Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:05-03-2016 01 Executado por lelet (2016-03-11 01:04:14) Executando a partir de C:\Users\lelet\Downloads Windows 10 Home Single Language Versão 1511 (X64) (2015-12-09 07:17:06) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-2432484045-3698458679-876261402-500 - Administrator - Disabled) Convidado (S-1-5-21-2432484045-3698458679-876261402-501 - Limited - Disabled) DefaultAccount (S-1-5-21-2432484045-3698458679-876261402-503 - Limited - Disabled) lelet (S-1-5-21-2432484045-3698458679-876261402-1001 - Administrator - Enabled) => C:\Users\lelet ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated) Advanced ScreenSnapshot 1.0 (HKLM\...\{61FFE1F9-137D-4c31-A181-3415FCAA5946}) (Version: 1.0.1.10301 - qiusheng xie) <==== ATENÇÃO Amazon 1Button App (HKLM-x32\...\{3E69CC95-C0F6-4C74-8F43-74F9046F20B2}) (Version: 1.0.10 - Amazon) AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) AMD Catalyst Install Manager (HKLM\...\{6E2E5B9E-BCCC-066F-BBB5-4DCA7289E2CD}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Body Text Feathering (HKLM-x32\...\PopupProduct) (Version: 1.0.0.0 - Body Text Feathering) <==== ATENÇÃO Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.) Canon MG3500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3500_series) (Version: 1.00 - Canon Inc.) Canon MG3500 series On-screen Manual (HKLM-x32\...\Canon MG3500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.) Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.) Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.0 - Canon Inc.) CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.0.3.4 - Lenovo) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant) Crack: Photoshop CS6 (HKLM-x32\...\Crack: Photoshop CS6) (Version: - ) CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4505 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) CyberLink PowerDirector 10 (Version: 10.0.0.2810 - Nome de sua empresa:) Hidden Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden Dependency Package Update (x32 Version: 1.6.38.00 - Lenovo Group Limited) Hidden Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.5.1 - Dolby Laboratories Inc) Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo) Energy Manager (x32 Version: 1.0.0.35 - Lenovo) Hidden Englishtown (HKLM-x32\...\{843064AB-1229-4C0E-A18D-1E59D24254D3}) (Version: 1.0.0 - EF Englishtown) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Hola™ 1.11.399 - Better Internet (HKU\S-1-5-21-2432484045-3698458679-876261402-1001\...\Hola) (Version: 1.11.399 - Hola Networks Ltd.) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Lenovo Browser Guard (HKLM-x32\...\LenovoBrowserGuard) (Version: 2.16.60.37 - ClientConnect LTD) <==== ATENÇÃO Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.38.00 - Lenovo Group Limited) Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.) Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.) Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Lenovo Photo Master (x32 Version: 1.0.1823.01 - CyberLink Corp.) Hidden Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.69.4 - ELAN Microelectronic Corp.) Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden Lenovo Solution Center (HKLM\...\{13BD494D-9ACD-420B-A291-E145DED92EF6}) (Version: 2.6.001.00 - Lenovo Group Limited) Lenovo USB2.0 UVC Camera (HKLM-x32\...\{70D2C5B8-EB22-45B1-9EAA-5E8C1C408A3B}) (Version: 1.00.0000 - Vimicro Corporation) Manuais do usuário (x32 Version: 3.0.0.3 - Lenovo) Hidden Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden Microsoft Office Home and Student 2013 - pt-br (HKLM\...\HomeStudentRetail - pt-br) (Version: 15.0.4797.1003 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team) OEM Application Profile (HKLM-x32\...\{315F1A48-D883-B234-7C79-15873574ACC1}) (Version: 1.00.0000 - Nome de sua empresa:) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4797.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4797.1003 - Microsoft Corporation) Hidden Pacote de Driver do Windows - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo) Pacote de Driver do Windows - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo) Popcorn Time (HKU\S-1-5-21-2432484045-3698458679-876261402-1001\...