Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 20.06.2018
Executado por Ronaldo Brito (26-06-2018 10:39:36)
Executando a partir de C:\Users\Ronaldo Brito\Downloads\Programs
Windows 10 Pro Versão 1803 17134.112 (X64) (2018-06-12 02:53:20)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3961309475-656590712-554067391-500 - Administrator - Disabled)
Convidado (S-1-5-21-3961309475-656590712-554067391-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3961309475-656590712-554067391-503 - Limited - Disabled)
Ronaldo Brito (S-1-5-21-3961309475-656590712-554067391-1001 - Administrator - Enabled) => C:\Users\Ronaldo Brito
WDAGUtilityAccount (S-1-5-21-3961309475-656590712-554067391-504 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Panda Antivirus Pro (Enabled - Up to date) {CF440CD9-5435-10B1-04E0-7768B6F10320}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Antivirus Pro (Enabled - Up to date) {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}
FW: Panda Firewall (Enabled) {F77F8DFC-1E5A-11E9-2FBF-DE5D4822445B}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.5.0.331 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_4) (Version: 19.1.4 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
American Truck Simulator v.v1.31.1s (HKLM-x32\...\American Truck Simulator_is1) (Version: - )
Ashampoo Music Studio 7 (HKLM-x32\...\{91B33C97-6B1A-B73D-D2FE-BFD378F77213}_is1) (Version: 7.0.2 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer 7 (HKLM-x32\...\{91B33C97-4CEB-E144-776A-6414BBE84A8E}_is1) (Version: 7.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Video Converter (HKLM-x32\...\{91B33C97-EF1B-802C-7798-B0E0F58D0614}_is1) (Version: 1.0.1 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
Atualizações da NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.43 - Piriform)
CPUID CPU-Z 1.85 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.85 - CPUID, Inc.)
CyberLink MakeupDirector 2 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 2.0 - CyberLink Corp.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
EPSON L375 Series Printer Uninstall (HKLM\...\EPSON L375 Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Euro Truck Simulator 2 v.1.31.2.2s (HKLM-x32\...\Euro Truck Simulator 2_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.87 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.4.0.8 - IObit)
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
KeepVid Pro(Build 7.2.0.12) (HKLM-x32\...\KeepVid Pro_is1) (Version: 7.2.0.12 - KeepVid Studio)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Microsoft Office 365 ProPlus - pt-br (HKLM\...\O365ProPlusRetail - pt-br) (Version: 16.0.8431.2270 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3961309475-656590712-554067391-1001\...\OneDriveSetup.exe) (Version: 18.091.0506.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Nero 2018 (HKLM-x32\...\{DB8EF13D-AD5C-4893-BB41-BD010964E730}) (Version: 19.0.10200 - Nero AG)
NVIDIA Driver de gráficos 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.14.0.139 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.0.139 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9029.2167 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9029.2167 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9029.2167 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.9029.2167 - Microsoft Corporation) Hidden
Painel de controle da NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
Panda Antivirus Pro (HKLM\...\{13084428-D664-43C4-8245-3E58F9712696}) (Version: 8.31.30 - Panda Security) Hidden
Panda Antivirus Pro (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 17.00.02.0000 - Panda Security)
Panda Devices Agent (HKLM-x32\...\{3F9548B2-0B34-4453-A92E-35056B053F19}) (Version: 1.08.00 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.08 - Panda Security) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PhotoScape X Pro version 2.4.1 (HKLM\...\{AA2D1BD1-B54E-44F4-8064-2A96796E7CF9}_is1) (Version: 2.4.1 - Mooii Tech)
PortraitPro 15.7 (HKLM-x32\...\PortraitPro15_is1) (Version: 15.7 - Anthropics Technology Ltd.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.1 - Power Software Ltd)
PreSonus Studio One 3 x64 (HKLM\...\PreSonus Studio One 3) (Version: 3.5.5.45892 - PreSonus Audio Electronics)
qBittorrent 4.1.1 (HKLM-x32\...\qBittorrent) (Version: 4.1.1 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8447 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version: - )
ReWire (HKLM\...\{4481A621-E317-411C-8926-864AACDF509B}) (Version: 1.00.0000 - Waves)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.3629 - TeamViewer)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Waves Central V1.0.3.3 (HKLM-x32\...\{94000200-C561-4E32-99EB-3C5AD3683A70}) (Version: 1.0.4 - Waves)
WhatsApp (HKU\S-1-5-21-3961309475-656590712-554067391-1001\...\WhatsApp) (Version: 0.2.9737 - WhatsApp)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wondershare Filmora(Build 8.5.3) (HKLM\...\Wondershare Filmora_is1) (Version: - Wondershare Software)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-3961309475-656590712-554067391-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-BAEB7560F12F}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-3961309475-656590712-554067391-1001_Classes\CLSID\{3D3B1846-CC43-42AE-BFF9-D914083C2BA3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfPreview.dll ()
CustomCLSID: HKU\S-1-5-21-3961309475-656590712-554067391-1001_Classes\CLSID\{55808EA8-81FE-43c6-AAE8-1D8149F941D3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfFilter.dll ()
CustomCLSID: HKU\S-1-5-21-3961309475-656590712-554067391-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2018-05-12] (Tonec Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-02-28] (Power Software Ltd)
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2016-08-05] (Panda Security, S.L.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-02-28] (Power Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-03-23] (NVIDIA Corporation)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2016-08-05] (Panda Security, S.L.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-02-28] (Power Software Ltd)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2016-08-05] (Panda Security, S.L.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {0434BBD3-C592-4D8F-97C9-C1F0BFC30F8E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-06-12] ()
