Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 08-09-2019
Executado por leexr (13-09-2019 18:22:07)
Executando a partir de C:\Users\leexr\Desktop
Windows 10 Home Single Language Versão 1809 17763.737 (X64) (2019-03-02 23:48:28)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-1190035161-3316759795-3330483907-500 - Administrator - Disabled)
Convidado (S-1-5-21-1190035161-3316759795-3330483907-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1190035161-3316759795-3330483907-503 - Limited - Disabled)
leexr (S-1-5-21-1190035161-3316759795-3330483907-1001 - Administrator - Enabled) => C:\Users\leexr
WDAGUtilityAccount (S-1-5-21-1190035161-3316759795-3330483907-504 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\uTorrent) (Version: 3.5.5.45341 - BitTorrent Inc.)
4K Video Downloader 4.8 (HKLM\...\{2FA2F521-494C-4E8F-8C30-3D3E81590413}) (Version: 4.8.0.2852 - Open Media LLC)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2084, 01.12.2018 - AIMP DevTeam)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.59 - Piriform)
Chrome Remote Desktop Host (HKLM-x32\...\{3C32042F-BCAE-4127-9679-B8BF8075402D}) (Version: 77.0.3865.32 - Google Inc.)
Discord (HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Driver Booster 6 (HKLM-x32\...\Driver Booster_is1) (Version: 6.6.0 - IObit)
Evernote v. 6.19.2 (HKLM-x32\...\{B02117F0-97C1-11E9-9D3F-005056951CAD}) (Version: 6.19.2.8555 - Evernote Corp.)
Gadwin PrintScreenPro (64-Bit) (HKLM\...\{45D7E53A-631F-4AA4-BB34-6ED0A91FC6AB}) (Version: 5.8.5.0 - Gadwin Systems)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Malwarebytes versão 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Mem Reduct (HKLM\...\memreduct) (Version: 3.3.5 - Henry++)
Microsoft Office Professional 2016 - pt-br (HKLM\...\ProfessionalRetail - pt-br) (Version: 16.0.11328.20392 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - pt-br (HKLM\...\Proplus2019Retail - pt-br) (Version: 16.0.11328.20392 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0007 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.21.27702 (HKLM-x32\...\{f4220b74-9edd-4ded-bc8b-0342c1e164d8}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 69.0 (x64 en-US) (HKLM\...\Mozilla Firefox 69.0 (x64 en-US)) (Version: 69.0 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
MTG Arena (HKLM-x32\...\{72DBDCDA-AFF1-4F79-A64B-1DCB92FA00BE}) (Version: 0.1.1615 - Wizards of the Coast)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 2.1.3 - MusicBrainz)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20392 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20392 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.11328.20392 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Path of Building version 1.4.140 (HKLM-x32\...\{72FA9AB7-189F-4BDE-8856-72DEB90C157B}_is1) (Version: 1.4.140 - Openarl)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 3.5.4.52067 - Grinding Gear Games) Hidden
Path of Exile (HKLM-x32\...\{ba85f057-d5c4-428a-9dbf-f1a7a0fd02cc}) (Version: 3.5.4.52067 - Grinding Gear Games)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Skype versão 8.51 (HKLM-x32\...\Skype_is1) (Version: 8.51 - Skype Technologies S.A.)
SoundSwitch 4.14.0.31865 (HKLM\...\SoundSwitch_is1) (Version: 4.14.0.31865 - Antoine Aflalo)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.7 - Synaptics Incorporated)
WinDirStat 1.1.2 (HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\WinDirStat) (Version: - )
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Packages:
=========
Email e Calendário -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-03-02] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-02] (Microsoft Corporation) [MS Ad]
Microsoft Notícias -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.9.0_x64__nfy108tqq3p12 [2019-03-02] (Thumbmunkeys Ltd) [MS Ad]
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2019-03-02] (Plex)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-1190035161-3316759795-3330483907-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Nenhum Arquivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Nenhum Arquivo
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2019-07-16] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Nenhum Arquivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Nenhum Arquivo
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Nenhum Arquivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Nenhum Arquivo
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2019-07-16] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Nenhum Arquivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Nenhum Arquivo
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Nenhum Arquivo
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2018-09-15 04:31 - 2019-09-13 13:52 - 000000878 _____ C:\Windows\system32\drivers\etc\hosts
0.0.0.0 serius.mwbsys.com
0.0.0.0 keystone.mwbsys.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.15.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
Se uma entrada for incluída na fixlist, será removida.
HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "SoftEther VPN Client UI Helper"
HKLM\...\StartupApproved\Run32: => "AvastUI.exe"
HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\StartupApproved\StartupFolder: => "EvernoteClipper.lnk"
HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\StartupApproved\Run: => "ManyCam"
HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\StartupApproved\Run: => "Gadwin PrintScreen Pro (64-bit)"
HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\StartupApproved\Run: => "NetLimiter"
HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\StartupApproved\Run: => "Skype for Desktop"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [TCP Query User{B71436E5-8676-47A4-AD45-4BCFAB3FE64C}C:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files (x86)\wizards of the coast\mtga\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [UDP Query User{27CDD1C5-1554-486E-A5BD-C4BE8B1EFD18}C:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files (x86)\wizards of the coast\mtga\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [{5624897D-95DF-47AA-83DC-8D014DB59457}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{22418117-D8EC-43DE-B231-19447F49E5A3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{71DF8606-F502-44E0-954D-49A7CC22DCD2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{284DB002-50C4-48C6-AD4F-48499E1FE447}] => (Allow) C:\Users\leexr\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{78C1CB31-0772-4A07-9DAC-ACDAB17FBA92}] => (Allow) C:\Users\leexr\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{9B02ECB3-E94A-40A6-8E1F-D1597D7AEA61}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{169D02EC-D0FA-44F7-A19E-08CF86C552A0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5F09F2F6-5743-4CC3-A103-59EA6316B80F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{995981EE-A80D-4180-B332-8A872721F317}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{CC8F085B-86BE-4372-9836-CAFB899982CB}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\77.0.3865.32\remoting_host.exe (Google LLC -> Google Inc.)
FirewallRules: [{8337469A-906B-4AE5-9550-69DCF48AD473}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{1E98C653-D37F-4843-8F30-BA7118C6B73D}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> )
FirewallRules: [{B5B63E3E-8C18-43B3-B7BB-E9B8FEF81932}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> )
FirewallRules: [TCP Query User{91B7DD9B-04EF-425A-95C0-75538E065BE0}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{BC5FBB9B-7259-469C-A7F9-752587B2EA69}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [{AAEDCC1D-F59A-493B-BB8E-927F874C30E0}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0A1E2DB5-FAC1-4B0D-801F-4926F7BC8C24}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Pontos de Restauração =========================
05-09-2019 23:54:42 Ponto de Verificação Agendado
10-09-2019 15:29:14 Windows Update
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (09/13/2019 05:14:11 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Falha na instalação do Comprovante da Compra. 0xC004F050
Pkey Parcial=KHGBD
ACID=?
Erro Detalhado[?]
Error: (09/13/2019 05:03:12 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Falha na instalação do Comprovante da Compra. 0xC004F050
Pkey Parcial=KHGBD
ACID=?
Erro Detalhado[?]
Erros de Sistema:
=============
Error: (09/13/2019 05:03:35 PM) (Source: DCOM) (EventID: 10016) (User: RED-NOT01W)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
e APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
ao usuário RED-NOT01W\leexr SID (S-1-5-21-1190035161-3316759795-3330483907-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (09/13/2019 05:01:51 PM) (Source: DCOM) (EventID: 10016) (User: RED-NOT01W)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Iniciar para o aplicativo de Servidor COM com CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
e APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
ao usuário RED-NOT01W\leexr SID (S-1-5-21-1190035161-3316759795-3330483907-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (09/13/2019 05:00:23 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a resposta de uma transação do serviço ClickToRunSvc.
Error: (09/13/2019 04:59:51 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: O serviço Malwarebytes Service não foi desligado corretamente após receber um controle de pré-desligamento.
Error: (09/13/2019 04:59:48 PM) (Source: DCOM) (EventID: 10005) (User: AUTORIDADE NT)
Description: O DCOM obteve o erro "1115" ao tentar iniciar o serviço SecurityHealthService com argumentos "Não Disponível" para executar o servidor:
{2D15188C-D298-4E10-83B2-64666CCBEBBD}
Error: (09/13/2019 04:59:48 PM) (Source: DCOM) (EventID: 10005) (User: AUTORIDADE NT)
Description: O DCOM obteve o erro "1115" ao tentar iniciar o serviço SecurityHealthService com argumentos "Não Disponível" para executar o servidor:
{2D15188C-D298-4E10-83B2-64666CCBEBBD}
Error: (09/13/2019 04:59:48 PM) (Source: DCOM) (EventID: 10005) (User: AUTORIDADE NT)
Description: O DCOM obteve o erro "1115" ao tentar iniciar o serviço SecurityHealthService com argumentos "Não Disponível" para executar o servidor:
{2D15188C-D298-4E10-83B2-64666CCBEBBD}
Error: (09/13/2019 04:59:48 PM) (Source: DCOM) (EventID: 10005) (User: AUTORIDADE NT)
Description: O DCOM obteve o erro "1115" ao tentar iniciar o serviço SecurityHealthService com argumentos "Não Disponível" para executar o servidor:
{2D15188C-D298-4E10-83B2-64666CCBEBBD}
Windows Defender:
===================================
Date: 2019-03-07 06:14:26.336
Description:
O exame do Windows Defender Antivirus foi interrompido antes da conclusão.
