Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 16.05.2018 01
Executado por User (21-05-2018 10:41:44)
Executando a partir de C:\Users\User\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2013-01-31 00:25:01)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-976454829-4156036392-909821612-500 - Administrator - Disabled)
Convidado (S-1-5-21-976454829-4156036392-909821612-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-976454829-4156036392-909821612-1002 - Administrator - Enabled)
User (S-1-5-21-976454829-4156036392-909821612-1001 - Administrator - Enabled) => C:\Users\User
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Kaspersky Anti-Virus (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Adobe Photoshop CS4 1.0 (HKLM-x32\...\Tradução Adobe Photoshop CS4_is1) (Version: - Nando Backer Software Developer)
AMD Catalyst Install Manager (HKLM\...\{37ED2328-4288-6720-9D34-ECD5709B4F21}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Arquivo do WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Brasil MapleStory2 versão 0.03 (HKLM-x32\...\{E72F1EB3-BE65-42E0-9B48-FD6417A2DD2B}_is1) (Version: 0.03 - Brasil MapleStory2)
BrOffice.org 3.1 (HKLM-x32\...\{CE853177-215B-4C6D-AB90-3DCE66BA7D75}) (Version: 3.1.9399 - OpenOffice.org)
Camtasia 9 (HKLM\...\{5B345FC0-9E6D-4D22-9718-682DB0CF2414}) (Version: 9.0.0.1306 - TechSmith Corporation) Hidden
Camtasia 9 (HKLM-x32\...\{357abfe9-0513-4326-9e53-3b7654e9819d}) (Version: 9.0.0.1306 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.42 - Piriform)
CERBERUS Gaming Mouse Driver v1.0.8 (HKLM-x32\...\{011BCBE3-226A-4354-A314-AC289A7EA299}_is1) (Version: - Inc.)
Cisco WebEx Meetings (HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Discord (HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
Easy Custom KB-100 (HKLM-x32\...\{68754F42-DE8A-4A2C-9112-385D6CA38907}) (Version: 1.0 - Easy)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FormatFactory 4.1.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.1.0.0 - Free Time)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.117 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.15 - Google Inc.) Hidden
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Kaspersky Anti-Virus (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
KCP-0.6.0.6 (HKLM-x32\...\Kawaii Codec Pack_is1) (Version: 0.6.0.6 - Haruhichan.com)
K-Lite Mega Codec Pack 12.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.5.5 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
MapleStory (HKLM-x32\...\MapleStory) (Version: - )
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
Microsoft .NET Framework 4.5.2 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft OneNote Home and Student 2016 - pt-br (HKLM\...\OneNoteFreeRetail - pt-br) (Version: 16.0.9226.2156 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio Professional 2016 - pt-br (HKLM\...\VisioProRetail - pt-br) (Version: 16.0.9226.2156 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.32 - mIRC Co. Ltd.)
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version: - )
Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 2.0.0 - Nexon)
NVIDIA Display Control Panel (HKLM\...\{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 6.14.12.7061 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Nome de sua empresa:)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden
Opera Stable 52.0.2871.64 (HKLM-x32\...\Opera 52.0.2871.64) (Version: 52.0.2871.64 - Opera Software)
osu! (HKLM-x32\...\{2aff43a3-21d8-48cc-b615-f51a246f13d4}) (Version: latest - ppy Pty Ltd)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) Hidden
Prince of Persia Sands of Time (HKLM-x32\...\Uplay Install 111) (Version: - Ubisoft)
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
RiftAnalyst (HKLM-x32\...\{01b9ed3f-fadd-478f-94a0-930880124c1d}) (Version: 1.2.2.25 - Fluendo S.A.)
RiftAnalyst (HKLM-x32\...\{FDA66461-9843-428E-86F9-1927878F2224}) (Version: 1.2.2.25 - Fluendo S.A.) Hidden
Songr (HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\Songr) (Version: 2.1 - Xamasoft)
Spotify (HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\Spotify) (Version: 1.0.80.474.gef6b503e - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
sXe Injected (HKLM-x32\...\sXe Injected) (Version: 15.9.0.0 - Alejandro Cortés)
Uplay (HKLM-x32\...\Uplay) (Version: 20.0 - Ubisoft)
VIA Gerenciador de dispositivo de plataforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
X-Mouse Button Control 2.16.1 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.16.1 - Highresolution Enterprises)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-976454829-4156036392-909821612-1001_Classes\CLSID\{0FF9CF5C-2BA3-66E2-7D42-233151B52C0A}\InprocServer32 -> não caminho do arquivo
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2018-05-10] (AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2018-05-10] (AO Kaspersky Lab)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FreeTime\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2018-05-10] (AO Kaspersky Lab)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-11-19] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2011-04-07] (NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2018-05-10] (AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {0497D6A7-C6FC-44E0-9BC4-50A8AD44B2A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-13] (Google Inc.)
Task: {0EC39240-4A1F-422B-807B-B09EB244C1C1} - \Aero -> Nenhum Arquivo <==== ATENÇÃO
Task: {1A8A4EB8-5FD4-44C2-947F-5F7D6E2DDD0B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-05-12] (Microsoft Corporation)
Task: {1E31FEA5-14E8-4E9F-9D5B-5FA6DBFB87DE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-05-10] (Piriform Ltd)
Task: {445E6F9B-4F98-4BFF-B1EC-74895614A6F6} - System32\Tasks\{DE2EC5B8-B876-41BB-9F58-5822EAC71E1A} => C:\Windows\system32\pcalua.exe -a C:\Users\User\Downloads\Programs\chromeinstall-8u73.exe -d C:\Users\User\AppData\Roaming\IDM
Task: {6C2DE44C-6885-4581-B55D-B8E92E2D2861} - System32\Tasks\Opera scheduled Autoupdate 1469979298 => C:\Program Files (x86)\Opera\launcher.exe [2018-04-10] (Opera Software)
Task: {745FC00B-E0A4-4CF5-93E1-9CC9AA3791E0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-05-17] (Microsoft Corporation)
Task: {7E0F9328-F1EF-425E-8B3B-C962F49F1040} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-13] (Google Inc.)