Task: {096D99CA-B467-44EA-B321-2F5B8D0F984B} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20] (NVIDIA Corporation)
Task: {0C572FD2-3EF5-4BB5-99AB-2D34F93E73FD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-02-22] (Microsoft Corporation)
Task: {109B3D15-D3E5-4B01-97AE-F7CD1AC6300C} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {19842993-CD9C-4E36-866B-D037084D4DEF} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-robrals@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {21ED4EB5-228E-486E-902D-34D6F48ED1DE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-06-19] (Microsoft Corporation)
Task: {319500B1-7F49-49CC-BC7A-EA533D20E2F8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-06-19] (Microsoft Corporation)
Task: {4A064FD4-A587-448C-8C18-8E56781F6B3B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-06-12] ()
Task: {4D959515-1DA9-41E3-9266-FCEF9AEB2247} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {5540F557-2110-414C-B601-D63C58FA93B9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-05-20] (NVIDIA Corporation)
Task: {625FE7DB-82C3-4426-906D-E6F56E6B4664} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {74A522A2-F10D-44DD-B69C-BFF27176FC5C} - System32\Tasks\EPSON L375 Series Update {D1E8F791-1087-42F1-B5F7-464B2FFEC1CE} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSN8E.EXE [2013-11-21] (SEIKO EPSON CORPORATION)
Task: {78EC7CB0-CDD7-4923-ABD1-C8DFE0BF3F4B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-20] (NVIDIA Corporation)
Task: {80569FD3-0F0D-43FA-8A5B-370173A2BA37} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-20] (NVIDIA Corporation)
Task: {813E6FC2-21FC-4564-8792-B542073C6329} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {81E54C6D-8BF4-4BD7-89AD-506BFB53FE96} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-05-24] (Piriform Ltd)
Task: {9525C321-FDC0-42DE-B9B5-51C6CF6A6309} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-12] (Google Inc.)
Task: {9B22F1D1-E848-445B-BF56-570E40960C94} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-05-24] (Piriform Ltd)
Task: {A4DCB8D9-C4EA-410D-BF73-9E9DECAA9AD1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20] (NVIDIA Corporation)
Task: {A7C86A35-E86B-4FA0-98C6-6D0BD85D7C2A} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-robrals@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
Task: {AA3534E0-FA33-401A-A6BA-DADA2367B52F} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {B5406487-661E-412A-87A4-D726C418C95B} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {B6BF0D9A-5716-4C26-997B-E6921D7A7C13} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {C5D03FA9-6B4F-4DCD-8CD4-7D267BBBE5E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-12] (Google Inc.)
Task: {CEBE2543-AD01-419C-972A-7CC29D5D0DBB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-02-22] (Microsoft Corporation)
Task: {DF6EFE8A-4BA4-46F3-8695-0BA2DB1498D5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-05-20] (NVIDIA Corporation)
Task: {E8FCBC16-540E-4B95-9175-9E4E0579769F} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2016-01-11] (@ByELDI)
Task: {F01C6FC9-BFE6-4474-8089-F07BE2B2B6AC} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
Task: {FA1CC3B6-17E3-472A-ACFA-0784AD2967A7} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-05-20] (NVIDIA Corporation)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\EPSON L375 Series Update {D1E8F791-1087-42F1-B5F7-464B2FFEC1CE}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSN8E.EXE:/EXE:{D1E8F791-1087-42F1-B5F7-464B2FFEC1CE} /F:UpdateRBAREDE\RONALDO-PC1$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2018-06-12 00:23 - 2018-03-23 22:19 - 000544192 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2018-06-12 01:37 - 2018-05-20 14:33 - 001315112 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-06-26 01:27 - 2009-03-30 03:32 - 000032768 ____R () C:\Windows\DAODx.exe
2018-02-27 20:08 - 2018-02-27 20:08 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-06-26 01:28 - 2013-09-17 07:58 - 000920736 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2018-06-13 11:09 - 2018-06-08 05:56 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-06-12 00:38 - 2018-06-12 00:41 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-06-12 00:38 - 2018-06-12 00:41 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-06-12 00:38 - 2018-06-12 00:42 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-06-12 00:38 - 2018-06-12 00:41 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
2018-06-12 00:38 - 2018-06-12 00:39 - 000654848 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-06-12 17:11 - 2018-06-12 02:36 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\libglesv2.dll
2018-06-12 17:11 - 2018-06-12 02:36 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\libegl.dll
2018-06-12 02:36 - 2017-05-22 11:16 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2018-06-12 02:36 - 2017-05-22 11:16 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2018-06-12 02:36 - 2017-05-22 11:16 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2015-12-15 14:17 - 2015-12-15 14:17 - 000618544 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2018-06-12 00:23 - 2018-05-20 14:33 - 001033000 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-06-26 01:30 - 2011-07-12 19:14 - 000147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2018-06-26 01:30 - 2010-10-05 08:22 - 000253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2018-06-26 01:30 - 2012-10-08 17:07 - 000972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2018-06-26 01:30 - 2013-04-15 14:19 - 000883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2018-06-26 01:30 - 2012-05-28 21:27 - 001622528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2018-06-26 01:30 - 2011-09-19 20:18 - 001243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2018-06-26 01:30 - 2011-07-21 09:06 - 000846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2018-06-26 01:30 - 2012-08-29 18:09 - 000875520 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2018-06-26 01:28 - 2010-08-22 23:17 - 000662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2018-06-26 01:30 - 2010-10-05 08:22 - 000208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2018-06-26 01:30 - 2009-08-12 20:15 - 000253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2018-06-26 01:28 - 2018-06-26 10:34 - 000033792 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2018-06-26 01:28 - 2010-06-28 23:58 - 000104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2018-06-12 02:36 - 2018-01-25 17:02 - 000899856 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
