Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 14-08-2021
Executado por pc lipe (15-08-2021 19:50:05)
Executando a partir de C:\Users\pc lipe\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2021-07-25 19:57:51)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
(Se uma entrada for incluída na fixlist, será removida.)
Administrador (S-1-5-21-153524042-3651479210-1496504012-500 - Administrator - Disabled)
Convidado (S-1-5-21-153524042-3651479210-1496504012-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-153524042-3651479210-1496504012-1002 - Limited - Enabled)
pc lipe (S-1-5-21-153524042-3651479210-1496504012-1000 - Administrator - Enabled) => C:\Users\pc lipe
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-153524042-3651479210-1496504012-1000\...\uTorrent) (Version: 3.5.5.46038 - BitTorrent Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Ample Guitar M Lite II version 2.3.1 (HKLM-x32\...\{548F88E8-79D2-441F-B87B-E71754257651}_is1) (Version: 2.3.1 - Ample Sound Technology Co., Ltd.)
Arturia Analog Lab V (HKLM\...\Analog Lab V_is1) (Version: 5.2.0.1378 - Arturia & Team V.R)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
BABY Audio - Super VHS version 1.0.0 (HKLM\...\BABY Audio - Super VHS_is1) (Version: 1.0.0 - )
Cymatics Diablo (HKLM\...\Diablo_is1) (Version: 1.0.1 - Cymatics)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.14.0.1762 - Disc Soft Ltd)
Driver Booster 7 (HKLM-x32\...\Driver Booster_is1) (Version: 7.3.0 - IObit)
FabFilter Total Bundle (HKLM\...\FabFilter Total Bundle_is1) (Version: 2021.5 - FabFilter & Team V.R)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.131 - Google LLC)
Guitar Rig 6 (HKLM\...\Guitar Rig 6 Pro_is1) (Version: 6.2.2 - Native Instruments & Team V.R)
Habbo Launcher 1.0.31 (HKU\S-1-5-21-153524042-3651479210-1496504012-1000\...\b0f95613-ac52-59ec-900c-d7a2b2d9c05d) (Version: 1.0.31 - Sulake Oy)
HalfTime 1.0.1 (HKLM\...\HalfTime_is1) (Version: 1.0.1 - CableGuys & Team V.R)
iFun Screen Recorder (HKLM-x32\...\iFun Screen Recorder_is1) (Version: 1.2.0 - IObit)
IObit Uninstaller 10 (HKLM-x32\...\IObitUninstall) (Version: 10.6.0.6 - IObit)
iZotope Meter Tap 3 (HKLM\...\Meter Tap 3_is1) (Version: 1.0.3 - iZotope)
iZotope Ozone 9 (HKLM\...\Ozone 9_is1) (Version: 9.0.1 - iZotope)
iZotope Relay (HKLM\...\Relay_is1) (Version: 1.0.3 - iZotope)
iZotope Tonal Balance Control II (HKLM\...\Tonal Balance Control II_is1) (Version: 2.0.0 - iZotope)
KSHMR Essentials Kick version 1.0.0 (HKLM\...\KSHMR Essentials Kick_is1) (Version: 1.0.0 - )
LiquidSonics Cinematic Rooms Professional (HKLM\...\Cinematic Rooms Professional_is1) (Version: 1.0.3 - LiquidSonics)
Malwarebytes version 4.4.4.126 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.4.126 - Malwarebytes)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (Português (Brasil)) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30040 (HKLM-x32\...\{5c6cccca-61ec-4667-a8d9-e133a59a5a73}) (Version: 14.29.30040.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30040 (HKLM-x32\...\{a8968509-65be-4c09-a460-fd1584b1cdbf}) (Version: 14.29.30040.0 - Microsoft Corporation)
MPC Beats 2.8.3 (HKLM\...\com.akaipro.mpc.beats_is1) (Version: 2.8.3 - Akai Professional)
Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.1.0.20 - Native Instruments)
Native Instruments Raum (HKLM-x32\...\Native Instruments Raum) (Version: 1.0.0.29 - Native Instruments)
Pianoteq STAGE version 6.2.2 (HKLM\...\Pianoteq STAGE_is1) (Version: 6.2.2 - Modartt)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8746.1 - Realtek Semiconductor Corp.)