\Popcorn Time) (Version: - Popcorn Official) PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.308 - Qualcomm Atheros Communications) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) RegClean Pro (HKLM-x32\...\RegClean Pro_is1) (Version: 6.21 - systweak.com) <==== ATENÇÃO Satellite Comma (HKLM-x32\...\SoftwareUpdater) (Version: 1.0.0.0 - Satellite Comma) <==== ATENÇÃO Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation) Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.) Sound+ (HKLM\...\SoundPlus) (Version: 1.0 - ) Spotify (HKU\S-1-5-21-2432484045-3698458679-876261402-1001\...\Spotify) (Version: 1.0.23.90.g42187855 - Spotify AB) Tools Update Platform (HKLM-x32\...\{6A128791-4857-4484-9BB2-71D4C1257200}) (Version: 5.0.0.61 - Beijing Zhihuimen Techology co,.Ltd) <==== ATENÇÃO UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.2.7 - Lenovo) User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-2432484045-3698458679-876261402-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\lelet\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {02A1A8EA-2849-4880-A6C5-49D9647DC7C0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {07024999-901D-47BC-BD32-09ADE948EC9C} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-09-03] (Lenovo) Task: {0747D61B-1FCE-4077-9124-81740719F471} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {16D99960-1D5F-46FA-8CF9-ABE5D241A3AC} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo) Task: {199542C1-6C3A-4279-AC1C-9EA51C9BA23B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [2016-02-16] (Microsoft Corporation) Task: {1FC224C7-3E97-4704-A39C-B6553B211E54} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {23454EDC-A68B-493F-8EF4-6419CAB7E728} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-16] (Microsoft Corporation) Task: {33FA51D7-1809-4E0C-B814-F0D6795F7E5C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-08-18] (Lenovo) Task: {37262141-35D1-43FF-A27C-032B2CB69408} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Duplicaterecord.js" <==== ATENÇÃO Task: {442FD39F-8F23-426F-967A-93F9EE5A4D80} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {453102BC-AA98-485A-A904-2A442C35CC38} - System32\Tasks\BoBrowser => C:\Users\lelet\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ATENÇÃO Task: {4616818B-A36B-471A-9728-85A37EE8D4E7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation) Task: {4CEC9A35-B7D1-41CC-95EC-5147AD017505} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RCP\RegCleanPro.exe [2015-11-20] () <==== ATENÇÃO Task: {5188B0A4-306F-4F4D-98DE-839D76BABADB} - System32\Tasks\ToolsUpdatePlatform_ScheduledTask => C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe [2015-11-26] () <==== ATENÇÃO Task: {532DDF0D-634A-4A51-B243-7F54B0CD3EA2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO Task: {57672E26-CAEE-41B3-A729-507737C631F8} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-09-03] () Task: {654B4AAA-25F0-4911-805A-83DF1522A7E5} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RCP\RegCleanPro.exe [2015-11-20] () <==== ATENÇÃO Task: {6D4EBCDB-9E6A-4F1A-94A2-5820A158EA38} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.) Task: {71E87A43-48A6-48DC-882C-70FFA8FF2D09} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-09-03] () Task: {790FB6B4-0CFB-4CA8-A2E2-74F47CE54E90} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-10] (Google Inc.) Task: {86C309C2-8A2B-4CD3-912C-51587E20DECC} - System32\Tasks\{61FFE1F9-137D-4c31-A181-3415FCAA5946}{19F8DB95-4D78-4ddb-AC71-C610654FE37F} => C:\Program Files (x86)\ScreenSnapshotTool\1.0.1.10301\InstallHelper.exe [2015-06-15] () <==== ATENÇÃO Task: {93D01279-3788-48C8-9E75-63A4CD9651D1} - System32\Tasks\crash_service => C:\Users\lelet\AppData\Local\BoBrowser\Application\crash_service.exe <==== ATENÇÃO Task: {A266DE0A-FC12-430B-80D3-3A170210F28B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO Task: {A669BDEF-6F5B-412F-9DA8-2E2262068DA8} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RCP\RegCleanPro.exe [2015-11-20] () <==== ATENÇÃO Task: {A8FD403E-C07C-4BD9-B2F2-09881CBD84C6} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-12-14] () Task: {A9E8E24A-9933-4060-A26B-7FAE85B27AA6} - System32\Tasks\QGCAXVQCMXTMQSND => C:\ProgramData\Service1291\Service1291.exe <==== ATENÇÃO Task: {AA482E51-19F6-4BFE-B17C-E6968B55D3C9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {AE6D15F0-7F4D-4525-9C7B-6F911C24F61C} - System32\Tasks\WinTaske => C:\Program Files (x86)\WinTaske\WinTaske\WinTaske.exe [2016-02-02] () Task: {BDF034D2-7D10-43FF-AC7D-DC0943A35E5B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO Task: {D1CC3377-55AA-476C-B7B6-D7A682268FE0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation) Task: {D1F9F2B1-DA0B-4453-A5BD-3F9341C73601} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-09-03] (Lenovo) Task: {D7404503-ED1B-450F-880B-C551A207F890} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-10] (Google Inc.) Task: {DD47FBDF-8E49-4CA3-98FA-2FE5D9C2BCD4} - System32\Tasks\Pokki => C:\Users\lelet\AppData\Local\Pokki\Engine\ServiceHostAppUpdater.exe Task: {F0E2A86D-EB49-40D1-A0B0-9A3A663FFB47} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO Task: {F4DCBED2-DE08-4967-B2E6-5E04CE861C1E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO Task: {F6491BE9-228B-451C-A446-3A24B178A1AD} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÇÃO Task: {F84B5346-F85B-4C56-9529-547EF1CC2DE6} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-09-03] (Lenovo) Task: {F8E254D3-4BD3-4FFB-A599-0EB8965127EF} - System32\Tasks\Sunrise => C:\WINDOWS\TEMP\CUpdater\s2hs..exe Task: {FBCDDFF1-2CAE-452B-A03F-13A3C95BD580} - System32\Tasks\Run_Bobby_Browser => C:\Users\lelet\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ATENÇÃO (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\QGCAXVQCMXTMQSND.job => C:\ProgramData\Service1291\Service1291.exe <==== ATENÇÃO Task: C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RCP\RegCleanPro.exe <==== ATENÇÃO Task: C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RCP\RegCleanPro.exe <==== ATENÇÃO Task: C:\WINDOWS\Tasks\ToolsUpdatePlatform_ScheduledTask.job => C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe <==== ATENÇÃO Task: C:\WINDOWS\Tasks\{61FFE1F9-137D-4c31-A181-3415FCAA5946}{19F8DB95-4D78-4ddb-AC71-C610654FE37F}.job => C:\Program Files (x86)\ScreenSnapshotTool\1.0.1.10301\InstallHelper.exev-RunCloudOPTClient C:\Program Files (x86)\ScreenSnapshotTool\1.0.1.10301\CloudOPTClient\CloudOPTClient.exe -update.LET <==== ATENÇÃO ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yeabests.cc/ ==================== Módulos Carregados (Whitelisted) ============== 2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-10-22 11:05 - 2015-10-22 11:05 - 01927680 _____ () C:\Program Files\Sound+\SoundP.dll 2015-07-15 17:51 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2015-06-15 06:07 - 2015-06-15 06:07 - 00143520 _____ () C:\Program Files (x86)\ScreenSnapshotTool\1.0.1.10301\ScreenShotServ.exe 2015-06-26 16:21 - 2013-05-14 06:50 - 00140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 2015-03-12 11:34 - 2012-04-24 23:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2015-03-12 11:29 - 2014-07-09 17:19 - 00592880 _____ () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe 2015-06-15 06:07 - 2015-06-15 06:07 - 01831584 _____ () C:\Program Files (x86)\ScreenSnapshotTool\1.0.1.10301\ScreenSnapshot.exe 2015-12-09 04:40 - 2015-12-09 04:40 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-09 04:40 - 2015-12-09 04:40 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-07-18 00:35 - 2015-12-19 00:08 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe 2015-12-09 03:48 - 2010-10-26 11:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe 2016-01-26 18:26 - 2016-01-26 18:26 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-11-26 06:21 - 2015-11-26 06:21 - 00592120 _____ () C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe 2015-12-26 05:59 - 2015-12-26 05:59 - 00158720 _____ () C:\Users\lelet\AppData\Local\DF938D4D-1457562069-11E4-944E-641C67711FA7\qnsgCDDE.tmp 2016-03-09 22:05 - 2016-03-09 22:05 - 00245248 ____N () C:\Program Files (x86)\DF938D4D-1456961717-11E4-944E-641C67711FA7\knsf1F4B.tmp 2016-03-08 22:06 - 2016-03-08 22:06 - 00016384 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2016-03-08 