Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:07-02-2016
Executado por Maollo (2016-02-11 11:31:08)
Executando a partir de C:\Users\Maollo\Downloads
Windows 10 Pro (X64) (2016-01-06 16:42:47)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-2840682155-2406404488-1448223199-500 - Administrator - Disabled)
Convidado (S-1-5-21-2840682155-2406404488-1448223199-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-2840682155-2406404488-1448223199-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2840682155-2406404488-1448223199-1002 - Limited - Enabled)
Maollo (S-1-5-21-2840682155-2406404488-1448223199-1001 - Administrator - Enabled) => C:\Users\Maollo

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: 360 Total Security (Disabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Total Security (Disabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-2840682155-2406404488-1448223199-1001\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 8.0.0.1072 - 360 Security Center)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Advanced Calendar 2.0.0.11189 (HKLM\...\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}) (Version: 2.0.0.11189 - MEIXIAN XIE) <==== ATENÇÃO
Atualizações da NVIDIA 2.5.14.5 (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.237 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.237 - NC Interactive, LLC) Hidden
BlueStacks App Player (HKLM-x32\...\{D7E3588F-25E6-4A93-8B1C-596F7951CA38}) (Version: 0.10.7.5601 - BlueStack Systems, Inc.)
Combat Arms (HKLM-x32\...\Combat Arms) (Version:  - )
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version:  - Blizzard Entertainment)
Gameo (HKU\.DEFAULT\...\Gameo) (Version: 0.14.1 - IronSource Ltd.) <==== ATENÇÃO
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
HP Deskjet 2050 J510 series Ajuda (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Deskjet 2050 J510 series Estudo de aprimoramento de produtos (HKLM\...\{8D71EFB0-B1EF-4478-92D2-A65DB23AC460}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Software básico do dispositivo (HKLM\...\{2DCBB45E-AA03-4089-87E7-EC17E606D738}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM-x32\...\{CAF5FFBA-8F3B-409C-9126-74DF66A036DF}) (Version: 12.0.30.81 - Hewlett-Packard Company)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Intel Android Device USB driver (HKLM\...\Intel Android Device USB driver) (Version: 1.1.5 - Intel)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Jogos Level Up (HKU\S-1-5-21-2840682155-2406404488-1448223199-1001\...\6d7bdf9c3c2a31f9) (Version: 0.9.4.29 - Level Up)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Lightshot-5.3.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.3.0.0 - Skillbrains)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
NVIDIA Driver de controle do 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Driver de gráficos 341.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.81 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 341.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.81 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
osu! (HKLM-x32\...\{054ad7f6-7bcc-4e1c-aabe-bc4257b7f2a8}) (Version: latest - ppy Pty Ltd)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.92.3.0 - Overwolf Ltd.)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
Overwolf.Setup.VC100CRTx86.Dist (x32 Version: 1.0.0 - Overwolf) Hidden
Painel de controle da NVIDIA 341.92 (Version: 341.92 - NVIDIA Corporation) Hidden