SK10 version 1.0.2 (HKLM\...\SK10_is1) (Version: 1.0.2 - )
Smart Defrag 7 (HKLM-x32\...\Smart Defrag_is1) (Version: 7.0.0.62 - IObit)
Spectrasonics Trilian Library version 1.0 (HKLM-x32\...\Spectrasonics Trilian Library_is1) (Version: - Copyright (C) 2009-2011 Spectrasonics)
Spectrasonics Trilian VSTi Plug-In version 1.4 (HKLM-x32\...\Spectrasonics Trilian VSTi Plug-In_is1) (Version: - Copyright (C) 2009-2011 Spectrasonics)
Spitfire Audio version 3.3.10 (HKLM-x32\...\{ABC5F486-25BD-4BAA-9FA1-A84152CBB563}_is1) (Version: 3.3.10 - Spitfire Audio Holdings Ltd)
Sugar Bytes Looperator 1.0 (HKLM\...\Looperator_is1) (Version: 1.0 - Sugar Bytes)
UsbFix Anti-Malware Premium (HKLM-x32\...\Usbfix) (Version: 11.0.3.2 - SOSVirus (SOSVirus.Net))
Valhalla DSP bundle 2021.4 (HKLM\...\ValhallaDSP bundle_is1) (Version: 2021.4 - Valhalla DSP, LLC & Team V.R)
Vinyl (HKLM\...\Vinyl) (Version: 1.10.0 - iZotope, Inc.)
Waves Central (HKLM\...\{ab507e17-892b-5203-838d-d58d8d09c50f}) (Version: 12.0.20 - Waves Audio Ltd)
WinRAR 5.91 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.1 - win.rar GmbH)
XLN Audio RC-20 Retro Color (HKLM\...\RC-20 Retro Color_is1) (Version: 1.0.5 - XLN Audio)
==================== Exame Personalizado CLSID (Whitelisted): ==============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4301143 2010-03-25] (Microsoft Corporation) [Arquivo não assinado]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2019-09-12] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-07-26] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-07-26] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2014-07-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2019-09-12] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Módulos Carregados (Whitelisted) =============
2021-08-15 15:45 - 2021-07-16 12:05 - 005563392 _____ (ActVer©®™) [Arquivo não assinado] C:\Program Files (x86)\IObit\Sma\version.dll
2020-08-17 18:45 - 2020-08-17 18:45 - 000021504 _____ (Adobe Systems Inc.) [Arquivo não assinado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\pt_br\Acrobat Elements\ContextMenuShim64.ptb
2021-08-15 15:35 - 2021-03-25 14:29 - 000161727 _____ (IObit) [Arquivo não assinado] C:\Program Files (x86)\iFun\iFun Screen Recorder\camdll.dll
2021-08-15 15:43 - 2016-07-22 13:20 - 000153319 _____ (IObit) [Arquivo não assinado] C:\Program Files (x86)\IObit\Sma\dataexchange.dll
2021-08-15 01:09 - 2021-08-15 01:09 - 000069337 _____ (Microsoft Corporation) [Arquivo não assinado] C:\Program Files\Common Files\System\symsrv.dll
2018-09-15 17:15 - 2018-09-15 17:15 - 002651648 _____ (Microsoft Corporation) [Arquivo não assinado] c:\windows\system32\wuaueng2.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Modo de Segurança (Whitelisted) ==================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Associação (Whitelisted) =================
==================== Internet Explorer (Versão 11) (Whitelisted) ==========
HKU\S-1-5-21-153524042-3651479210-1496504012-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com.br/
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-08-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-08-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) [Arquivo não assinado]
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-08-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-08-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-08-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-08-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-153524042-3651479210-1496504012-1000\...\localhost -> localhost
==================== Hosts Conteúdo: =========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:34 - 2019-10-09 08:45 - 000000955 ____R C:\Windows\system32\drivers\etc\hosts
127.0.0.1 keystone.mwbsys.com
==================== Outras Áreas ===========================
(Atualmente não há nenhuma correção automática para esta seção.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-153524042-3651479210-1496504012-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\pc lipe\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1 - 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