Task: {91A719D7-62FE-4E0B-9ED7-E958DFAD9B52} - System32\Tasks\{4AA24475-98DA-4843-AB24-B8A6A2E70324} => C:\Program Files (x86)\Brasil MapleStory2\Patcher.exe [2015-08-30] ()
Task: {9AA2321C-7690-4B34-9E75-39002B7EB837} - System32\Tasks\{4A8C4A57-BE69-44C9-BF9B-45688CBBE39C} => C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\Geral\Easy Custom KB-100.exe" -d C:\Users\User\Desktop\Geral
Task: {A7ABF5D7-0B56-41E0-BD21-D9931723DD62} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-05-17] (Microsoft Corporation)
Task: {AE73A8A9-CBB1-4652-BEFE-E0FC8CDE3E9D} - System32\Tasks\{15310C99-6FD8-4B9B-B728-3D04964730C9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\GameVicio\Rome Total War\Atualizador.exe" -d "C:\Program Files (x86)\GameVicio\Rome Total War"
Task: {B27E00B3-1BFD-43FF-B879-0D1AA0805614} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_Plugin.exe [2018-05-08] (Adobe Systems Incorporated)
Task: {B2D66468-C147-4E82-BDA3-B9B822D222B9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-08] (Adobe Systems Incorporated)
Task: {BF24D7AA-E3AB-4117-AE1C-13B315640533} - System32\Tasks\{A982A235-A7B0-49DD-AC63-A4C2CF77D2FF} => C:\Program Files (x86)\Brasil MapleStory2\Patcher.exe [2015-08-30] ()
Task: {C23B8D63-F522-4211-B6A8-DE5992364539} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_pepper.exe [2018-05-08] (Adobe Systems Incorporated)
Task: {CC0EFA5C-ACFF-4482-99DF-062D3CFF243F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-05-10] (Piriform Ltd)
Task: {E2E128F3-954D-471E-B746-E2F2697FB0BB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-05-12] (Microsoft Corporation)
Task: {E3B642B9-EAC0-46EC-B296-AB8CD5B3EA3C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-05-17] (Microsoft Corporation)
Task: {EB5AFB0E-7E08-402A-A088-E8A262E9A5C4} - System32\Tasks\{0A54752F-E585-4232-95EA-69B815BAEF99} => C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\Easy Custom KB-100.exe" -d C:\Users\User\Desktop
Task: {F7D3F7F4-708B-4098-9CD1-148D8A8DFC97} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-05-17] (Microsoft Corporation)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2017-06-20 00:57 - 2012-10-25 17:26 - 000078456 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2017-06-20 00:57 - 2012-10-25 17:26 - 000386168 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2010-01-30 01:40 - 2010-01-30 01:40 - 004254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2018-04-25 15:22 - 2018-04-17 02:01 - 004443992 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.117\libglesv2.dll
2018-04-25 15:22 - 2018-04-17 02:01 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.117\libegl.dll
2018-05-10 22:04 - 2018-05-10 22:04 - 000836968 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\kpcengine.2.3.dll
2010-01-30 01:41 - 2010-01-30 01:41 - 004254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-02-06 17:07 - 2018-05-08 12:15 - 081767312 _____ () C:\Users\User\AppData\Roaming\Spotify\libcef.dll
2016-02-06 17:07 - 2018-05-08 12:15 - 003740560 _____ () C:\Users\User\AppData\Roaming\Spotify\libglesv2.dll
2016-02-06 17:07 - 2018-05-08 12:15 - 000088464 _____ () C:\Users\User\AppData\Roaming\Spotify\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> 008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> 00hq.com
IE restricted site: HKU\.DEFAULT\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\.DEFAULT\...\01i.info -> 01i.info
IE restricted site: HKU\.DEFAULT\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\.DEFAULT\...\05p.com -> 05p.com
IE restricted site: HKU\.DEFAULT\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\.DEFAULT\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\.DEFAULT\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\.DEFAULT\...\0calories.net -> 0calories.net
IE restricted site: HKU\.DEFAULT\...\0cj.net -> 0cj.net
IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0scan.com
IE restricted site: HKU\.DEFAULT\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1-se.com -> 1-se.com
IE restricted site: HKU\.DEFAULT\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\.DEFAULT\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\.DEFAULT\...\100gal.net -> 100gal.net
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com
Existem ainda 4788 sites a mais.
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\100sexlinks.com -> 100sexlinks.com
Existem ainda 4788 sites a mais.
