version: - )
Under a Killing Moon (HKLM-x32\...\Under a Killing Moon_is1) (Version: - GOG.com)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Wing Commander 1 and 2 (HKLM-x32\...\GOGPACKWINGCOMMANDER12_is1) (Version: 2.0.0.18 - GOG.com)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WPS Office (10.2.0.5965) (HKU\S-1-5-21-2632644192-1408514412-1536991636-1001\...\Kingsoft Office) (Version: 10.2.0.5965 - Kingsoft Corp.)
ZD Soft Screen Recorder 10.4.5 (HKLM-x32\...\{A092681C-60D6-49B2-9322-6FDEEFFA4587}) (Version: 10.4.5.0 - ZD Soft)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-2632644192-1408514412-1536991636-1001_Classes\CLSID\{70239788-4DAE-49B8-9270-5D8614384B49}\InprocServer32 -> C:\Users\Gabriel\AppData\Local\Kingsoft\WPS Office\10.2.0.5965\office6\addons\kpdf2wordshellext\kpdf2wordshellext64.dll (Zhuhai Kingsoft Office Software Co.,Ltd)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2014-09-06] (Alcohol Soft Development Team)
ContextMenuHandlers2-x32: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2014-09-06] (Alcohol Soft Development Team)
ContextMenuHandlers2-x32: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers2-x32: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (EZB Systems, Inc.)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (EZB Systems, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-01-23] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2632644192-1408514412-1536991636-1001: [kpdf2wordshellext] -> {70239788-4DAE-49B8-9270-5D8614384B49} => C:\Users\Gabriel\AppData\Local\Kingsoft\WPS Office\10.2.0.5965\office6\addons\kpdf2wordshellext\kpdf2wordshellext64.dll [2017-11-05] (Zhuhai Kingsoft Office Software Co.,Ltd)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {041CC909-ED1C-4DDC-A7FD-B5BC7033F6E7} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)
Task: {0BCE0F11-630C-47AC-98D7-EA0736DFFD2B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {0C1AE39D-0CB0-4AE6-9303-E5A70BEE5E5F} - \Online Application V2G2 -> Nenhum Arquivo <==== ATENÇÃO
Task: {0D9A75C5-2049-4E46-9B60-2930B3DCECAC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-01-10] (NVIDIA Corporation)
Task: {1485C707-32A4-4820-B597-BB0FE04A43B8} - System32\Tasks\InstallShield® Update Service Scheduler => C:\Program Files (x86)\Common Files\InstallShield\Update\ISUSPM.exe [2017-10-07] (InstallShield®)
Task: {18958F6F-B3D2-4D0C-BB4A-D62B25262A39} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {1CA46A0E-7541-40EA-AF5F-B19241FFEE60} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {20AFE7CC-774E-4490-955E-E128E3FDE8DA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {2349CA91-C2A0-459D-852D-A4053045E71F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-10] (NVIDIA Corporation)
Task: {3704E521-7764-4300-BA94-C4F04B00F9C0} - System32\Tasks\S-1-5-21-2632644192-1408514412-1536991636-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-09-29] (Microsoft Corporation)
Task: {44F6CBD2-9FB3-4FA0-8953-79C4B17DC9CB} - System32\Tasks\R@1n-KMS\Office14ProPlus => wmic [Argument = path OfficeSoftwareProtectionProduct where (ID="6f327760-8c5c-417c-9b61-836a98287e0c") call Activate]
Task: {497C3133-C4D4-4C54-AED8-CD9C42BF2DB9} - System32\Tasks\Optimize Thumbnail Cache Files => wscript.exe //nologo //E:jscript //B "C:\ProgramData\InstallShield\Update\isuspm.ini" <==== ATENÇÃO
Task: {4B97C22A-48BD-4FB3-9289-D99F900C752B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation)
Task: {6031041D-25D9-4A7C-B0DA-9E5813312878} - \Krix for Windows 8 -> Nenhum Arquivo <==== ATENÇÃO
Task: {631C20D3-8686-4567-BD27-B820C2DEDF2C} - \Online Application V2G3 -> Nenhum Arquivo <==== ATENÇÃO
Task: {70B5C9EE-0093-4F45-9868-F0DC812D3029} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation)
Task: {8B88964E-8F38-46D2-B6AE-ABA84BB8C083} - \Kalency Clock -> Nenhum Arquivo <==== ATENÇÃO
Task: {98631D66-086D-47A8-AEC6-892749F9C428} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-01-10] (NVIDIA Corporation)
Task: {9CD59DF6-CC30-4DEE-A8DE-0C23F73CD6AB} - \Online Application V2G1 -> Nenhum Arquivo <==== ATENÇÃO
Task: {B52A767F-FE5F-48E9-A24E-248EF18D0F2C} - \Microsoft\Windows\UNP\RunCampaignManager -> Nenhum Arquivo <==== ATENÇÃO
Task: {BBC1103B-06E2-4985-B3A3-3DEC613E7117} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Nenhum Arquivo <==== ATENÇÃO
Task: {C40C05FB-CA17-4374-ABAE-44DDD5F9EC35} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-QMMLQCR-Gabriel => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05] (Adobe Systems, Incorporated)
Task: {CAB8CF4F-9851-45B3-AACC-52D410396900} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic [Argument = path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate]
Task: {CF3CFD14-CBA0-4473-8866-FBFF5B3B7C47} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)
Task: {D6846ED1-0DC4-4760-A6B2-D53D9AB5C498} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-01-10] (NVIDIA Corporation)
Task: {E931C879-6BF1-4D3D-9625-03CF26241F9E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {F0318A0F-CA35-4CD1-93BA-EAC8B4C40BC2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {F3A0EF29-9496-4624-9053-79682A07B02E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)