2018-06-12 02:36 - 2018-01-25 17:01 - 000631568 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
2018-06-12 02:36 - 2017-05-22 11:16 - 000524064 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\sqlite3.dll
==================== Alternate Data Streams (Whitelisted) =========
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2018-04-11 20:38 - 2018-06-12 06:05 - 000000921 _____ C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 platform.wondershare.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3961309475-656590712-554067391-1001\Control Panel\Desktop\\Wallpaper -> D:\Pictures\ZhGEqAP.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall do Windows está desabilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3961309475-656590712-554067391-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3961309475-656590712-554067391-1001\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-3961309475-656590712-554067391-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{62930F01-8DF2-465A-9DFA-C5FE74484704}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{9AD214FC-561C-49C6-8231-441A71A6AAF3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F1B3690C-4057-422D-9289-510DFFC5A620}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{6F5B51AB-C046-4ECD-AAEE-9C76AFEEC1E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{3CC11E35-7986-4666-ACE4-3170EEB03BA4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{31F84385-DDFF-412F-B413-1A4F334CA70A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{33F4D4A5-1A60-49D8-91E5-E42B38B59247}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{CB57C15C-B04F-4056-9823-E7013A0E3BC1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{E718E075-BC0D-47D8-8B66-205A2B4DD222}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{580E5C0A-CEFF-409D-B23B-32A2CF16C523}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{DAA9AF16-7392-457A-9F62-1E83BB81BDF5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C3F8BE6D-C54A-4AF3-8E4F-5F802CE77DB8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5B65951E-2D28-48DB-B51B-FCCEAF2FC5E6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2C4B8E2A-D01B-4559-AC3C-F8F6D267B6E4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{7D16B7F7-78E5-4A52-AF67-2610175C9542}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{CEE879DC-7059-445D-B9CB-A1DB31A73856}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{CA296CB8-299B-4EEA-B56D-94541F0D4358}] => (Block) %ProgramFiles%\CCleaner\CCleaner64.exe
FirewallRules: [{926D0D0A-1C28-4C2F-8903-46A7EFF73EAB}] => (Block) %ProgramFiles%\CCleaner\CCUpdate.exe
FirewallRules: [{628AE550-CA78-42B5-A00A-6A9A157303F8}] => (Block) %ProgramFiles% (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
FirewallRules: [{EF4D319C-0E1C-4935-B566-79A6EABF5382}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{DF6B2278-C6CF-4B63-8D43-59C40181DFA8}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{BF29F77A-E867-4C10-A07B-ACCCF2C41C4F}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero Burning ROM\StartNBR.exe
FirewallRules: [{D5B1287E-D85C-422D-9723-500E6B28CA3A}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero Burning ROM\nero.exe
FirewallRules: [{DE0D5928-81FC-49A9-B168-493E68F1EFD7}] => (Block) %ProgramFiles%\PowerISO\PowerISO.exe
FirewallRules: [{7607CA46-096C-4D37-8ED0-90BC375EA8BD}] => (Allow) C:\Program Files\PreSonus\Studio One 3\Studio One.exe
FirewallRules: [{31E8BD72-0E45-42DF-BBFB-D707E63187B6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{62AD480E-10D7-40CA-ABAA-C9369ED6CC85}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6F076492-1490-47CE-B91F-2C6DC0678CF8}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{1A3602C0-98A9-4433-8C97-4E7BE4DE7493}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
==================== Pontos de Restauração =========================
ATENÇÃO: A Restauração do Sistema está desabilitada
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (06/26/2018 02:47:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 10.0.17134.1, carimbo de data/hora: 0x425b30b2
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000003010fd8
ID do processo com falha: 0x29c8
Hora de início do aplicativo com falha: 0x01d40d0f7b6b13a2
Caminho do aplicativo com falha: C:\Windows\explorer.exe
Caminho do módulo com falha: unknown
ID do Relatório: 601cc2b2-1a10-43ac-a2e4-8c277e90dc93
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (06/26/2018 02:35:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Explorer.EXE, versão: 10.0.17134.1, carimbo de data/hora: 0x425b30b2
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000004a40fd8
ID do processo com falha: 0x1680
Hora de início do aplicativo com falha: 0x01d40d09b76079ad
Caminho do aplicativo com falha: C:\Windows\Explorer.EXE
Caminho do módulo com falha: unknown
ID do Relatório: db6a5069-80c5-4bb6-8e64-ede397bf30ee
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (06/26/2018 01:50:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Explorer.EXE, versão: 10.0.17134.1, carimbo de data/hora: 0x425b30b2
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000ba0fd8
ID do processo com falha: 0x2178
Hora de início do aplicativo com falha: 0x01d40d07089d8dcc
Caminho do aplicativo com falha: C:\Windows\Explorer.EXE
Caminho do módulo com falha: unknown
ID do Relatório: 249802e3-b4fb-45f8-9586-b948ca8234e3
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (06/26/2018 01:40:59 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: O Windows não consegue carregar a DLL rdyboost do contador extensível. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código de erro do Windows.
Error: (06/26/2018 01:40:59 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Falha no Procedimento Open para o serviço "BITS" na DLL "C:\Windows\System32\bitsperf.dll". Os dados de desempenho para este serviço não estarão disponíveis. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código do erro.
Error: (06/26/2018 01:40:56 AM) (Source: Perflib) (EventID: 1017) (User: )
Description: Coleta de dados de contador de desempenho desabilitada no serviço "ASP.NET_64_2.0.50727" porque a biblioteca de contadores de desempenho desse serviço gerou um ou mais erros. Os erros que forçaram essa ação foram gravados no log de eventos do aplicativo. Corrija os erros antes de habilitar os contadores de desempenho para esse serviço.