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:34 - 2018-05-20 23:12 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-976454829-4156036392-909821612-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: CodeMeter.exe => 3
MSCONFIG\Services: IObitUnSvr => 2
MSCONFIG\Services: MBAMService => 3
MSCONFIG\startupfolder: C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BrOffice.org 3.1.lnk => C:\Windows\pss\BrOffice.org 3.1.lnk.Startup
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{4A53DFA6-8B89-4E64-B038-CB6E06354ED4}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{951622C0-0480-4BB9-9EA1-CACBBAF91B44}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CB63AE89-27FB-40ED-BF9C-3669E2A04661}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CEB1128A-55C0-403F-A1D5-1D0AC597BD60}] => (Allow) LPort=2869
FirewallRules: [{47A09E3B-3F27-4AA4-9C33-6477F4DD7557}] => (Allow) LPort=1900
FirewallRules: [{C77D712A-9F2A-45AC-8ED2-20FC7C6D32E3}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1FA85B2A-4051-4A84-9C4C-A7611BF1E37E}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5E01399B-38DC-4304-BF9C-63BE0E18C5F1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4799E4F5-6819-4B5F-803F-9AE851095CAC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{15A47459-56CD-4439-BAB0-8665D1C45079}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{87A09F04-D92C-4602-8890-96EA761B033B}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [{62FB8FB8-8A47-42E0-97B0-EB78E369D104}] => (Block) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [{8D633651-B1BD-4832-88F3-C072A48A77E2}] => (Block) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{45014A96-2CC3-4A76-8635-D8162E24A675}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{66BE3863-9FD9-4E2D-9F6A-857EECF6D4F1}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [TCP Query User{E1D70244-FA1A-48CF-AFAB-AA323FEED5E2}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{F5604168-D190-4F94-B8C8-A900FC021686}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [{356E98A7-F883-4450-8F99-1D1997A98139}] => (Allow) LPort=29000
FirewallRules: [{0497DFBE-F188-4E62-958A-1EF8738043D2}] => (Allow) LPort=29001
FirewallRules: [{0CD84221-AD22-43C9-8B0B-93BFA91D4B94}] => (Allow) LPort=29002
FirewallRules: [{93D58BC9-245B-4944-AD3A-C679E2446097}] => (Allow) LPort=29003
FirewallRules: [{252BCC39-0C09-46B0-9D62-F4AA1BDCA84E}] => (Allow) LPort=29004
FirewallRules: [{F58554BB-52EF-4A94-B833-1A91C3BD4741}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\PrinceOfPersia.EXE
FirewallRules: [{FE03D9D0-C37B-43E4-AEE3-9095783E3EEF}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\PrinceOfPersia.EXE
FirewallRules: [{A7475E60-876D-4B24-B04F-1F44200D8DD1}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\POP.EXE
FirewallRules: [{9C219188-E034-4BBD-8684-8899D07A6567}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\POP.EXE
FirewallRules: [TCP Query User{C6F62DC1-3715-4CE7-AC56-05FE265ED637}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{349FF5DC-6616-46C7-949E-EA4B8DFFED5D}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [{0C089EF6-4544-4E42-8D48-FABC8BB90505}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [{3BAF5F47-EB3D-4531-9944-62A8406F996F}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{A30B92D7-D4FE-4103-92B7-D6F93350BCB1}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [{86478D9D-4952-4164-9D3A-D2103B8942D5}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{36EAA819-BB2D-4306-9DB3-9FD9094F3C55}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [{C0936FF2-9AA5-485B-ACFC-98202460CF35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Reigns\Reigns.exe
FirewallRules: [{6E764C1A-D4F1-4270-8712-D3D897EB5AE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Reigns\Reigns.exe
FirewallRules: [{B27CDD49-C5B5-484F-B844-5FB8CA3C7B8B}] => (Allow) LPort=29000
FirewallRules: [{E72D2747-3A41-43C7-A945-49DD6F40E1E3}] => (Allow) LPort=29001
FirewallRules: [{5B37978F-8C55-44D0-B6FA-174D65B3B72A}] => (Allow) LPort=29002
FirewallRules: [{48A09268-9FB2-4911-99ED-E2FE6A3F328A}] => (Allow) LPort=29003
FirewallRules: [{1ADFEC35-08EC-4F0C-BDFB-55B93FF6292E}] => (Allow) LPort=29004
FirewallRules: [{EE23487B-0997-467F-9916-0A0D356513AF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2981A7C0-0351-4C58-BE35-6630CC40E441}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{35C70082-926D-4EFA-96DE-F24C1155B6A6}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [{DD8C2C34-3AF0-4D12-B029-D2FC90B7602F}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{29148AE2-F10D-4997-9B52-C63227E49C4F}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [{7F8792E7-1EB8-43C2-9432-84A339F7ED19}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{F1596828-2AD3-4907-8E3D-A04C7490FA81}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [{D79E6768-AE8A-4112-BDF8-F5028F5168D7}] => (Block) LPort=445
FirewallRules: [{8EFAB116-4BF3-41AF-A2F0-D438BF15356E}] => (Block) LPort=445
FirewallRules: [{9130C65F-FE9B-4397-BDBD-2F312D403BC5}] => (Allow) C:\Program Files (x86)\Brasil MapleStory2\Patcher.exe
FirewallRules: [{F559AB52-40FE-4613-8E26-196C7610B71C}] => (Allow) C:\Program Files (x86)\Brasil MapleStory2\Patcher.exe
FirewallRules: [{15E98447-FC67-4D7C-B42B-356E489A20D8}] => (Allow) C:\Program Files (x86)\Brasil MapleStory2\Patcher.exe
FirewallRules: [{CAC61D0E-6C19-4F33-849D-DEF9593C86F5}] => (Allow) C:\Program Files (x86)\Brasil MapleStory2\Patcher.exe
FirewallRules: [{FD8E87C2-E8EF-4F33-AE80-F7AB0610740D}] => (Allow) C:\Users\User\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe
FirewallRules: [{1A9C9E96-BBCF-4199-B52F-01F0C677D64C}] => (Allow) C:\Users\User\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe
FirewallRules: [{9EF01518-829A-422B-85AA-DD84AE0FFC9C}] => (Allow) C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{EC57E5AD-6F49-41CB-B774-B0DB0EAE3DCE}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{5F602E29-2822-4103-8AB7-737F358275C9}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{0FF9DAD9-70B1-425D-8CF3-F414ADD43FE3}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{EE335716-80CC-4561-801B-0B0E890C8518}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{64B7243F-FD24-40B3-B9A2-2676C2FE6B21}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{481CE2F3-895F-4CAF-B2AC-105CC8F73E91}] => (Allow) LPort=8318
FirewallRules: [{A95553C1-0FCB-405F-8BFE-5E8786F10E73}] => (Allow) C:\Program Files (x86)\Opera\52.0.2871.40\opera.exe
FirewallRules: [{3BC249BB-20E4-4D79-9148-67ECCE9FF9EC}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [{E37C694A-9AE5-49A5-81F6-8031F3DBEA58}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [{81B5F2D9-4121-46FD-964B-B537573FF7A4}] => (Allow) C:\Nexon\MapleStory\Croosade.exe
FirewallRules: [{FCF49E44-7CA5-4A19-A40C-10DDD9E057C6}] => (Allow) C:\Nexon\MapleStory\Croosade.exe
FirewallRules: [{2C82E60E-B224-46E1-AEB3-96E6E6ABF117}] => (Allow) C:\Nexon\MapleStory\Croosade.exe
FirewallRules: [{CF7281A3-282D-4F47-9275-DEDFED1FB8ED}] => (Allow) C:\Nexon\MapleStory\Croosade.exe
FirewallRules: [{543D8FFC-AB4F-49A1-8BA5-19A1DB0EC897}] => (Allow) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
FirewallRules: [{FE8EC2D5-453F-442A-B6E8-F926A8C923DF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{7C1CC380-0868-4197-BC4E-6923EC80DB2B}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe
FirewallRules: [UDP Query User{F8FBDE0D-3508-46E1-B67F-2B9BF3550E55}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe
FirewallRules: [TCP Query User{D1532624-1812-4D66-920E-67F95308BC9A}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe
FirewallRules: [UDP Query User{B2C1FB8A-B96C-4310-A1C1-CA0F65B8E7C5}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
==================== Pontos de Restauração =========================
19-05-2018 21:07:35 Operação de restauração
19-05-2018 21:25:55 Revo Uninstaller's restore point - Advanced SystemCare 11
20-05-2018 22:13:18 Revo Uninstaller's restore point - IObit Uninstaller
20-05-2018 22:15:55 Revo Uninstaller's restore point - Malwarebytes versão 3.5.1.2522
20-05-2018 23:12:21 Restore Point Created by FRST
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: ARKMWDAN IDE Controller
Description: ARKMWDAN IDE Controller
Class Guid: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard mass storage controllers)
Service: a4v4uvs9
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
Name: Lexmark X422
Description: Lexmark X422
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Lexmark
Service: usbscan
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (05/21/2018 10:42:16 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado.
.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.
Operação:
Obtendo Dados do Gravador
Contexto:
Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
Nome do Gravador: System Writer
ID de Instância de Gravador: {4caa72aa-b453-4949-ab98-75164ac23ef7}
Error: (05/20/2018 11:12:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddWin32ServiceFiles: Unable to back up image of service Win I Service since QueryServiceConfig API failed
System Error:
O sistema não pode encontrar o arquivo especificado.
.
Error: (05/20/2018 11:12:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddWin32ServiceFiles: Unable to back up image of service KMService since QueryServiceConfig API failed
System Error:
O sistema não pode encontrar o arquivo especificado.
.
Error: (05/20/2018 11:12:20 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado.
.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.
Operação:
Obtendo Dados do Gravador
Contexto:
Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
Nome do Gravador: System Writer
ID de Instância de Gravador: {d87f3aa2-6d7f-4182-94c0-773263c3677c}
Error: (05/20/2018 10:13:18 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado.
.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.
Operação:
Obtendo Dados do Gravador
Contexto:
Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
Nome do Gravador: System Writer
ID de Instância de Gravador: {63dbb339-1454-495a-8bac-4f622011adc1}
Error: (05/19/2018 09:25:55 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado.
.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.
Operação:
Obtendo Dados do Gravador
Contexto:
Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
Nome do Gravador: System Writer
ID de Instância de Gravador: {1b5c666d-a4f2-49db-85d1-fa0da506af46}
Erros de Sistema:
=============
Error: (05/21/2018 10:20:50 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Agrupamento de Rede de Mesmo Nível depende do serviço Protocolo PNRP, mas não foi possível iniciá-lo devido ao seguinte erro:
%%-2140993535
Error: (05/21/2018 10:20:50 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Protocolo PNRP terminou com o erro:
%%-2140993535
Error: (05/21/2018 10:20:50 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Agrupamento de Rede de Mesmo Nível depende do serviço Protocolo PNRP, mas não foi possível iniciá-lo devido ao seguinte erro:
%%-2140993535
Error: (05/21/2018 10:20:50 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Protocolo PNRP terminou com o erro:
%%-2140993535
Error: (05/21/2018 10:20:50 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: A nuvem do Protocolo de Resolução de Nomes de Mesmo Nível não foi iniciada porque houve falha na criação da identidade padrão com o código de erro: 0x80630801.
Error: (05/21/2018 10:20:50 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: A nuvem do Protocolo de Resolução de Nomes de Mesmo Nível não foi iniciada porque houve falha na criação da identidade padrão com o código de erro: 0x80630801.
Error: (05/21/2018 10:11:50 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: O servidor {DCAB0989-1301-4319-BE5F-ADE89F88581C} não se registrou com o DCOM dentro do tempo limite requerido.
Error: (05/21/2018 10:02:24 AM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT)
Description: O seguinte alerta fatal foi recebido: 112.