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
PriceFountain (remove only) (HKU\.DEFAULT\...\PriceFountain) (Version: 1.2.8.0 - JMLVPNWAROPHE) <==== ATENÇÃO
Primary Color (HKLM\...\Primary Color) (Version: 2016.02.05.191508 - Primary Color) <==== ATENÇÃO
Professional Cleaning Software (HKLM-x32\...\Professional Cleaning Software) (Version: 3.0.7 - Professional Cleaning Software)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6909 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.5 - VS Revo Group, Ltd.)
RinoReader (HKLM-x32\...\RinoReader) (Version: 0.1 - RinoReader) <==== ATENÇÃO
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version:  - ) <==== ATENÇÃO
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Update for PriceFountain (HKU\.DEFAULT\...\Price Fountain) (Version:  - Update for PriceFountain) <==== ATENÇÃO
VIA Gerenciador de dispositivo de plataforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
WarThunder (HKU\.DEFAULT\...\WarThunder) (Version:  - WarThunder) <==== ATENÇÃO
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-2840682155-2406404488-1448223199-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Maollo\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {04ED6BE3-5DB4-4804-B37B-D63DB90CEFC0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-20] (Adobe Systems Incorporated)
Task: {0D77B420-CBA4-49BB-B38A-C4B8F636E03F} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {1937248A-0B5C-49E4-84BA-8898388647DD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {2BF1ECE6-31DD-4F1E-B9CD-06058E8C0250} - System32\Tasks\{A9A02F16-AF76-40C9-A1E9-A93FD502B229} => pcalua.exe -a "C:\Program Files (x86)\MPC Cleaner\Uninstall.exe" -d "C:\Program Files (x86)\MPC Cleaner"
Task: {32EAEC5F-0B72-4FE6-8A43-D7F4F03372F3} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {3481650B-E414-44F1-B51D-989A194B8AC7} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {36CBCE00-E4DC-48FF-8F62-FC4122F74571} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {394E9DA8-D907-4BA9-847A-50738F100223} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {3994915F-A6BA-4FFE-B71E-0B0A78A88757} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {3B83B638-0528-47DA-940C-C775CBA06E33} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {3BAD3942-517B-4378-BA98-B4359B1D34A1} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {3C213F73-125C-43F9-A3CE-5C3A71035568} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {4699AA4D-5C8F-432F-9B25-B5710891A136} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {49B16C2C-361F-4C20-990F-18421019866A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {4A5F4C5A-AEAF-4E30-910A-0547FB879C9E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.)
Task: {4F30F091-6DCB-492E-9EB9-9727C64738D1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.)
Task: {57C71130-A89F-470B-896E-938C4E93DB5C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {5948CF5B-25E0-43F1-9440-DC6E2E98ACB7} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {5C58FE79-832B-46F5-8698-B76A501A9B01} - System32\Tasks\{C9F78E47-73C5-4464-85A9-F349830D5225} => pcalua.exe -a C:\Users\Maollo\AppData\Roaming\istartpageing\UninstallManager.exe -c  -ptid=cmi