Error: (06/26/2018 01:40:56 AM) (Source: Perflib) (EventID: 1022) (User: )
Description: O Windows não pode abrir a DLL ASP.NET_64_2.0.50727 do contador extensível de 64 bits em um ambiente de 32 bits. Contate o fornecedor do arquivo para obter uma versão de 32 bits. Opcionalmente, se você estiver executando em um ambiente nativo de 64 bits, poderá abrir a DLL do contador extensível de 64 bits usando a versão de 64 bits do Monitor de desempenho. Para usar essa ferramenta, abra a pasta Windows, a pasta System32 e inicie Perfmon.exe.
Error: (06/25/2018 11:52:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: eurotrucks2.exe, versão: 1.31.2.0, carimbo de data/hora: 0x5afc8033
Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.17134.112, carimbo de data/hora: 0xf2b2cb6c
Código de exceção: 0xc0000025
Deslocamento da falha: 0x000000000003a388
ID do processo com falha: 0x3428
Hora de início do aplicativo com falha: 0x01d40cf7dc0f1165
Caminho do aplicativo com falha: D:\Games\Euro Truck Simulator 2 1.31.2.2 Game\bin\win_x64\eurotrucks2.exe
Caminho do módulo com falha: C:\Windows\System32\KERNELBASE.dll
ID do Relatório: b2a90bd9-9cd0-4e9a-858f-309edf6d170c
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Erros de Sistema:
=============
Error: (06/26/2018 10:37:47 AM) (Source: DCOM) (EventID: 10016) (User: RONALDO-PC1)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário RONALDO-PC1\Ronaldo Brito SID (S-1-5-21-3961309475-656590712-554067391-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (06/26/2018 10:35:05 AM) (Source: DCOM) (EventID: 10016) (User: RONALDO-PC1)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário RONALDO-PC1\Ronaldo Brito SID (S-1-5-21-3961309475-656590712-554067391-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (06/26/2018 10:34:05 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: O computador foi reinicializado após uma verificação de erro. Essa verificação foi: 0x00000050 (0xffff990c71356997, 0x0000000000000000, 0xfffff80ea7638087, 0x000000000000000c). Um despejo de memória foi salvo em: C:\Windows\MEMORY.DMP. Id de Relatório: 943155ee-44f6-4918-9b4f-d51648e7614c.
Error: (06/26/2018 10:33:59 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento do sistema que ocorreu às 09:55:52 do dia 26/06/2018 não era esperado.
Error: (06/26/2018 09:55:26 AM) (Source: DCOM) (EventID: 10010) (User: RONALDO-PC1)
Description: O servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} não se registrou no DCOM dentro do tempo limite necessário.
Error: (06/26/2018 09:43:28 AM) (Source: DCOM) (EventID: 10016) (User: RONALDO-PC1)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário RONALDO-PC1\Ronaldo Brito SID (S-1-5-21-3961309475-656590712-554067391-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (06/26/2018 09:09:48 AM) (Source: DCOM) (EventID: 10016) (User: RONALDO-PC1)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário RONALDO-PC1\Ronaldo Brito SID (S-1-5-21-3961309475-656590712-554067391-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (06/26/2018 09:07:46 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: O computador foi reinicializado após uma verificação de erro. Essa verificação foi: 0x00000050 (0xffff9e072433f997, 0x0000000000000000, 0xfffff80995c18087, 0x000000000000000c). Um despejo de memória foi salvo em: C:\Windows\MEMORY.DMP. Id de Relatório: c14e4104-9cc2-4585-b44e-e58085ef98bd.
Windows Defender:
===================================
Date: 2018-06-12 01:52:44.492
Description:
O Windows Defender Antivirus detectou malware ou outros softwares potencialmente indesejados.
Para obter mais informações, consulte:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Nome: HackTool:Win32/Keygen
ID: 2147593794
Severidade: Médio
Categoria: Ferramenta
Caminho: file:_D:\Pendrive\Ativador Office e Windows 8\Windows Loader.exe
Origem da Detecção: Computador local
Tipo de Detecção: Concreto
Origem da Detecção: Proteção em Tempo Real
Usuário: RONALDO-PC1\Ronaldo Brito
Nome do Processo: C:\Windows\explorer.exe
Versão da Assinatura: AV: 1.263.48.0, AS: 1.263.48.0, NIS: 1.263.48.0
Versão do Mecanismo: AM: 1.1.14600.4, NIS: 1.1.14600.4
==================== Informações da Memória ===========================
Processador: AMD FX-8320E Eight-Core Processor
Percentagem de memória em uso: 30%
RAM física total: 8091.5 MB
RAM física disponível: 5616.21 MB
Virtual Total: 9371.5 MB
Virtual disponível: 6585.4 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.19 GB) (Free:64.63 GB) NTFS
Drive d: (Backup Ronaldo) (Fixed) (Total:931.51 GB) (Free:396.73 GB) NTFS
Drive g: (WIND10_MBR_ABR_2018) (Removable) (Total:7.21 GB) (Free:1.31 GB) NTFS
\\?\Volume{3c640ff7-444a-4a57-b9cc-67f5034db4d8}\ (Recuperação) (Fixed) (Total:0.49 GB) (Free:0.12 GB) NTFS
\\?\Volume{23805fc4-3060-49b2-b207-76b52f53823d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: DE05591F)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 242496E6)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 7.2 GB) (Disk ID: 0043A0CE)
Partition 1: (Active) - (Size=7.2 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================
Executado por Ronaldo Brito (26-06-2018 10:39:36)
Executando a partir de C:\Users\Ronaldo Brito\Downloads\Programs
Windows 10 Pro Versão 1803 17134.112 (X64) (2018-06-12 02:53:20)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3961309475-656590712-554067391-500 - Administrator - Disabled)
Convidado (S-1-5-21-3961309475-656590712-554067391-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3961309475-656590712-554067391-503 - Limited - Disabled)
Ronaldo Brito (S-1-5-21-3961309475-656590712-554067391-1001 - Administrator - Enabled) => C:\Users\Ronaldo Brito
WDAGUtilityAccount (S-1-5-21-3961309475-656590712-554067391-504 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Panda Antivirus Pro (Enabled - Up to date) {CF440CD9-5435-10B1-04E0-7768B6F10320}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Antivirus Pro (Enabled - Up to date) {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}