CodeIntegrity:
===================================
Date: 2018-05-21 10:01:00.274
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FMAPO64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-05-21 02:30:04.975
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FMAPO64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-05-21 02:25:17.416
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FMAPO64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-05-21 01:53:35.799
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FMAPO64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-05-20 23:18:10.813
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FMAPO64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-05-20 23:01:27.102
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FMAPO64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-05-20 16:22:07.571
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FMAPO64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-05-20 12:32:57.219
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FMAPO64.dll because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: AMD Phenom(tm) II X4 850 Processor
Percentagem de memória em uso: 41%
RAM física total: 8191.3 MB
RAM física disponível: 4763.64 MB
Virtual Total: 16380.78 MB
Virtual disponível: 12278.02 MB
==================== Drives ================================
Drive c: (Windows 7 64 Bits) (Fixed) (Total:931.41 GB) (Free:4.95 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]
Drive d: (DVD_QI) (CDROM) (Total:3.95 GB) (Free:0 GB) UDF
\\?\Volume{867523ab-ccd4-11e5-9e16-806e6f6e6963}\ (Reservado pelo Sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 790A11FA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================
Executado por User (21-05-2018 10:41:44)
Executando a partir de C:\Users\User\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2013-01-31 00:25:01)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-976454829-4156036392-909821612-500 - Administrator - Disabled)
Convidado (S-1-5-21-976454829-4156036392-909821612-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-976454829-4156036392-909821612-1002 - Administrator - Enabled)
User (S-1-5-21-976454829-4156036392-909821612-1001 - Administrator - Enabled) => C:\Users\User
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Kaspersky Anti-Virus (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Adobe Photoshop CS4 1.0 (HKLM-x32\...\Tradução Adobe Photoshop CS4_is1) (Version: - Nando Backer Software Developer)
AMD Catalyst Install Manager (HKLM\...\{37ED2328-4288-6720-9D34-ECD5709B4F21}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Arquivo do WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Brasil MapleStory2 versão 0.03 (HKLM-x32\...\{E72F1EB3-BE65-42E0-9B48-FD6417A2DD2B}_is1) (Version: 0.03 - Brasil MapleStory2)
BrOffice.org 3.1 (HKLM-x32\...\{CE853177-215B-4C6D-AB90-3DCE66BA7D75}) (Version: 3.1.9399 - OpenOffice.org)
Camtasia 9 (HKLM\...\{5B345FC0-9E6D-4D22-9718-682DB0CF2414}) (Version: 9.0.0.1306 - TechSmith Corporation) Hidden
Camtasia 9 (HKLM-x32\...\{357abfe9-0513-4326-9e53-3b7654e9819d}) (Version: 9.0.0.1306 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.42 - Piriform)
CERBERUS Gaming Mouse Driver v1.0.8 (HKLM-x32\...\{011BCBE3-226A-4354-A314-AC289A7EA299}_is1) (Version: - Inc.)
Cisco WebEx Meetings (HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Discord (HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
Easy Custom KB-100 (HKLM-x32\...\{68754F42-DE8A-4A2C-9112-385D6CA38907}) (Version: 1.0 - Easy)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FormatFactory 4.1.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.1.0.0 - Free Time)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.117 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.15 - Google Inc.) Hidden
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Kaspersky Anti-Virus (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
KCP-0.6.0.6 (HKLM-x32\...\Kawaii Codec Pack_is1) (Version: 0.6.0.6 - Haruhichan.com)
K-Lite Mega Codec Pack 12.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.5.5 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
MapleStory (HKLM-x32\...\MapleStory) (Version: - )
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
Microsoft .NET Framework 4.5.2 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft OneNote Home and Student 2016 - pt-br (HKLM\...\OneNoteFreeRetail - pt-br) (Version: 16.0.9226.2156 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio Professional 2016 - pt-br (HKLM\...\VisioProRetail - pt-br) (Version: 16.0.9226.2156 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.32 - mIRC Co. Ltd.)
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version: - )
Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 2.0.0 - Nexon)
NVIDIA Display Control Panel (HKLM\...\{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 6.14.12.7061 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Nome de sua empresa:)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden
Opera Stable 52.0.2871.64 (HKLM-x32\...\Opera 52.0.2871.64) (Version: 52.0.2871.64 - Opera Software)
osu! (HKLM-x32\...\{2aff43a3-21d8-48cc-b615-f51a246f13d4}) (Version: latest - ppy Pty Ltd)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) Hidden
Prince of Persia Sands of Time (HKLM-x32\...\Uplay Install 111) (Version: - Ubisoft)
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
RiftAnalyst (HKLM-x32\...\{01b9ed3f-fadd-478f-94a0-930880124c1d}) (Version: 1.2.2.25 - Fluendo S.A.)
RiftAnalyst (HKLM-x32\...\{FDA66461-9843-428E-86F9-1927878F2224}) (Version: 1.2.2.25 - Fluendo S.A.) Hidden
Songr (HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\Songr) (Version: 2.1 - Xamasoft)
Spotify (HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\Spotify) (Version: 1.0.80.474.gef6b503e - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
sXe Injected (HKLM-x32\...\sXe Injected) (Version: 15.9.0.0 - Alejandro Cortés)
Uplay (HKLM-x32\...\Uplay) (Version: 20.0 - Ubisoft)
VIA Gerenciador de dispositivo de plataforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
X-Mouse Button Control 2.16.1 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.16.1 - Highresolution Enterprises)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-976454829-4156036392-909821612-1001_Classes\CLSID\{0FF9CF5C-2BA3-66E2-7D42-233151B52C0A}\InprocServer32 -> não caminho do arquivo
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2018-05-10] (AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2018-05-10] (AO Kaspersky Lab)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FreeTime\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2018-05-10] (AO Kaspersky Lab)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-11-19] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2011-04-07] (NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2018-05-10] (AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {0497D6A7-C6FC-44E0-9BC4-50A8AD44B2A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-13] (Google Inc.)
Task: {0EC39240-4A1F-422B-807B-B09EB244C1C1} - \Aero -> Nenhum Arquivo <==== ATENÇÃO
Task: {1A8A4EB8-5FD4-44C2-947F-5F7D6E2DDD0B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-05-12] (Microsoft Corporation)
Task: {1E31FEA5-14E8-4E9F-9D5B-5FA6DBFB87DE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-05-10] (Piriform Ltd)
Task: {445E6F9B-4F98-4BFF-B1EC-74895614A6F6} - System32\Tasks\{DE2EC5B8-B876-41BB-9F58-5822EAC71E1A} => C:\Windows\system32\pcalua.exe -a C:\Users\User\Downloads\Programs\chromeinstall-8u73.exe -d C:\Users\User\AppData\Roaming\IDM
Task: {6C2DE44C-6885-4581-B55D-B8E92E2D2861} - System32\Tasks\Opera scheduled Autoupdate 1469979298 => C:\Program Files (x86)\Opera\launcher.exe [2018-04-10] (Opera Software)
Task: {745FC00B-E0A4-4CF5-93E1-9CC9AA3791E0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-05-17] (Microsoft Corporation)
Task: {7E0F9328-F1EF-425E-8B3B-C962F49F1040} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-13] (Google Inc.)
