Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão: 11-01-2017 Executado por Walter Franklim (12-01-2017 04:20:40) Executando a partir de C:\Users\Particular\Desktop\HD EXTERNO\Walter Franklim\Arquivos do PC\PROGRAMAS Microsoft Windows 7 Professional Service Pack 1 (X86) (2010-05-01 03:41:32) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= 1A899BBC6F0943F5A618 (S-1-5-21-240237904-3152138187-639416452-1005 - Limited - Enabled) 7F238C6B198B49DB99FD (S-1-5-21-240237904-3152138187-639416452-1006 - Limited - Enabled) Administrador (S-1-5-21-240237904-3152138187-639416452-500 - Administrator - Disabled) Convidado (S-1-5-21-240237904-3152138187-639416452-501 - Limited - Enabled) => C:\Users\Convidado HomeGroupUser$ (S-1-5-21-240237904-3152138187-639416452-1002 - Limited - Enabled) Particular (S-1-5-21-240237904-3152138187-639416452-1000 - Limited - Enabled) => C:\Users\Particular Walter Franklim (S-1-5-21-240237904-3152138187-639416452-1003 - Administrator - Enabled) => C:\Users\Walter Franklim ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.) Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated) Adobe Digital Editions 3.0 (HKLM\...\Adobe Digital Editions 3.0) (Version: 3.0 - Adobe Systems Incorporated) Adobe Flash Player 24 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 24.0.0.186 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.) Advanced SystemCare 10 (HKLM\...\Advanced SystemCare_is1) (Version: 10.0.3 - IObit) Antares Autotune DX v4.15 (HKLM\...\Antares Autotune DX v4.15) (Version: - ) Antares Autotune Evo VST RTAS v6.0.9 (HKLM\...\Antares Autotune Evo VST RTAS_is1) (Version: - ) Applian FLV Player (HKLM\...\Applian FLV Player2.0.25) (Version: 2.0.25 - Applian Technologies Inc.) ASIO4ALL (HKLM\...\ASIO4ALL) (Version: 2.10 - Michael Tippach) Audacity 2.0.3 (HKLM\...\Audacity_is1) (Version: 2.0.3 - Audacity Team) Avid Effects (HKLM\...\{A86F1158-A7F7-4E8C-98E3-88F4996E85EB}) (Version: 10.3 - Avid Technology, Inc.) Avid HD Driver (x86) (HKLM\...\{01C898E1-38A7-49B1-9398-49E40636E2C5}) (Version: 10.3 - Avid Technology, Inc.) Avid Pro Tools (HKLM\...\{8E60BB71-7EF3-42ED-9F10-AA041F25841A}) (Version: 10.3 - Avid Technology, Inc.) Bandicam (HKLM\...\Bandicam) (Version: 1.8.7.347 - Bandisoft.com) Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - Bandisoft.com) Biblia Eletrônica 3.4.1 (HKLM\...\Biblia Eletrônica_is1) (Version: - RkSoft Softwares Ltda) CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform) Cheat Engine 6.6 (HKLM\...\Cheat Engine 6.6_is1) (Version: - Cheat Engine) Chromium (HKLM\...\{CA7F22BF-9AFF-F33F-2B7F-83BFFBFF503F}) (Version: - ) Codec Decoder Pack (HKLM\...\Codec Decoder Pack) (Version: 1.0 - Codec Decoder) Damas Master 7.7.7 (HKLM\...\Damas Master_is1) (Version: - RkSoft Softwares) DirectVobSub 2.40.4209 (HKLM\...\vsfilter_is1) (Version: 2.40.4209 - MPC-HC Team) DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version: - DVD Shrink) Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.) ETDWare X86 11.7.13.2_WHQL (HKLM\...\Elantech) (Version: 11.7.13.2 - ELAN Microelectronic Corp.) Evplayer Installer (HKLM\...\Evplayer Installer) (Version: 1.2 - Sinapix) Extended Update (HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\Digital Sites) (Version: - Extended Update) <==== ATENÇÃO Extended Update (HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\UpdaterEX) (Version: - ) <==== ATENÇÃO Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Fast Start (HKLM\...\{77F45ECD-FAFC-45A8-8896-CFFB139DAAA3}) (Version: 2.2.0.0 - SAMSUNG) FLV Player (HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\FLV Player) (Version: 1.1 - Somoto Ltd.) <==== ATENÇÃO FormatFactory 3.9.5.0 (HKLM\...\FormatFactory) (Version: 3.9.5.0 - Free Time) Google Chrome Canary (HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\Google Chrome SxS) (Version: 57.0.2978.0 - Google Inc.) Google Earth Plug-in (HKLM\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google) Google Update Helper (Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATENÇÃO Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden Hide Folders v2.5 (HKLM\...\{FE7FDB2F-4AFC-4B11-A2BE-95318CCA20F8}_is1) (Version: 2.5 - Hide Folders) Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation) Interlok driver setup x32 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.8.13 - PACE Anti-Piracy) Java 8 Update 111 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) JUNO Series Driver (HKLM\...\RolandRDID0087) (Version: - Roland Corporation) K-Lite Mega Codec Pack 12.3.5 (HKLM\...\KLiteCodecPack_is1) (Version: 12.3.5 - KLCP) KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) Kobo (HKLM\...\Kobo) (Version: 3.10.0 - Rakuten Kobo Inc.) Lagarith Lossless Codec (1.3.27) (HKLM\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - ) LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - ) License Support (HKLM\...\InstallShield_{3165EA9B-36CC-499B-96FF-36FC30E10EF4}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) License Support (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden M-Audio Fast Track Ultra Driver 6.1.10 (x86) (HKLM\...\{197F426D-3D69-42B6-A657-07B8FEE0F4C3}) (Version: 6.1.10 - M-Audio) Max Recorder (HKLM\...\Max Recorder) (Version: 2.005.0.0 - Silver Vine, LLC) MEGAsync (HKLM\...\MEGAsync) (Version: - Mega Limited) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.7571.2075 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Movie Color Enhancer (HKLM\...\{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D}) (Version: 1.0 - Samsung Electronics Co., Ltd.) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MV RegClean 5.5 (Portugal) (HKLM\...\MV RegClean 5.5 (Portugal)_is1) (Version: - ) Native Instruments Kontakt 5 (HKLM\...\Native Instruments Kontakt 5) (Version: 5.6.1.48 - Native Instruments) Nokia Connectivity Cable Driver (HKLM\...