Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão: 27-04-2017
Executado por Lais (30-04-2017 01:41:40)
Executando a partir de C:\Users\Lais\Desktop
Microsoft Windows 10 Pro Versão 1607 (X86) (2016-10-23 06:56:05)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-1181893854-1913967473-772395488-500 - Administrator - Disabled)
Convidado (S-1-5-21-1181893854-1913967473-772395488-501 - Limited - Enabled) => C:\Users\Convidado.Lais-PC
DefaultAccount (S-1-5-21-1181893854-1913967473-772395488-503 - Limited - Disabled)
Lais (S-1-5-21-1181893854-1913967473-772395488-1000 - Administrator - Enabled) => C:\Users\Lais

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

7-Data Recovery Suite version 3.2.0 (HKLM\...\{02386A56-080B-485c-941D-AF96B29140DD}_is1) (Version: 3.2.0 - SharpNight Co,Ltd)
7-Zip 15.14 (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
8GadgetPack (HKLM\...\{35C86AEB-A4C6-49E3-90B7-245F2C7FDEC7}) (Version: 21.0.0 - 8GadgetPack.net)
Adblock Plus para o IE (32 bits) (HKLM\...\{75390168-01B8-49DC-8AED-84E6BD018C68}) (Version: 1.5 - Eyeo GmbH)
AdiIRC (HKLM\...\AdiIRC) (Version: 1.9.1 - Per Amundsen)
Adobe Acrobat 4.0 (HKLM\...\Adobe Acrobat 4.0) (Version:  - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 25 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
Adobe® Content Viewer (HKLM\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
AIDA64 Extreme v5.20 (HKLM\...\AIDA64 Extreme_is1) (Version: 5.20 - FinalWire Ltd.)
Alcor Micro USB Card Reader (HKLM\...\AmUStor) (Version: 4.7.1245.73473 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (Version: 4.7.1245.73473 - Alcor Micro Corp.) Hidden
Ant.com YouTube Downloader (HKLM\...\{5488E860-9734-4929-B6DF-7466E5401E94}) (Version: 0.1.6.66 - Ant.com)
Aria Maestosa 1.4.10 (HKLM\...\Aria Maestosa_is1) (Version:  - )
Asoftech Data Recovery (HKLM\...\{1AED6EB7-8FEA-4021-B8FD-EBAA6B21679F}) (Version: 1.00 - )
Assistente de Atualização do Windows 10 (HKLM\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17384 - Microsoft Corporation)
aTube Catcher versão 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.1.2 (HKLM\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Autodesk Inventor Fusion 2012 (HKLM\...\Autodesk Inventor Fusion 2012) (Version: 1.0.0.79 - Autodesk, Inc.)
AVG (Version: 1.181.1 - AVG Technologies) Hidden
Avidemux 2.6 - 32 bits (32-bit) (HKLM\...\Avidemux 2.6 - 32 bits) (Version: 2.6.19.170329 - )
AviSynth 2.5 (HKLM\...\AviSynth) (Version: 2.6.0.6 - GPL Public release.)
Bandicam (HKLM\...\Bandicam) (Version: 2.1.1.731 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version:  - Bandisoft.com)
BitMeter (HKLM\...\BitMeter) (Version:  - )
Boring Man - Online Tactical Stickman Combat (HKLM\...\Steam App 346120) (Version:  - Spasman Games)
calibre (HKLM\...\{730F17AA-6E66-4BD1-B7C5-8F1DA33D2D66}) (Version: 2.41.0 - Kovid Goyal)
CBR Reader (HKLM\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version:  - cbrreader.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.26 - Piriform)
Cheat Engine 6.5 (HKLM\...\Cheat Engine 6.5_is1) (Version:  - Cheat Engine)
ConvertXtoDVD 4.2.0.0 (HKLM\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.2.0.0 - )
CoolSoft VirtualMIDISynth 2.0.0-rc2 (HKLM\...\CoolSoft VirtualMIDISynth) (Version: 1.999.999.202 - CoolSoft)
CorelDRAW Graphics Suite X5 - FontNav (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Photozoom Plugin (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Setup Files (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VBA (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VideoBrowser (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VSTA (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (Version: 16.0 - Corel Corporation) Hidden
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CrystalDiskInfo 7.0.5 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.0.5 - Crystal Dew World)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0154 - Disc Soft Ltd)
dBpoweramp Windows Media Audio 10 Codec (HKLM\...\dBpoweramp Windows Media Audio 10 Codec) (Version: Release 9 - Illustrate)
Desinstalar impressora EPSON TX133 TX135 Series (HKLM\...\EPSON TX133 TX135 Series) (Version:  - SEIKO EPSON Corporation)
Discord (HKU\S-1-5-21-1181893854-1913967473-772395488-1000\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Driver Magician 4.7 (HKLM\...\Driver Magician_is1) (Version:  - GoldSolution Software, Inc.)