Task: {91A719D7-62FE-4E0B-9ED7-E958DFAD9B52} - System32\Tasks\{4AA24475-98DA-4843-AB24-B8A6A2E70324} => C:\Program Files (x86)\Brasil MapleStory2\Patcher.exe [2015-08-30] ()
Task: {9AA2321C-7690-4B34-9E75-39002B7EB837} - System32\Tasks\{4A8C4A57-BE69-44C9-BF9B-45688CBBE39C} => C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\Geral\Easy Custom KB-100.exe" -d C:\Users\User\Desktop\Geral
Task: {A7ABF5D7-0B56-41E0-BD21-D9931723DD62} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-05-17] (Microsoft Corporation)
Task: {AE73A8A9-CBB1-4652-BEFE-E0FC8CDE3E9D} - System32\Tasks\{15310C99-6FD8-4B9B-B728-3D04964730C9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\GameVicio\Rome Total War\Atualizador.exe" -d "C:\Program Files (x86)\GameVicio\Rome Total War"
Task: {B27E00B3-1BFD-43FF-B879-0D1AA0805614} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_Plugin.exe [2018-05-08] (Adobe Systems Incorporated)
Task: {B2D66468-C147-4E82-BDA3-B9B822D222B9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-08] (Adobe Systems Incorporated)
Task: {BF24D7AA-E3AB-4117-AE1C-13B315640533} - System32\Tasks\{A982A235-A7B0-49DD-AC63-A4C2CF77D2FF} => C:\Program Files (x86)\Brasil MapleStory2\Patcher.exe [2015-08-30] ()
Task: {C23B8D63-F522-4211-B6A8-DE5992364539} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_pepper.exe [2018-05-08] (Adobe Systems Incorporated)
Task: {CC0EFA5C-ACFF-4482-99DF-062D3CFF243F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-05-10] (Piriform Ltd)
Task: {E2E128F3-954D-471E-B746-E2F2697FB0BB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-05-12] (Microsoft Corporation)
Task: {E3B642B9-EAC0-46EC-B296-AB8CD5B3EA3C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-05-17] (Microsoft Corporation)
Task: {EB5AFB0E-7E08-402A-A088-E8A262E9A5C4} - System32\Tasks\{0A54752F-E585-4232-95EA-69B815BAEF99} => C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\Easy Custom KB-100.exe" -d C:\Users\User\Desktop
Task: {F7D3F7F4-708B-4098-9CD1-148D8A8DFC97} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-05-17] (Microsoft Corporation)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2017-06-20 00:57 - 2012-10-25 17:26 - 000078456 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2017-06-20 00:57 - 2012-10-25 17:26 - 000386168 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2010-01-30 01:40 - 2010-01-30 01:40 - 004254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2018-04-25 15:22 - 2018-04-17 02:01 - 004443992 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.117\libglesv2.dll
2018-04-25 15:22 - 2018-04-17 02:01 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.117\libegl.dll
2018-05-10 22:04 - 2018-05-10 22:04 - 000836968 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\kpcengine.2.3.dll
2010-01-30 01:41 - 2010-01-30 01:41 - 004254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-02-06 17:07 - 2018-05-08 12:15 - 081767312 _____ () C:\Users\User\AppData\Roaming\Spotify\libcef.dll
2016-02-06 17:07 - 2018-05-08 12:15 - 003740560 _____ () C:\Users\User\AppData\Roaming\Spotify\libglesv2.dll
2016-02-06 17:07 - 2018-05-08 12:15 - 000088464 _____ () C:\Users\User\AppData\Roaming\Spotify\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> 008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> 00hq.com
IE restricted site: HKU\.DEFAULT\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\.DEFAULT\...\01i.info -> 01i.info
IE restricted site: HKU\.DEFAULT\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\.DEFAULT\...\05p.com -> 05p.com
IE restricted site: HKU\.DEFAULT\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\.DEFAULT\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\.DEFAULT\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\.DEFAULT\...\0calories.net -> 0calories.net
IE restricted site: HKU\.DEFAULT\...\0cj.net -> 0cj.net
IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0scan.com
IE restricted site: HKU\.DEFAULT\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1-se.com -> 1-se.com
IE restricted site: HKU\.DEFAULT\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\.DEFAULT\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\.DEFAULT\...\100gal.net -> 100gal.net
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com
Existem ainda 4788 sites a mais.
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\100sexlinks.com -> 100sexlinks.com
Existem ainda 4788 sites a mais.