\{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}) (Version: 7.0.2.0 - Nokia) Office 16 Click-to-Run Extensibility Component (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden One Man Band v10.0 (HKLM\...\ST5UNST #1) (Version: - ) Pacote de Driver do Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia) PC Connectivity Solution (HKLM\...\{83258E90-1F76-4E13-9F60-A0F8ED41E76F}) (Version: 8.22.7.0 - Nokia) PhotoScape (HKLM\...\PhotoScape) (Version: - ) Qualcomm Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Rapture 1.2.2 (HKLM\...\Rapture_is1) (Version: 18.0 - Cakewalk Music Software) Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.78.1218.2013 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8004 - Realtek Semiconductor Corp.) Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.) Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.) SI Service (HKLM\...\SI Service) (Version: 1.1.3.0 - SI LLC) Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation) Skype™ 7.29 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.) Smart Defrag 5 (HKLM\...\Smart Defrag_is1) (Version: 5.4.0 - IObit) Spotify (HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB) Style Works XT Universal (HKLM\...\ST6UNST #1) (Version: - ) swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: - ) Ultimate Codecs Packages (HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\Ultimate Codecs Packages) (Version: - ) <==== ATENÇÃO VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden VirtualDJ PRO Full (HKLM\...\{4769E972-2E92-49C5-B6F9-465EFD0C4D94}) (Version: 7.0.5 - Atomix Productions) Visual C++ Redistributables (HKLM\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) VLC media player 0.9.8a (HKLM\...\VLC media player) (Version: 0.9.8a - VideoLAN Team) Warsaw 1.11.1.24 32 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.11.1.24 - GAS Tecnologia) WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) Yamaha USB-MIDI Driver (HKLM\...\InstallShield_{2856740C-8F5B-47A5-9038-676C17472462}) (Version: 3.1.4.1 - Yamaha Corporation) Yamaha USB-MIDI Driver (Version: 3.1.4.1 - Yamaha Corporation) Hidden ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-240237904-3152138187-639416452-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Walter Franklim\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-240237904-3152138187-639416452-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Walter Franklim\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-240237904-3152138187-639416452-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Walter Franklim\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-240237904-3152138187-639416452-1003_Classes\CLSID\{500D5FFA-40A9-49D6-B07A-1B393727694A}\InprocServer32 -> C:\Windows\system32\digiasio.dll (Avid Technology, Inc.) CustomCLSID: HKU\S-1-5-21-240237904-3152138187-639416452-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Walter Franklim\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-240237904-3152138187-639416452-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Walter Franklim\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-240237904-3152138187-639416452-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Walter Franklim\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-240237904-3152138187-639416452-1003_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Walter Franklim\AppData\Local\Google\Update\1.3.32.7\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-240237904-3152138187-639416452-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Walter Franklim\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-240237904-3152138187-639416452-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Walter Franklim\AppData\Local\Google\Update\1.3.32.7\psuser.dll (Google Inc.) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {008A4876-88A1-4EFD-9B57-9E1AF774B329} - System32\Tasks\{120DC6E3-1196-47B9-9E2E-1B9AD8FA2862} => C:\Program Files\Native Instruments\Kontakt 5\Kontakt 5.exe [2016-10-10] (Native Instruments GmbH) Task: {05C6E1E0-1AAD-4385-9FBC-ED8381ED20EE} - \MySearchDial -> Nenhum Arquivo <==== ATENÇÃO Task: {07ED51BC-82B8-468E-9DAC-ACB092D50349} - System32\Tasks\{7285EBF5-641F-4495-AB11-51EC4136C249} => pcalua.exe -a "C:\Users\Walter Franklim\Downloads\vagalume-letras-mediaplayer-plugin-v1-3.exe" -d "C:\Users\Walter Franklim\Downloads" Task: {0BA1C69C-CD05-497E-83EA-6D07199DC1E5} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2010-11-28] (Samsung Electronics Co., Ltd.) Task: {0D578AC4-5328-45F0-8C46-25A2ADC6D8D8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd) Task: {11D77553-24CE-42F4-B298-655453317C76} - System32\Tasks\{D6DD5367-7760-4A8E-B74C-313A56C6134B} => C:\Program Files\Native Instruments\Kontakt 5\Kontakt 5.exe [2016-10-10] (Native Instruments GmbH) Task: {1318F3BD-9E40-462E-ADB9-85D401B7D8F3} - System32\Tasks\ASC10_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare\Monitor.exe [2016-10-20] (IObit) Task: {13626B8F-D944-4ABA-BD54-B971C996B11A} - System32\Tasks\{64AFF01F-AF18-4BF4-B798-1E6C12C18EF2} => pcalua.exe -a "C:\Users\Particular\Desktop\HD EXTERNO\Walter Franklim\Arquivos do PC\PROGRAMAS\driver\driver de som\SETUP.EXE" -d "C:\Users\Particular\Desktop\HD EXTERNO\Walter Franklim\Arquivos do PC\PROGRAMAS\driver\driver de som" Task: {17FD4D7C-73EF-486D-A64A-54C9AFCE79AC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-240237904-3152138187-639416452-1000UA => C:\Users\Particular\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-17] (Facebook Inc.) Task: {1E381048-0181-4871-9B94-BE5EACC17B47} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-12-04] (@ByELDI) Task: {23F0B1F3-21AA-4D84-AC71-FF3733353836} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-08-15] (Microsoft Corporation) Task: {32823942-6FFD-41FB-8D75-4AC10CD3FB55} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2016-12-23] () Task: {3526C379-3504-4EA7-AF08-799D7FAFA051} - System32\Tasks\Driver Booster SkipUAC (SISTEMA) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe Task: {3884669A-E424-4426-8B36-EEC6E5550851} - System32\Tasks\ASC10_SkipUac_Walter Franklim => C:\Program Files\IObit\Advanced SystemCare\ASC.exe [2016-10-24] (IObit) Task: {3A585E37-2C22-4BD2-8B66-A91C6009E0E9} - System32\Tasks\R@1n-KMS\Office16ProPlus => wmic [Argument = path OfficeSoftwareProtectionProduct where (ID="d450596f-894d-49e0-966a-fd39ed4c4c64") call Activate] Task: {3C15C355-711E-4B90-AD79-5CBC4F3283D6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-06-30] (Google Inc.) Task: {3C36B889-C16A-4803-BA59-FAE80F8282F5} - System32\Tasks\{7002C7D3-6E41-4419-BFD1-C94107334F24} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.0.0.120&LastError=404 Task: {3CF0BEE6-EAB5-44AE-B4BC-D9E513593429} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-240237904-3152138187-639416452-1003Core => C:\Users\Walter Franklim\AppData\Local\Google\Update\GoogleUpdate.exe [2016-12-29] (Google Inc.) Task: {404A535D-E695-4967-8D7F-E1C47995BC00} - System32\Tasks\SmartDefrag_Update => C:\Program Files\IObit\Smart Defrag\AutoUpdate.exe [2016-07-22] (IObit) Task: {4123535D-4B86-4CF4-9527-A5EA041A596F} - System32\Tasks\{F1E96D9F-C497-4050-A906-98720CFC0A01} => C:\Program Files\Native Instruments\Kontakt 5\Kontakt 5.exe [2016-10-10] (Native Instruments GmbH) Task: {418EF3E5-BD3C-4260-8BAD-5198CA6995AC} - System32\Tasks\{26DD22AC-832C-CA2B-0237-6BA87B71D30A} => C:\Users\WALTER~1\AppData\Roaming\{53866~1\HELPER~1.EXE <==== ATENÇÃO Task: {42A4E454-027C-4AA2-A9B9-B718BA32CB99} - System32\Tasks\{380C54A9-5859-4228-A80B-61B50F86F8B0} => C:\Users\Particular\Desktop\HD EXTERNO\Walter Franklim\PROGRAMAS DE GRAVAÇÃO DE ÁUDIO\Style Works XT Universal v3.09+Patch\SETUP.EXE Task: {441E21FC-99E2-426F-8982-7E27F09DD7B1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {44C2877E-D9C9-4B6C-B96E-FF8763BA7AF4} - System32\Tasks\Driver Booster SkipUAC (Walter Franklim) => C:\Program Files\IObit\Driver Booster\4.1.0\DriverBooster.exe Task: {46570E4E-2E4B-46D2-B9C5-30AB307C9589} - System32\Tasks\SmartDefrag_Startup => C:\Program Files\IObit\Smart Defrag\SmartDefrag.exe [2016-11-21] (IObit) Task: {4C934855-B8FF-4499-B9A2-2F1CC07FC9F3} - System32\Tasks\{067E4223-20E8-4BB0-8C92-759488CB5807} => C:\Program Files\Native Instruments\Kontakt 5\Kontakt 5.exe [2016-10-10] (Native Instruments GmbH) Task: {4D72DEAD-9735-4738-B9CE-458AC7EB68FD} - System32\Tasks\{09649329-C911-47EE-B6A5-DDA8B7CC5143} => pcalua.exe -a "C:\Users\Particular\Desktop\HD EXTERNO\Walter Franklim\PROGRAMAS DE GRAVAÇÃO DE ÁUDIO\Style Works XT Universal v3.09+Patch_2_2\Style Works XT Universal v3.09+Patch\SETUP.EXE" -d "C:\Users\Particular\Desktop\HD EXTERNO\Walter Franklim\PROGRAMAS DE GRAVAÇÃO DE ÁUDIO\Style Works XT Universal v3.09+ (a entrada de dados tem 47 mais caracteres). Task: {4D76F3A0-951D-4768-9B1F-07CEDA987B0A} - \{00C2CCA9-8968-49F0-88E9-BAC39BB31B03} -> Nenhum Arquivo <==== ATENÇÃO Task: {53174577-BFFE-4C5D-8205-6B8DEFB5BF1B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-240237904-3152138187-639416452-1003UA => C:\Users\Walter Franklim\AppData\Local\Google\Update\GoogleUpdate.exe [2016-12-29] (Google Inc.) Task: {5B6BDF90-B99A-4F09-B944-EC0BD9366888} - System32\Tasks\Rocket Updater => C:\Users\WALTER~1\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO Task: {5C4795E3-0CB1-4A03-AC86-7F7E895A218D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-240237904-3152138187-639416452-1000Core => C:\Users\Particular\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-10] (Google Inc.) Task: {5C70C52C-83F2-4BC7-B4D0-102484216C45} - System32\Tasks\{046DBA8C-DCC6-4BBA-BF51-0361CAF94CDA} => pcalua.exe -a C:\Users\Particular\AppData\Roaming\Easeware\DriverEasy\drivers\joakqk2c.1xz\CameraDriverSetup.exe -d C:\Users\Particular\AppData\Roaming\Easeware\DriverEasy\drivers\joakqk2c.1xz Task: {5D36A47D-E799-48FA-88BE-732F42BF50AA} - System32\Tasks\FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl => C:\Users\Walter Franklim\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl\minibarchrome.exe Task: {5F9D96E7-CBEE-40FB-B8DF-9860198E1873} - System32\Tasks\{F147DBD8-609D-410E-8D88-EC58DEBC9E23} => Chrome.exe Task: {73C7A073-F4D3-4100-8475-782D7A188905} - System32\Tasks\SmartRestarter => C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2010-08-05] (Samsung Electronics Co., Ltd.) Task: {7AF6CFE0-AE00-4BB8-9159-84F28592F446} - System32\Tasks\Uninstaller_SkipUac_Walter_Franklim => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe Task: {7AFF2AC0-CAA9-469E-8B43-9E720E2B31BF} - System32\Tasks\{1CA1731C-BD80-45E2-9165-4C1EFB4C5C24} => pcalua.exe -a "C:\Users\Walter Franklim\Documents\MEGAsync Downloads\Style Works XT Universal v3.09+Patch_2_2\Style Works XT Universal v3.09+Patch\SETUP.EXE" -d "C:\Users\Walter Franklim\Documents\MEGAsync Downloads\Style Works XT Universal v3.09+Patch_2_2\Style Works XT Universal v3.09+Patch" Task: {7B974E89-1928-4823-BB8C-EFDCBB4D093B} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-08-15] () Task: {84B56D8C-6A0A-4F78-865B-845E2655DCA9} - System32\Tasks\{A85EB315-46D3-4ABE-9289-C33EB87EBF1A} => Chrome.exe Task: {88FC1A2A-CF34-4D17-A662-5CF117020F4B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-06-30] (Google Inc.) Task: {8A4C316C-B7AF-4F17-9B6C-64A4A31ED457} - System32\Tasks\{1EB951EF-DCA8-42D1-AFDA-9C6C2EF82D70} => Chrome.exe Task: {8BF7CB89-F22D-44DC-B1AA-E385230ED588} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-12-29] (Microsoft Corporation) Task: {8C92342E-ACC7-4460-8B60-CBA9C9099181} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-240237904-3152138187-639416452-1000Core => C:\Users\Particular\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-17] (Facebook Inc.) Task: {9BB3F3AE-BFDE-4606-A568-42317750F16E} - System32\Tasks\{AC89968D-D8FF-4568-8ACF-7391E21DFF72} => pcalua.exe -a "C:\Users\Particular\Desktop\HD EXTERNO\Walter Franklim\Arquivos do PC\PROGRAMAS\vagalume-letras-mediaplayer-plugin-v1-3.exe" -d "C:\Users\Particular\Desktop\HD EXTERNO\Walter Franklim\Arquivos do PC\PROGRAMAS" Task: {9C898CFE-608F-4ABA-8ABB-E91E5FF03A9F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated) Task: {A131F69E-1F84-4FF0-B9A7-D944FBFE6F26} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit) Task: {A331B73A-A7FD-4426-8A2F-9567D98E42EC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-240237904-3152138187-639416452-1003UA1d25a48daf04ba6 => C:\Users\Walter Franklim\AppData\Local\Google\Update\GoogleUpdate.exe [2016-12-29] (Google Inc.) Task: {AC4A3860-3A9F-409C-96C1-ED13794C94BB} - System32\Tasks\{9E58E91F-0D2D-4EDA-834F-A724A1F06600} => pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller Pro" Task: {AC4DD305-F82A-434A-8193-44F50DB335C6} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe Task: {AF16B87B-80C6-4A74-9DD1-0B0538FE5CFC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-08-15] (Microsoft Corporation) Task: {B132AF14-0145-4C7D-8665-6BBA0EF391BC} - System32\Tasks\MovieColorEnhancer => C:\Program Files\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe Task: {B9D5C0EF-40CA-447B-BC5A-1B7F3BEBC37C} - System32\Tasks\{28EC6FF3-2225-4297-8465-291AEE50E61C} => pcalua.exe -a "C:\Users\Particular\Downloads\BluetoothDriverInstaller (1).exe" -d C:\Users\Particular\Downloads Task: {BA1C9FCF-3C99-4DB2-86E3-C9690D3453F5} - System32\Tasks\WifiManager => C:\Program Files\Samsung\Easy Display Manager\WifiManager.exe [2010-11-28] (Samsung Electronics Co., Ltd.) Task: {C221C6AF-51AB-4B91-B1EB-9E6CF2705464} - System32\Tasks\{B92E6448-A3DC-4552-BAEC-1F9F5F699373} => pcalua.exe -a "C:\Users\Walter Franklim\Downloads\jxpiinstall.exe" -d "C:\Users\Walter Franklim\Downloads" Task: {C3398E88-684C-4DB8-82D7-E9191830D8B7} - System32\Tasks\{394CAFDF-B4F3-4ED8-8A21-E81D8BF67C2B} => Chrome.exe Task: {C3628089-A41A-40D5-8147-A38BF59AB505} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {D0072A5D-EB7C-4A0F-BC03-4C4F637BE3A1} - System32\Tasks\{995500FB-4564-43E7-A943-2D8BD804C493} => Chrome.exe Task: {D12DDDE2-DEF3-487E-85E7-D6B6DD2F12DA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-12-29] (Microsoft Corporation) Task: {E09A302D-466D-4080-9CA6-31897D9E3A57} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-24] (Adobe Systems Incorporated) Task: {E0FC370E-C47B-419F-96A0-D604CA1B04D9} - System32\Tasks\{3EE96778-275A-7B08-C1F3-364E317EC1FF} => C:\Users\WALTER~1\AppData\Local\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO Task: {ED9BF197-600C-4B77-B845-2307CD40E92C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-240237904-3152138187-639416452-1000UA => C:\Users\Particular\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-10] (Google Inc.) Task: {F71347D6-0163-4256-B89A-26117DB2C583} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-240237904-3152138187-639416452-1003Core1d25a48da0943a4 => C:\Users\Walter Franklim\AppData\Local\Google\Update\GoogleUpdate.exe [2016-12-29] (Google Inc.) Task: {FB10AFFE-59B7-4E0A-9033-7DF60E718BEB} - System32\Tasks\UpdaterEX => C:\Users\WALTER~1\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO Task: {FB65CFE1-1CE5-48CB-BE9B-98E4A1354ABD} - System32\Tasks\{21F10FA1-B153-489A-8AEE-19B25FC00F53} => Chrome.exe (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files\DriverToolkit\DriverToolkit.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-240237904-3152138187-639416452-1000Core.job => C:\Users\Particular\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-240237904-3152138187-639416452-1000UA.job => C:\Users\Particular\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-240237904-3152138187-639416452-1000Core.job => C:\Users\Particular\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-240237904-3152138187-639416452-1000UA.job => C:\Users\Particular\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-240237904-3152138187-639416452-1003Core.job => C:\Users\Walter Franklim\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-240237904-3152138187-639416452-1003UA.job => C:\Users\Walter Franklim\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\MySearchDial.job => C:\Users\WALTER~1\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO Task: C:\Windows\Tasks\Rocket Updater.job => C:\Users\WALTER~1\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO Task: C:\Windows\Tasks\UpdaterEX.job => C:\Users\WALTER~1\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO Task: C:\Windows\Tasks\{26DD22AC-832C-CA2B-0237-6BA87B71D30A}.job => C:\Users\WALTER~1\AppData\Roaming\{53866~1\HELPER~1.EXE <==== ATENÇÃO Task: C:\Windows\Tasks\{3EE96778-275A-7B08-C1F3-364E317EC1FF}.job => C:\Users\WALTER~1\AppData\Local\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) Shortcut: C:\Users\Walter Franklim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki Shortcut: C:\Users\Walter Franklim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com ==================== Módulos Carregados (Whitelisted) ============== 2016-12-23 22:11 - 2015-08-15 23:55 - 00135232 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll 2016-06-30 07:24 - 2017-01-11 20:24 - 00564736 _____ () C:\ProgramData\MEGAsync\ShellExtX32.dll 2016-12-23 03:34 - 2016-08-18 18:43 - 00442144 _____ () C:\Program Files\IObit\Advanced SystemCare\madExcept_.bpl 2016-12-23 03:34 - 2016-08-18 18:43 - 00210720 _____ () C:\Program Files\IObit\Advanced SystemCare\madBasic_.bpl 2016-12-23 03:34 - 2016-08-18 18:43 - 00059680 _____ () C:\Program Files\IObit\Advanced SystemCare\madDisAsm_.bpl 2016-12-23 03:33 - 2016-10-19 17:52 - 00078624 _____ () C:\Program Files\IObit\Advanced SystemCare\GetProcessDLL.dll 2014-02-13 11:00 - 2006-08-12 12:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll 2016-12-23 23:01 - 2016-12-23 23:01 - 00004608 _____ () C:\Windows\KMS-R@1nHook.exe 2016-12-23 23:01 - 2016-12-23 23:01 - 00003584 _____ () C:\Windows\KMS-R@1nHook.dll 2017-01-11 11:44 - 2017-01-11 06:20 - 02162520 _____ () C:\Users\Walter