Shortcut: C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MaxBatch.lnk -> C:\Program Files (x86)\Steam\steamapps\common\Max Payne\MaxBatch.bat ()

==================== Módulos Carregados (Whitelisted) ==============

2018-02-05 22:20 - 2018-01-23 22:23 - 000544240 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2017-09-01 02:49 - 2017-09-01 02:49 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-09-01 02:49 - 2017-09-01 02:49 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-10-09 23:23 - 2018-01-10 12:33 - 001268024 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-09-29 11:41 - 2017-09-29 11:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-08-07 17:06 - 2018-01-23 20:57 - 000133704 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-25 10:57 - 2016-10-25 10:57 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2017-09-29 11:42 - 2017-09-30 12:32 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-09-29 11:42 - 2017-09-30 12:32 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-02-02 20:16 - 2018-02-01 20:28 - 031237632 _____ () C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\PepperFlash\28.0.0.161\pepflashplayer.dll
2018-01-12 18:39 - 2018-01-03 07:20 - 002873688 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\swiftshader\libglesv2.dll
2018-01-12 18:39 - 2018-01-03 07:20 - 000137048 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\swiftshader\libegl.dll
2018-02-07 08:26 - 2018-02-07 08:26 - 000061952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2016-11-24 16:11 - 2017-03-10 08:48 - 000061944 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll
2016-11-24 16:11 - 2017-03-10 08:48 - 000110584 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll
2017-01-26 00:27 - 2017-01-26 00:25 - 002493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2017-06-20 13:44 - 2017-05-12 12:36 - 000507464 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2017-06-20 13:44 - 2016-09-13 15:00 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-06-20 13:44 - 2016-09-13 15:00 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-06-20 13:44 - 2016-09-13 15:00 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-10-09 23:23 - 2018-01-10 12:33 - 001041208 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-24 16:11 - 2013-09-23 15:52 - 000043912 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_MFCMigrationFramework_Ad_2.dll
2016-11-24 16:11 - 2015-11-05 10:07 - 000052224 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qoauth_Ad_1.dll
2016-11-24 16:11 - 2015-11-05 10:07 - 000195584 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson_Ad_0.dll
2016-11-24 16:11 - 2015-11-05 10:07 - 000742400 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qca_Ad_2.dll
2016-11-24 16:11 - 2017-03-10 08:21 - 000279976 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\pt-BR\AdWingManRes.dll
2016-11-24 16:11 - 2015-09-08 04:31 - 040640808 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libcef.dll
2016-11-24 16:11 - 2014-09-02 22:29 - 000912384 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libglesv2.dll
2016-11-24 16:11 - 2014-09-02 22:29 - 000134144 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libegl.dll
2016-11-24 16:11 - 2014-09-02 22:29 - 000950272 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\ffmpegsumo.dll
2016-10-09 23:24 - 2018-01-10 12:33 - 066907448 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:DocumentSummaryInformation [63]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:SummaryInformation [63]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Gabriel\Downloads\burnaware_free_10.3.exe:BDU [0]
AlternateDataStreams: C:\Users\Gabriel\Downloads\Firefox Setup 54.0.exe:BDU [0]
AlternateDataStreams: C:\Users\Gabriel\Downloads\Firefox Setup Stub 54.0.exe:BDU [0]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)