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:34 - 2018-05-20 23:12 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-976454829-4156036392-909821612-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: CodeMeter.exe => 3
MSCONFIG\Services: IObitUnSvr => 2
MSCONFIG\Services: MBAMService => 3
MSCONFIG\startupfolder: C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BrOffice.org 3.1.lnk => C:\Windows\pss\BrOffice.org 3.1.lnk.Startup
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{4A53DFA6-8B89-4E64-B038-CB6E06354ED4}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{951622C0-0480-4BB9-9EA1-CACBBAF91B44}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CB63AE89-27FB-40ED-BF9C-3669E2A04661}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CEB1128A-55C0-403F-A1D5-1D0AC597BD60}] => (Allow) LPort=2869
FirewallRules: [{47A09E3B-3F27-4AA4-9C33-6477F4DD7557}] => (Allow) LPort=1900
FirewallRules: [{C77D712A-9F2A-45AC-8ED2-20FC7C6D32E3}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1FA85B2A-4051-4A84-9C4C-A7611BF1E37E}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5E01399B-38DC-4304-BF9C-63BE0E18C5F1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4799E4F5-6819-4B5F-803F-9AE851095CAC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{15A47459-56CD-4439-BAB0-8665D1C45079}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{87A09F04-D92C-4602-8890-96EA761B033B}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [{62FB8FB8-8A47-42E0-97B0-EB78E369D104}] => (Block) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [{8D633651-B1BD-4832-88F3-C072A48A77E2}] => (Block) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{45014A96-2CC3-4A76-8635-D8162E24A675}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{66BE3863-9FD9-4E2D-9F6A-857EECF6D4F1}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [TCP Query User{E1D70244-FA1A-48CF-AFAB-AA323FEED5E2}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{F5604168-D190-4F94-B8C8-A900FC021686}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [{356E98A7-F883-4450-8F99-1D1997A98139}] => (Allow) LPort=29000
FirewallRules: [{0497DFBE-F188-4E62-958A-1EF8738043D2}] => (Allow) LPort=29001
FirewallRules: [{0CD84221-AD22-43C9-8B0B-93BFA91D4B94}] => (Allow) LPort=29002
FirewallRules: [{93D58BC9-245B-4944-AD3A-C679E2446097}] => (Allow) LPort=29003
FirewallRules: [{252BCC39-0C09-46B0-9D62-F4AA1BDCA84E}] => (Allow) LPort=29004
FirewallRules: [{F58554BB-52EF-4A94-B833-1A91C3BD4741}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\PrinceOfPersia.EXE
FirewallRules: [{FE03D9D0-C37B-43E4-AEE3-9095783E3EEF}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\PrinceOfPersia.EXE
FirewallRules: [{A7475E60-876D-4B24-B04F-1F44200D8DD1}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\POP.EXE
FirewallRules: [{9C219188-E034-4BBD-8684-8899D07A6567}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\POP.EXE
FirewallRules: [TCP Query User{C6F62DC1-3715-4CE7-AC56-05FE265ED637}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{349FF5DC-6616-46C7-949E-EA4B8DFFED5D}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [{0C089EF6-4544-4E42-8D48-FABC8BB90505}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [{3BAF5F47-EB3D-4531-9944-62A8406F996F}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{A30B92D7-D4FE-4103-92B7-D6F93350BCB1}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [{86478D9D-4952-4164-9D3A-D2103B8942D5}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{36EAA819-BB2D-4306-9DB3-9FD9094F3C55}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [{C0936FF2-9AA5-485B-ACFC-98202460CF35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Reigns\Reigns.exe
FirewallRules: [{6E764C1A-D4F1-4270-8712-D3D897EB5AE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Reigns\Reigns.exe
FirewallRules: [{B27CDD49-C5B5-484F-B844-5FB8CA3C7B8B}] => (Allow) LPort=29000
FirewallRules: [{E72D2747-3A41-43C7-A945-49DD6F40E1E3}] => (Allow) LPort=29001
FirewallRules: [{5B37978F-8C55-44D0-B6FA-174D65B3B72A}] => (Allow) LPort=29002
FirewallRules: [{48A09268-9FB2-4911-99ED-E2FE6A3F328A}] => (Allow) LPort=29003
FirewallRules: [{1ADFEC35-08EC-4F0C-BDFB-55B93FF6292E}] => (Allow) LPort=29004
FirewallRules: [{EE23487B-0997-467F-9916-0A0D356513AF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2981A7C0-0351-4C58-BE35-6630CC40E441}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{35C70082-926D-4EFA-96DE-F24C1155B6A6}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [{DD8C2C34-3AF0-4D12-B029-D2FC90B7602F}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{29148AE2-F10D-4997-9B52-C63227E49C4F}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [{7F8792E7-1EB8-43C2-9432-84A339F7ED19}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{F1596828-2AD3-4907-8E3D-A04C7490FA81}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [{D79E6768-AE8A-4112-BDF8-F5028F5168D7}] => (Block) LPort=445
FirewallRules: [{8EFAB116-4BF3-41AF-A2F0-D438BF15356E}] => (Block) LPort=445
FirewallRules: [{9130C65F-FE9B-4397-BDBD-2F312D403BC5}] => (Allow) C:\Program Files (x86)\Brasil MapleStory2\Patcher.exe
FirewallRules: [{F559AB52-40FE-4613-8E26-196C7610B71C}] => (Allow) C:\Program Files (x86)\Brasil MapleStory2\Patcher.exe
FirewallRules: [{15E98447-FC67-4D7C-B42B-356E489A20D8}] => (Allow) C:\Program Files (x86)\Brasil MapleStory2\Patcher.exe
FirewallRules: [{CAC61D0E-6C19-4F33-849D-DEF9593C86F5}] => (Allow) C:\Program Files (x86)\Brasil MapleStory2\Patcher.exe
FirewallRules: [{FD8E87C2-E8EF-4F33-AE80-F7AB0610740D}] => (Allow) C:\Users\User\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe
FirewallRules: [{1A9C9E96-BBCF-4199-B52F-01F0C677D64C}] => (Allow) C:\Users\User\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe
FirewallRules: [{9EF01518-829A-422B-85AA-DD84AE0FFC9C}] => (Allow) C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{EC57E5AD-6F49-41CB-B774-B0DB0EAE3DCE}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{5F602E29-2822-4103-8AB7-737F358275C9}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{0FF9DAD9-70B1-425D-8CF3-F414ADD43FE3}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{EE335716-80CC-4561-801B-0B0E890C8518}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{64B7243F-FD24-40B3-B9A2-2676C2FE6B21}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{481CE2F3-895F-4CAF-B2AC-105CC8F73E91}] => (Allow) LPort=8318
FirewallRules: [{A95553C1-0FCB-405F-8BFE-5E8786F10E73}] => (Allow) C:\Program Files (x86)\Opera\52.0.2871.40\opera.exe
FirewallRules: [{3BC249BB-20E4-4D79-9148-67ECCE9FF9EC}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [{E37C694A-9AE5-49A5-81F6-8031F3DBEA58}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [{81B5F2D9-4121-46FD-964B-B537573FF7A4}] => (Allow) C:\Nexon\MapleStory\Croosade.exe
FirewallRules: [{FCF49E44-7CA5-4A19-A40C-10DDD9E057C6}] => (Allow) C:\Nexon\MapleStory\Croosade.exe