FW: Panda Firewall (Enabled) {F77F8DFC-1E5A-11E9-2FBF-DE5D4822445B}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.5.0.331 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_4) (Version: 19.1.4 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
American Truck Simulator v.v1.31.1s (HKLM-x32\...\American Truck Simulator_is1) (Version: - )
Ashampoo Music Studio 7 (HKLM-x32\...\{91B33C97-6B1A-B73D-D2FE-BFD378F77213}_is1) (Version: 7.0.2 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer 7 (HKLM-x32\...\{91B33C97-4CEB-E144-776A-6414BBE84A8E}_is1) (Version: 7.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Video Converter (HKLM-x32\...\{91B33C97-EF1B-802C-7798-B0E0F58D0614}_is1) (Version: 1.0.1 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
Atualizações da NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.43 - Piriform)
CPUID CPU-Z 1.85 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.85 - CPUID, Inc.)
CyberLink MakeupDirector 2 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 2.0 - CyberLink Corp.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
EPSON L375 Series Printer Uninstall (HKLM\...\EPSON L375 Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Euro Truck Simulator 2 v.1.31.2.2s (HKLM-x32\...\Euro Truck Simulator 2_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.87 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.4.0.8 - IObit)
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
KeepVid Pro(Build 7.2.0.12) (HKLM-x32\...\KeepVid Pro_is1) (Version: 7.2.0.12 - KeepVid Studio)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Microsoft Office 365 ProPlus - pt-br (HKLM\...\O365ProPlusRetail - pt-br) (Version: 16.0.8431.2270 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3961309475-656590712-554067391-1001\...\OneDriveSetup.exe) (Version: 18.091.0506.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Nero 2018 (HKLM-x32\...\{DB8EF13D-AD5C-4893-BB41-BD010964E730}) (Version: 19.0.10200 - Nero AG)
NVIDIA Driver de gráficos 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.14.0.139 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.0.139 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9029.2167 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9029.2167 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9029.2167 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.9029.2167 - Microsoft Corporation) Hidden
Painel de controle da NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
Panda Antivirus Pro (HKLM\...\{13084428-D664-43C4-8245-3E58F9712696}) (Version: 8.31.30 - Panda Security) Hidden
Panda Antivirus Pro (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 17.00.02.0000 - Panda Security)
Panda Devices Agent (HKLM-x32\...\{3F9548B2-0B34-4453-A92E-35056B053F19}) (Version: 1.08.00 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.08 - Panda Security) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PhotoScape X Pro version 2.4.1 (HKLM\...\{AA2D1BD1-B54E-44F4-8064-2A96796E7CF9}_is1) (Version: 2.4.1 - Mooii Tech)
PortraitPro 15.7 (HKLM-x32\...\PortraitPro15_is1) (Version: 15.7 - Anthropics Technology Ltd.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.1 - Power Software Ltd)
PreSonus Studio One 3 x64 (HKLM\...\PreSonus Studio One 3) (Version: 3.5.5.45892 - PreSonus Audio Electronics)
qBittorrent 4.1.1 (HKLM-x32\...\qBittorrent) (Version: 4.1.1 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8447 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version: - )
ReWire (HKLM\...\{4481A621-E317-411C-8926-864AACDF509B}) (Version: 1.00.0000 - Waves)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.3629 - TeamViewer)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Waves Central V1.0.3.3 (HKLM-x32\...\{94000200-C561-4E32-99EB-3C5AD3683A70}) (Version: 1.0.4 - Waves)
WhatsApp (HKU\S-1-5-21-3961309475-656590712-554067391-1001\...\WhatsApp) (Version: 0.2.9737 - WhatsApp)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wondershare Filmora(Build 8.5.3) (HKLM\...\Wondershare Filmora_is1) (Version: - Wondershare Software)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-3961309475-656590712-554067391-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-BAEB7560F12F}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-3961309475-656590712-554067391-1001_Classes\CLSID\{3D3B1846-CC43-42AE-BFF9-D914083C2BA3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfPreview.dll ()
CustomCLSID: HKU\S-1-5-21-3961309475-656590712-554067391-1001_Classes\CLSID\{55808EA8-81FE-43c6-AAE8-1D8149F941D3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfFilter.dll ()
CustomCLSID: HKU\S-1-5-21-3961309475-656590712-554067391-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2018-05-12] (Tonec Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-02-28] (Power Software Ltd)
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2016-08-05] (Panda Security, S.L.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-02-28] (Power Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-03-23] (NVIDIA Corporation)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2016-08-05] (Panda Security, S.L.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-02-28] (Power Software Ltd)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2016-08-05] (Panda Security, S.L.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {0434BBD3-C592-4D8F-97C9-C1F0BFC30F8E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-06-12] ()
Task: {096D99CA-B467-44EA-B321-2F5B8D0F984B} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20] (NVIDIA Corporation)
Task: {0C572FD2-3EF5-4BB5-99AB-2D34F93E73FD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-02-22] (Microsoft Corporation)
Task: {109B3D15-D3E5-4B01-97AE-F7CD1AC6300C} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {19842993-CD9C-4E36-866B-D037084D4DEF} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-robrals@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {21ED4EB5-228E-486E-902D-34D6F48ED1DE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-06-19] (Microsoft Corporation)
Task: {319500B1-7F49-49CC-BC7A-EA533D20E2F8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-06-19] (Microsoft Corporation)