==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-2632644192-1408514412-1536991636-1001\...\hola.org -> hxxp://hola.org

==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2015-07-10 09:04 - 2017-06-19 20:16 - 000002892 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 wemsofts.com
127.0.0.1 bongadoom.com
127.0.0.1 wepcmainsystem.com
127.0.0.1 internalcampaigntargets.com
127.0.0.1 bongadoom.com
127.0.0.1 getthefilenow.com
127.0.0.1 bigpicturepop.com
127.0.0.1 wizzcaster.com
127.0.0.1 bestoffersfortoday.com
127.0.0.1 wepcmainsystem.com
127.0.0.1 agent.wizztrakys.com
127.0.0.1 csdimonetize.com
127.0.0.1 dl.azalee.site
127.0.0.1 titiaredh.com
127.0.0.1 wepcdisplaysystem.com
127.0.0.1 wepcanalyticsystem.com
127.0.0.1 healthydownload.com
127.0.0.1 leading2download.com
127.0.0.1 dwl0.wizzlabs.com
127.0.0.1 dwl1.wizzlabs.com
127.0.0.1 installpixel.com
127.0.0.1 burningcube.ru
127.0.0.1 mess1.wizzmonetize.com
127.0.0.1 dl.azalee.site
127.0.0.1 dl.smashdl.com
127.0.0.1 downloadmyhost.com
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-2632644192-1408514412-1536991636-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Papel de parede.bmp
DNS Servers: 4.2.2.1 - 4.2.2.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-2632644192-1408514412-1536991636-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2632644192-1408514412-1536991636-1001\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-2632644192-1408514412-1536991636-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-2632644192-1408514412-1536991636-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2632644192-1408514412-1536991636-1001\...\StartupApproved\Run: => "ycAutoLaunch_2206927FA58D987965E7700288F32252"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{6BE1B0F5-0C26-499C-8127-86F63C7173F2}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9CD87578-F69B-4F10-9D54-9A235E8D610F}] => (Allow) C:\Program Files (x86)\Marvels Guardians of the Galaxy The Telltale Series\Guardians.exe
FirewallRules: [{C2281969-D38A-4E02-9D60-3B10BED3E913}] => (Allow) C:\Program Files (x86)\Marvels Guardians of the Galaxy The Telltale Series\Guardians.exe
FirewallRules: [{609117A3-07B6-4FC7-8D51-861655728996}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman The Enemy Within - The Telltale Series\Batman2.exe
FirewallRules: [{8A3295D2-1026-4522-A558-C00EBC8E37B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman The Enemy Within - The Telltale Series\Batman2.exe
FirewallRules: [UDP Query User{0929B3A1-71C9-4A2E-9BA2-55E09F95FC87}C:\users\gabriel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gabriel\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{559CE5BA-D37F-4E83-97C9-869B78FF141F}C:\users\gabriel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gabriel\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{4C0B10C6-A142-4451-AC6F-FB9BDC227A50}C:\gog games\master of orion\masteroforion.exe] => (Allow) C:\gog games\master of orion\masteroforion.exe
FirewallRules: [TCP Query User{1F080F44-D24F-4A44-9776-258A026BC430}C:\gog games\master of orion\masteroforion.exe] => (Allow) C:\gog games\master of orion\masteroforion.exe
FirewallRules: [{861DCDD8-4B43-4749-BD5B-E7045D5E3801}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fire Prowrestling World\FireProWrestlingW.exe
FirewallRules: [{B88E9ABB-CAE7-40EF-AAE5-4F986E61CE10}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fire Prowrestling World\FireProWrestlingW.exe
FirewallRules: [{6612E629-4074-49A1-9218-2187DC7663F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 2\Fallout2Launcher.exe
FirewallRules: [{6AFA5429-D829-4153-91C2-6E6F6DB5B0C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 2\Fallout2Launcher.exe