==================== Regras do Firewall (Whitelisted) ================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [TCP Query User{29A2ECE2-20DF-4013-8C1A-5EAC1B85098B}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{DDEB1E63-8977-4818-87F1-8801A3880F32}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{A94EDCF5-BB34-427D-8F61-92048C66F6E4}C:\users\pc lipe\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\pc lipe\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc.) [Arquivo não assinado]
FirewallRules: [UDP Query User{BDDB56B7-3989-4992-B77C-FCD42694B19E}C:\users\pc lipe\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\pc lipe\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc.) [Arquivo não assinado]
FirewallRules: [{3A815E20-29CF-4F8D-A0AF-1C142E0D886E}] => (Allow) C:\Users\pc lipe\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) [Arquivo não assinado]
FirewallRules: [{A4F9FDFC-0472-48C7-A1A9-3F816E674B09}] => (Allow) C:\Users\pc lipe\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) [Arquivo não assinado]
==================== Pontos de Restauração =========================
==================== Dispositivos Apresentando Falhas No Gerenciador ============
==================== Erros no Log de eventos: ========================
Erros em Aplicativos:
==================
Error: (08/15/2021 07:44:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/15/2021 07:03:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/15/2021 07:02:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: updaterstartuputility.exe, versão: 9.0.0.31, carimbo de hora: 0x5acdb9f4
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.24545, carimbo de hora: 0x5e0eb751
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00063269
Identificação do processo com falha: 0x9f0
Hora de início do aplicativo com falha: 0x01d792212cc19d9e
Caminho do aplicativo com falha: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
FCaminho do módulo de falhas: C:\Windows\SysWOW64\ntdll.dll
Identificação do Relatório: 6ca6f26b-fe14-11eb-ae90-00e04cb5098a
Error: (08/15/2021 05:59:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: mbamservice.exe, versão: 3.2.0.845, carimbo de hora: 0x5d10ed55
Nome do módulo de falhas: ScanControllerImpl.dll, versão: 3.2.0.998, carimbo de hora: 0x5d016753
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00000000000066d8
Identificação do processo com falha: 0x15cc
Hora de início do aplicativo com falha: 0x01d792186c11c1bb
Caminho do aplicativo com falha: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
FCaminho do módulo de falhas: C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ScanControllerImpl.dll
Identificação do Relatório: b70ec22d-fe0b-11eb-948d-00e04cb5098a
Error: (08/15/2021 05:51:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/15/2021 05:50:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: updaterstartuputility.exe, versão: 9.0.0.31, carimbo de hora: 0x5acdb9f4
Nome do módulo de falhas: KERNELBASE.dll, versão: 6.1.7601.24545, carimbo de hora: 0x5e0eb7f5
Código de exceção: 0xe06d7363
Deslocamento com falha: 0x0000c5af
Identificação do processo com falha: 0x9a0
Hora de início do aplicativo com falha: 0x01d792171f59f3d5
Caminho do aplicativo com falha: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
FCaminho do módulo de falhas: C:\Windows\syswow64\KERNELBASE.dll
Identificação do Relatório: 5e9c015e-fe0a-11eb-948d-00e04cb5098a
Error: (08/15/2021 05:18:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/15/2021 05:16:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: NvBackend.exe, versão: 15.3.33.0, carimbo de hora: 0x53d2379b
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.24545, carimbo de hora: 0x5e0eb751
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00063269
Identificação do processo com falha: 0xb18
Hora de início do aplicativo com falha: 0x01d792127cacfbf9
Caminho do aplicativo com falha: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
FCaminho do módulo de falhas: C:\Windows\SysWOW64\ntdll.dll
Identificação do Relatório: bbd69f26-fe05-11eb-bd81-00e04cb5098a
Erros de Sistema:
=============
Error: (08/15/2021 07:44:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Serviço do Google Update (gupdate) devido ao seguinte erro:
O serviço não respondeu à requisição de início ou controle em tempo hábil.