Franklim\AppData\Local\Google\Chrome SxS\Application\57.0.2978.0\libglesv2.dll 2017-01-11 11:44 - 2017-01-11 06:20 - 00086360 _____ () C:\Users\Walter Franklim\AppData\Local\Google\Chrome SxS\Application\57.0.2978.0\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Program Files\GbPlugin:IncompleteStartProcessProtection.cnt [8] AlternateDataStreams: C:\Program Files\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32] AlternateDataStreams: C:\Windows\System32:DD365E10_Cef.gbp [2] AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst [420] AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1198] AlternateDataStreams: C:\ProgramData\Microsoft:eYgxAkOAcPTTYjuqMDgkoJ [2422] AlternateDataStreams: C:\ProgramData\Microsoft:Xz18nlQplDLeUCZXGWc38UWy [2288] AlternateDataStreams: C:\ProgramData\TEMP:264A9BB7 [124] AlternateDataStreams: C:\ProgramData\TEMP:862BDB1A [132] AlternateDataStreams: C:\ProgramData\TEMP:DBC416F8 [256] AlternateDataStreams: C:\Users\Particular\Cookies:nuTF6CYhXCBTcO4hqO8V9Me [2048] AlternateDataStreams: C:\Users\Particular\AppData\Local\tzJIVYXdy74w:RTPkC9YI9vCrOcJnwSDJBaeHNWE [2216] AlternateDataStreams: C:\Users\Todos os Usuários\Microsoft:eYgxAkOAcPTTYjuqMDgkoJ [2422] AlternateDataStreams: C:\Users\Todos os Usuários\Microsoft:Xz18nlQplDLeUCZXGWc38UWy [2288] AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:264A9BB7 [124] AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:862BDB1A [132] AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:DBC416F8 [256] AlternateDataStreams: C:\Users\Walter Franklim\Cookies:nuTF6CYhXCBTcO4hqO8V9Me [2102] AlternateDataStreams: C:\Users\Walter Franklim\AppData\Local\tzJIVYXdy74w:RTPkC9YI9vCrOcJnwSDJBaeHNWE [1866] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> 008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> 00hq.com IE restricted site: HKU\.DEFAULT\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\.DEFAULT\...\01i.info -> 01i.info IE restricted site: HKU\.DEFAULT\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\.DEFAULT\...\05p.com -> 05p.com IE restricted site: HKU\.DEFAULT\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\.DEFAULT\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\.DEFAULT\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\.DEFAULT\...\0calories.net -> 0calories.net IE restricted site: HKU\.DEFAULT\...\0cj.net -> 0cj.net IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0scan.com IE restricted site: HKU\.DEFAULT\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1-se.com -> 1-se.com IE restricted site: HKU\.DEFAULT\...\1001movie.com -> 1001movie.com IE restricted site: HKU\.DEFAULT\...\1001night.biz -> 1001night.biz IE restricted site: HKU\.DEFAULT\...\100gal.net -> 100gal.net IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com Existem ainda 4788 sites a mais. IE trusted site: HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\com -> hxxp://*.Wondershare.com IE restricted site: HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\100sexlinks.com -> 100sexlinks.com Existem ainda 4788 sites a mais. ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-13 22:04 - 2016-10-10 19:54 - 00000920 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-240237904-3152138187-639416452-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Walter Franklim\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 200.189.88.61 - 200.189.88.66 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == MSCONFIG\Services: ABBYY.Licensing.FineReader.Sprint.9.0 => 3 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AdvancedSystemCareService7 => 2 MSCONFIG\Services: AdvancedSystemCareService9 => 2 MSCONFIG\Services: BASSVC => 3 MSCONFIG\Services: BdSandboxSrv => 3 MSCONFIG\Services: BHipsSvc => 2 MSCONFIG\Services: c2cautoupdatesvc => 3 MSCONFIG\Services: c2cpnrsvc => 3 MSCONFIG\Services: defragsvc => 2 MSCONFIG\Services: EpsonScanSvc => 3 MSCONFIG\Services: FastTrackUltraAudioDevMon => 2 MSCONFIG\Services: gupdate => 3 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: IAStorDataMgrSvc => 2 MSCONFIG\Services: IMFservice => 2 MSCONFIG\Services: KMS-R@1n => 2 MSCONFIG\Services: LiveUpdateSvc => 2 MSCONFIG\Services: LMS => 3 MSCONFIG\Services: MaConfigAgent => 3 MSCONFIG\Services: MBAMScheduler => 2 MSCONFIG\Services: MBAMService => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: NBService => 3 MSCONFIG\Services: NMIndexingService => 3 MSCONFIG\Services: PaceLicenseDServices => 2 MSCONFIG\Services: PCAppStoreSvc_{PCAppStore_4.0.6.5038} => 3 MSCONFIG\Services: Service KMSELDI => 2 MSCONFIG\Services: ServiceLayer => 3 MSCONFIG\Services: SI Service => 2 MSCONFIG\Services: SkypeUpdate => 3 MSCONFIG\Services: SparkSvc => 3 MSCONFIG\Services: ss_conn_service => 2 MSCONFIG\Services: UNS => 3 MSCONFIG\Services: Update trolatunt => 2 MSCONFIG\Services: Util trolatunt => 2 MSCONFIG\Services: WindowsMangerProtect => 2 MSCONFIG\startupfolder: C:^Users^Walter Franklim^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup MSCONFIG\startupreg: Advanced SystemCare 7 => MSCONFIG\startupreg: Advanced SystemCare 9 => "C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe" /Auto MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe MSCONFIG\startupreg: M-Audio Taskbar Icon => MSCONFIG\startupreg: mobilegeni daemon => MSCONFIG\startupreg: MSC => MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s MSCONFIG\startupreg: Spotify => "C:\Users\Walter Franklim\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Walter Franklim\AppData\Roaming\Spotify\SpotifyWebHelper.exe" ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe FirewallRules: [{03B278A5-767A-43CC-A764-B686FDD27D49}] => C:\Users\Particular\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{4A4DE85A-E90C-42FF-8939-33507DFB0A3C}] => LPort=48113 FirewallRules: [{0A78D1C1-0548-4EB3-AB21-E062F653593F}] => LPort=48114 FirewallRules: [{10CFCD12-D99D-40D9-B589-88AD5015E29F}] => C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [{F68FB7C3-3408-4F26-AA00-060C7CC74F39}] => C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [{27ABF736-59C3-4110-8FA0-0275E5452E09}] => C:\Users\Particular\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{31E69E8D-F8ED-4E42-8C2C-801B0F2B2913}] => C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [{5A47CFF9-8359-4A28-9237-E9EABDA56EE7}] => C:\Program Files\uTorrent\uTorrent.exe FirewallRules: [{8EC4D1B2-EFFF-4936-9758-5812E6BF0368}] => C:\Program Files\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{49F3B0E2-812C-4665-BD7B-09AEAD262163}C:\users\particular\appdata\local\google\chrome sxs\application\chrome.exe] => C:\users\particular\appdata\local\google\chrome sxs\application\chrome.exe FirewallRules: [UDP Query User{2E65CF0B-34B8-49A4-9D1C-08CDA38FD60B}C:\users\particular\appdata\local\google\chrome sxs\application\chrome.exe] => C:\users\particular\appdata\local\google\chrome sxs\application\chrome.exe FirewallRules: [{8EEDC603-622C-436B-990F-4B72FAFF89AF}] => C:\Program Files\EPSON Software\Event Manager\EEventManager.exe FirewallRules: [{868C059F-358D-49E1-BCD9-48984745EDB8}] => C:\Program Files\EPSON Software\Event Manager\EEventManager.exe FirewallRules: [TCP Query User{BFAABE36-4166-4F2F-9158-BBF9DD1C0B27}C:\program files\epson software\event manager\eeventmanager.exe] => C:\program files\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{5536AD35-BB8D-4699-B7F9-64BEC9DAFF56}C:\program files\epson software\event manager\eeventmanager.exe] => C:\program files\epson software\event manager\eeventmanager.exe FirewallRules: [TCP Query User{BCF94341-725D-49C7-9D3B-A2342677D799}C:\users\particular\desktop\hd externo\walter franklim\arquivos do pc\programas\utorrent.exe] => C:\users\particular\desktop\hd externo\walter franklim\arquivos do pc\programas\utorrent.exe FirewallRules: [UDP Query User{EFCF7380-D885-496B-BD74-CD7EFEABF5A9}C:\users\particular\desktop\hd externo\walter franklim\arquivos do pc\programas\utorrent.exe] => C:\users\particular\desktop\hd externo\walter franklim\arquivos do pc\programas\utorrent.exe FirewallRules: [{00694A73-2296-4395-A310-992647CD5D1F}] => C:\Users\Particular\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7D88BF28-8A69-4A38-AA3D-A51C912AE387}] => C:\Users\Particular\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{BD09F344-8C29-48F8-ABCD-EF73DA1D5CE6}] => C:\Users\Particular\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{F64576BD-B7BC-41E2-88BB-6C392BFB41D6}] => C:\Users\Particular\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0A3D4FBE-3858-440B-A4BF-E73E86FD59A1}] => C:\Users\Particular\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2125F48B-1260-4B0F-A982-790B03C51416}] => C:\Users\Particular\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{62E9A500-143A-47AA-B0BB-FFFAB4F2E2B8}C:\program files\rksoft\damas master\damas.exe] => C:\program files\rksoft\damas master\damas.exe FirewallRules: [UDP Query User{2CE7281B-223E-4FED-B47E-72C760FFF95D}C:\program files\rksoft\damas master\damas.exe] => C:\program files\rksoft\damas master\damas.exe FirewallRules: [{06209128-9DD3-4D6A-87AE-0C834A69FFDA}] => C:\Program Files\Diebold\Warsaw\core.exe FirewallRules: [{AF16370A-CAD9-41E5-9049-60EAC1ECA2F9}] => C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [TCP Query User{F6529EC4-B85D-40DB-B293-8E794D3CFBC5}C:\program files\freetime\formatfactory\formatfactory.exe] => C:\program files\freetime\formatfactory\formatfactory.exe FirewallRules: [UDP Query User{3B3419DA-E442-4922-8649-A3D2A974EE05}C:\program files\freetime\formatfactory\formatfactory.exe] => C:\program files\freetime\formatfactory\formatfactory.exe FirewallRules: [{B9504C90-4EEF-4483-BBEC-889279AD00D3}] => C:\Program Files\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{BDB59CA0-D9BF-40B2-A1D8-D21F6AD8C8B4}] => C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe FirewallRules: [{E710E4C2-48F1-40FC-8B8B-E402AC905A40}] => C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe FirewallRules: [{835BB5D2-2A06-4B77-B955-90321C35C88C}] => C:\Program Files\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [TCP Query User{69855279-F6F6-4E43-8144-D0CFD067C43A}C:\program files\freetime\formatfactory\ffmodules\package\ptinstonline.exe] => C:\program files\freetime\formatfactory\ffmodules\package\ptinstonline.exe FirewallRules: [UDP Query User{0580D539-4AED-43EC-8912-57F948B8ACD5}C:\program files\freetime\formatfactory\ffmodules\package\ptinstonline.exe] => C:\program files\freetime\formatfactory\ffmodules\package\ptinstonline.exe FirewallRules: [{1B52A5A3-0F99-4D11-B850-292D0617E74B}] => C:\Program Files\FreeTime\FormatFactory\FFModules\Package\PTInstOnline.exe FirewallRules: [TCP Query User{48022196-C2CC-4DDB-89FF-33BBB0D61B01}C:\users\particular\appdata\local\google\chrome sxs\application\chrome.exe] => C:\users\particular\appdata\local\google\chrome sxs\application\chrome.exe FirewallRules: [UDP Query User{DB18E87C-2EB1-44A1-BF76-7025CE0FE116}C:\users\particular\appdata\local\google\chrome sxs\application\chrome.exe] => C:\users\particular\appdata\local\google\chrome sxs\application\chrome.exe FirewallRules: [TCP Query User{23405D35-5D96-46EF-A9AD-D063A0FC134A}C:\users\particular\desktop\hd externo\walter franklim\arquivos do pc\programas\utorrent.exe] => C:\users\particular\desktop\hd externo\walter franklim\arquivos do pc\programas\utorrent.exe FirewallRules: [UDP Query User{08BDCA9B-A69C-43AD-8406-EF06667ACBC0}C:\users\particular\desktop\hd externo\walter franklim\arquivos do pc\programas\utorrent.exe] => C:\users\particular\desktop\hd externo\walter franklim\arquivos do pc\programas\utorrent.exe FirewallRules: [{F61B956E-FF5B-476C-9196-05BAD6A4FEDA}] => C:\Users\Walter Franklim\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6425F230-7F32-4C23-B755-EFB6EDDFD400}] => C:\Users\Walter Franklim\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C442471D-5F5A-4313-BE41-A80C87D15C71}] => C:\Users\Walter