22:06 - 2016-03-08 22:06 - 16062976 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2016-03-08 22:06 - 2016-03-08 22:06 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2016-03-09 00:20 - 2016-03-09 00:20 - 00013824 _____ () C:\Program Files\WindowsApps\Microsoft.Getstarted_2.6.16.0_x64__8wekyb3d8bbwe\WhatsNew.Store.exe 2016-03-09 00:20 - 2016-03-09 00:20 - 06197760 _____ () C:\Program Files\WindowsApps\Microsoft.Getstarted_2.6.16.0_x64__8wekyb3d8bbwe\WhatsNew.Store.dll 2016-03-09 20:00 - 2016-03-09 20:01 - 00017920 _____ () C:\Program Files\WindowsApps\9FD20106.MediaPlayerQueen_1.1.10.0_x64__nwhm06f2kfry2\MediaPlayer.exe 2016-03-09 20:00 - 2016-03-09 20:01 - 19585024 _____ () C:\Program Files\WindowsApps\9FD20106.MediaPlayerQueen_1.1.10.0_x64__nwhm06f2kfry2\MediaPlayer.dll 2016-03-09 20:00 - 2016-03-09 20:01 - 04764672 _____ () C:\Program Files\WindowsApps\9FD20106.MediaPlayerQueen_1.1.10.0_x64__nwhm06f2kfry2\Microsoft.Advertising.dll 2016-01-12 17:05 - 2016-01-04 22:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-01-12 17:05 - 2016-01-04 22:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-01-27 17:46 - 2016-01-16 02:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-01-27 17:46 - 2016-01-16 02:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-12-18 19:05 - 2015-12-07 01:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-12-18 19:05 - 2015-12-07 01:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-03-10 20:42 - 2016-03-10 20:42 - 00262656 _____ () C:\Program Files (x86)\DF938D4D-1456961717-11E4-944E-641C67711FA7\knse7E1A.tmp 2015-06-15 06:07 - 2015-06-15 06:07 - 00543392 _____ () C:\Program Files (x86)\ScreenSnapshotTool\1.0.1.10301\EVPTask.dll 2015-06-15 06:07 - 2015-06-15 06:07 - 00406688 _____ () C:\Program Files (x86)\ScreenSnapshotTool\1.0.1.10301\EVPNet.dll 2015-06-15 06:07 - 2015-06-15 06:07 - 00428704 _____ () C:\Program Files (x86)\ScreenSnapshotTool\1.0.1.10301\EVPDR.dll 2015-03-12 10:53 - 2013-09-16 16:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-04-22 06:26 - 2015-04-22 06:26 - 00141856 _____ () C:\Program Files (x86)\Baidu Security\MoboMarket\1.3.7.5967\zlib1.dll 2015-05-05 22:53 - 2016-03-02 21:36 - 47503472 _____ () C:\Users\lelet\AppData\Roaming\Spotify\libcef.dll 2015-03-12 11:35 - 2014-07-04 01:35 - 00627672 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll 2014-07-04 12:35 - 2014-07-04 12:35 - 00016856 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll 2015-05-05 22:53 - 2016-03-02 21:36 - 01584240 _____ () C:\Users\lelet\AppData\Roaming\Spotify\libglesv2.dll 2015-05-05 22:53 - 2016-03-02 21:36 - 00082032 _____ () C:\Users\lelet\AppData\Roaming\Spotify\libegl.dll 2016-01-26 18:26 - 2016-01-26 18:26 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-01-26 18:26 - 2016-01-26 18:26 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-03-09 22:21 - 2016-03-09 22:21 - 00070144 _____ () C:\WINDOWS\Temp\ui.dll 2016-03-09 22:22 - 2016-02-04 14:57 - 02010624 ____N () C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll 2016-03-09 22:22 - 2016-03-09 22:22 - 00108896 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QMAntiInject.dll 2016-03-09 22:22 - 2016-03-09 22:22 - 00088416 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\zlib.dll 2016-03-09 22:22 - 2016-03-09 22:22 - 00481632 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\sqlite.dll 2016-03-09 22:22 - 2016-03-09 22:22 - 00100704 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\tinyxml.dll 2016-03-09 22:22 - 2016-03-09 22:22 - 00039776 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll 2016-03-09 22:22 - 2016-02-19 13:36 - 00065008 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll 2016-03-09 22:22 - 2016-02-27 19:55 - 00036128 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\oDayProtect.dll 2016-03-09 22:22 - 2016-03-09 22:22 - 00121184 _____ () c:\program files (x86)\tencent\qqpcmgr\11.3.17201.218\qmrtpcontroller.dll 2016-03-09 22:22 - 2016-03-09 22:22 - 00108896 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\TavPedc.dll 2016-03-09 22:22 - 2016-03-09 22:22 - 00194912 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\xImage.dll 2016-03-09 22:22 - 