Task: {5F9D2E28-00DB-4B06-A6A5-1116A23AC453} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {65757409-7571-4EAB-9D03-1AEF4A86EBAD} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {66E5372C-E24B-44A5-830A-2342535BF35B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {670F50F7-2BFE-4F76-9E2F-4B930786A40B} - System32\Tasks\{2DEA0299-761D-49B0-B1A6-C4BEE02CC1CA} => pcalua.exe -a C:\Users\Maollo\AppData\Roaming\yoursearching\UninstallManager.exe -c  -ptid=face
Task: {6AE418DB-C758-4A41-96CF-3E7BBF51CB8D} - \ShopperPro3 -> Nenhum Arquivo <==== ATENÇÃO
Task: {6FCC5CE2-36DE-4798-A1CC-77102F97AE2C} - \DriverToolkit Autorun -> Nenhum Arquivo <==== ATENÇÃO
Task: {7238B8B4-7C5B-4C4F-95E2-0A7AFC2ED94E} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {74A1C236-5E52-434B-BBDE-1390CC19C7FC} - System32\Tasks\SpeedUpMyPC Startup => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATENÇÃO
Task: {74F8DD19-C674-481F-8982-046D6B6F8D4E} - \Varredura ByteFence -> Nenhum Arquivo <==== ATENÇÃO
Task: {75B5BE22-1C42-42DE-93D7-9B3AEFB0C75A} - System32\Tasks\{0E7F0E47-790E-0908-0F11-0C790E0E110E} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcAcgBlAHMAcwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFYAZQByAGIAbwBzAGUAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsAJABEAGUAYgB1AGcAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsACgBmAHUAbgBjAHQAaQBvAG4AIABzAHIAKAAkAHAAKQB7ACQAbgA9ACIAVwBpAG4AZABvAHcAUABvAHMAaQB0AGkAbwBuACIAOwB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQAgAC0AUABhAHQAaAAgACQAcAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0AYwBhAHQAYwBoAHsAfQB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFAAcgBvAHAAZQByAHQAeQBUAHkAcABlACAARABXAE8AUgBEACAALQBWAGEAbAB1AGUAIAAyADAAMQAzADIAOQA2ADYANAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0ACgBjAGEAdABjAGgAewB0AHIAeQB7AFMAZQB0AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFYAYQBsAHUAZQAgADIAMAAxADMAMgA5ADYANgA0AHwATwB1AHQALQBOAHUAbABsADsAfQBjAGEAdABjAGgAewB9AH0AfQBzAHIAKAAiAEgASwBDAFUAOgBcAEMAbwBuAHMAbwBsAGUAXAAlAFMAeQBzAHQAZQBtAFIAbwBvAHQAJQBfAFMAeQBzAHQAZQBtADMAMgBfAFcAaQBuAGQAbwB3AHMAUABvAHcAZQByAFMAaABlAGwAbABfAHYAMQAuADAAXwBwAG8AdwBlAHIAcwBoAGUAbABsAC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAJQBTAHkAcwB0AGUAbQBSAG8AbwB0ACUAXwBTAHkAcwB0AGUAbQAzADIAXwBzAHYAYwBoAG8AcwB0AC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAdABhAHMAawBlAG4AZwAuAGUAeABlACIAKQA7AAoAJABzAHUAcgBsAD0AIgBoAHQAdABwADoALwAvAGYAbwByAGEAbABsAHMAaABvAHAALgBpAG4AZgBvAC8AdQAvAD8AYQA9AGMAQwBqADgARwBxAFMAYwBFAGUAeQAxAFcARABSAEcAbQBjAGYAXwA1AG8AZQAyADQAWAA3AG4AeAAyAGcAWgBVAGEAQgBTAHcANwBRAEcAXwBwAGUAYQBTAHIATQBvAEIASgB4AGoAeAA1AHQAbAB6AHQAdwAyAHoASgAyAGIANQBhAG8ARQBLAEoAZQBxAHAAUwBqAEgAMwBOAEoAegBDAHgAUABVADEARwB5AG0ARgBTAFkASgB1AFMAbQB2ADYAWABpAFAAdABqAFkARwBSADMAQgAtAHUANgAyAEsAeQBEAGgAeQBNAF8AbwA2AHcAeABIADcARwBjAEEATQByAEkAYQBGAFQARwB3AG8AbwBJAC0AMAA2AGYAUgB5AF8AYgA4AHUAOABuADgASABXAHQAbgBOAFEAQQBGAEcAeABFAFcATQA2AFMAUgBiAG0AZwBfADQASgBrAEQALQBGAFAANAAxAGIASQBhAFcAVgBrADgALQBSAHcAaQBWAHEAbwBYADQARgB4ADUAVwBHAHcASABBAEkAaABTAC0AYwBGAE4AUwBVADUAYQAtADIAYgBmAG8AQQA3AFYAMQBoAFUAVABZAFcALQBQAGcASABMAE8ATQBiAGQAUQAtADIAbQB5ADIASABNAFAASgBmAGsAZgBzAGQAVwB1AFUANAB5ADYAaABIAGgAVQBQAHkAbQBwAHUAMgBtAG8ATABnAGYASQBRAFcAUQBGAEQATgAyAFMAVwBuAGEAbQBKAFkAbwAzAFMAQwBJADAANgAzAHEAcQBrADEAVwBtADEATABmAGIASABUAHMAYQB6AHEARgBkAFMANgBZAEUAawBXAHQAYwB0AFUAOQByAGEAbwBFAGYAZwBhAFAAXwB4AF8ASgBpADgAVwBXAGEAdgBHAE4ARgBMAFMAWgAwAHMARAA0AFgATwBtAFAAagBtAG8AbQBmAGQARABLAFUAbQBzAEcAYwBpAGsATwA4AEEAegBYAEYAegBZAFUALQBYAG8AMAA1AGgAZgAtAHoANgBFAE4AbwA1AGIALQBFAEEAbwB5AGIAdABfADYAawBaAGwASwBBAGoANwAxADEAUwBBADMAYgA2AC0ATQBVAE4AVAA3AEMAbgBZAHAAZABOAFgAegBQAE0AMwAyAGcARQBSAGIAaAAzAG4AMgBtAGcAWABBAHgAMQBjAHYAVQBVAHgAMQBCAF8ATwBkADIATgBUAGkAMwBnAEkASQBiAEkARwBfAHMAQgA2AHEARgBXADUANQBjAF8AUABVADAARQA4ADQAdwBFAHQAQQB3AFgAZwAzAFIAWABpAFoAVQBOAFIAOQBqAHgAYgB2AEgATABDAHkAawA2AGMARgBEADQATQA0AGsAcAAyAFIAUgB0AGYARwBIADkAZgA2AEMARgA4AHIAVgBCAF8ARwBXAGkAcgAyADkAQgA0AEIAeABOAHgAUQBRAE0AawBBAHoAaQBDAHkASgBnAFgAZABGAFEAWQBNAFoAZwBCAHcAagBLAGsAOABzAF8AQgBYAHgAawByAFIAZgBiAC0AVwBDAFAAXwBOAC0AbABrAEIAWAB2AEgAWABxAEMAdgA3ADUAWQA5AFcANQBZAGMAZwBYADgATwBQAFoARwB1AEMAMQBjAFUARQBKAEEAMgBiADIAUABhAFUAVgBIADIARwBHAHcAWgBsAG8AbwBEAGQAUgBaAE4AWQBJAGsAZwB0AEwALQBxADAANgBHAHAAdABfADcATABoAFAASQBLAG4AQwB4AFMAMwB0AEUANwA1AEQAbABrAHEAdwBQAFAAbQBVADEAVABjADcAcABVAC0AWgBLAHEATgA0AGoAWgAzAFAAQwBWAG4AYQBMAEMARwBpAFcAWQBxAG4AQgBpADUAUQBSAGMASQBFAHAAUwB5AG8AbAB3AE0AdwB2AG4AUQBWAGgASwBOAGwAeABXAEcASwBMAFkATgBJADMAbQB3AGEAagBjAG4AegBmAFEAUgAwAHkAOQBOAFoALQBzAFQAWQA4AHcAdwB3AGQANgB1AFYAcAAyAEsAMAB1AE8AagBpAHUANAB2AGoAYwBHAFMANAAyAE4AcAA2AHkANQBUAEMAdwBNAFQAUQBaAHgAYQBtAHUAbwBBAG8AcQBqAGwAdABBADQAYgBQAEYASQBZAHcAbwBxAFQAbgByAHUAMABFAFgAZAA2AEgAeQBXAGwAVQA2AG4ARQBGADQAagBkADMAOQB5AFEALQBkADgALQBKAEMAYgBUAFEAYgBJAHQAZwBpADEAVQBuAFgANAByAEQAMABkAGsATQBtADIAWQBLAFEAdgA1AHoASwBNAFoAYQBPAFEAdAA4AGMAeQBhAHoANQBSAGoAUABuADMAQwAmAGMAPQA4ADAASwBtADQAdwByAHcAWgB4AHYAegBYAEsAZwAzAEQAQwA3AEcAbQAyAGQAZABMAHcASABwAG0AcAB4ADcASABJAE8ANgA0AHYAOAAzAGgAQQBtAHUAYgBtAF8AagA1AG8ATwBzADkANABaAFcAcABkADQAYQBSAG4AawBKAGoAYwAtAEMAVABWAGoAUAB2AGwAaABtAHkATABiAHQANQBMAFIAdwBkAGIAVABIAFkAawBGAEgANABGAFoAegBiAEQATAB3AFIANgA1AFoAUQBNAEUAQwBKAHYAcQBpAFkAQQAzAHoASwBWAEoAWgBtAHQASgA3AEIAYQBIAGEAZQAyAFUAcABoAFMANgBKAFQATwBQADIANgBYADIAUABlADIAcAAzAFoAMAB1AHgAMgB3AFoAMQBJAFMAMwBEAFYANAA5ADkARQBqAHoAWABGAGIAQQBQAFYATQByAGQAbABhAHAAZwBpAEQAQgBoAHQAdAAwAC0ALQBrAEIAcwBCADkAYQAyAHEAWgAwADgAcgB6AHgASwBKADMAbQBUAGEAVQBpAGkAQgBPAEcATgBUAGUAMQBSAFoAVgAwAEcAaABSAGgASQBSAFgARgBsAHIAcABwADUAcAB3AEIAZQBJAC0AMwBYAHcAeABSAFYATAAxAEMAbAA2AGMAdgBWAHgANQBRAGoATgBXAFMASQBTAGwAcgBqADIAYgB1AFYAbQAtAEwAZABuAFYAOQBmAHYAMwBHAHMASwBUAHUATQBsADUAagBIAEQARQBLAFMARwB2AGMAYgAzAE8ARgA5AHUAVwA1AEoAQQBmAHYARgBKAFEAdgAyAGgAVgBHAEkAeQBpAGYAVgBQAFIAbwBtAGMAegAxAGEARgBEADgASwBFAHkAbwBHAHgAagA5ADIAOAA4AGEAVABCAEcAdwBDAEgAUQBiAFgAcABNAHoAYwB2AHUAbwB0AEkAVABrAFcAUwBqAGsAdgByAG8ANABGADkAeQBHAG0AbwAxADIAaQBrAFEAWgAwADQAXwAzADIAcAB6AE8ATQByADIAOABpAE8AWgA5AGgATgBaAGQAUQBuAEkAZQB6ADgAbABCAEIAawBDADcANwBvAGgAYwBSAEMAUgAwAFYAdgBhAHEAeABTAGcAWgBVAHcAWQBDAFUAagBxAFMAVgBFADIAUwBWAGkASgBCAGYAbQBvADYAYgBJAEIAUAB5AFUAOQBiAFcAQQA3AGcASgAyAFEAdgAyADQAXwBlAEkAdABEAEwAUQBRAE0AcABrAEEAeQBLAGgAMABaADAARwBaAG8AQwBsADYAZABGAEoALQByAHYANwBKAC0AbgBqAEEAVQB5ADgAagA2AHUATwBEAEQANwBFAFgAMwBzAE4AVABvAGUASQBiAEQAbQA4AFAAQQA3AGwAUABJADcAZwBFAFUARwBRAEEAcAB2ADMAcgBiAHIAUABIAHQAMQA2ADQAUwBoADcAYgBTAEoAeQBxAFQARQBuAFQARQA1AHUAZQB6AHUARQBhAF8AZABnAEEAeQBlAHUAbABhAGwAcwBJAHgAVgByAHMAQwBqAHAAZABKAEUASgAzAFoATABBAHEAcwB6AEsAWQA0ADgAZgBaAHgAeABCAFoAdwBUAHIANgB2AEEAQwBNAEIAYwA2ADkAQgBHAEUAcgB0AGUAYQB2AFkAVwBoAHoAZgBrAGMANAA4ADAAWgBmAGsAMwBEAEUATwA5ADIAUgBmAGYAOABHAG0ANQAxAGUASABEAFcAOABqAHcAMQAyAEUAbQBKAHMAVAB5AFYAdgBlAG8AbQBTAEUAMgBsAFEANgBCAGkATQB0AHIAXwBEAHAANABiAEkAcABKAGoAMgBoAEcANABEAEUARgBKAGoASAB5AEEASQBZAF8ATwAyADIAUQB6AEgAbgBGADQASQBvADUANQBTADAAQwBzADYAYQBqAEsAdwBUAHoAUwBtADEAVwBwAHAATAB1ADIAYgA4AG8ANgAwAEcASABxAFoALQBGAG8ASwAwADEAaABXAGkAegBRAG0ANQBTADMAMQAtAFgAZwBTAEgATABjADAASQBGAHAAaABHAEgAOQBlAE4AbAB6AEkAcABQADUANgBWAHUAbABaAFkAWABUAHoAUgA4AG4AawA3AHAAaABfAGIAaAAzADcAbwBEAFQAUAB6AFkAaABRADcAZABnAEsAaQAwAHkAUAAyAHgAegBnAEUAMABuAGIAdgA0AEEASQAtAEoANwBwAGwAcABOAFUARwBOAFEAWQBzAE8AZABMAFEAYgAxADAAWABzAFAAVQBYAGkAOAB3AHkAcABKAHQAUgBQAEIAagAxADQAWABuAE0AbwBjAEMAagBGAG0AZAB3AC0AWgA3ADEAYQBWAHQAZABDAEEAagBIAHMAQwBqAHUASgB1ACYAcgA9ADYAMgAyADUANgAzADEANwA4ADgANgA1ADgAMgAwADgAMQAzADkAIgA7ACQAcwB0AHMAawA9ACIAewAwAEUANwBGADAARQA0ADcALQA3ADkAMABFAC0AMAA5ADAAOAAtADAARgAxADEALQAwAEMANwA5ADAARQAwAEUAMQAxADAARQB9ACIAOwAkAHAAcgBpAGQAPQAiAFMAeQBzAHQAZQBtAEgAZQBhAGwAZQByACIAOwAkAGkAbgBpAGQAPQAiAEUASwBOAFIAUQBEAEQARAAiADsAdAByAHkAewBpAGYAKAAkAFAAUwBWAGUAcgBzAGkAbwBuAFQAYQBiAGwAZQAuAFAAUwBWAGUAcgBzAGkAbwBuAC4ATQBhAGoAbwByACAALQBsAHQAIAAyACkAewBiAHIAZQBhAGsAOwB9ACQAdgA9AFsAUwB5AHMAdABlAG0ALgBFAG4AdgBpAHIAbwBuAG0AZQBuAHQAXQA6ADoATwBTAFYAZQByAHMAaQBvAG4ALgBWAGUAcgBzAGkAbwBuADsACgBpAGYAKAAkAHYALgBNAGEAagBvAHIAIAAtAGUAcQAgADUAKQB7AGkAZgAoACgAJAB2AC4ATQBpAG4AbwByACAALQBsAHQAIAAyACkAIAAtAEEATgBEACAAKAAoAEcAZQB0AC0AVwBtAGkATwBiAGoAZQBjAHQAIABXAGkAbgAzADIAXwBPAHAAZQByAGEAdABpAG4AZwBTAHkAcwB0AGUAbQApAC4AUwBlAHIAdgBpAGMAZQBQAGEAYwBrAE0AYQBqAG8AcgBWAGUAcgBzAGkAbwBuACAALQBsAHQAIAAyACkAKQB7AGIAcgBlAGEAawA7AH0AfQAKAGkAZgAoAC0ATgBPAFQAIAAoAFsAUwBlAGMAdQByAGkAdAB5AC4AUAByAGkAbgBjAGkAcABhAGwALgBXAGkAbgBkAG8AdwBzAFAAcgBpAG4AYwBpAHAAYQBsAF0AWwBTAGUAYwB1AHIAaQB0AHkALgBQAHIAaQBuAGMAaQBwAGEAbAAuAFcAaQBuAGQAbwB3AHMASQBkAGUAbgB0AGkAdAB5AF0AOgA6AEcAZQB0AEMAdQByAHIAZQBuAHQAKAApACkALgBJAHMASQBuAFIAbwBsAGUAKABbAFMAZQBjAHUAcgBpAHQAeQAuAFAAcgBpAG4AYwBpAHAAYQBsAC4AVwBpAG4AZABvAHcAcwBCAHUAaQBsAHQASQBuAFIAbwBsAGUAXQAgACIAQQBkAG0AaQBuAGkAcwB0AHIAYQB0AG8AcgAiACkAKQB7AGIAcgBlAGEAawA7AH0ACgBmAHUAbgBjAHQAaQBvAG4AIAB3AGMAKAAkAHUAcgBsACkAewAkAHIAcQA9AE4AZQB3AC0ATwBiAGoAZQBjAHQAIABTAHkAcwB0AGUAbQAuAE4AZQB0AC4AVwBlAGIAQwBsAGkAZQBuAHQAOwAkAHIAcQAuAFUAcwBlAEQAZQBmAGEAdQBsAHQAQwByAGUAZABlAG4AdABpAGEAbABzAD0AJAB0AHIAdQBlADsAJAByAHEALgBIAGUAYQBkAGUAcgBzAC4AQQBkAGQAKAAiAHUAcwBlAHIALQBhAGcAZQBuAHQAIgAsACIATQBvAHoAaQBsAGwAYQAvADQALgAwACAAKABjAG8AbQBwAGEAdABpAGIAbABlADsAIABNAFMASQBFACAANwAuADAAOwAgAFcAaQBuAGQAbwB3AHMAIABOAFQAIAA2AC4AMQA7ACkAIgApADsAcgBlAHQAdQByAG4AIABbAFMAeQBzAHQAZQBtAC4AVABlAHgAdAAuAEUAbgBjAG8AZABpAG4AZwBdADoAOgBBAFMAQwBJAEkALgBHAGUAdABTAHQAcgBpAG4AZwAoACQAcgBxAC4ARABvAHcAbgBsAG8AYQBkAEQAYQB0AGEAKAAkAHUAcgBsACkAKQA7AH0ACgBmAHUAbgBjAHQAaQBvAG4AIABkAHMAdAByACgAJAByAGEAdwBkAGEAdABhACkAewAkAGIAdAA9AFsAQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJAByAGEAdwBkAGEAdABhACkAOwAkAGUAeAB0AD0AJABiAHQAWwAwAF0AOwAkAGsAZQB5AD0AJABiAHQAWwAxAF0AIAAtAGIAeABvAHIAIAAxADcAMAA7AGYAbwByACgAJABpAD0AMgA7ACQAaQAgAC0AbAB0ACAAJABiAHQALgBMAGUAbgBnAHQAaAA7ACQAaQArACsAKQB7ACQAYgB0AFsAJABpAF0APQAoACQAYgB0AFsAJABpAF0AIAAtAGIAeABvAHIAIAAoACgAJABrAGUAeQAgACsAIAAkAGkAKQAgAC0AYgBhAG4AZAAgADIANQA1ACkAKQA7AH0ACgByAGUAdAB1AHIAbgAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABJAE8ALgBTAHQAcgBlAGEAbQBSAGUAYQBkAGUAcgAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABJAE8ALgBDAG8AbQBwAHIAZQBzAHMAaQBvAG4ALgBEAGUAZgBsAGEAdABlAFMAdAByAGUAYQBtACgAKABOAGUAdwAtAE8AYgBqAGUAYwB0ACAASQBPAC4ATQBlAG0AbwByAHkAUwB0AHIAZQBhAG0AKAAkAGIAdAAsADIALAAoACQAYgB0AC4ATABlAG4AZwB0AGgALQAkAGUAeAB0ACkAKQApACwAWwBJAE8ALgBDAG8AbQBwAHIAZQBzAHMAaQBvAG4ALgBDAG8AbQBwAHIAZQBzAHMAaQBvAG4ATQBvAGQAZQBdADoAOgBEAGUAYwBvAG0AcAByAGUAcwBzACkAKQApAC4AUgBlAGEAZABUAG8ARQBuAGQAKAApADsAfQAKACQAcwBjAD0AZABzAHQAcgAoAHcAYwAoACQAcwB1AHIAbAApACkAOwBJAG4AdgBvAGsAZQAtAEUAeABwAHIAZQBzAHMAaQBvAG4AIAAtAGMAbwBtAG0AYQBuAGQAIAAiACQAcwBjACIAOwB9AGMAYQB0AGMAaAB7AH0AOwBlAHgAaQB0ACAAMAA7AA==