Task: {4A064FD4-A587-448C-8C18-8E56781F6B3B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-06-12] ()
Task: {4D959515-1DA9-41E3-9266-FCEF9AEB2247} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {5540F557-2110-414C-B601-D63C58FA93B9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-05-20] (NVIDIA Corporation)
Task: {625FE7DB-82C3-4426-906D-E6F56E6B4664} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {74A522A2-F10D-44DD-B69C-BFF27176FC5C} - System32\Tasks\EPSON L375 Series Update {D1E8F791-1087-42F1-B5F7-464B2FFEC1CE} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSN8E.EXE [2013-11-21] (SEIKO EPSON CORPORATION)
Task: {78EC7CB0-CDD7-4923-ABD1-C8DFE0BF3F4B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-20] (NVIDIA Corporation)
Task: {80569FD3-0F0D-43FA-8A5B-370173A2BA37} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-20] (NVIDIA Corporation)
Task: {813E6FC2-21FC-4564-8792-B542073C6329} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {81E54C6D-8BF4-4BD7-89AD-506BFB53FE96} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-05-24] (Piriform Ltd)
Task: {9525C321-FDC0-42DE-B9B5-51C6CF6A6309} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-12] (Google Inc.)
Task: {9B22F1D1-E848-445B-BF56-570E40960C94} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-05-24] (Piriform Ltd)
Task: {A4DCB8D9-C4EA-410D-BF73-9E9DECAA9AD1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20] (NVIDIA Corporation)
Task: {A7C86A35-E86B-4FA0-98C6-6D0BD85D7C2A} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-robrals@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
Task: {AA3534E0-FA33-401A-A6BA-DADA2367B52F} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {B5406487-661E-412A-87A4-D726C418C95B} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {B6BF0D9A-5716-4C26-997B-E6921D7A7C13} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {C5D03FA9-6B4F-4DCD-8CD4-7D267BBBE5E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-12] (Google Inc.)
Task: {CEBE2543-AD01-419C-972A-7CC29D5D0DBB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-02-22] (Microsoft Corporation)
Task: {DF6EFE8A-4BA4-46F3-8695-0BA2DB1498D5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-05-20] (NVIDIA Corporation)
Task: {E8FCBC16-540E-4B95-9175-9E4E0579769F} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2016-01-11] (@ByELDI)
Task: {F01C6FC9-BFE6-4474-8089-F07BE2B2B6AC} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
Task: {FA1CC3B6-17E3-472A-ACFA-0784AD2967A7} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-05-20] (NVIDIA Corporation)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\EPSON L375 Series Update {D1E8F791-1087-42F1-B5F7-464B2FFEC1CE}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSN8E.EXE:/EXE:{D1E8F791-1087-42F1-B5F7-464B2FFEC1CE} /F:UpdateRBAREDE\RONALDO-PC1$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2018-06-12 00:23 - 2018-03-23 22:19 - 000544192 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2018-06-12 01:37 - 2018-05-20 14:33 - 001315112 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-06-26 01:27 - 2009-03-30 03:32 - 000032768 ____R () C:\Windows\DAODx.exe
2018-02-27 20:08 - 2018-02-27 20:08 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-06-26 01:28 - 2013-09-17 07:58 - 000920736 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2018-06-13 11:09 - 2018-06-08 05:56 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-06-12 00:38 - 2018-06-12 00:41 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-06-12 00:38 - 2018-06-12 00:41 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-06-12 00:38 - 2018-06-12 00:42 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-06-12 00:38 - 2018-06-12 00:41 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
2018-06-12 00:38 - 2018-06-12 00:39 - 000654848 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-06-12 17:11 - 2018-06-12 02:36 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\libglesv2.dll
2018-06-12 17:11 - 2018-06-12 02:36 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\libegl.dll
2018-06-12 02:36 - 2017-05-22 11:16 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2018-06-12 02:36 - 2017-05-22 11:16 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2018-06-12 02:36 - 2017-05-22 11:16 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2015-12-15 14:17 - 2015-12-15 14:17 - 000618544 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2018-06-12 00:23 - 2018-05-20 14:33 - 001033000 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-06-26 01:30 - 2011-07-12 19:14 - 000147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2018-06-26 01:30 - 2010-10-05 08:22 - 000253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2018-06-26 01:30 - 2012-10-08 17:07 - 000972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2018-06-26 01:30 - 2013-04-15 14:19 - 000883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2018-06-26 01:30 - 2012-05-28 21:27 - 001622528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2018-06-26 01:30 - 2011-09-19 20:18 - 001243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2018-06-26 01:30 - 2011-07-21 09:06 - 000846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2018-06-26 01:30 - 2012-08-29 18:09 - 000875520 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2018-06-26 01:28 - 2010-08-22 23:17 - 000662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2018-06-26 01:30 - 2010-10-05 08:22 - 000208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2018-06-26 01:30 - 2009-08-12 20:15 - 000253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2018-06-26 01:28 - 2018-06-26 10:34 - 000033792 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2018-06-26 01:28 - 2010-06-28 23:58 - 000104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2018-06-12 02:36 - 2018-01-25 17:02 - 000899856 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
2018-06-12 02:36 - 2018-01-25 17:01 - 000631568 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
2018-06-12 02:36 - 2017-05-22 11:16 - 000524064 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\sqlite3.dll
==================== Alternate Data Streams (Whitelisted) =========