2016-03-09 22:22 - 00342368 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\arkGraphic.dll 2016-03-09 22:22 - 2016-03-09 22:22 - 02156896 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\GF.dll 2016-03-09 22:22 - 2016-03-09 22:22 - 00092512 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\xGraphic32.dll 2016-03-09 22:22 - 2016-03-09 22:22 - 00158048 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\libpng.dll 2016-03-09 22:22 - 2016-03-09 22:22 - 00285024 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\libjpegturbo.dll 2016-03-09 22:22 - 2016-03-09 22:22 - 00137568 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\libexpatw.dll 2016-03-09 22:22 - 2016-03-09 22:22 - 00045408 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\jgImage.dll 2016-03-09 22:22 - 2016-03-09 22:22 - 00014176 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\jgIOStub.dll 2016-03-09 22:22 - 2016-03-09 22:22 - 00162144 _____ () c:\program files (x86)\tencent\qqpcmgr\11.3.17201.218\qmhipslogpolicy.dll 2016-03-09 22:22 - 2016-03-09 22:22 - 00076128 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\MemDefrag.dll 2016-03-09 22:22 - 2016-01-18 14:26 - 00260448 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QMTrayPlugin\QMAutoTaskPlugin\SubPlugins\OperationFileCloudMgr.dll 2016-03-09 22:22 - 2016-03-09 22:22 - 00379232 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\DlForQd.dll 2016-03-09 22:22 - 2016-03-09 22:22 - 00257888 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\Win10ToastNotification.dll 2016-03-09 22:22 - 2016-03-09 22:22 - 00248160 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QMWlanMacDll.dll 2016-02-20 18:23 - 2016-02-18 01:14 - 01630360 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll 2016-02-20 18:23 - 2016-02-18 01:14 - 00085656 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll 2016-03-10 20:42 - 2016-03-08 12:16 - 17541312 _____ () C:\Users\lelet\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.182\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service" ==================== EXE Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-2432484045-3698458679-876261402-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-2432484045-3698458679-876261402-1001\...\caixa.gov.br -> imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-2432484045-3698458679-876261402-1001\...\hola.org -> hxxp://hola.org ==================== Hosts Conteúdo: ========================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2013-08-22 10:25 - 2016-03-02 20:33 - 00002041 ____N C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com Existem ainda 4 mais linhas. ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-2432484045-3698458679-876261402-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg DNS Servers: 200.225.197.34 - 200.225.197.37 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está desabilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [UDP Query User{7B680659-9837-4E51-8AC8-3D219FAA4F3E}C:\users\lelet\appdata\local\popcorn time\nw.exe] => (Block) C:\users\lelet\appdata\local\popcorn time\nw.exe FirewallRules: [TCP Query User{7E190774-0C8E-4097-9133-E078EBD44441}C:\users\lelet\appdata\local\popcorn time\nw.exe] => (Block) C:\users\lelet\appdata\local\popcorn time\nw.exe FirewallRules: [{468352F7-19B5-46EC-983B-B53577D2CC63}] => (Allow) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe FirewallRules: [{03831AC5-8360-47D7-9D48-ED7C27FDF5BF}] => (Allow) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe FirewallRules: [{022C1474-D3FF-49AD-B8EB-56373E736BB9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [UDP Query User{5C65D87E-BB6B-43FA-AA4C-1AF55426C044}C:\users\lelet\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lelet\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{0DED2665-EC49-4D67-B208-212CEF312784}C:\users\lelet\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lelet\appdata\roaming\spotify\spotify.exe FirewallRules: [{A336A8C8-B717-4D1E-B231-8F71FC51090A}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe FirewallRules: [{540D3B3C-154F-4A8E-98F9-C68E1039EC6D}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{6BF6B5BD-D410-41AE-8036-68EC710533B0}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{006AED3A-8D26-4939-9353-C7600B670F90}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE FirewallRules: [{3B1BBDE9-FA0E-436E-AED4-50E501F88A23}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe FirewallRules: [{B9B81D57-69C7-4F9F-AFFF-7E9B8098A519}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe FirewallRules: [{92A321B7-FBF3-455E-A601-B5066803EB9E}] => (Allow) LPort=55100 FirewallRules: [{B8AFD703-4AED-42DA-B869-E6B2406ABAE9}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe FirewallRules: [{71D1279C-2DF1-4BB7-9E8C-AF94671290C3}] => (Allow) C:\Users\lelet\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{C2B177FF-FC76-4268-9584-F657EA1B9619}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{7F23C427-16D0-428F-9073-61BCBFE14422}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe FirewallRules: [{3328A513-4DEE-4B4E-B20F-3276262522AD}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe FirewallRules: [{B13EB0D9-9D80-49B1-9828-8BC8C5C45595}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCmgrInstallGuide.exe FirewallRules: [{C281E192-1E26-4673-96A3-C11BAFF2EB7B}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCTray.exe FirewallRules: [{4B8C70E4-B8F9-4521-B4F4-945FC7C48399}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCMgr.exe FirewallRules: [{503CFC1A-31AB-4202-A95A-C549C47F89DF}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCRTP.exe FirewallRules: [{CD010C97-D25D-4713-9A76-23441BAC59B4}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QMDL.exe FirewallRules: [{1D55DBC1-FE39-4E36-B811-D16C7BBAC992}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\bugreport.exe FirewallRules: [{39DB2E82-FD22-4B66-BD84-4846A8DAB794}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCFileOpen.exe FirewallRules: [{B59CF764-77D5-40E3-B9D7-756B970951EB}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCLeakScan.exe FirewallRules: [{1C354FEF-BAED-4E49-B39E-F314CF805C9F}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPConfig.exe FirewallRules: [{B9E4CFD5-188C-4CD6-971B-E3D732DB383F}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCSoftMgr.exe FirewallRules: [{59EE3EE6-91CE-40BE-861D-A99B7F391D43}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\plugins\QMNetMon\QQPCNetFlow.exe FirewallRules: [{AFCC01AC-CA88-4B0E-A01B-11B395DA310C}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCBTU.exe FirewallRules: [{F8BEDC65-10AC-4710-B4C9-7EA52A295A6D}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCClinic.exe FirewallRules: [{29091795-2EC5-4EF3-8D34-3CA09FAEEC77}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCLaunch.exe FirewallRules: [{3DA6A2BA-5FFC-4024-8802-A59F4A0B030E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QMUpdate\QQPCMgrUpdate.exe FirewallRules: [{6A881458-FC58-4327-86C1-E71FC39963FA}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCSoftGame.exe FirewallRules: [{69E73828-BEC2-4CB1-9FA8-4EDF1B86D69E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCSysOptimize.exe FirewallRules: [{F3765854-DFEA-4F0E-8505-5A0C2AE0D1EC}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCUpdateAVLib.exe FirewallRules: [{2D7B5C8D-B0B8-4D2D-B5C9-EBACD72A20E5}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQRepair.exe FirewallRules: [{F69595D2-AA24-4587-A7BB-8CD0BCE3DA7C}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\Uninst.exe FirewallRules: [{955147B3-0F56-4424-AEC3-2279D175B79D}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCPatch.exe FirewallRules: [{DE95C0BC-8EA9-486F-8B9C-B2152C8AAB10}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\TpkUpdate.exe FirewallRules: [{43A690CC-2839-4F7D-8E10-A9EB0D018D44}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QMRouterMgr.exe FirewallRules: [{7BAEAE62-50F0-4CB7-B759-52F9E2ADA3A7}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QMAccountProtection.exe FirewallRules: [{BC91C177-631A-4108-8ACC-124A848DEC36}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QMAdBlock.exe FirewallRules: [{A319046D-CB33-456C-B212-A30201987271}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe FirewallRules: [{31C54222-A6FA-46C5-AF75-611DE24D97CA}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe ==================== Pontos de Restauração ========================= 16-02-2016 18:14:08 Windows Update 28-02-2016 19:25:10 Ponto de Verificação Agendado 08-03-2016 21:10:21 Removido Realtek Ethernet Controller Driver 08-03-2016 21:10:26 Removido Realtek Card Reader ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (03/10/2016 10:29:14 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: ShellExperienceHost.exe, versão: 10.0.10586.35, carimbo de data/hora: 0x566505bc Nome do módulo com falha: QuickActions.dll, versão: 0.0.0.0, carimbo de data/hora: 0x56650458 Código de exceção: 0xc0000005 Deslocamento da falha: 0x0000000000001931 ID do processo com falha: 0x5104 Hora de início do aplicativo com falha: 0xShellExperienceHost.exe0 Caminho do aplicativo com falha: ShellExperienceHost.exe1 Caminho do módulo com falha: ShellExperienceHost.exe2 ID do Relatório: ShellExperienceHost.exe3 Nome completo do pacote com falha: ShellExperienceHost.exe4 ID do aplicativo relativo ao pacote com falha: ShellExperienceHost.exe5 Error: (03/10/2016 10:29:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: ShellExperienceHost.exe, versão: 10.0.10586.35, carimbo de data/hora: 0x566505bc Nome do módulo com falha: QuickActionsDataModel.dll, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d71f Código de exceção: 0xc0000005 Deslocamento da falha: 0x0000000000004d6f ID do processo com falha: 0x5a0 Hora de início do aplicativo com falha: 0xShellExperienceHost.exe0 Caminho do aplicativo com falha: ShellExperienceHost.exe1 Caminho do módulo com falha: ShellExperienceHost.exe2 ID do Relatório: ShellExperienceHost.exe3 Nome completo do pacote com falha: ShellExperienceHost.exe4 ID do aplicativo relativo ao pacote com falha: ShellExperienceHost.exe5 Error: (03/10/2016 02:41:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LETICIA) Description: Falha na ativação do aplicativo Microsoft.Windows.Photos_8wekyb3d8bbwe!App com o erro: -2147023170. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (03/09/2016 12:11:11 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: MOM.exe, versão: 4.5.0.0, carimbo de data/hora: 0x53ad0e3f Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.10586.103, carimbo de data/hora: 0x56a8489c Código de exceção: 0xe0434352 Deslocamento da falha: 0x0000000000071f08 ID do processo com falha: 0x1b4c Hora de início do aplicativo com falha: 0xMOM.exe0 Caminho do aplicativo com falha: MOM.exe1 Caminho do módulo com falha: MOM.exe2 ID do Relatório: MOM.exe3 Nome completo do pacote com falha: MOM.exe4 ID do aplicativo relativo ao pacote com falha: MOM.exe5 Error: (03/09/2016 12:11:07 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicativo: MOM.exe Versão do Framework: v4.0.30319 Descrição: O processo foi terminado devido a uma exceção sem tratamento. Informações da Exceção: System.IO.FileLoadException em ATI.ACE.MOM.Implementation.MOM.Main(System.String[]) Informações da Exceção: System.Reflection.TargetInvocationException em System.RuntimeMethodHandle.InvokeMethod(System.Object, System.Object[], System.Signature, Boolean) em System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(System.Object, System.Object[], System.Object[]) em System.Reflection.RuntimeMethodInfo.Invoke(System.Object, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object[], System.Globalization.CultureInfo) em System.RuntimeType.InvokeMember(System.String, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object, System.Object[], System.Reflection.ParameterModifier[], System.Globalization.CultureInfo, System.String[]) em System.Type.InvokeMember(System.String, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object, System.Object[]) em ATI.ACE.MOM.EXE.MOM.Main(System.String[]) Error: (03/09/2016 12:10:03 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: igfxHK.exe, versão: 6.15.10.4331, carimbo de data/hora: 0x564cc83e Nome do módulo com falha: igfxHK.exe, versão: 6.15.10.4331, carimbo de data/hora: 0x564cc83e Código de exceção: 0xc0000409 Deslocamento da falha: 0x0000000000015953 ID do processo com falha: 0x1124 Hora de início do aplicativo com falha: 0xigfxHK.exe0 Caminho do aplicativo