Error: (08/15/2021 07:44:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Serviço do Google Update (gupdate).
Error: (08/15/2021 07:44:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Serviço Microsoft Edge Update (edgeupdate) devido ao seguinte erro:
O serviço não respondeu à requisição de início ou controle em tempo hábil.
Error: (08/15/2021 07:44:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Serviço Microsoft Edge Update (edgeupdate).
Error: (08/15/2021 07:42:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
cdrom
Error: (08/15/2021 07:42:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço NVIDIA Network Service.
Error: (08/15/2021 07:42:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Adobe Genuine Software Integrity Service devido ao seguinte erro:
O serviço não respondeu à requisição de início ou controle em tempo hábil.
Error: (08/15/2021 07:42:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Adobe Genuine Software Integrity Service.
==================== Informações da Memória ===========================
BIOS: American Megatrends Inc. 4.6.5 04/10/2018
placa-mãe: INTEL Corporation MAHOBAY
Processador: Intel(R) Core(TM) i5-2500S CPU @ 2.70GHz
Percentagem de memória em uso: 49%
RAM física total: 8160.77 MB
RAM física disponível: 4158.19 MB
Virtual Total: 16319.69 MB
Virtual disponível: 10750.31 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.89 GB) (Free:280.62 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)]
\\?\Volume{ff5114c4-ed81-11eb-a689-806e6f6e6963}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
==================== MBR & Tabela de Partições ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 13B1994E)
Partition 1: (Active) - (Size=930.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=531 MB) - (Type=27)
==================== Fim de Addition.txt =======================
Executado por pc lipe (15-08-2021 19:50:05)
Executando a partir de C:\Users\pc lipe\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2021-07-25 19:57:51)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
(Se uma entrada for incluída na fixlist, será removida.)
Administrador (S-1-5-21-153524042-3651479210-1496504012-500 - Administrator - Disabled)
Convidado (S-1-5-21-153524042-3651479210-1496504012-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-153524042-3651479210-1496504012-1002 - Limited - Enabled)
pc lipe (S-1-5-21-153524042-3651479210-1496504012-1000 - Administrator - Enabled) => C:\Users\pc lipe
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-153524042-3651479210-1496504012-1000\...\uTorrent) (Version: 3.5.5.46038 - BitTorrent Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Ample Guitar M Lite II version 2.3.1 (HKLM-x32\...\{548F88E8-79D2-441F-B87B-E71754257651}_is1) (Version: 2.3.1 - Ample Sound Technology Co., Ltd.)