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2018-04-11 20:38 - 2018-06-12 06:05 - 000000921 _____ C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 platform.wondershare.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3961309475-656590712-554067391-1001\Control Panel\Desktop\\Wallpaper -> D:\Pictures\ZhGEqAP.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall do Windows está desabilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3961309475-656590712-554067391-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3961309475-656590712-554067391-1001\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-3961309475-656590712-554067391-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{62930F01-8DF2-465A-9DFA-C5FE74484704}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{9AD214FC-561C-49C6-8231-441A71A6AAF3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F1B3690C-4057-422D-9289-510DFFC5A620}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{6F5B51AB-C046-4ECD-AAEE-9C76AFEEC1E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{3CC11E35-7986-4666-ACE4-3170EEB03BA4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{31F84385-DDFF-412F-B413-1A4F334CA70A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{33F4D4A5-1A60-49D8-91E5-E42B38B59247}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{CB57C15C-B04F-4056-9823-E7013A0E3BC1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{E718E075-BC0D-47D8-8B66-205A2B4DD222}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{580E5C0A-CEFF-409D-B23B-32A2CF16C523}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{DAA9AF16-7392-457A-9F62-1E83BB81BDF5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C3F8BE6D-C54A-4AF3-8E4F-5F802CE77DB8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5B65951E-2D28-48DB-B51B-FCCEAF2FC5E6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2C4B8E2A-D01B-4559-AC3C-F8F6D267B6E4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{7D16B7F7-78E5-4A52-AF67-2610175C9542}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{CEE879DC-7059-445D-B9CB-A1DB31A73856}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{CA296CB8-299B-4EEA-B56D-94541F0D4358}] => (Block) %ProgramFiles%\CCleaner\CCleaner64.exe
FirewallRules: [{926D0D0A-1C28-4C2F-8903-46A7EFF73EAB}] => (Block) %ProgramFiles%\CCleaner\CCUpdate.exe
FirewallRules: [{628AE550-CA78-42B5-A00A-6A9A157303F8}] => (Block) %ProgramFiles% (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
FirewallRules: [{EF4D319C-0E1C-4935-B566-79A6EABF5382}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{DF6B2278-C6CF-4B63-8D43-59C40181DFA8}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{BF29F77A-E867-4C10-A07B-ACCCF2C41C4F}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero Burning ROM\StartNBR.exe
FirewallRules: [{D5B1287E-D85C-422D-9723-500E6B28CA3A}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero Burning ROM\nero.exe
FirewallRules: [{DE0D5928-81FC-49A9-B168-493E68F1EFD7}] => (Block) %ProgramFiles%\PowerISO\PowerISO.exe
FirewallRules: [{7607CA46-096C-4D37-8ED0-90BC375EA8BD}] => (Allow) C:\Program Files\PreSonus\Studio One 3\Studio One.exe
FirewallRules: [{31E8BD72-0E45-42DF-BBFB-D707E63187B6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{62AD480E-10D7-40CA-ABAA-C9369ED6CC85}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6F076492-1490-47CE-B91F-2C6DC0678CF8}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{1A3602C0-98A9-4433-8C97-4E7BE4DE7493}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
==================== Pontos de Restauração =========================
ATENÇÃO: A Restauração do Sistema está desabilitada
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (06/26/2018 02:47:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: explorer.exe, versão: 10.0.17134.1, carimbo de data/hora: 0x425b30b2
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000003010fd8
ID do processo com falha: 0x29c8
Hora de início do aplicativo com falha: 0x01d40d0f7b6b13a2
Caminho do aplicativo com falha: C:\Windows\explorer.exe
Caminho do módulo com falha: unknown
ID do Relatório: 601cc2b2-1a10-43ac-a2e4-8c277e90dc93
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (06/26/2018 02:35:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Explorer.EXE, versão: 10.0.17134.1, carimbo de data/hora: 0x425b30b2
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000004a40fd8
ID do processo com falha: 0x1680
Hora de início do aplicativo com falha: 0x01d40d09b76079ad
Caminho do aplicativo com falha: C:\Windows\Explorer.EXE
Caminho do módulo com falha: unknown
ID do Relatório: db6a5069-80c5-4bb6-8e64-ede397bf30ee
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (06/26/2018 01:50:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Explorer.EXE, versão: 10.0.17134.1, carimbo de data/hora: 0x425b30b2
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000ba0fd8
ID do processo com falha: 0x2178
Hora de início do aplicativo com falha: 0x01d40d07089d8dcc
Caminho do aplicativo com falha: C:\Windows\Explorer.EXE
Caminho do módulo com falha: unknown
ID do Relatório: 249802e3-b4fb-45f8-9586-b948ca8234e3
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (06/26/2018 01:40:59 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: O Windows não consegue carregar a DLL rdyboost do contador extensível. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código de erro do Windows.
Error: (06/26/2018 01:40:59 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Falha no Procedimento Open para o serviço "BITS" na DLL "C:\Windows\System32\bitsperf.dll". Os dados de desempenho para este serviço não estarão disponíveis. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código do erro.
Error: (06/26/2018 01:40:56 AM) (Source: Perflib) (EventID: 1017) (User: )
Description: Coleta de dados de contador de desempenho desabilitada no serviço "ASP.NET_64_2.0.50727" porque a biblioteca de contadores de desempenho desse serviço gerou um ou mais erros. Os erros que forçaram essa ação foram gravados no log de eventos do aplicativo. Corrija os erros antes de habilitar os contadores de desempenho para esse serviço.