com falha: igfxHK.exe1 Caminho do módulo com falha: igfxHK.exe2 ID do Relatório: igfxHK.exe3 Nome completo do pacote com falha: igfxHK.exe4 ID do aplicativo relativo ao pacote com falha: igfxHK.exe5 Error: (03/08/2016 10:10:11 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (03/08/2016 09:51:46 PM) (Source: LenovoWiFiHotspotSvr) (EventID: 1) (User: ) Description: LenovoWiFiHotspotSvrm_IcsMgr == NULL failed with 0 Error: (03/08/2016 09:51:46 PM) (Source: PhoneCompanionVap_ICS) (EventID: 1) (User: ) Description: PhoneCompanionVap_ICSIcsMgr : InitIcs : lIndex > m_lNumConns error. failed with 0 Error: (03/08/2016 09:13:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddLegacyDriverFiles: Unable to back up image of binary TSSysKit. System Error: O sistema não pode encontrar o arquivo especificado. . Erros de Sistema: ============= Error: (03/10/2016 10:25:11 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORIDADE NT) Description: Configuração Automática de WLAN detectou conectividade limite; executando Reset/Recover.adapter. Código: 8 0x0 0x0 Error: (03/10/2016 10:25:07 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORIDADE NT) Description: Configuração Automática de WLAN detectou conectividade limite; executando Reset/Recover.adapter. Código: 2 0xdeaddeed 0xeeec Error: (03/10/2016 10:25:07 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORIDADE NT) Description: Configuração Automática de WLAN detectou conectividade limite; executando Reset/Recover.adapter. Código: 1 0xc 0x4 Error: (03/10/2016 08:36:40 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (03/10/2016 08:34:26 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível Error: (03/10/2016 08:32:47 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT) Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6} Error: (03/10/2016 08:21:57 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (03/10/2016 03:15:35 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível Error: (03/10/2016 03:00:24 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070643: Ferramenta de Remoção de Software Mal-Intencionado do Windows para os sistemas operacionais Windows 8, 8.1, 10 e Windows Server 2012, 2012 R2 x64 Edition - março de 2016 (KB890830). Error: (03/10/2016 02:59:50 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT) Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6} CodeIntegrity: =================================== Date: 2016-03-09 19:59:50.792 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-08 20:54:38.052 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\ProgramData\FlashBeat\VCMTZZBN64.dll that did not meet the Store signing level requirements. Date: 2016-03-02 23:57:49.689 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\ProgramData\FlashBeat\VCMTZZBN64.dll that did not meet the Store signing level requirements. Date: 2016-03-02 23:57:05.282 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\ProgramData\FlashBeat\VCMTZZBN64.dll that did not meet the Store signing level requirements. Date: 2016-03-02 21:07:21.453 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-02 21:07:16.794 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-02 21:07:08.969 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-02 21:07:08.939 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-02 21:06:38.008 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-02 21:05:40.893 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz Percentagem de memória em uso: 85% RAM física total: 3988.27 MB RAM física disponível: 595.49 MB Virtual Total: 10429.8 MB Virtual disponível: 2808.39 MB ==================== Drives ================================ Drive c: (Windows8_OS) (Fixed) (Total:891.07 GB) (Free:831.37 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)] Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.55 GB) NTFS Drive f: (LETICIA) (Removable) (Total:7.53 GB) (Free:3.36 GB) FAT32 ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 62E025DD) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 7.5 GB) (Disk ID: C3072E18) Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B) ==================== Fim de Addition.txt ============================