FirewallRules: [UDP Query User{C053CDEE-A70B-4D4C-BD40-4CFCA2BAD48D}C:\users\gabriel\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\gabriel\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{C34096A8-5D73-4161-9436-8ED36B2E0B9C}C:\users\gabriel\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\gabriel\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{318039FF-EAE4-4477-B6D8-96092BF00141}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman The Telltale Series\Batman.exe
FirewallRules: [{1333F879-D7AF-4F11-BDF5-607B4066EC45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman The Telltale Series\Batman.exe
FirewallRules: [{92257DC0-B601-4B7A-9490-119031CB1B0C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{B332B7FB-14BD-450F-81A4-B73C342389C7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{02F1955F-78B5-4AE2-979A-B1F4B4A8E270}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{96BC53B5-AD94-4029-A658-9ACB9D317237}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{33FE3D99-708D-4096-89B1-4E2465E352E2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{50AB71D7-B83E-4313-B81F-7E30E00BC095}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{C567ECEF-B82A-43A0-A224-3DC7594B7074}C:\users\gabriel\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\gabriel\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{7EB49DA7-7D68-459E-B249-8463ECD1125F}C:\users\gabriel\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\gabriel\appdata\local\akamai\netsession_win.exe
FirewallRules: [{EAD173F8-7D14-489F-B284-5E3266B72A0E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F13Game\EAC_Launcher.exe
FirewallRules: [{0F5487E3-EE9C-453A-901E-35B341FCB0CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F13Game\EAC_Launcher.exe
FirewallRules: [{263FA81A-35F4-4DE4-8608-5972C00053B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sega Classics\SEGAGameRoom.exe
FirewallRules: [{B47AED57-8762-4495-B080-A055D71DFD61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sega Classics\SEGAGameRoom.exe
FirewallRules: [{AF605223-8FE7-407E-83FD-88B23DECCC35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{AB90D246-CB20-47B6-8BB9-7E023D5F391E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{8A0E0B2A-0AFC-43F7-95F0-841CD38B9723}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fight of Gods\FOG.exe
FirewallRules: [{3800CF34-33FE-4D7B-83E2-4C6EEB1213D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fight of Gods\FOG.exe
FirewallRules: [{C7D1597C-D92F-4C27-B297-E9BEDC1CAD0B}] => (Allow) C:\Users\Gabriel\AppData\Local\yc\Application\yc.exe
FirewallRules: [{E4A68F2A-ED7F-4E11-9CB6-265AFAFFB335}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2504E686-AD7B-45B0-BE1B-7A40A8F9AE0B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{74FDC72E-A8D1-4EE2-8383-EFA59C45264C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E2B26D40-887F-4CF1-9302-973AA0183B3B}] => (Allow) C:\Users\Gabriel\Downloads\UltraAdwareKiller (1).exe
FirewallRules: [{908156C4-0EA8-4B67-ACA7-7EDC6586FF83}] => (Allow) C:\Users\Gabriel\Downloads\UltraAdwareKiller (1).exe
FirewallRules: [{EED3D45D-F9ED-49BB-83D8-46FF50DB2623}] => (Allow) C:\Users\Gabriel\Downloads\UltraAdwareKiller (1)64.exe
FirewallRules: [{B0E826A1-E93F-44C1-A65C-7ABD6F64C652}] => (Allow) C:\Users\Gabriel\Downloads\UltraAdwareKiller (1)64.exe
FirewallRules: [{42305FC3-98C8-4CF8-98D1-803D5B09B2CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D6DFD79D-4AC9-4DD8-9927-5202DF8710B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{B948B4B9-9D35-4C35-90F6-9350F32E646D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AC816803-D65B-4573-AEBE-FD02FBEDF7FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Pontos de Restauração =========================

