Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:10-01-2015 01 Executado por Pedro Barros (2016-01-13 09:23:03) Executando a partir de I:\ Windows 7 Ultimate Service Pack 1 (X64) (2012-12-26 10:24:13) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-754630649-1474531443-62511441-500 - Administrator - Disabled) Convidado (S-1-5-21-754630649-1474531443-62511441-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-754630649-1474531443-62511441-1998 - Limited - Enabled) Pedro Barros (S-1-5-21-754630649-1474531443-62511441-1001 - Administrator - Enabled) => F:\Users\Pedro Barros ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: avast! Antivirus (Enabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-754630649-1474531443-62511441-1001\...\uTorrent) (Version: 3.4.6.41634 - BitTorrent Inc.) Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated) Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.5.1 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.1.2.114 - Adobe Systems Incorporated) Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.2.1 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0.1 - Adobe Systems Incorporated) Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.2 - Adobe Systems Incorporated) Adobe Shockwave Player + Authorware Web Player (HKLM-x32\...\Adobe Shockwave Player + Authorware Web Player) (Version: v12.1.0.150 - Adobe Systems, Inc.) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.) Adobe Touch App Plugins (HKLM-x32\...\{1EC083EE-5B76-4A2A-B95A-CAF460AA29D6}) (Version: 1.0 - Adobe Systems Incorporated) AMP Font Viewer (HKLM-x32\...\AMP Font Viewer) (Version: - ) Antares Auto-Tune Evo VST (HKLM-x32\...\{FFF74EC9-1FF4-4456-99E3-4F05129F4FAB}) (Version: 6.00.0009 - Antares Audio Technologies) aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) Avast Internet Security (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software) Baidu Browser (HKLM-x32\...\Spark) (Version: 43.18 Preview - Baidu Inc.) bl (x32 Version: 1.0.0 - Your Company Name) Hidden BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden C4400 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden Camtasia Studio 8 (HKLM-x32\...\{A7727F03-5311-4A12-9A63-2ACD20BA0497}) (Version: 8.2.1.1423 - TechSmith Corporation) DENoise 2, After Effects-compatible plugin set (HKLM-x32\...\DENoise 2, After Effects-compatible plugin set) (Version: - ) DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden DVD Audio Extractor 7.0.2 (HKLM-x32\...\DVD Audio Extractor_is1) (Version: - Computer Application Studio) Flame Painter 1.2 (HKLM-x32\...\Flame Painter_is1) (Version: 1.1 - Peter Blaskovic) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Integrated Camera (HKLM-x32\...\{71A51CC2-E7D3-11DB-A386-005056C00008}) (Version: 1.00.0000 - Vimicro Corporation) Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation) KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.0.2.6 - PandoraTV) Knoll Light Factory Photo 64 bit (HKLM-x32\...\InstallShield_{69F849EF-4918-4333-81C1-8D8FC07E62B1}) (Version: 3.2 - Red Giant Software) MainConcept MPEG Pro for Adobe Premiere Pro 1.05 (HKLM-x32\...\InstallShield_{40A2A921-5ADF-470A-BCE5-C911794DAB06}) (Version: 1.05.0000 - MainConcept GmbH) MainConcept MPEG Pro for Adobe Premiere Pro 1.05 (x32 Version: 1.05.0000 - MainConcept GmbH) Hidden Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation) Minhateca.com.br Box (HKLM-x32\...\{6A22B145-83AD-4320-946C-73E04E4D3E90}) (Version: 2.0.7.9 - Minhateca.com.br) Morpheus Photo Animation Suite v3.16 (HKLM-x32\...\Morpheus Photo Animation Suite_is1) (Version: 3.16 - Morpheus Software, LLC) Mozilla Firefox 43.0.4 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 pt-BR)) (Version: 43.0.4 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla) MPC-HC 1.6.5.6366 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.6.5.6366 - MPC-HC Team) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) Nero 7 Ultra Edition (HKLM-x32\...\{C6115A28-F277-4E82-B067-84D28BF21046}) (Version: 7.03.1357 - Nero AG) Netspy Pro (x32 Version: 2.0.5386.26226 - WT Software) Hidden New Photo 5.1 (HKLM-x32\...\{2a3d8f14-8043-497e-b935-714167a06dec}_is1) (Version: - New Photo) Oxelon Media Converter 1.1 (HKLM-x32\...\Oxelon Media Converter_is1) (Version: - Oxelon) Pacote de Driver do Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (12/06/2010 4.0.0000.00000) (HKLM\...\30B2813B1F17EF6D99360A190E7F0D3BA2F0DC3C) (Version: 12/06/2010 4.0.0000.00000 - Google, Inc.) Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden ph (x32 Version: 1.0.0 - Your Company Name) Hidden Photodex ProShow Producer version 4.52 (HKLM-x32\...\Photodex ProShow Producer_is1) (Version: - Copyright (C) 1994-2011 Photodex Corporation) Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden Portrait Professional Studio 10.9 (HKLM-x32\...\PortraitProfessionalStudio10_is1) (Version: 10.9 - Anthropics Technology Ltd.) PS_AIO_03_C4400_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden QuickShare (HKLM-x32\...