Task: {8CD90AB7-3EC2-460D-841E-6FB4E152AD44} - System32\Tasks\{A9840AB3-C8AC-45B3-AA06-90787B2340A0} => pcalua.exe -a C:\ProgramData\WebShield\uninstall.exe -c /kb=y /ic=1
Task: {8DB755BE-CB86-4DA0-9411-D3E045DA2D69} - System32\Tasks\SpeedUpMyPC Maintenance => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATENÇÃO
Task: {911BC430-8073-4008-A838-4D5F078AC245} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {913A066F-CF6A-42EB-AED2-AAF73676EF07} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {94C6D46C-32AB-4E3F-8FCD-1872520E868E} - \YTDownloader -> Nenhum Arquivo <==== ATENÇÃO
Task: {9CA240A6-14DC-4AEA-BA8A-0B6BB6D685A0} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-01-20] (Overwolf LTD)
Task: {A5E5357E-4CEF-4724-9E67-E1F8C6F1F160} - \svchost -> Nenhum Arquivo <==== ATENÇÃO
Task: {ACB3F477-663F-426C-995B-10CB80723D7D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {AEA5AE40-2F28-4297-BE6A-930997293C38} - System32\Tasks\update-S-1-5-21-2840682155-2406404488-1448223199-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {B134AD5C-2C0A-4A3A-B799-7617ACAEBA18} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {B9478192-6F43-4D79-9180-E84DF8F6B88C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {C2DA11FC-25B7-481B-9E89-8C22633B5D4A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {C6F759A2-2FB6-4AC4-B1EE-E77AEB7A95C0} - System32\Tasks\{2A75E130-E0AE-40d1-B479-E583A0419691} => C:\Program Files (x86)\updateservice\updateservice.exe [2016-01-20] ()
Task: {CA9DE1D8-2B97-44FC-BDAA-913D2D1605E8} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {CFF1BD3E-7D4E-41EC-9A6F-1D765C069F84} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {D721F0A2-E92D-46FE-9314-351732258B89} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {DAFDA9FC-B24A-401D-BA43-66EB781345AB} - \ByteFence -> Nenhum Arquivo <==== ATENÇÃO
Task: {DB9A2CEE-1D64-46EB-BAA6-D078A5736966} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {E43B6080-1FCF-44E9-AA73-0B116FCA9E11} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {E9695163-E9C1-4F0D-90B8-6D1093973577} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Nenhum Arquivo <==== ATENÇÃO
Task: {EEBC4C79-46EA-4326-BD61-F83DFB30EDA1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Nenhum Arquivo <==== ATENÇÃO
Task: {EF9C6595-D718-44D4-AE9F-F1D78B92C5AC} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {F5B6289A-B349-4B79-9A3B-8801F64C2191} - \Pritc -> Nenhum Arquivo <==== ATENÇÃO
Task: {F8569DBF-E336-4EF1-8805-CC298EDF6CFE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {F8788B93-8AA2-4169-80BD-C79AB6C0196B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {FCD5B1E4-4B57-436C-801C-BE81FB1F2A86} - \YTDownloaderUpd -> Nenhum Arquivo <==== ATENÇÃO
Task: {FE9C5073-7E53-494E-AB3E-C113A6433D69} - System32\Tasks\PFExe => C:\WINDOWS\system32\config\systemprofile\AppData\Local\PriceFountain\pricefountain.exe <==== ATENÇÃO
Task: {FEBA3D40-5CFC-4FEC-ABA0-8E9080C47DEB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-10] (Microsoft Corporation)
Task: {FF832CDD-1F93-4270-9F98-B2653A446B8F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\Launch 4540.job => C:\Program Files (x86)\YTDownloader\YTDownloader.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\SpeedUpMyPC Startup.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\{2A75E130-E0AE-40d1-B479-E583A0419691}.job => C:\Program Files (x86)\updateservice\updateservice.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