DVD Decrypter (Remove Only) (HKLM\...\DVD Decrypter) (Version:  - )
DVD Identifier (HKLM\...\DVD Identifier_is1) (Version: 5.2.0 - Kris Schoofs)
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version:  - DVD Shrink)
DVDStyler v3.0.3 (HKLM\...\DVDStyler_is1) (Version:  - Thüring IT-Consulting)
Electronic Arts Game Updater (HKLM\...\Electronic Arts Game Updater) (Version:  - )
Emergency Download Driver (HKLM\...\{3F0F5AB4-C9CE-4226-8393-E9CFF8369D9D}) (Version: 1.1.16.1526 - Microsoft)
Epson Easy Photo Print 2 (HKLM\...\{E65AE514-9C14-48DE-BAE5-64A4F9CB6FE5}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery (HKLM\...\EEPPPlugIn) (Version:  - SEIKO EPSON Corporation)
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery Setup (Version: 1.00.0000 - SEIKO EPSON Corporation) Hidden
Epson Event Manager (HKLM\...\{8A17C27D-0325-400C-8AA9-DAA6B16CBD74}) (Version: 2.40.0009 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON TX130 Series Printer Uninstall (HKLM\...\EPSON TX130 Series) (Version:  - SEIKO EPSON Corporation)
Faces 1.03.8 (HKLM\...\{A828537C-87AF-4E9D-9C54-11D34B8E2FBA}_is1) (Version:  - Positivo Informática S.A.)
FastImageResizer (remove only) (HKLM\...\FastImageResizer) (Version:  - )
FFmpeg (Windows) for Audacity versão 2.2.2 (HKLM\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FL Studio ASIO (HKLM\...\FL Studio ASIO) (Version:  - Image-Line)
FlacSquisher 1.3.7 (HKLM\...\FlacSquisher) (Version: 1.3.7 - FlacSquisher)
Flash Drive Tester v1.14 (HKLM\...\{272C8DEE-F54F-406C-9AA6-B4DE2985A47C}) (Version: 1.14 - Virtual Console)
FMW 1 (Version: 1.182.1 - AVG Technologies) Hidden
Free M4a to MP3 Converter 9.3 (HKLM\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Gadwin PrintScreen (32-Bit) (HKLM\...\{40475700-0CC9-4B2C-A365-293E82D784BC}) (Version: 5.4.2.0 - Gadwin Systems)
Galeria de Fotos (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Gerenciador de Inicialização Positivo (HKLM\...\{E365D4D7-BD51-4A7F-8ECA-0B6C0C42D3CF}_is1) (Version: 1.0.16.0 - Positivo Informática S.A.)