Error: (06/26/2018 01:40:56 AM) (Source: Perflib) (EventID: 1022) (User: )
Description: O Windows não pode abrir a DLL ASP.NET_64_2.0.50727 do contador extensível de 64 bits em um ambiente de 32 bits. Contate o fornecedor do arquivo para obter uma versão de 32 bits. Opcionalmente, se você estiver executando em um ambiente nativo de 64 bits, poderá abrir a DLL do contador extensível de 64 bits usando a versão de 64 bits do Monitor de desempenho. Para usar essa ferramenta, abra a pasta Windows, a pasta System32 e inicie Perfmon.exe.
Error: (06/25/2018 11:52:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: eurotrucks2.exe, versão: 1.31.2.0, carimbo de data/hora: 0x5afc8033
Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.17134.112, carimbo de data/hora: 0xf2b2cb6c
Código de exceção: 0xc0000025
Deslocamento da falha: 0x000000000003a388
ID do processo com falha: 0x3428
Hora de início do aplicativo com falha: 0x01d40cf7dc0f1165
Caminho do aplicativo com falha: D:\Games\Euro Truck Simulator 2 1.31.2.2 Game\bin\win_x64\eurotrucks2.exe
Caminho do módulo com falha: C:\Windows\System32\KERNELBASE.dll
ID do Relatório: b2a90bd9-9cd0-4e9a-858f-309edf6d170c
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Erros de Sistema:
=============
Error: (06/26/2018 10:37:47 AM) (Source: DCOM) (EventID: 10016) (User: RONALDO-PC1)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário RONALDO-PC1\Ronaldo Brito SID (S-1-5-21-3961309475-656590712-554067391-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (06/26/2018 10:35:05 AM) (Source: DCOM) (EventID: 10016) (User: RONALDO-PC1)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário RONALDO-PC1\Ronaldo Brito SID (S-1-5-21-3961309475-656590712-554067391-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (06/26/2018 10:34:05 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: O computador foi reinicializado após uma verificação de erro. Essa verificação foi: 0x00000050 (0xffff990c71356997, 0x0000000000000000, 0xfffff80ea7638087, 0x000000000000000c). Um despejo de memória foi salvo em: C:\Windows\MEMORY.DMP. Id de Relatório: 943155ee-44f6-4918-9b4f-d51648e7614c.
Error: (06/26/2018 10:33:59 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento do sistema que ocorreu às 09:55:52 do dia 26/06/2018 não era esperado.
Error: (06/26/2018 09:55:26 AM) (Source: DCOM) (EventID: 10010) (User: RONALDO-PC1)
Description: O servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} não se registrou no DCOM dentro do tempo limite necessário.
Error: (06/26/2018 09:43:28 AM) (Source: DCOM) (EventID: 10016) (User: RONALDO-PC1)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário RONALDO-PC1\Ronaldo Brito SID (S-1-5-21-3961309475-656590712-554067391-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (06/26/2018 09:09:48 AM) (Source: DCOM) (EventID: 10016) (User: RONALDO-PC1)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário RONALDO-PC1\Ronaldo Brito SID (S-1-5-21-3961309475-656590712-554067391-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (06/26/2018 09:07:46 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: O computador foi reinicializado após uma verificação de erro. Essa verificação foi: 0x00000050 (0xffff9e072433f997, 0x0000000000000000, 0xfffff80995c18087, 0x000000000000000c). Um despejo de memória foi salvo em: C:\Windows\MEMORY.DMP. Id de Relatório: c14e4104-9cc2-4585-b44e-e58085ef98bd.
Windows Defender:
===================================
Date: 2018-06-12 01:52:44.492
Description:
O Windows Defender Antivirus detectou malware ou outros softwares potencialmente indesejados.
Para obter mais informações, consulte:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Nome: HackTool:Win32/Keygen
ID: 2147593794
Severidade: Médio
Categoria: Ferramenta
Caminho: file:_D:\Pendrive\Ativador Office e Windows 8\Windows Loader.exe
Origem da Detecção: Computador local
Tipo de Detecção: Concreto
Origem da Detecção: Proteção em Tempo Real
Usuário: RONALDO-PC1\Ronaldo Brito
Nome do Processo: C:\Windows\explorer.exe
Versão da Assinatura: AV: 1.263.48.0, AS: 1.263.48.0, NIS: 1.263.48.0
Versão do Mecanismo: AM: 1.1.14600.4, NIS: 1.1.14600.4
==================== Informações da Memória ===========================
Processador: AMD FX-8320E Eight-Core Processor
Percentagem de memória em uso: 30%
RAM física total: 8091.5 MB
RAM física disponível: 5616.21 MB
Virtual Total: 9371.5 MB
Virtual disponível: 6585.4 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.19 GB) (Free:64.63 GB) NTFS
Drive d: (Backup Ronaldo) (Fixed) (Total:931.51 GB) (Free:396.73 GB) NTFS
Drive g: (WIND10_MBR_ABR_2018) (Removable) (Total:7.21 GB) (Free:1.31 GB) NTFS
\\?\Volume{3c640ff7-444a-4a57-b9cc-67f5034db4d8}\ (Recuperação) (Fixed) (Total:0.49 GB) (Free:0.12 GB) NTFS
\\?\Volume{23805fc4-3060-49b2-b207-76b52f53823d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: DE05591F)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 242496E6)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 7.2 GB) (Disk ID: 0043A0CE)
Partition 1: (Active) - (Size=7.2 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================