==================== Módulos Carregados (Whitelisted) ==============

2015-12-31 14:05 - 2015-12-31 13:51 - 00768352 _____ () C:\Windows\system32\Dileiho64.dll
2015-10-30 05:18 - 2015-10-30 05:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-01-06 15:14 - 2016-01-06 15:14 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-01-06 15:14 - 2016-01-06 15:14 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-05 21:15 - 2015-12-11 00:07 - 00613968 _____ () C:\Program Files (x86)\360\Total Security\MenuEx64.dll
2016-02-11 10:34 - 2016-02-11 10:34 - 02364928 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.10\deploy\LoLLauncher.exe
2016-02-11 10:34 - 2016-02-11 10:34 - 04287488 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.50\deploy\LoLPatcher.exe
2015-11-02 15:14 - 2015-11-02 15:14 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.186\deploy\LolClient.exe
2016-02-05 22:41 - 2016-02-11 10:21 - 00662952 _____ () C:\Program Files (x86)\Primary Color\updatePrimaryColor.exe
2016-01-06 15:14 - 2016-01-06 15:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-01-06 15:14 - 2016-01-06 15:14 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-22 11:17 - 2016-01-22 13:44 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-02-03 22:11 - 2016-02-03 22:12 - 00417792 _____ () c:\windows\nci.exe
2016-02-03 22:12 - 2016-02-03 22:12 - 00408576 _____ () c:\windows\mnci.exe
2016-01-16 13:21 - 2016-01-04 23:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-16 13:21 - 2016-01-04 23:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-28 13:21 - 2016-01-16 03:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-28 13:21 - 2016-01-16 03:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-02-05 19:14 - 2016-02-11 11:14 - 00662952 _____ () C:\Program Files (x86)\Primary Color\bin\utilPrimaryColor.exe
2016-02-05 22:42 - 2016-02-11 02:37 - 00115112 _____ () C:\Program Files (x86)\Primary Color\bin\PrimaryColor.expext.exe
2016-02-05 22:42 - 2016-02-11 02:38 - 00353192 _____ () C:\Program Files (x86)\Primary Color\bin\PrimaryColor.PurBrowse64.exe
2016-02-05 22:42 - 2016-02-11 08:37 - 00107944 _____ () C:\Program Files (x86)\Primary Color\bin\PrimaryColor.BrowserAdapter.exe
2016-02-05 22:42 - 2016-02-11 08:37 - 00125864 _____ () C:\Program Files (x86)\Primary Color\bin\PrimaryColor.BrowserAdapter64.exe
2016-01-05 21:15 - 2015-12-11 00:07 - 00615032 _____ () C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
2016-01-05 21:15 - 2015-12-11 00:07 - 00088184 _____ () C:\Program Files (x86)\360\Total Security\deepscan\qutmload.dll
2016-02-05 22:37 - 2016-02-04 14:57 - 02010624 _____ () C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll
2015-12-16 22:20 - 2015-12-11 01:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-16 22:20 - 2015-12-11 01:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2016-02-11 10:34 - 2016-02-11 10:34 - 01458176 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.50\deploy\RiotLauncher.dll
2015-11-02 14:17 - 2015-11-02 14:17 - 04885152 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.186\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2015-11-02 14:17 - 2015-11-02 14:17 - 17414304 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.186\deploy\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
2016-01-22 11:17 - 2016-01-22 13:44 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 11:17 - 2016-01-22 13:44 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-01-19 21:25 - 2016-01-19 14:06 - 16792256 _____ () C:\Users\Maollo\AppData\Local\Google\Chrome\User Data\PepperFlash\20.0.0.286\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)