GoldWave v5.67 (HKLM\...\GoldWave v5.67) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Earth (HKLM\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (Version: 1.3.33.5 - Google Inc.) Hidden
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version:  - EFD Software)
HD Tune Pro 5.60 (HKLM\...\HD Tune Pro_is1) (Version:  - EFD Software)
hide.me VPN 1.2.12 (HKLM\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 1.2.12 - eVenture Limited)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 5.10.0000.0 - IDT)
IL Shared Libraries (HKLM\...\IL Shared Libraries) (Version:  - Image-Line)
Image Resizer for Windows (HKLM\...\{9dfff2f7-5cd7-4fd4-9b75-7d53b042d94b}) (Version: 3.0.4442.6002 - Brice Lambson)
Image Resizer for Windows (Version: 3.0.4442.6002 - Brice Lambson) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Instalação do DivX (HKLM\...\DivX Setup) (Version: 3.0.0.224 - DivX, LLC)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2119 - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
IsoBuster 3.9 (HKLM\...\IsoBuster_is1) (Version: 3.9 - Smart Projects)
Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Java SE Development Kit 8 Update 91 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0180910}) (Version: 8.0.910.15 - Oracle Corporation)
KEmulator 0.9.8 (HKLM\...\KEmulator 0.9.8) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
Lightshot-5.4.0.1 (HKLM\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
Lumia UEFI Blue Driver (HKLM\...\{9D2A75FE-8CE1-4297-AEC1-A097D47BACE9}) (Version: 1.1.10.1526 - Microsoft)
Magic ISO Maker v5.5 (build 0281) (HKLM\...\Magic ISO Maker v5.5 (build 0281)) (Version:  - )
Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Feature Pack for Windows 10 N and KN (Version: 1.0.0 - Microsoft) Hidden
Meltdown (HKLM\...\{673B2230-6035-11DE-6784-5813CA2118BE}) (Version: 3 - Poda)
Microsoft Games for Windows - LIVE  (HKLM\...\{4D243BA7-9AC4-46D1-90E5-EEB88974F501}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edição 2003 (HKLM\...\{90110416-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1181893854-1913967473-772395488-1000\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 (HKLM\...\{35b83883-40fa-423c-ae73-2aff7e1ea820}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Monkey's Audio (HKLM\...\Monkey's Audio_is1) (Version:  - )
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 10.0 (x86 pt-BR) (HKLM\...\Mozilla Firefox 10.0 (x86 pt-BR)) (Version: 10.0 - Mozilla)
Mozilla Firefox 53.0 (x86 pt-BR) (HKLM\...\Mozilla Firefox 53.0 (x86 pt-BR)) (Version: 53.0 - Mozilla)
Mp3tag v2.70 (HKLM\...\Mp3tag) (Version: v2.70 - Florian Heidenreich)
MPC-HC 1.7.10 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.10 - MPC-HC Team)
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
msxml4 (HKLM\...\{5AE3D9F1-9E9E-4015-8787-E22705AA32C5}) (Version: 1.0.0 - Default Company Name)
Mural dos Amigos (HKLM\...\{B4B5A5D4-B793-425C-BBF1-0D3D46BAA73F}_is1) (Version: 1.0.2.1 - Positivo Informática S.A.)
NirSoft ShellExView (HKLM\...\NirSoft ShellExView) (Version:  - )
Nokia Connectivity Cable Driver (HKLM\...\{D4BF151C-70A8-4CE2-906F-4173A575BAD9}) (Version: 7.1.182.0 - Nokia)
OpenAL (HKLM\...\OpenAL) (Version:  - )
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Pale Moon 27.0.3 (x86 en-US) (HKLM\...\Pale Moon 27.0.3 (x86 en-US)) (Version: 27.0.3 - Moonchild Productions)
PCSX2 - Playstation 2 Emulator (HKLM\...\pcsx2-r5875) (Version:  - )
PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden
Positivo Conecta (HKLM\...\{4F23361B-2B38-46E2-BA1A-D920F270D5FB}_is1) (Version: 1.3.18.0 - Positivo Informática S.A.)
Positivo Conversor 3D (HKLM\...\{D0582368-2DFF-48EA-AC8D-1FA8E31CA38C}_is1) (Version: 1.0.0.7 - Positivo Informática S.A.)
Positivo Experience (HKLM\...\{AAB13E97-449B-4D5B-BDE2-AB47B938B722}_is1) (Version: 1.2.1.2 - Positivo Informática S.A.)
Positivo NIS 2012 License Activator (HKLM\...\{5400FA29-4A55-4EB9-AD27-AF20DBD334E1}_is1) (Version: 1.2.0.0 - Positivo Informática S.A.)