Arturia Analog Lab V (HKLM\...\Analog Lab V_is1) (Version: 5.2.0.1378 - Arturia & Team V.R)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
BABY Audio - Super VHS version 1.0.0 (HKLM\...\BABY Audio - Super VHS_is1) (Version: 1.0.0 - )
Cymatics Diablo (HKLM\...\Diablo_is1) (Version: 1.0.1 - Cymatics)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.14.0.1762 - Disc Soft Ltd)
Driver Booster 7 (HKLM-x32\...\Driver Booster_is1) (Version: 7.3.0 - IObit)
FabFilter Total Bundle (HKLM\...\FabFilter Total Bundle_is1) (Version: 2021.5 - FabFilter & Team V.R)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.131 - Google LLC)
Guitar Rig 6 (HKLM\...\Guitar Rig 6 Pro_is1) (Version: 6.2.2 - Native Instruments & Team V.R)
Habbo Launcher 1.0.31 (HKU\S-1-5-21-153524042-3651479210-1496504012-1000\...\b0f95613-ac52-59ec-900c-d7a2b2d9c05d) (Version: 1.0.31 - Sulake Oy)
HalfTime 1.0.1 (HKLM\...\HalfTime_is1) (Version: 1.0.1 - CableGuys & Team V.R)
iFun Screen Recorder (HKLM-x32\...\iFun Screen Recorder_is1) (Version: 1.2.0 - IObit)
IObit Uninstaller 10 (HKLM-x32\...\IObitUninstall) (Version: 10.6.0.6 - IObit)
iZotope Meter Tap 3 (HKLM\...\Meter Tap 3_is1) (Version: 1.0.3 - iZotope)
iZotope Ozone 9 (HKLM\...\Ozone 9_is1) (Version: 9.0.1 - iZotope)
iZotope Relay (HKLM\...\Relay_is1) (Version: 1.0.3 - iZotope)
iZotope Tonal Balance Control II (HKLM\...\Tonal Balance Control II_is1) (Version: 2.0.0 - iZotope)
KSHMR Essentials Kick version 1.0.0 (HKLM\...\KSHMR Essentials Kick_is1) (Version: 1.0.0 - )
LiquidSonics Cinematic Rooms Professional (HKLM\...\Cinematic Rooms Professional_is1) (Version: 1.0.3 - LiquidSonics)
Malwarebytes version 4.4.4.126 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.4.126 - Malwarebytes)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (Português (Brasil)) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30040 (HKLM-x32\...\{5c6cccca-61ec-4667-a8d9-e133a59a5a73}) (Version: 14.29.30040.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30040 (HKLM-x32\...\{a8968509-65be-4c09-a460-fd1584b1cdbf}) (Version: 14.29.30040.0 - Microsoft Corporation)
MPC Beats 2.8.3 (HKLM\...\com.akaipro.mpc.beats_is1) (Version: 2.8.3 - Akai Professional)
Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.1.0.20 - Native Instruments)
Native Instruments Raum (HKLM-x32\...\Native Instruments Raum) (Version: 1.0.0.29 - Native Instruments)
Pianoteq STAGE version 6.2.2 (HKLM\...\Pianoteq STAGE_is1) (Version: 6.2.2 - Modartt)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8746.1 - Realtek Semiconductor Corp.)
SK10 version 1.0.2 (HKLM\...\SK10_is1) (Version: 1.0.2 - )
Smart Defrag 7 (HKLM-x32\...\Smart Defrag_is1) (Version: 7.0.0.62 - IObit)
Spectrasonics Trilian Library version 1.0 (HKLM-x32\...\Spectrasonics Trilian Library_is1) (Version: - Copyright (C) 2009-2011 Spectrasonics)
Spectrasonics Trilian VSTi Plug-In version 1.4 (HKLM-x32\...\Spectrasonics Trilian VSTi Plug-In_is1) (Version: - Copyright (C) 2009-2011 Spectrasonics)
Spitfire Audio version 3.3.10 (HKLM-x32\...\{ABC5F486-25BD-4BAA-9FA1-A84152CBB563}_is1) (Version: 3.3.10 - Spitfire Audio Holdings Ltd)
Sugar Bytes Looperator 1.0 (HKLM\...\Looperator_is1) (Version: 1.0 - Sugar Bytes)
UsbFix Anti-Malware Premium (HKLM-x32\...\Usbfix) (Version: 11.0.3.2 - SOSVirus (SOSVirus.Net))
Valhalla DSP bundle 2021.4 (HKLM\...\ValhallaDSP bundle_is1) (Version: 2021.4 - Valhalla DSP, LLC & Team V.R)
Vinyl (HKLM\...\Vinyl) (Version: 1.10.0 - iZotope, Inc.)