\{6C5E8E06-AE16-48A4-866A-575745B3233C}) (Version: 1.6.1.880 - Linkury Inc.) <==== ATENÇÃO QuickTime (HKLM-x32\...\InstallShield_{4E5E22C2-1386-47AE-8EDE-32DDCDCD6653}) (Version: 7.0.2 - Apple Computer, Inc.) QuickTime (x32 Version: 7.0.2 - Apple Computer, Inc.) Hidden R-Studio 7.5 (HKLM-x32\...\R-Studio 7.5NSIS) (Version: 7.5.156292 - R-Tools Technology Inc.) SafeZone Stable 1.46.1990.139 (x32 Version: 1.46.1990.139 - Avast Software) Hidden Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.05.00 - Samsung Electronics Co., Ltd.) Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden Sentinel System Driver Installer 7.5.1 (HKLM-x32\...\{BF9E346B-5ECE-4A18-9510-55729FD08323}) (Version: 7.5.1 - SafeNet, Inc.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft) SI Service (HKLM-x32\...\SI Service) (Version: 1.0.5.0 - CNB Technologies LLC) Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29327 - TeamViewer) Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden Trapcode Suite v12.1.6 (HKLM-x32\...\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 12.1.6 - Red Giant, LLC) UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden UpAurora (HKU\.DEFAULT\...\{2824E308-CEAC-4841-9E17-A9076365CFD7}) (Version: 1.0.0.3034 - UpAurora.COM) USB TV Device Driver (HKLM-x32\...\{3717C4F2-7412-4793-9BB8-D73D2817B3D6}) (Version: 1.00.0000 - Nome de sua empresa:) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden VIA Gerenciador de dispositivo de plataforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) W215_W218 USB-Handset Manager (HKLM-x32\...\{9705985B-7C51-4E8E-801D-285CD7977599}) (Version: 9.0707.0960 - Mobile Action) WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - ) WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.8.8.20150402 - Xilisoft) Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-754630649-1474531443-62511441-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> F:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {045916D1-D6D8-4353-BB34-AEC4E5BD92AA} - System32\Tasks\{A8629758-7007-432E-A850-E5A6D577FDBF} => F:\Users\Public\Documents\PEDRO NINJA\ChromeStandaloneSetup64.exe Task: {05761A6C-C131-4977-82DC-BCC3BE5D51DA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => F:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {0617E785-0479-4581-BEAF-DB2816FC351D} - System32\Tasks\{780FA500-BA26-4CBD-9CB7-3133EEACCABE} => pcalua.exe -a "F:\Users\Pedro Barros\AppData\Roaming\luckysearches\UninstallManager.exe" -c -ptid=age Task: {091B996E-1F8E-47EA-91E4-4F7661975EEF} - System32\Tasks\ResourceMonitor => F:\Program Files (x86)\Amigabit Powerbooster\ResourceMonitor.exe Task: {0DEF2004-B4CF-4F3C-A103-D25388F6DD52} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\OatTask => F:\Office Activation Technologies\Install.cmd [2016-08-14] () Task: {0E96A53A-8D8C-4EFB-B800-DB3B3D25DBB5} - System32\Tasks\Driver Booster SkipUAC (Pedro Barros) => F:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe Task: {12388B4C-96B0-4288-8C26-A72860BEA123} - System32\Tasks\{C8FAE900-2DC7-4F47-9D0B-871372849B78} => pcalua.exe -a "F:\Program Files (x86)\InstallShield Installation Information\{110B1ADF-2EAE-4E8F-B501-D2A1E6D8ED9D}\Setup2.exe" -c -runfromtemp -l0x0416 UNINSTALL -removeonly Task: {15B360EA-B55A-4F98-9234-5605C4AD46FB} - System32\Tasks\SafeZone scheduled Autoupdate 1450949863 => F:\Program Files\AVAST Software\SZBrowser\launcher.exe [2015-12-01] (Avast Software) Task: {247E5649-4192-480C-9883-FCD0473FFCC8} - System32\Tasks\{23F67E57-68EB-480E-BCA0-6D87B37D57B5} => F:\Program Files\Easeware\DriverEasy\DriverEasy.exe Task: {29844113-3B52-45EF-AF6D-89C51C9AB7BD} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-754630649-1474531443-62511441-1001 => F:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {2EA6742C-F631-4274-A51F-BF6D54F23445} - System32\Tasks\{AE484949-95A4-4338-B954-0F4EAA4E2142} => pcalua.exe -a "F:\Program Files (x86)\Xilisoft\Blu-ray to DVD Converter\DVD Creator 6\Uninstall.exe" Task: {367104A5-E623-4E23-8502-B78AB6E3479A} - System32\Tasks\avastBCLRestartS-1-5-21-754630649-1474531443-62511441-1001 => Chrome.exe Task: {48700F94-6613-482D-AB2E-E11B4B85F8D9} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-754630649-1474531443-62511441-1001 => F:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe Task: {4FD669E6-874B-4B74-A1AE-CA190CD1F7E6} - System32\Tasks\{14C1BCEE-CB90-4E07-BDE8-7C2951323E38} => pcalua.exe -a D:\HandsetManager\install.exe -d D:\ Task: {59B8B6C4-5155-41C9-8B84-50C57B7B6166} - System32\Tasks\Adobe Flash Player Updater => F:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-10] (Adobe Systems Incorporated) Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {5A92C4BE-AAD1-439D-8803-380B9C8111AD} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-754630649-1474531443-62511441-1001 => F:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe Task: {5C03803C-79ED-4E44-A726-0BE2B1C83EDC} - System32\Tasks\{05756E51-188D-40E2-A110-7550EC4683D9} => F:\Program Files (x86)\FiSTiNG4FUN\Commview for Wifi\CommViewWiFi\CV.exe Task: {67B8F1D3-A6C5-4719-86C1-4A26FE0B5F7C} - System32\Tasks\{0AFB804D-55F7-4CF1-B104-E0F7D876C039} => pcalua.exe -a "F:\Users\Pedro Barros\Downloads\Adobe_Flash_install.exe" -d "F:\Users\Pedro Barros\Downloads" Task: {6C61D521-B617-4321-8555-8969879E53C8} - System32\Tasks\{4D2FBC8B-A289-4C9C-8AEC-F55967092857} => F:\Program Files\Easeware\DriverEasy\DriverEasy.exe Task: {720857E7-BA4E-4FB4-AFAD-B5773BDDBDDA} - System32\Tasks\CCleanerSkipUAC => F:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd) Task: {765872B0-868B-41CD-BDC8-17A089BAF0BD} - System32\Tasks\{EDD34E99-5AFB-4AA8-93BA-7C4657880FC7} => pcalua.exe -a "G:\Adobe After Effects - Plugins MegaPack only [RH]\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Trapcode Lux 1.0.1\Trapcode Lux 1.0.1\lux101installer.exe" -d "G:\Adobe After Effects - Plugins MegaPack only [RH]\AAE_PluginsMegaPack_[RH]\Adobe After Effects Plugins MegaPack\Trapcode Lux 1.0.1\Trapcode Lux 1.0.1" Task: {76C51747-1A4A-4BAF-975E-128AFC9280C8} - System32\Tasks\{A43FC6D4-709D-4545-BA7B-218D06ACD840} => pcalua.exe -a "H:\Cinema 4D R14.034\Maxon Cinema 4D R14_Hybrid_Win_Mac\bin\MAXON Installer.exe" -d "H:\Cinema 4D R14.034\Maxon Cinema 4D R14_Hybrid_Win_Mac\bin" Task: {82E4C34A-5026-4690-8B67-6BE5D044FB45} - System32\Tasks\AVAST Software\Avast settings backup => F:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-15] (AVAST Software) Task: {87CDFB3B-4D4B-4B53-945A-4C70C7DDE3EA} - System32\Tasks\{B6C8F87E-2AB4-440D-BE5B-246427187E2E} => pcalua.exe -a "F:\Users\Pedro Barros\Desktop\Huawei_Driver\Huawei_Driver\DriverSetup.exe" -d "F:\Users\Pedro Barros\Desktop\Huawei_Driver\Huawei_Driver" Task: {8B1C23FB-7447-453A-93B1-07478143863A} - System32\Tasks\AdobeAAMUpdater-1.0-PedroBarros-PC-Pedro Barros => F:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated) Task: {8EAA2F7A-B172-4A77-BDA2-645D008C6357} - System32\Tasks\Red Giant Link => F:\Program Files (x86)\Red Giant Link\Red Giant Link.exe Task: {918848DD-B01D-4D09-838B-A1490DAE6E3C} - System32\Tasks\{8F62760D-72D5-4F3B-BAF3-62892D28ABC5} => pcalua.exe -a D:\Program\UVS10\setup.exe -d D:\Program\UVS10 Task: {9665F32F-A342-42B4-8D62-AFE4EE2EB5C8} - System32\Tasks\{0E2C49F8-2772-4DA5-A362-84BD830B3B05} => pcalua.exe -a "F:\Program Files (x86)\Xilisoft\Blu-ray to DVD Converter\Blu Ray Ripper\Uninstall.exe" -d "F:\Program Files (x86)\Xilisoft\Blu-ray to DVD Converter\Blu Ray Ripper" Task: {9C5AD6AD-B141-4FBB-8434-4D159E0C661A} - System32\Tasks\Adobe Acrobat Update Task => F:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {A15CAAD5-B3FD-4438-9741-524DD955BE36} - System32\Tasks\{17E5B458-CAF3-4D02-8B78-B01567BEAB4B} => pcalua.exe -a F:\Windows\SysWOW64\Samsung_USB_Drivers\3\SSCDUninstall.exe Task: {A1F5AC5C-D736-47C1-B8F1-54A3DD6E4C77} - System32\Tasks\{6BEFFFF7-39B8-4A70-9BBE-CF6E4B2E4108} => F:\Users\Pedro Barros\AppData\Local\Temp\ir_ext_temp_0\AutoPlay\Docs\Reallusion CrazyTalk PRO 6.21\setup.exe <==== ATENÇÃO Task: {A6F12D2C-0475-49E7-ACC8-D8A165761926} - System32\Tasks\{2E2052C4-8E4A-4403-8F5B-A0C1C7B2480B} => F:\Users\Pedro Barros\AppData\Local\Temp\ir_ext_temp_0\AutoPlay\Docs\Reallusion CrazyTalk PRO 6.21\setup.exe <==== ATENÇÃO Task: {A84C9073-8363-4F20-89CC-F73CCB6977C3} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "F:\ProgramData\Duplicaterecord.js" <==== ATENÇÃO Task: {A903BA8E-A7FF-4C88-A440-FE7E785523E9} - System32\Tasks\{2AAA0EF2-5835-4569-94E1-B9BB9584BB5E} => pcalua.exe -a "F:\Users\Pedro Barros\Downloads\free-ocr-to-word-32-bits.cpl" Task: {AABA3648-3280-455A-8C83-2F2669AAF002} - System32\Tasks\{2A735A69-E2D5-4D07-86A9-86FB199FDD30} => pcalua.exe -a "J:\SM_USB007 Driver by TheFatCheetah\Grabber_SAA7113_USB-SMI2022_DRV_V1.0.22B\SetupPkt\Setup.exe" -d "J:\SM_USB007 Driver by TheFatCheetah\Grabber_SAA7113_USB-SMI2022_DRV_V1.0.22B\SetupPkt" Task: {AF5805E9-420A-4B74-B5EA-6228D9CE8807} - System32\Tasks\SparkUpdater => F:\Program Files (x86)\baidu\Baidu Browser\SparkUpdate.exe [2016-01-08] (Baidu.com, Inc.) Task: {B574055C-2BF2-40CA-AEE2-F990558D840A} - System32\Tasks\{5C5F584E-B573-4BA3-8747-F68E05072992} => F:\Users\Public\Documents\PEDRO NINJA\ChromeStandaloneSetup64.exe Task: {B9BEF627-5E79-4CF5-BC3E-0932EF6B1ABB} - System32\Tasks\GoogleUpdateTaskMachineCore => F:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {BB2F32C0-D28E-4B50-9EE3-68CA2987D663} - System32\Tasks\{B61CD005-2400-4B17-B595-2C50323F0CEC} => pcalua.exe -a "F:\Users\Pedro Barros\AppData\Roaming\qone8\UninstallManager.exe" -c -ptid=uni Task: {BD9DBFDE-2E9F-4697-9ADA-4E36888E619C} - System32\Tasks\{DDAD9463-BB42-46AD-8311-2E8588C6D2EA} => pcalua.exe -a F:\ProgramData\LGMOBILEAX\LGMLauncher.exe -d F:\ProgramData\LGMOBILEAX Task: {C465A152-A478-48DE-85E4-92227B93C838} - System32\Tasks\GoogleUpdateTaskMachineUA => F:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {D0B4EB93-1029-4CBD-8A31-644D3E60A7B5} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-754630649-1474531443-62511441-1001 => F:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {D28C15D8-2292-4316-B1C3-FD67BEFAFC10} - System32\Tasks\{C7B150FC-88BA-46B4-BF72-8E8217E965C1} => pcalua.exe -a "F:\Users\Pedro Barros\AppData\Roaming\sweet-page\UninstallManager.exe" -c -ptid=cor Task: {DA28265D-4ECC-4E51-8048-DD5FA277BA26} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-754630649-1474531443-62511441-1001 => F:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe Task: {DA9E465C-984D-4174-9306-7B09A340183D} - System32\Tasks\{545EAF1E-88F6-4794-9258-ABB26FC4ED51} => F:\Windows\system32\msiexec.exe [2015-06-15] (Microsoft Corporation) Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc Task: {E97D7569-9C96-4BA9-9FDE-80016AD43464} - System32\Tasks\{2AF66CD7-831B-4448-9F78-1A68F8CC18FB} => pcalua.exe -a "J:\New Folder\EasycapDC60_STK1160Grabber_32bit_64bit\EasycapDC60_STK1160Grabber_32&64bit.exe" -d "J:\New Folder\EasycapDC60_STK1160Grabber_32bit_64bit" Task: {EBB9BDD9-9835-4FEF-8559-AFB2E983484B} - System32\Tasks\avast! Emergency Update => F:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-12] (AVAST Software) Task: {F6F0F504-B724-449E-8DBB-133B0A91915D} - System32\Tasks\{6DD144D8-0F63-42FB-AF37-2DFAEB57860A} => F:\Windows\system32\msiexec.exe [2015-06-15] (Microsoft Corporation) Task: {F868AF01-5E7C-43F3-92F6-FE1DECDC0BCE} - System32\Tasks\{D3A4256E-83C6-4C90-B222-5A852A7908ED} => pcalua.exe -a F:\Windows\unvise32.exe -c F:\Program Files (x86)\REVisionEffects\uninstallinfo\DENoise2AEuninstall.log Task: {FF7F7EBA-E0A3-4F55-AEE6-761A65079697} - System32\Tasks\{C8E9BA40-962B-4A8B-956C-88ABFEBC1D96} => pcalua.exe -a "G:\easy cap drives\EasycapDC60_STK1160Grabber_32bit_64bit\EasycapDC60_STK1160Grabber_32&64bit.exe" -d "G:\easy cap drives\EasycapDC60_STK1160Grabber_32bit_64bit" (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: F:\Windows\Tasks\Adobe Flash Player Updater.job => F:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: F:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => F:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: F:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => F:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: F:\Windows\Tasks\ResourceMonitor.job => F:\Program Files (x86)\Amigabit Powerbooster\ResourceMonitor.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: F:\Users\Pedro Barros\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> F:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/ ShortcutWithArgument: F:\Users\Pedro Barros\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Baidu Browser.lnk -> F:\Program Files (x86)\baidu\Baidu Browser\spark.exe () -> hxxp://www.yeabests.cc/ ShortcutWithArgument: F:\Users\Pedro Barros\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox (2).lnk -> F:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/ ShortcutWithArgument: F:\Users\Pedro Barros\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> F:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/ ShortcutWithArgument: F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk -> F:\Program Files\AVAST Software\SZBrowser\launcher.exe (Avast Software) -> hxxp://www.mysites123.com/?type=sc&ts=1452647532&z=8eafa6cb95fab216da0852fg6zcw4o6q1z0mewbc2o&from=amt&uid=395049983_6295314_c8921e1f ShortcutWithArgument: F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> F:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/ ShortcutWithArgument: F:\Users\Public\Desktop\Avast SafeZone Browser.lnk -> F:\Program Files\AVAST Software\SZBrowser\launcher.exe (Avast Software) -> hxxp://www.mysites123.com/?type=sc&ts=1452647532&z=8eafa6cb95fab216da0852fg6zcw4o6q1z0mewbc2o&from=amt&uid=395049983_6295314_c8921e1f ShortcutWithArgument: F:\Users\Public\Desktop\Baidu Browser.lnk -> F:\Program Files (x86)\baidu\Baidu Browser\spark.exe () -> hxxp://www.yeabests.cc/ ShortcutWithArgument: F:\Users\Public\Desktop\Google.lnk -> F:\Program Files (x86)\baidu\Baidu Browser\spark.exe () -> hxxp://www.yeabests.cc/ ShortcutWithArgument: F:\Users\Public\Desktop\Mozilla Firefox.lnk -> F:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/ ==================== Módulos Carregados (Whitelisted) ============== 2015-11-07 11:15 - 2015-09-24 16:23 - 00698240 _____ () C:\Program Files (x86)\UPCleaner\1.0.27.12725\UGSvc.exe 2015-06-13 15:17 - 2015-06-13 15:17 - 00803488 _____ () F:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2015-04-16 18:33 - 2013-10-23 16:24 - 00087600 _____ () F:\Windows\System32\cpwmon64.dll 2015-09-11 12:04 - 2014-04-16 06:22 - 00029184 _____ () F:\Windows\System32\usp01l.dll 2015-06-25 15:22 - 2014-04-16 06:22 - 00029184 _____ () F:\Windows\System32\usp02l.dll 2014-02-17 19:01 - 2012-09-29 14:25 - 00074240 _____ () F:\Windows\system32\spool\PRTPROCS\x64\HPM1210PP.dll 2015-05-15 17:26 - 2015-05-15 17:26 - 00085832 _____ () F:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-05-15 17:26 - 2015-05-15 17:26 - 01346344 _____ () F:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-11-12 10:16 - 2016-01-08 00:49 - 00983352 _____ () F:\Program Files (x86)\baidu\Baidu Browser\Spark.exe 2014-06-04 00:11 - 2014-06-04 00:11 - 00798576 _____ () f:\Program Files\Corel\CorelDRAW Graphics Suite X7\Draw\PsiClient.dll 2015-05-29 03:32 - 2015-07-22 04:45 - 53302480 _____ () F:\Program Files\Adobe\Adobe Photoshop CC 2015\Required\Plug-Ins\Spaces\libcef.dll 2015-11-07 11:15 - 2015-09-24 16:23 - 00842112 _____ () C:\Program Files (x86)\UPCleaner\1.0.27.12725\UGMon.dll 2015-11-07 11:15 - 2015-09-24 16:23 - 00755584 _____ () C:\Program Files (x86)\UPCleaner\1.0.27.12725\UGAss.dll 2015-11-07 11:15 - 2015-09-24 16:23 - 00161152 _____ () C:\Program Files (x86)\UPCleaner\1.0.27.12725\UGArmor.dll 2015-11-07 11:15 - 2015-09-24 16:23 - 00082304 _____ () C:\Program Files (x86)\UPCleaner\1.0.27.12725\UGCore.dll 2015-09-22 11:35 - 2015-09-22 11:35 - 00103376 _____ () F:\Program Files\AVAST Software\Avast\log.dll 2015-09-22 11:35 - 2015-09-22 11:35 - 00123976 _____ () F:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-01-12 14:18 - 2016-01-12 14:18 - 02822144 _____ () F:\Program Files\AVAST Software\Avast\defs\16011200\algo.dll 2015-04-22 07:26 - 2015-04-22 07:26 - 00141856 _____ () F:\Program Files (x86)\Baidu Security\MoboMarket\1.3.7.5967\zlib1.dll 2015-12-21 13:14 - 2015-12-21 11:46 - 02934272 _____ () F:\ProgramData\WindowsMsg\FA889F48BA91932CA1794DC9B9F86E43.dll 2015-09-22 11:35 - 2015-09-22 11:35 - 40539648 _____ () F:\Program Files\AVAST Software\Avast\libcef.dll 2015-11-12 10:16 - 2016-01-08 00:49 - 00430904 _____ () F:\Program Files (x86)\baidu\Baidu Browser\bdminiopenssl.dll 2015-11-12 10:16 - 2016-01-08 00:49 - 01018168 _____ () F:\Program Files (x86)\baidu\Baidu Browser\bdxui.dll 2015-11-12 10:16 - 2016-01-08 00:49 - 00219448 _____ () F:\Program Files (x86)\baidu\Baidu Browser\bdbrowsertray.dll 2015-11-12 10:16 - 2016-01-08 00:49 - 00321848 _____ () F:\Program Files (x86)\baidu\Baidu Browser\bdaccount.dll 2015-11-12 10:16 - 2016-01-08 00:49 - 00521016 _____ () F:\Program Files (x86)\baidu\Baidu Browser\xnet.dll 2015-11-12 10:16 - 2016-01-08 00:49 - 00276792 _____ () F:\Program Files (x86)\baidu\Baidu Browser\p2squery.dll 2015-11-12 10:16 - 2016-01-08 00:49 - 00410936 _____ () F:\Program Files (x86)\baidu\Baidu Browser\bdxctrl.dll 2015-11-12 10:16 - 2016-01-08 00:49 - 00581432 _____ () F:\Program Files (x86)\baidu\Baidu Browser\bdstatreport.dll 2015-11-12 10:16 - 2016-01-08 00:49 - 00116024 _____ () F:\Program Files (x86)\baidu\Baidu Browser\SparkSafe.dll 2015-08-24 19:13 - 2015-08-24 19:13 - 00083088 _____ () F:\Users\Pedro Barros\AppData\Roaming\baidu\Spark\sysdata\ExtApp\SnapImg\SnapImg.dll 2015-11-12 10:16 - 2015-06-19 02:38 - 14965064 _____ () F:\Program Files (x86)\baidu\Baidu Browser\PepperFlash\pepflashplayer.dll 2015-05-29 03:32 - 2015-07-22 04:45 - 36732624 _____ () F:\Program Files\Adobe\Adobe Photoshop CC 2015\Required\CEP\CEPHtmlEngine\libcef.dll 2015-05-29 03:32 - 2015-07-22 04:45 - 01746640 _____ () F:\Program Files\Adobe\Adobe Photoshop CC 2015\Required\CEP\CEPHtmlEngine\ffmpegsumo.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: F:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57} AlternateDataStreams: F:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt AlternateDataStreams: F:\Windows\System32:6F43F739_Bb.gbp AlternateDataStreams: F:\ProgramData\CLDShowX.ini:Update.CL AlternateDataStreams: F:\Users\Pedro Barros\Documents\04.jpeg:3or4kl4x13tuuug3Byamue2s4b AlternateDataStreams: F:\Users\Pedro Barros\Documents\04.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: F:\Users\Todos os Usuários\CLDShowX.ini:Update.CL ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== EXE Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-754630649-1474531443-62511441-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br IE trusted site: HKU\S-1-5-21-754630649-1474531443-62511441-1001\...\bb.com.br -> hxxps://seg.bb.com.br IE restricted site: HKU\S-1-5-21-754630649-1474531443-62511441-1001\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-754630649-1474531443-62511441-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-754630649-1474531443-62511441-1001\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-754630649-1474531443-62511441-1001\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-754630649-1474531443-62511441-1001\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-754630649-1474531443-62511441-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-754630649-1474531443-62511441-1001\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-754630649-1474531443-62511441-1001\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-754630649-1474531443-62511441-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-754630649-1474531443-62511441-1001\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