Positivo Sincronize (HKLM\...\{6DA3261A-DCEB-401A-ABE0-A367C252B86C}_is1) (Version: 1.4.1.8 - Positivo Informática S.A.)
qBittorrent 3.3.12 (HKLM\...\qBittorrent) (Version: 3.3.12 - The qBittorrent project)
RAR Password Cracker (HKLM\...\RAR Password Cracker) (Version: 4.20 - dnSoft Research Group)
Revo Uninstaller Pro 3.1.7 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.7 - VS Revo Group, Ltd.)
RMJPEG (HKLM\...\{36CACD65-0E22-4EB7-A52C-DC08DFC9014F}) (Version: 1.01.0000 - RSUPPORT)
RSCC (HKLM\...\{562CBD30-CA59-4640-862C-99C0ECED4B4C}) (Version: 2.02.0000 - RSUPPORT)
Safer Update Helper (Version: 1.3.193.9 - Safer Technologies LLC) Hidden
SDFormatter (HKLM\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Secure Browser (HKLM\...\Secure Browser) (Version: 56.0.416.73 - Safer Technologies LLC)
Shadow Warrior Classic (1997) (HKLM\...\Steam App 238070) (Version:  - 3D Realms)
Simple Port Forwarding (HKLM\...\Simple Port Forwarding) (Version: 3.8.5 - PcWinTech.com)
SLADE version 3.1.1.5 (HKLM\...\{3EFD0AA9-5156-40DB-9646-360180FF5DFA}_is1) (Version: 3.1.1.5 - )
SlimDX Runtime .NET 2.0 (January 2012) (HKLM\...\{014A2868-BE56-4888-A16C-693989B8F153}) (Version: 2.0.13.43 - SlimDX Group)
SmoothDraw version 4.0.2 (HKLM\...\SmoothDraw_is1) (Version: 4.0.2 - )
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 - Sophos Limited)
Sp5TTIntXP (HKLM\...\{2FF8E323-B653-11D7-8D62-444553540000}) (Version: 1.0.0.0 - ShuSongSong)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
StarFilter Pro 2 (HKLM\...\{716B4F7C-6173-42D1-B1AF-CA9F3297130A}) (Version: 2.0.4.0 - ProDigital Software)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Subtitle Edit 3.5.2 (HKLM\...\SubtitleEdit_is1) (Version: 3.5.2.0 - Nikse)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tunatic (HKLM\...\Tunatic) (Version:  - )
Tutorial 1.0 (HKLM\...\{1C86726E-4A85-4322-8A1C-56EDE170FAB5}_is1) (Version: 1.0.0.0 - Positivo Informática)
Twin USB Vibration Gamepad (HKLM\...\{1BBDD6C0-ED6F-43C3-8A9C-84E3249A5615}) (Version: 2007.01.01 - )
UltraISO Premium V9.36 (HKLM\...\UltraISO_is1) (Version:  - )
Unity Web Player (HKU\S-1-5-21-1181893854-1913967473-772395488-1000\...\UnityWebPlayer) (Version: 5.3.1f1 - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
USB Serial Port Driver (HKLM\...\{FE11883D-EA67-473C-BDD1-8D6B6DFCBEAC}) (Version: 1.1.8.1526 - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VSO ConvertXtoVideo Ultimate 2 (HKLM\...\{{3852A371-F5ED-491A-86C3-998CD0688D4A}_is1) (Version: 2.0.0.58 - VSO Software)
WinDirStat 1.1.2 (HKU\S-1-5-21-1181893854-1913967473-772395488-1000\...\WinDirStat) (Version:  - )
Windows Desktop Gadgets (HKLM\...\Windows Desktop Gadgets_is1) (Version: 2.0 - hxxp://gadgetsrevived.com)
Windows Driver Package - Alcor Micro, Corp. (AmUStor) USB  (04/11/2016 1.0.145.40103) (HKLM\...\DD1B16179457F1B4857F8E4482733F3CE4AA6F11) (Version: 04/11/2016 1.0.145.40103 - Alcor Micro, Corp.)