ID do Exame: {C2204695-AE75-4C57-9B9C-42BC3020ED73}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA
Date: 2019-03-07 04:09:15.487
Description:
O exame do Windows Defender Antivirus foi interrompido antes da conclusão.
ID do Exame: {F13A09B1-2454-4117-A7A7-2E1F05392DDD}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA
CodeIntegrity:
===================================
Date: 2019-09-13 17:06:02.119
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-13 17:06:02.081
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-13 17:06:02.017
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-13 17:06:01.983
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-07-03 05:37:56.783
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.
Date: 2019-07-03 05:37:56.780
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.
Date: 2019-07-03 05:35:49.951
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.
Date: 2019-07-03 05:35:49.949
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.
==================== Informações da Memória ===========================
BIOS: American Megatrends Inc. 1.00W 04/16/2013
Motherboard: Digiboard NH4CU03
Processador: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz
Percentagem de memória em uso: 40%
RAM física total: 3990.14 MB
RAM física disponível: 2382.75 MB
Virtual Total: 6166.14 MB
Virtual disponível: 2584.56 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:296.79 GB) (Free:177.71 GB) NTFS
\\?\Volume{5f1805d5-0000-0000-0000-100000000000}\ (Reservado pelo Sistema) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{5f1805d5-0000-0000-0000-30524a000000}\ () (Fixed) (Total:0.8 GB) (Free:0.34 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 5F1805D5)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=296.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=823 MB) - (Type=27)
==================== Fim de Addition.txt ============================
Executado por leexr (13-09-2019 18:22:07)
Executando a partir de C:\Users\leexr\Desktop
Windows 10 Home Single Language Versão 1809 17763.737 (X64) (2019-03-02 23:48:28)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-1190035161-3316759795-3330483907-500 - Administrator - Disabled)
Convidado (S-1-5-21-1190035161-3316759795-3330483907-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1190035161-3316759795-3330483907-503 - Limited - Disabled)
leexr (S-1-5-21-1190035161-3316759795-3330483907-1001 - Administrator - Enabled) => C:\Users\leexr
WDAGUtilityAccount (S-1-5-21-1190035161-3316759795-3330483907-504 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\uTorrent) (Version: 3.5.5.45341 - BitTorrent Inc.)
4K Video Downloader 4.8 (HKLM\...\{2FA2F521-494C-4E8F-8C30-3D3E81590413}) (Version: 4.8.0.2852 - Open Media LLC)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2084, 01.12.2018 - AIMP DevTeam)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.59 - Piriform)
Chrome Remote Desktop Host (HKLM-x32\...\{3C32042F-BCAE-4127-9679-B8BF8075402D}) (Version: 77.0.3865.32 - Google Inc.)
Discord (HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Driver Booster 6 (HKLM-x32\...\Driver Booster_is1) (Version: 6.6.0 - IObit)
Evernote v. 6.19.2 (HKLM-x32\...\{B02117F0-97C1-11E9-9D3F-005056951CAD}) (Version: 6.19.2.8555 - Evernote Corp.)