Waves Central (HKLM\...\{ab507e17-892b-5203-838d-d58d8d09c50f}) (Version: 12.0.20 - Waves Audio Ltd)
WinRAR 5.91 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.1 - win.rar GmbH)
XLN Audio RC-20 Retro Color (HKLM\...\RC-20 Retro Color_is1) (Version: 1.0.5 - XLN Audio)
==================== Exame Personalizado CLSID (Whitelisted): ==============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4301143 2010-03-25] (Microsoft Corporation) [Arquivo não assinado]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2019-09-12] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-07-26] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-07-26] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2014-07-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2019-09-12] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Módulos Carregados (Whitelisted) =============
2021-08-15 15:45 - 2021-07-16 12:05 - 005563392 _____ (ActVer©®™) [Arquivo não assinado] C:\Program Files (x86)\IObit\Sma\version.dll
2020-08-17 18:45 - 2020-08-17 18:45 - 000021504 _____ (Adobe Systems Inc.) [Arquivo não assinado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\pt_br\Acrobat Elements\ContextMenuShim64.ptb
2021-08-15 15:35 - 2021-03-25 14:29 - 000161727 _____ (IObit) [Arquivo não assinado] C:\Program Files (x86)\iFun\iFun Screen Recorder\camdll.dll
2021-08-15 15:43 - 2016-07-22 13:20 - 000153319 _____ (IObit) [Arquivo não assinado] C:\Program Files (x86)\IObit\Sma\dataexchange.dll
2021-08-15 01:09 - 2021-08-15 01:09 - 000069337 _____ (Microsoft Corporation) [Arquivo não assinado] C:\Program Files\Common Files\System\symsrv.dll
2018-09-15 17:15 - 2018-09-15 17:15 - 002651648 _____ (Microsoft Corporation) [Arquivo não assinado] c:\windows\system32\wuaueng2.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Modo de Segurança (Whitelisted) ==================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Associação (Whitelisted) =================
==================== Internet Explorer (Versão 11) (Whitelisted) ==========
HKU\S-1-5-21-153524042-3651479210-1496504012-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com.br/
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-08-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-08-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) [Arquivo não assinado]
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-08-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-08-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-08-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-08-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-153524042-3651479210-1496504012-1000\...\localhost -> localhost
==================== Hosts Conteúdo: =========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-13 23:34 - 2019-10-09 08:45 - 000000955 ____R C:\Windows\system32\drivers\etc\hosts
127.0.0.1 keystone.mwbsys.com
==================== Outras Áreas ===========================
(Atualmente não há nenhuma correção automática para esta seção.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-153524042-3651479210-1496504012-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\pc lipe\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1 - 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
==================== Regras do Firewall (Whitelisted) ================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [TCP Query User{29A2ECE2-20DF-4013-8C1A-5EAC1B85098B}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{DDEB1E63-8977-4818-87F1-8801A3880F32}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{A94EDCF5-BB34-427D-8F61-92048C66F6E4}C:\users\pc lipe\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\pc lipe\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc.) [Arquivo não assinado]
FirewallRules: [UDP Query User{BDDB56B7-3989-4992-B77C-FCD42694B19E}C:\users\pc lipe\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\pc lipe\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc.) [Arquivo não assinado]
FirewallRules: [{3A815E20-29CF-4F8D-A0AF-1C142E0D886E}] => (Allow) C:\Users\pc lipe\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) [Arquivo não assinado]
FirewallRules: [{A4F9FDFC-0472-48C7-A1A9-3F816E674B09}] => (Allow) C:\Users\pc lipe\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) [Arquivo não assinado]
==================== Pontos de Restauração =========================
==================== Dispositivos Apresentando Falhas No Gerenciador ============
==================== Erros no Log de eventos: ========================
Erros em Aplicativos:
==================
Error: (08/15/2021 07:44:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/15/2021 07:03:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/15/2021 07:02:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: updaterstartuputility.exe, versão: 9.0.0.31, carimbo de hora: 0x5acdb9f4