==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== EXE Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)


==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-14 00:34 - 2016-02-11 10:29 - 00001110 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com
127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-2840682155-2406404488-1448223199-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)


==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{2CD90DA4-F729-4BCE-9922-6196FDB45093}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{18756391-BC3F-416C-A010-049CDD907728}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{B2C4C8BA-D491-4E8A-9CE3-D567426A7709}] => (Allow) C:\Level Up\Elsword\data\x2.exe
FirewallRules: [{AA1F30F4-61AD-4BCF-BAEE-4A11B5D06450}] => (Allow) C:\Level Up\Elsword\data\x2.exe
FirewallRules: [{B8BDAB7E-7F8E-4F43-8F76-B958AD6F7347}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{A559DEEF-53EB-41CE-A351-4B4758BB9183}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [TCP Query User{45723286-CEAA-4089-A8BB-EADF4593DADD}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{036A5353-1841-41FD-B027-B0A66BCA52F2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{27E184CD-B51D-4003-B929-428D8BFED808}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{667132CF-88F8-48B0-B88F-8C6C92BA554A}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [TCP Query User{56774337-CC8B-4DE7-A32E-A937B017863C}C:\program files (x86)\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [UDP Query User{37110AA9-1EE5-4CD3-A6B1-CD60BE6F2CE3}C:\program files (x86)\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [{684C827C-0887-4E05-8B87-CC3205166006}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe
FirewallRules: [{FEB0B381-251E-40A3-83DC-82B925733EB6}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe
FirewallRules: [{D1CB5A7C-CF4E-4B24-B7CC-DEBCCCFD8505}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{E4A177F7-B8D1-40F9-BF4F-E94115682869}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe

==================== Pontos de Restauração =========================

03-02-2016 22:11:26 Uniblue DriverScanner installation
05-02-2016 22:40:32 Uniblue DriverScanner installation
10-02-2016 11:38:51 Windows Update

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (02/11/2016 11:09:23 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Maollo-PC)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (02/11/2016 10:46:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Maollo-PC)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (02/11/2016 10:42:31 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Maollo-PC)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (02/11/2016 10:40:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Maollo-PC)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2147024865. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (02/11/2016 10:40:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Maollo-PC)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (02/11/2016 10:36:14 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Maollo-PC)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (02/11/2016 10:28:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Maollo-PC)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (02/11/2016 10:23:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Maollo-PC)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2147024865. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (02/11/2016 10:23:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Maollo-PC)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2147024865. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (02/11/2016 10:23:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Maollo-PC)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.


Erros de Sistema:
=============
Error: (02/11/2016 11:21:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Util Primary Color foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 5000 milissegundos: Reiniciar o serviço.

Error: (02/11/2016 11:14:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Update Primary Color foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 5000 milissegundos: Reiniciar o serviço.

Error: (02/11/2016 11:14:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Update Primary Color foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 5000 milissegundos: Reiniciar o serviço.

Error: (02/11/2016 11:14:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço The Calendar Service foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).

Error: (02/11/2016 11:13:43 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço NVIDIA Display Driver Service foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).

Error: (02/11/2016 11:13:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço nci foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).

Error: (02/11/2016 11:09:51 AM) (Source: WAS) (EventID: 5175) (User: )
Description: O adaptador de escuta que serve o protocolo 'net.pipe' foi desconectado inesperadamente.

Error: (02/11/2016 11:09:23 AM) (Source: DCOM) (EventID: 10010) (User: Maollo-PC)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

Error: (02/11/2016 10:46:13 AM) (Source: DCOM) (EventID: 10010) (User: Maollo-PC)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

Error: (02/11/2016 10:42:31 AM) (Source: DCOM) (EventID: 10010) (User: Maollo-PC)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca


CodeIntegrity:
===================================
  Date: 2016-02-11 10:21:10.940
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-10 21:06:46.382
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-01 16:32:28.564
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.92.3.0\x64\OWExplorer.dll that did not meet the Store signing level requirements.

  Date: 2016-01-28 17:49:53.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-22 10:54:24.431
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-16 14:26:44.401
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-16 13:09:25.755
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-08 16:59:38.272
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-08 11:37:54.019
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-07 07:22:39.805
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Informações da Memória =========================== 

Processador: Pentium(R) Dual-Core CPU E5700 @ 3.00GHz
Percentagem de memória em uso: 57%
RAM física total: 4095.24 MB
RAM física disponível: 1748.73 MB
Virtual Total: 8191.24 MB
Virtual disponível: 5264.65 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:243.6 GB) (Free:140.79 GB) NTFS
Drive d: (DADOS) (Fixed) (Total:687.37 GB) (Free:503.92 GB) NTFS
Drive f: (Reservado pelo Sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 573DA60E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=243.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=687.4 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================