Gadwin PrintScreenPro (64-Bit) (HKLM\...\{45D7E53A-631F-4AA4-BB34-6ED0A91FC6AB}) (Version: 5.8.5.0 - Gadwin Systems)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Malwarebytes versão 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Mem Reduct (HKLM\...\memreduct) (Version: 3.3.5 - Henry++)
Microsoft Office Professional 2016 - pt-br (HKLM\...\ProfessionalRetail - pt-br) (Version: 16.0.11328.20392 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - pt-br (HKLM\...\Proplus2019Retail - pt-br) (Version: 16.0.11328.20392 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0007 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.21.27702 (HKLM-x32\...\{f4220b74-9edd-4ded-bc8b-0342c1e164d8}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 69.0 (x64 en-US) (HKLM\...\Mozilla Firefox 69.0 (x64 en-US)) (Version: 69.0 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
MTG Arena (HKLM-x32\...\{72DBDCDA-AFF1-4F79-A64B-1DCB92FA00BE}) (Version: 0.1.1615 - Wizards of the Coast)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 2.1.3 - MusicBrainz)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20392 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20392 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.11328.20392 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Path of Building version 1.4.140 (HKLM-x32\...\{72FA9AB7-189F-4BDE-8856-72DEB90C157B}_is1) (Version: 1.4.140 - Openarl)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 3.5.4.52067 - Grinding Gear Games) Hidden
Path of Exile (HKLM-x32\...\{ba85f057-d5c4-428a-9dbf-f1a7a0fd02cc}) (Version: 3.5.4.52067 - Grinding Gear Games)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Skype versão 8.51 (HKLM-x32\...\Skype_is1) (Version: 8.51 - Skype Technologies S.A.)
SoundSwitch 4.14.0.31865 (HKLM\...\SoundSwitch_is1) (Version: 4.14.0.31865 - Antoine Aflalo)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.7 - Synaptics Incorporated)
WinDirStat 1.1.2 (HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\WinDirStat) (Version: - )
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Packages:
=========
Email e Calendário -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-03-02] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-02] (Microsoft Corporation) [MS Ad]
Microsoft Notícias -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.9.0_x64__nfy108tqq3p12 [2019-03-02] (Thumbmunkeys Ltd) [MS Ad]
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2019-03-02] (Plex)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-1190035161-3316759795-3330483907-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Nenhum Arquivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Nenhum Arquivo
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2019-07-16] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Nenhum Arquivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Nenhum Arquivo
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Nenhum Arquivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Nenhum Arquivo
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2019-07-16] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Nenhum Arquivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Nenhum Arquivo
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Nenhum Arquivo
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2018-09-15 04:31 - 2019-09-13 13:52 - 000000878 _____ C:\Windows\system32\drivers\etc\hosts
0.0.0.0 serius.mwbsys.com
0.0.0.0 keystone.mwbsys.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.15.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
Se uma entrada for incluída na fixlist, será removida.
HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "SoftEther VPN Client UI Helper"
HKLM\...\StartupApproved\Run32: => "AvastUI.exe"
HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\StartupApproved\StartupFolder: => "EvernoteClipper.lnk"
HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\StartupApproved\Run: => "ManyCam"
HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\StartupApproved\Run: => "Gadwin PrintScreen Pro (64-bit)"
HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\StartupApproved\Run: => "NetLimiter"
HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1190035161-3316759795-3330483907-1001\...\StartupApproved\Run: => "Skype for Desktop"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [TCP Query User{B71436E5-8676-47A4-AD45-4BCFAB3FE64C}C:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files (x86)\wizards of the coast\mtga\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [UDP Query User{27CDD1C5-1554-486E-A5BD-C4BE8B1EFD18}C:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files (x86)\wizards of the coast\mtga\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [{5624897D-95DF-47AA-83DC-8D014DB59457}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{22418117-D8EC-43DE-B231-19447F49E5A3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{71DF8606-F502-44E0-954D-49A7CC22DCD2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{284DB002-50C4-48C6-AD4F-48499E1FE447}] => (Allow) C:\Users\leexr\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{78C1CB31-0772-4A07-9DAC-ACDAB17FBA92}] => (Allow) C:\Users\leexr\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{9B02ECB3-E94A-40A6-8E1F-D1597D7AEA61}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{169D02EC-D0FA-44F7-A19E-08CF86C552A0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5F09F2F6-5743-4CC3-A103-59EA6316B80F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{995981EE-A80D-4180-B332-8A872721F317}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{CC8F085B-86BE-4372-9836-CAFB899982CB}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\77.0.3865.32\remoting_host.exe (Google LLC -> Google Inc.)
FirewallRules: [{8337469A-906B-4AE5-9550-69DCF48AD473}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{1E98C653-D37F-4843-8F30-BA7118C6B73D}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> )
FirewallRules: [{B5B63E3E-8C18-43B3-B7BB-E9B8FEF81932}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> )
FirewallRules: [TCP Query User{91B7DD9B-04EF-425A-95C0-75538E065BE0}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{BC5FBB9B-7259-469C-A7F9-752587B2EA69}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [{AAEDCC1D-F59A-493B-BB8E-927F874C30E0}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0A1E2DB5-FAC1-4B0D-801F-4926F7BC8C24}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Pontos de Restauração =========================
05-09-2019 23:54:42 Ponto de Verificação Agendado
10-09-2019 15:29:14 Windows Update
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (09/13/2019 05:14:11 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Falha na instalação do Comprovante da Compra. 0xC004F050
Pkey Parcial=KHGBD
ACID=?