Franklim\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{087492D6-21DE-47CB-A8AC-65D1A2CB6BE3}] => C:\Users\Walter Franklim\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{FBB66FDC-FAA4-4551-A0C2-1EA91941CC43}] => C:\Users\Walter Franklim\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{9E0E3BC8-5305-4AAC-A823-D547D4B7953E}] => C:\Users\Walter Franklim\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{18E835F2-C4BC-45A4-822B-0FAF91938ED0}] => C:\Program Files\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe FirewallRules: [{3096C2C3-7AE2-4A60-9AF7-F168BEE52751}] => C:\Program Files\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe FirewallRules: [TCP Query User{5128E49F-4987-4423-A8C1-545B2F3562F3}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [UDP Query User{533B7789-5A48-40B3-BE24-BE4992682934}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [TCP Query User{A1202E36-4328-4475-8DF8-AEC4676177DB}C:\users\particular\desktop\hd externo\walter franklim\arquivos do pc\programas\office 2016\office 2016\pacote\utorrent\app\utorrent\utorrent.exe] => C:\users\particular\desktop\hd externo\walter franklim\arquivos do pc\programas\office 2016\office 2016\pacote\utorrent\app\utorrent\utorrent.exe FirewallRules: [UDP Query User{6F1016A6-D33A-4935-B9BB-C5C4FD6824E5}C:\users\particular\desktop\hd externo\walter franklim\arquivos do pc\programas\office 2016\office 2016\pacote\utorrent\app\utorrent\utorrent.exe] => C:\users\particular\desktop\hd externo\walter franklim\arquivos do pc\programas\office 2016\office 2016\pacote\utorrent\app\utorrent\utorrent.exe FirewallRules: [{1FF5B0BA-9BF3-4DB7-99A4-86F9FB89CCE0}] => C:\Program Files\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{EB9B662F-BD1B-42B1-9884-84C28AE9449E}] => C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{EE75B613-1534-4497-88E7-1DCFDF2AB842}] => C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{FCDB9780-D30F-4C7C-B0AE-73AF3E79491F}] => C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{BFCD56EA-A8DC-42F8-93D3-C4E175902A75}] => C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{CA90D264-35F1-45B1-A842-14E7586E9267}] => C:\Users\Walter Franklim\AppData\Local\Microsoft\OneDrive\OneDrive.exe FirewallRules: [{8BE8AA12-7F47-4057-873D-40E5663791D5}] => C:\Windows\KMS-R@1n.exe FirewallRules: [{4CD63433-97EF-44F1-A910-1EFD744C214E}] => C:\Windows\KMS-R@1n.exe FirewallRules: [{54A1F801-F58D-4748-86D7-C55BBDDF4F91}] => C:\Users\Walter Franklim\AppData\Local\Google\Chrome SxS\Application\chrome.exe ==================== Pontos de Restauração ========================= 06-01-2017 03:58:05 novo 06-01-2017 11:06:51 Instalação de Pacote de Driver de Dispositivo: M-Audio Controladores de som, vídeo e jogos 06-01-2017 11:07:52 Instalação de Pacote de Driver de Dispositivo: M-Audio Controladores USB (barramento serial universal) 10-01-2017 00:30:41 Operação de restauração 10-01-2017 02:41:08 Instalação de Pacote de Driver de Dispositivo: M-Audio Controladores de som, vídeo e jogos 10-01-2017 02:42:15 Instalação de Pacote de Driver de Dispositivo: M-Audio Controladores USB (barramento serial universal) 10-01-2017 17:19:21 Operação de restauração 10-01-2017 17:36:50 Instalação de Pacote de Driver de Dispositivo: M-Audio Controladores de som, vídeo e jogos 10-01-2017 17:38:24 Instalação de Pacote de Driver de Dispositivo: M-Audio Controladores USB (barramento serial universal) 11-01-2017 21:33:17 Installed Native Instruments Kontakt 5 11-01-2017 21:45:43 Installed Native Instruments Kontakt 5 11-01-2017 22:40:41 Installed Native Instruments Kontakt 5 11-01-2017 23:38:54 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 12-01-2017 00:15:34 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 12-01-2017 00:20:48 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 12-01-2017 00:54:14 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 12-01-2017 01:03:40 Revo Uninstaller Pro's restore point - Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 12-01-2017 01:04:25 Removed Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 12-01-2017 01:06:13 Revo Uninstaller Pro's restore point - Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 12-01-2017 01:08:05 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 12-01-2017 01:18:15 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 12-01-2017 01:29:43 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 12-01-2017 01:33:50 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 12-01-2017 01:34:20 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 12-01-2017 01:37:00 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 12-01-2017 01:42:54 desesperado 12-01-2017 01:52:35 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 12-01-2017 01:57:07 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 12-01-2017 02:40:25 Revo Uninstaller Pro's restore point - Native Instruments Kontakt 5 12-01-2017 02:45:43 Revo Uninstaller Pro's restore point - Native Instruments Kontakt 5 12-01-2017 02:47:52 Revo Uninstaller Pro's restore point - Native Instruments Kontakt 5 12-01-2017 02:50:23 Revo Uninstaller Pro's restore point - Native Instruments Kontakt 5 12-01-2017 03:06:10 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 12-01-2017 03:20:12 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 12-01-2017 03:34:04 asdfasdfçasfjlk 12-01-2017 03:51:39 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: Teredo Tunneling Pseudo-Interface Description: Adaptador de Túnel Teredo da Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: aswStm Description: aswStm Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: aswStm Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Warsaw - Driver (PP) Description: Warsaw - Driver (PP) Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: wsddpp Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (01/12/2017 02:40:23 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado. . Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante. Operação: Obtendo Dados do Gravador Contexto: Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220} Nome do Gravador: System Writer ID de Instância de Gravador: {2e09c471-42e3-43a0-bae6-358c6eabf3c4} Error: (01/12/2017 02:20:00 AM) (Source: Microsoft-Windows-CertificateServicesClient) (EventID: 1003) (User: AUTORIDADE NT) Description: Falha do Cliente de Serviços de Certificados ao invocar os Provedores em resposta ao evento 256. Código de erro 2147942487. Error: (01/12/2017 02:20:00 AM) (Source: Microsoft-Windows-CertificateServicesClient) (EventID: 1001) (User: AUTORIDADE NT) Description: Falha do Cliente de Serviços de Certificados ao carregar o Provedor pautoenr.dll. Código de erro 87. Error: (01/12/2017 02:08:40 AM) (Source: Microsoft-Windows-CertificateServicesClient) (EventID: 1003) (User: AUTORIDADE NT) Description: Falha do Cliente de Serviços de Certificados ao invocar os Provedores em resposta ao evento 256. Código de erro 2147942487. Error: (01/12/2017 02:08:40 AM) (Source: Microsoft-Windows-CertificateServicesClient) (EventID: 1001) (User: AUTORIDADE NT) Description: Falha do Cliente de Serviços de Certificados ao carregar o Provedor pautoenr.dll. Código de erro 87. Error: (01/12/2017 02:01:25 AM) (Source: Microsoft-Windows-CertificateServicesClient) (EventID: 1003) (User: AUTORIDADE NT) Description: Falha do Cliente de Serviços de Certificados ao invocar os Provedores em resposta ao evento 256. Código de erro 2147942487. Error: (01/12/2017 02:01:25 AM) (Source: Microsoft-Windows-CertificateServicesClient) (EventID: 1001) (User: AUTORIDADE NT) Description: Falha do Cliente de Serviços de Certificados ao carregar o Provedor pautoenr.dll. Código de erro 87. Error: (01/10/2017 05:36:09 PM) (Source: LegacyUninstaller) (EventID: 0) (User: ) Description: Event-ID 0 Error: (01/10/2017 05:35:52 PM) (Source: MsiInstaller) (EventID: 11704) (User: DEMOLAY) Description: Produto: Microsoft Visual C++ 2005 Redistributable -- Error 1704.Uma instalação do M-Audio Fast Track Ultra Driver 6.1.10 (x86) está suspensa no momento. Você deve desfazer as alterações feitas por essa instalação para continuar. Deseja desfazer essas alterações? Error: (01/10/2017 02:40:53 AM) (Source: LegacyUninstaller) (EventID: 0) (User: ) Description: Event-ID 0 Erros de Sistema: ============= Error: (01/12/2017 04:17:48 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: As configurações de permissão Específico do aplicativo não concedem permissãoLocal Iniciar para o aplicativo de Servidor COM com CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} e APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} ao usuárioAUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (01/12/2017 04:07:48 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: As configurações de permissão Específico do aplicativo não concedem permissãoLocal Iniciar para o aplicativo de Servidor COM com CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} e APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} ao usuárioAUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (01/12/2017 03:57:48 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: As configurações de permissão Específico do aplicativo não concedem permissãoLocal Iniciar para o aplicativo de Servidor COM com CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} e APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} ao usuárioAUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (01/12/2017 03:48:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (01/12/2017 03:48:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (01/12/2017 03:47:48 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: As configurações de permissão Específico do aplicativo não concedem permissãoLocal Iniciar para o aplicativo de Servidor COM com CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} e APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} ao usuárioAUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (01/12/2017 03:47:13 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: aswSnx aswSP aswVmm gbpddreg ngvss wsddfac Error: (01/12/2017 03:47:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Warsaw Technology devido ao seguinte erro: O serviço não respondeu à requisição de início ou controle em tempo hábil. Error: (01/12/2017 03:47:09 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (60000 milissegundos) ao aguardar a conexão do serviço Warsaw Technology. Error: (01/12/2017 03:46:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço aswStm devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. CodeIntegrity: =================================== Date: 2017-01-11 12:58:27.233 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2017-01-11 12:58:24.381 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2017-01-11 12:56:20.909 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2017-01-11 12:56:20.812 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2017-01-11 12:56:20.778 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2016-12-18 01:31:30.072 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2016-12-18 01:29:22.451 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2016-12-18 01:28:43.416 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2016-12-18 01:10:13.113 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2016-12-18 01:03:22.199 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: Intel(R) Pentium(R) CPU P6200 @ 2.13GHz Percentagem de memória em uso: 39% RAM física total: 3508.56 MB RAM física disponível: 2107.16 MB Virtual Total: 7015.45 MB Virtual disponível: 5223.92 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.66 GB) (Free:74.54 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: AE8C4D28) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================