==================== Dispositivos Apresentando Falhas No Gerenciador =============

==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (02/08/2018 12:18:22 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-02-17T00:16:22Z. Código de Erro: 0x80070002.

Error: (02/08/2018 12:17:52 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-02-17T00:16:52Z. Código de Erro: 0x80070002.

Error: (02/08/2018 12:17:06 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-02-17T00:17:06Z. Código de Erro: 0x80070002.

Error: (02/08/2018 12:16:36 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-02-17T00:16:36Z. Código de Erro: 0x80070002.

Error: (02/08/2018 12:16:06 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-02-17T00:17:06Z. Código de Erro: 0x80070002.

Error: (02/08/2018 12:15:36 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-02-17T00:16:36Z. Código de Erro: 0x80070002.

Error: (02/08/2018 12:14:40 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-02-17T00:16:40Z. Código de Erro: 0x80070002.

Error: (02/08/2018 12:14:10 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-02-17T00:16:10Z. Código de Erro: 0x80070002.

Error: (02/08/2018 12:13:40 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-02-17T00:16:40Z. Código de Erro: 0x80070002.

Error: (02/08/2018 12:13:10 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-02-17T00:16:10Z. Código de Erro: 0x80070002.

Erros de Sistema:
=============
Error: (02/08/2018 12:05:38 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QMMLQCR)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário DESKTOP-QMMLQCR\Gabriel SID (S-1-5-21-2632644192-1408514412-1536991636-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (02/08/2018 12:03:51 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QMMLQCR)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário DESKTOP-QMMLQCR\Gabriel SID (S-1-5-21-2632644192-1408514412-1536991636-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (02/07/2018 11:58:50 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QMMLQCR)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário DESKTOP-QMMLQCR\Gabriel SID (S-1-5-21-2632644192-1408514412-1536991636-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (02/07/2018 06:58:46 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-QMMLQCR)
Description: O servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} não se registrou no DCOM dentro do tempo limite necessário.

Error: (02/07/2018 05:32:36 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QMMLQCR)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário DESKTOP-QMMLQCR\Gabriel SID (S-1-5-21-2632644192-1408514412-1536991636-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (02/07/2018 03:06:26 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Serviço Gerenciador de Mapas Baixados suspenso ao iniciar.

Error: (02/07/2018 03:05:55 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QMMLQCR)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário DESKTOP-QMMLQCR\Gabriel SID (S-1-5-21-2632644192-1408514412-1536991636-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (02/07/2018 03:02:44 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (02/07/2018 03:02:44 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

Error: (02/07/2018 03:02:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço PinnacleUpdate Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

CodeIntegrity:
===================================
Date: 2018-02-05 22:27:59.877
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

==================== Informações da Memória ===========================

Processador: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Percentagem de memória em uso: 91%
RAM física total: 8029.08 MB
RAM física disponível: 660.36 MB
Virtual Total: 16221.08 MB
Virtual disponível: 7565.09 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.57 GB) (Free:101.22 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 4496E86F)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=465 MB) - (Type=27)

==================== Fim de Addition.txt ============================

Signaler le contenu de ce document