Windows Driver Package - AMD (amdkmpfd) System  (08/29/2016 16.40.0.0000) (HKLM\...\9F4E6C18B4D5FF20EB62BD3A643B93D96257C008) (Version: 08/29/2016 16.40.0.0000 - AMD)
Windows Driver Package - IDT (STHDA) MEDIA  (03/14/2013 6.10.6467.0) (HKLM\...\73F603A83405CCB173ED63101005DE397C1169AA) (Version: 03/14/2013 6.10.6467.0 - IDT)
Windows Driver Package - Intel Corporation (igfx) Display  (06/03/2011 8.15.10.2413) (HKLM\...\0AA351310E953DF9E6B6A05CF4816D1DBDA40C00) (Version: 06/03/2011 8.15.10.2413 - Intel Corporation)
Windows Driver Package - Intel System  (07/25/2013 9.1.9.1005) (HKLM\...\168A519C3E7721ED8CB11C23826D1F5686653733) (Version: 07/25/2013 9.1.9.1005 - Intel)
Windows Driver Package - Intel, Corp. (int0800) System  (03/06/2009 6.4.0.0) (HKLM\...\17D6B759AF10637384272033910F5F2F1559D713) (Version: 03/06/2009 6.4.0.0 - Intel, Corp.)
Windows Driver Package - Microsoft (zumbus) System  (06/29/2011 4.8.2148.0) (HKLM\...\816984872991109665DF1620E496C3B313A3E048) (Version: 06/29/2011 4.8.2148.0 - Microsoft)
Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows IP Over USB (HKLM\...\{FF0EA481-42DB-A8AE-8356-48C09F7D953D}) (Version: 10.1.10586.15 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinHTTrack Website Copier 3.48-22 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.22 - HTTrack)
WinRAR 5.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WinUsb CoInstallers (HKLM\...\{9755918A-CDF8-4F1E-8453-6359CF1A330A}) (Version: 1.1.12.1526 - Microsoft)
WinUSB Compatible ID Drivers (HKLM\...\{A4A0B236-6046-4CAB-8177-1EAF61112C75}) (Version: 1.1.11.1526 - Microsoft)
WinUSB Drivers ext (HKLM\...\{29BAAF65-09E5-4F52-8D15-2FAF2E23A8DC}) (Version: 1.1.24.1544 - Microsoft)
WinX HD Video Converter Deluxe 5.9.4 (HKLM\...\WinX HD Video Converter Deluxe_is1) (Version:  - Digiarty Software, Inc.)
Wondershare Filmora(Build 7.0.0) (HKLM\...\Wondershare Filmora_is1) (Version:  - Wondershare Software)
Zaero (HKLM\...\Zaero) (Version:  - )
Zandronum (HKLM\...\Zandronum) (Version: 2.1.2 - Zandronum)
ZDaemon (remove only) (HKLM\...\ZDaemon) (Version:  - )

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{026371C0-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\WINDOWS\system32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Lais\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder32.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{0BBFE402-CCA1-4f64-9322-13B66D841049}\InprocServer32 -> C:\Users\Lais\AppData\Local\TechSmith\SnagIt\Accessories\{23102CBF-AC8D-4424-9364-A79738894850}\MSWord.dll (TechSmith Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Lais\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.32.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{1E216240-1B7D-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\WINDOWS\system32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\WINDOWS\system32\mscomctl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{25D005BF-FE63-4cce-AA25-CE952B1D9381}\InprocServer32 -> C:\Users\Lais\AppData\Local\TechSmith\SnagIt\Accessories\{638B203F-8FB6-49ec-A139-AB8C530F0CAB}\MSPowerPoint.dll (TechSmith Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{2A235D7E-0358-40E2-B51A-DE22F8F5C50D}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{2B11E9B0-9F09-11D0-9484-00A0C91110ED}\InprocServer32 -> C:\WINDOWS\system32\msstdfmt.