-754630649-1474531443-62511441-1001\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-754630649-1474531443-62511441-1001\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-754630649-1474531443-62511441-1001\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-754630649-1474531443-62511441-1001\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-754630649-1474531443-62511441-1001\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-754630649-1474531443-62511441-1001\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-754630649-1474531443-62511441-1001\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-754630649-1474531443-62511441-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-754630649-1474531443-62511441-1001\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-754630649-1474531443-62511441-1001\...\123simsen.com -> www.123simsen.com Existem ainda 7865 sites a mais. ==================== Hosts Conteúdo: ========================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-14 00:34 - 2016-01-12 23:17 - 00001143 ____A F:\Windows\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-754630649-1474531443-62511441-1001\Control Panel\Desktop\\Wallpaper -> F:\Users\Pedro Barros\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) MSCONFIG\startupreg: Driver Detective => MSCONFIG\startupreg: iTunesHelper => "F:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: PowerDVD12DMREngine => "F:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe" ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [TCP Query User{0B884C63-1C8E-4D95-A75B-BFE3FD5F8D24}F:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) F:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [UDP Query User{37917914-4CFC-44FA-BC94-A34E3798E50A}F:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) F:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [{B218BAB3-08B3-4FE9-9D2B-5179BDA8A25C}] => (Allow) LPort=8317 FirewallRules: [{36DB5B2F-B7A3-4A0D-910A-CDB871D6523A}] => (Allow) F:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{4822FB8C-5011-4FE5-B153-3CB904354A1C}] => (Allow) F:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{461522E6-5B82-4C86-812D-F0E620046934}] => (Allow) F:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [{6D051C3D-4C0C-4878-885E-14B92DAEFDCF}] => (Allow) F:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [{FA4BC448-29A0-4D56-BF04-47C55EE7AAA3}] => (Allow) F:\Windows\SysWOW64\muzapp.exe FirewallRules: [{F3B44125-ED51-4609-8DE9-F914173CD58F}] => (Allow) F:\Windows\SysWOW64\muzapp.exe FirewallRules: [{36942616-E5C4-4B83-B73F-51DFE21F5024}] => (Block) f:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe FirewallRules: [TCP Query User{0DC91C1B-B751-4234-9402-69F0BF148495}F:\users\pedro barros\appdata\roaming\utorrent\utorrent.exe] => (Allow) F:\users\pedro barros\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{A7718603-FD39-4624-B066-D161CD8355D6}F:\users\pedro barros\appdata\roaming\utorrent\utorrent.exe] => (Allow) F:\users\pedro barros\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{E5434037-AE30-4471-81ED-B307D39C13B5}F:\users\pedro barros\appdata\roaming\utorrent\utorrent.exe] => (Allow) F:\users\pedro barros\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{30B99CA0-B2AC-4043-805E-113262D5B18E}F:\users\pedro barros\appdata\roaming\utorrent\utorrent.exe] => (Allow) F:\users\pedro barros\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{4F61652E-5FA3-44F3-B7D9-57A2BD5DAC8A}F:\program files (x86)\nero\nero 7\nero showtime\showtime.exe] => (Allow) F:\program files (x86)\nero\nero 7\nero showtime\showtime.exe FirewallRules: [UDP Query User{2989B22B-CCCF-491A-A072-19C200AD8052}F:\program files (x86)\nero\nero 7\nero showtime\showtime.exe] => (Allow) F:\program files (x86)\nero\nero 7\nero showtime\showtime.exe FirewallRules: [{A85C5B63-DA46-4D49-9582-619715B04A70}] => (Allow) F:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{89C0F4D4-4688-4745-8BD4-61766CB4E115}] => (Allow) F:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{A6EAD0F3-5E13-49B7-B3C3-B5B606823EDA}] => (Allow) F:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{563D3446-6F64-41FA-BBD3-0586A5F188D3}] => (Allow) F:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{FD57B001-D1B3-4283-85D1-1F9B52CBDC2F}] => (Allow) F:\Program Files\iTunes\iTunes.exe FirewallRules: [{7DDCCDB6-AB4D-40EE-8D77-CA95A10A0C08}] => (Allow) F:\Users\Pedro Barros\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{49B82AE2-0C34-45E5-9C28-5EE5EDFCE98C}] => (Allow) F:\Users\Pedro Barros\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{5A60CED7-364D-452D-A0A8-8811A5294F4E}] => (Allow) F:\Program Files (x86)\baidu\Baidu Browser\Spark.exe FirewallRules: [{3D1638B4-7BA8-4789-B4D8-A5DE1763AB18}] => (Allow) F:\Program Files (x86)\baidu\Baidu Browser\Spark.exe FirewallRules: [{F62C48FD-9579-4F4A-812D-0C5B7C0B8419}] => (Allow) F:\Program Files (x86)\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe FirewallRules: [{3815880D-4FB7-46FD-93DE-92E79651C731}] => (Allow) F:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{02482134-3395-4F09-B175-7AE836D86D53}] => (Allow) F:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{1FBFC131-02B3-463F-8D73-A01E1804EAEB}] => (Allow) F:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{867AC5D6-2F1D-4176-ADFB-E61C9E034808}] => (Allow) F:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{8F9EF8A5-749F-4D21-8DEF-824ACCAE3CCA}] => (Allow) F:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{50AC56C6-06CA-4CC0-A50B-393CD17BA556}] => (Allow) F:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{978A9952-8BF8-4937-B3FD-DB8642746794}] => (Allow) F:\Program Files (x86)\baidu\Baidu Browser\Spark.exe FirewallRules: [{631CD01B-2212-4B09-814C-362AD65A98D7}] => (Allow) F:\Program Files (x86)\baidu\Baidu Browser\Spark.exe FirewallRules: [{B75AD083-D752-4E4B-846B-700DD5F0B4E0}] => (Allow) F:\Program Files (x86)\PC Faster\5.1.0.0\WifiHotspot.exe FirewallRules: [{8F3BF8A3-7B22-4BDC-A310-DF67316822B2}] => (Allow) F:\Program Files (x86)\PC Faster\5.1.0.0\WifiHotspot.exe FirewallRules: [{76BF18C8-C769-45DD-AE8E-EF4F74D118A4}] => (Allow) F:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{70B2C5BE-84E2-45A2-9820-DDC2004819D9}] => (Allow) F:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{A37560FB-9511-4CF6-A3EB-AEA0DEBE5332}] => (Allow) F:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{7A2B0823-7FC7-480E-8E76-401C18ABE87A}] => (Allow) F:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{8003CFC1-2470-4A8E-909E-91DDC0747AAC}] => (Allow) F:\Program Files (x86)\Virtual WiFi Router\VirtualWiFiRouterLibrary.dll FirewallRules: [{91288D35-40AC-4DD6-B1D6-7B41D246E79D}] => (Allow) F:\Program Files (x86)\Virtual WiFi Router\VirtualWiFiRouterLibrary.dll FirewallRules: [TCP Query User{0DAC03D6-6693-4077-B76D-75ECCF11A844}F:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Allow) F:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe FirewallRules: [UDP Query User{1C70CECF-AF66-4086-B62C-F4DEEF094E83}F:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Allow) F:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe ==================== Pontos de Restauração ========================= 28-12-2015 11:35:12 Instalador de Módulos do Windows 28-12-2015 11:43:05 Installed 307.83-desktop-win7-winvista-64bit-international-whql.exe by DriverEasy 28-12-2015 12:05:06 Instalador de Módulos do Windows 28-12-2015 12:10:48 Removido NVIDIA ForceWare Network Access Manager 28-12-2015 16:46:01 Windows Update 04-01-2016 17:57:30 Windows Update 05-01-2016 07:55:25 Windows Defender Checkpoint 09-01-2016 15:52:33 Windows Update 12-01-2016 20:23:11 Windows Update 12-01-2016 22:51:49 Windows Defender Checkpoint 12-01-2016 23:08:26 Instalado Netspy Pro 13-01-2016 08:50:22 Ponto de verificação por HitmanPro ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: NPF Description: NPF Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: NPF Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: btsizsech Description: btsizsech Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: btsizsech Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: HitmanPro 3.7 Support Driver Description: HitmanPro 3.7 Support Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: hitmanpro37 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Adaptador de Túnel Teredo da Microsoft Description: Adaptador de Túnel Teredo da Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: UGBroMon Description: UGBroMon Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: UGBroMon Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: UGKrnlDrv Description: UGKrnlDrv Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: UGKrnlDrv Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (01/13/2016 09:11:16 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Falha de ativação da licença do Windows. Erro 0x80070005. Error: (01/13/2016 09:11:14 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: AUTORIDADE NT) Description: O Windows não pode carregar o arquivo de Registro de classes. DETALHE - Erro não especificado Error: (01/13/2016 09:04:13 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Falha de ativação da licença do Windows. Erro 0x80070005. Error: (01/13/2016 09:04:12 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: AUTORIDADE NT) Description: O Windows não pode carregar o arquivo de Registro de classes. DETALHE - Erro não especificado Error: (01/13/2016 08:51:54 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina RegSetValueExW(0x00000218,(null),0,REG_BINARY,0000000001A7F210.72). hr = 0x80070005, Acesso negado. . Error: (01/13/2016 08:51:54 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina RegSetValueExW(0x000008bc,(null),0,REG_BINARY,000000000334DD50.72). hr = 0x80070005, Acesso negado. . Operação: Evento BackupShutdown Contexto: Contexto de Execução: Writer