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.24545, carimbo de hora: 0x5e0eb751
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00063269
Identificação do processo com falha: 0x9f0
Hora de início do aplicativo com falha: 0x01d792212cc19d9e
Caminho do aplicativo com falha: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
FCaminho do módulo de falhas: C:\Windows\SysWOW64\ntdll.dll
Identificação do Relatório: 6ca6f26b-fe14-11eb-ae90-00e04cb5098a
Error: (08/15/2021 05:59:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: mbamservice.exe, versão: 3.2.0.845, carimbo de hora: 0x5d10ed55
Nome do módulo de falhas: ScanControllerImpl.dll, versão: 3.2.0.998, carimbo de hora: 0x5d016753
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00000000000066d8
Identificação do processo com falha: 0x15cc
Hora de início do aplicativo com falha: 0x01d792186c11c1bb
Caminho do aplicativo com falha: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
FCaminho do módulo de falhas: C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ScanControllerImpl.dll
Identificação do Relatório: b70ec22d-fe0b-11eb-948d-00e04cb5098a
Error: (08/15/2021 05:51:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/15/2021 05:50:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: updaterstartuputility.exe, versão: 9.0.0.31, carimbo de hora: 0x5acdb9f4
Nome do módulo de falhas: KERNELBASE.dll, versão: 6.1.7601.24545, carimbo de hora: 0x5e0eb7f5
Código de exceção: 0xe06d7363
Deslocamento com falha: 0x0000c5af
Identificação do processo com falha: 0x9a0
Hora de início do aplicativo com falha: 0x01d792171f59f3d5
Caminho do aplicativo com falha: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
FCaminho do módulo de falhas: C:\Windows\syswow64\KERNELBASE.dll
Identificação do Relatório: 5e9c015e-fe0a-11eb-948d-00e04cb5098a
Error: (08/15/2021 05:18:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/15/2021 05:16:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: NvBackend.exe, versão: 15.3.33.0, carimbo de hora: 0x53d2379b
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.24545, carimbo de hora: 0x5e0eb751
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00063269
Identificação do processo com falha: 0xb18
Hora de início do aplicativo com falha: 0x01d792127cacfbf9
Caminho do aplicativo com falha: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
FCaminho do módulo de falhas: C:\Windows\SysWOW64\ntdll.dll
Identificação do Relatório: bbd69f26-fe05-11eb-bd81-00e04cb5098a
Erros de Sistema:
=============
Error: (08/15/2021 07:44:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Serviço do Google Update (gupdate) devido ao seguinte erro:
O serviço não respondeu à requisição de início ou controle em tempo hábil.
Error: (08/15/2021 07:44:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Serviço do Google Update (gupdate).
Error: (08/15/2021 07:44:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Serviço Microsoft Edge Update (edgeupdate) devido ao seguinte erro:
O serviço não respondeu à requisição de início ou controle em tempo hábil.
Error: (08/15/2021 07:44:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Serviço Microsoft Edge Update (edgeupdate).
Error: (08/15/2021 07:42:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
cdrom
Error: (08/15/2021 07:42:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço NVIDIA Network Service.
Error: (08/15/2021 07:42:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Adobe Genuine Software Integrity Service devido ao seguinte erro:
O serviço não respondeu à requisição de início ou controle em tempo hábil.
Error: (08/15/2021 07:42:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Adobe Genuine Software Integrity Service.
==================== Informações da Memória ===========================
BIOS: American Megatrends Inc. 4.6.5 04/10/2018
placa-mãe: INTEL Corporation MAHOBAY
Processador: Intel(R) Core(TM) i5-2500S CPU @ 2.70GHz
Percentagem de memória em uso: 49%
RAM física total: 8160.77 MB
RAM física disponível: 4158.19 MB
Virtual Total: 16319.69 MB
Virtual disponível: 10750.31 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.89 GB) (Free:280.62 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)]
\\?\Volume{ff5114c4-ed81-11eb-a689-806e6f6e6963}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
==================== MBR & Tabela de Partições ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 13B1994E)
Partition 1: (Active) - (Size=930.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=531 MB) - (Type=27)
==================== Fim de Addition.txt =======================