FirewallRules: [{2C82E60E-B224-46E1-AEB3-96E6E6ABF117}] => (Allow) C:\Nexon\MapleStory\Croosade.exe
FirewallRules: [{CF7281A3-282D-4F47-9275-DEDFED1FB8ED}] => (Allow) C:\Nexon\MapleStory\Croosade.exe
FirewallRules: [{543D8FFC-AB4F-49A1-8BA5-19A1DB0EC897}] => (Allow) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
FirewallRules: [{FE8EC2D5-453F-442A-B6E8-F926A8C923DF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{7C1CC380-0868-4197-BC4E-6923EC80DB2B}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe
FirewallRules: [UDP Query User{F8FBDE0D-3508-46E1-B67F-2B9BF3550E55}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe
FirewallRules: [TCP Query User{D1532624-1812-4D66-920E-67F95308BC9A}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe
FirewallRules: [UDP Query User{B2C1FB8A-B96C-4310-A1C1-CA0F65B8E7C5}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
==================== Pontos de Restauração =========================
19-05-2018 21:07:35 Operação de restauração
19-05-2018 21:25:55 Revo Uninstaller's restore point - Advanced SystemCare 11
20-05-2018 22:13:18 Revo Uninstaller's restore point - IObit Uninstaller
20-05-2018 22:15:55 Revo Uninstaller's restore point - Malwarebytes versão 3.5.1.2522
20-05-2018 23:12:21 Restore Point Created by FRST
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: ARKMWDAN IDE Controller
Description: ARKMWDAN IDE Controller
Class Guid: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard mass storage controllers)
Service: a4v4uvs9
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
Name: Lexmark X422
Description: Lexmark X422
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Lexmark
Service: usbscan
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (05/21/2018 10:42:16 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado.
.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.
Operação:
Obtendo Dados do Gravador
Contexto:
Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
Nome do Gravador: System Writer
ID de Instância de Gravador: {4caa72aa-b453-4949-ab98-75164ac23ef7}
Error: (05/20/2018 11:12:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddWin32ServiceFiles: Unable to back up image of service Win I Service since QueryServiceConfig API failed
System Error:
O sistema não pode encontrar o arquivo especificado.
.
Error: (05/20/2018 11:12:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddWin32ServiceFiles: Unable to back up image of service KMService since QueryServiceConfig API failed
System Error:
O sistema não pode encontrar o arquivo especificado.
.
Error: (05/20/2018 11:12:20 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado.
.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.
Operação:
Obtendo Dados do Gravador
Contexto:
Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
Nome do Gravador: System Writer
ID de Instância de Gravador: {d87f3aa2-6d7f-4182-94c0-773263c3677c}
Error: (05/20/2018 10:13:18 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado.
.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.
Operação:
Obtendo Dados do Gravador
Contexto:
Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
Nome do Gravador: System Writer
ID de Instância de Gravador: {63dbb339-1454-495a-8bac-4f622011adc1}
Error: (05/19/2018 09:25:55 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado.
.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.
Operação:
Obtendo Dados do Gravador
Contexto:
Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
Nome do Gravador: System Writer
ID de Instância de Gravador: {1b5c666d-a4f2-49db-85d1-fa0da506af46}
Erros de Sistema:
=============
Error: (05/21/2018 10:20:50 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Agrupamento de Rede de Mesmo Nível depende do serviço Protocolo PNRP, mas não foi possível iniciá-lo devido ao seguinte erro:
%%-2140993535
Error: (05/21/2018 10:20:50 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Protocolo PNRP terminou com o erro:
%%-2140993535
Error: (05/21/2018 10:20:50 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Agrupamento de Rede de Mesmo Nível depende do serviço Protocolo PNRP, mas não foi possível iniciá-lo devido ao seguinte erro:
%%-2140993535
Error: (05/21/2018 10:20:50 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Protocolo PNRP terminou com o erro:
%%-2140993535
Error: (05/21/2018 10:20:50 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: A nuvem do Protocolo de Resolução de Nomes de Mesmo Nível não foi iniciada porque houve falha na criação da identidade padrão com o código de erro: 0x80630801.
Error: (05/21/2018 10:20:50 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: A nuvem do Protocolo de Resolução de Nomes de Mesmo Nível não foi iniciada porque houve falha na criação da identidade padrão com o código de erro: 0x80630801.
Error: (05/21/2018 10:11:50 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: O servidor {DCAB0989-1301-4319-BE5F-ADE89F88581C} não se registrou com o DCOM dentro do tempo limite requerido.
Error: (05/21/2018 10:02:24 AM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT)
Description: O seguinte alerta fatal foi recebido: 112.
CodeIntegrity:
===================================
Date: 2018-05-21 10:01:00.274
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FMAPO64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-05-21 02:30:04.975
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FMAPO64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-05-21 02:25:17.416
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FMAPO64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-05-21 01:53:35.799
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FMAPO64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-05-20 23:18:10.813
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FMAPO64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-05-20 23:01:27.102
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FMAPO64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-05-20 16:22:07.571
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FMAPO64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-05-20 12:32:57.219
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FMAPO64.dll because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: AMD Phenom(tm) II X4 850 Processor
Percentagem de memória em uso: 41%
RAM física total: 8191.3 MB
RAM física disponível: 4763.64 MB
Virtual Total: 16380.78 MB
Virtual disponível: 12278.02 MB
==================== Drives ================================
Drive c: (Windows 7 64 Bits) (Fixed) (Total:931.41 GB) (Free:4.95 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]
Drive d: (DVD_QI) (CDROM) (Total:3.95 GB) (Free:0 GB) UDF
\\?\Volume{867523ab-ccd4-11e5-9e16-806e6f6e6963}\ (Reservado pelo Sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 790A11FA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================