Erro Detalhado[?]
Error: (09/13/2019 05:03:12 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Falha na instalação do Comprovante da Compra. 0xC004F050
Pkey Parcial=KHGBD
ACID=?
Erro Detalhado[?]
Erros de Sistema:
=============
Error: (09/13/2019 05:03:35 PM) (Source: DCOM) (EventID: 10016) (User: RED-NOT01W)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
e APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
ao usuário RED-NOT01W\leexr SID (S-1-5-21-1190035161-3316759795-3330483907-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (09/13/2019 05:01:51 PM) (Source: DCOM) (EventID: 10016) (User: RED-NOT01W)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Iniciar para o aplicativo de Servidor COM com CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
e APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
ao usuário RED-NOT01W\leexr SID (S-1-5-21-1190035161-3316759795-3330483907-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (09/13/2019 05:00:23 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a resposta de uma transação do serviço ClickToRunSvc.
Error: (09/13/2019 04:59:51 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: O serviço Malwarebytes Service não foi desligado corretamente após receber um controle de pré-desligamento.
Error: (09/13/2019 04:59:48 PM) (Source: DCOM) (EventID: 10005) (User: AUTORIDADE NT)
Description: O DCOM obteve o erro "1115" ao tentar iniciar o serviço SecurityHealthService com argumentos "Não Disponível" para executar o servidor:
{2D15188C-D298-4E10-83B2-64666CCBEBBD}
Error: (09/13/2019 04:59:48 PM) (Source: DCOM) (EventID: 10005) (User: AUTORIDADE NT)
Description: O DCOM obteve o erro "1115" ao tentar iniciar o serviço SecurityHealthService com argumentos "Não Disponível" para executar o servidor:
{2D15188C-D298-4E10-83B2-64666CCBEBBD}
Error: (09/13/2019 04:59:48 PM) (Source: DCOM) (EventID: 10005) (User: AUTORIDADE NT)
Description: O DCOM obteve o erro "1115" ao tentar iniciar o serviço SecurityHealthService com argumentos "Não Disponível" para executar o servidor:
{2D15188C-D298-4E10-83B2-64666CCBEBBD}
Error: (09/13/2019 04:59:48 PM) (Source: DCOM) (EventID: 10005) (User: AUTORIDADE NT)
Description: O DCOM obteve o erro "1115" ao tentar iniciar o serviço SecurityHealthService com argumentos "Não Disponível" para executar o servidor:
{2D15188C-D298-4E10-83B2-64666CCBEBBD}
Windows Defender:
===================================
Date: 2019-03-07 06:14:26.336
Description:
O exame do Windows Defender Antivirus foi interrompido antes da conclusão.
ID do Exame: {C2204695-AE75-4C57-9B9C-42BC3020ED73}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA
Date: 2019-03-07 04:09:15.487
Description:
O exame do Windows Defender Antivirus foi interrompido antes da conclusão.
ID do Exame: {F13A09B1-2454-4117-A7A7-2E1F05392DDD}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA
CodeIntegrity:
===================================
Date: 2019-09-13 17:06:02.119
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-13 17:06:02.081
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-13 17:06:02.017
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-13 17:06:01.983
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-07-03 05:37:56.783
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.
Date: 2019-07-03 05:37:56.780
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.
Date: 2019-07-03 05:35:49.951
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.
Date: 2019-07-03 05:35:49.949
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.
==================== Informações da Memória ===========================
BIOS: American Megatrends Inc. 1.00W 04/16/2013
Motherboard: Digiboard NH4CU03
Processador: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz
Percentagem de memória em uso: 40%
RAM física total: 3990.14 MB
RAM física disponível: 2382.75 MB
Virtual Total: 6166.14 MB
Virtual disponível: 2584.56 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:296.79 GB) (Free:177.71 GB) NTFS
\\?\Volume{5f1805d5-0000-0000-0000-100000000000}\ (Reservado pelo Sistema) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{5f1805d5-0000-0000-0000-30524a000000}\ () (Fixed) (Total:0.8 GB) (Free:0.34 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 5F1805D5)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=296.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=823 MB) - (Type=27)
==================== Fim de Addition.txt ============================