Id de Classe de Gravador: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0} Nome do Gravador: WMI Writer ID de Instância de Gravador: {cf15aa0a-d925-4705-bc3a-3f8aeda23ddd} Error: (01/13/2016 08:51:54 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina RegSetValueExW(0x00000a58,(null),0,REG_BINARY,000000000503DEE0.72). hr = 0x80070005, Acesso negado. . Operação: Evento BackupShutdown Contexto: Contexto de Execução: Writer Id de Classe de Gravador: {cd3f2362-8bef-46c7-9181-d62844cdc0b2} Nome do Gravador: MSSearch Service Writer ID de Instância de Gravador: {a6996398-88d7-4a8d-b0c2-0cdbba74efd3} Error: (01/13/2016 08:51:54 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina RegSetValueExW(0x0000020c,(null),0,REG_BINARY,000000000096E890.72). hr = 0x80070005, Acesso negado. . Operação: Evento BackupShutdown Contexto: Contexto de Execução: Writer Id de Classe de Gravador: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Nome do Gravador: Shadow Copy Optimization Writer ID de Instância de Gravador: {7e10f96c-56af-40ed-8461-709b9ad47f53} Error: (01/13/2016 08:51:54 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina RegSetValueExW(0x000008bc,(null),0,REG_BINARY,000000000334DD50.72). hr = 0x80070005, Acesso negado. . Operação: Evento BackupShutdown Contexto: Contexto de Execução: Writer Id de Classe de Gravador: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0} Nome do Gravador: WMI Writer ID de Instância de Gravador: {cf15aa0a-d925-4705-bc3a-3f8aeda23ddd} Error: (01/13/2016 08:51:54 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina RegSetValueExW(0x00000a58,(null),0,REG_BINARY,000000000503DEE0.72). hr = 0x80070005, Acesso negado. . Operação: Evento BackupShutdown Contexto: Contexto de Execução: Writer Id de Classe de Gravador: {cd3f2362-8bef-46c7-9181-d62844cdc0b2} Nome do Gravador: MSSearch Service Writer ID de Instância de Gravador: {a6996398-88d7-4a8d-b0c2-0cdbba74efd3} Erros de Sistema: ============= Error: (01/13/2016 09:24:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço NPF devido ao seguinte erro: %%2 Error: (01/13/2016 09:24:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço NPF devido ao seguinte erro: %%2 Error: (01/13/2016 09:24:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço NPF devido ao seguinte erro: %%2 Error: (01/13/2016 09:24:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço NPF devido ao seguinte erro: %%2 Error: (01/13/2016 09:24:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço NPF devido ao seguinte erro: %%2 Error: (01/13/2016 09:24:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço NPF devido ao seguinte erro: %%2 Error: (01/13/2016 09:24:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço NPF devido ao seguinte erro: %%2 Error: (01/13/2016 09:24:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço NPF devido ao seguinte erro: %%2 Error: (01/13/2016 09:24:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço NPF devido ao seguinte erro: %%2 Error: (01/13/2016 09:24:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço NPF devido ao seguinte erro: %%2 CodeIntegrity: =================================== Date: 2015-04-24 06:59:40.899 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-04-24 06:59:40.852 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-04-24 06:59:15.601 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-04-24 06:59:15.541 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-04-24 06:57:34.801 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-04-24 06:57:34.741 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-04-24 06:57:09.982 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-04-24 06:57:09.920 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-04-24 06:52:13.594 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-04-24 06:52:13.454 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: AMD FX(tm)-6100 Six-Core Processor Percentagem de memória em uso: 78% RAM física total: 4079.24 MB RAM física disponível: 896.16 MB Virtual Total: 8456.69 MB Virtual disponível: 4892.29 MB ==================== Drives ================================ Drive c: (Reservado pelo Sistema) (Fixed) (Total:0.34 GB) (Free:0.25 GB) NTFS Drive d: (WXPHEOEM_EN) (CDROM) (Total:0.59 GB) (Free:0 GB) CDFS Drive f: () (Fixed) (Total:472.16 GB) (Free:213.74 GB) NTFS Drive g: (Novo volume) (Fixed) (Total:459.26 GB) (Free:91.51 GB) NTFS Drive h: (Novo volume) (Fixed) (Total:194.97 GB) (Free:59.57 GB) NTFS Drive i: (Pedro Barros) (Fixed) (Total:270.45 GB) (Free:120.35 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F1663BC5) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=472.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=459.3 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1D931D93) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=195 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=270.4 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================