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\WINDOWS\system32\mscomctl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\WINDOWS\system32\mscomctl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{38911D8E-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\WINDOWS\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{38911D90-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\WINDOWS\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{38911D92-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\WINDOWS\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Lais\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{54050FBB-F2AE-404b-8BFD-7EE3EC784A52}\InprocServer32 -> C:\Users\Lais\AppData\Local\TechSmith\SnagIt\Accessories\{18AA4E21-D540-4a3a-9F9F-E6DE33D6F253}\MSExcel.dll (TechSmith Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\WINDOWS\system32\mscomctl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{672CDBDB-0270-4EB9-83EC-216377522D21}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{699DDBCC-DC7E-11D0-BCF7-00C04FC2FB86}\InprocServer32 -> C:\WINDOWS\system32\msstdfmt.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{6B1948B3-9547-42F8-9B37-7AA9768134C4}\InprocServer32 -> C:\Users\Lais\AppData\Local\TechSmith\SnagIt\Accessories\{23102CBF-AC8D-4424-9364-A79738894850}\MSWord.dll (TechSmith Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{6D835690-900B-11D0-9484-00A0C91110ED}\InprocServer32 -> C:\WINDOWS\system32\msstdfmt.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{89BB4535-5AE9-43a0-89C5-19B4697E5C5E}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\WINDOWS\system32\mscomctl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{99FF4677-FFC3-11D0-BD02-00C04FC2FB86}\InprocServer32 -> C:\WINDOWS\system32\msstdfmt.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\WINDOWS\system32\mscomctl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\WINDOWS\system32\mscomctl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{cb4c77f0-ab2a-407c-93ac-963769824b18}\localserver32 -> C:\Users\Lais\AppData\Local\Temp\{b3ede298-ae75-4a1c-ab7e-1b9229b77bbe}\IDriver.NonElevated.exe => N (a entrada de dados tem 13 mais caracteres).
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\WINDOWS\system32\mscomctl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1181893854-1913967473-772395488-1000_Classes\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\WINDOWS\system32\mscomctl.ocx (Microsoft Corporation)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {01A241C9-49E5-47E2-A789-04ED6B6384EE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {0A74E0CA-5223-4729-8781-2F50C5FD849B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {11B6C009-3074-44B9-8783-511C19BE5610} - System32\Tasks\{53E1FFDF-70BC-4980-BBD3-937C6EFE4941} => pcalua.exe -a C:\Users\Lais\Desktop\A706R_6.0.18.10041402_Drv_3.6.x.15_SWEncd_3.0.1.6_AVin_2.0.8.0_QEPIN_2.0.8.0_100729.exe -d C:\Users\Lais\Desktop
Task: {1256BF1A-B6CF-42C2-885C-DD6B8914C71C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe 
Task: {14972155-71A5-4BAB-861F-6495804F7084} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {14C113DA-23D2-4BF9-9C5E-46E059B14DE5} - \{8CA0E743-4D42-4537-AE26-02B75CF434B5} -> Nenhum Arquivo <==== ATENÇÃO
Task: {1659D6BE-E00C-4F62-BF4C-282BE9F75F82} - \{8C48BE88-320A-48A6-A931-3321FC9BB48C} -> Nenhum Arquivo <==== ATENÇÃO
Task: {175DEA1C-65D2-4F18-83CE-3EC8FEEEED33} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe 
Task: {179FA2BE-6E0D-46BF-920F-8A0915B20C9F} - System32\Tasks\TechUtilities => C:\Program Files\TechUtilities\TechUtilities.exe 
Task: {1BD7D4CF-F50B-4A83-A03F-13DBFB54CE7B} - \{E53A91A9-56FE-4F6E-98A4-58308D4AC506} -> Nenhum Arquivo <==== ATENÇÃO
Task: {1EFFF0A2-AFA6-492D-8E39-9C51B4E07932} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {24389CDA-F578-4282-B5DA-88BB33C4CB77} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {257A25C4-FB75-4F71-A24A-8DAFB3D48721} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {2947FAFA-5965-4688-8A36-A20048FDD53B} - System32\Tasks\CrystalDiskInfo => C:\Program Files\CrystalDiskInfo\DiskInfo32.exe [2017-01-01] (Crystal Dew World)
Task: {2A5C6FA2-7139-4D05-BB2F-15B2F17B8B7C} - \{710DF987-813E-4C5D-A15F-EDB23654209D} -> Nenhum Arquivo <==== ATENÇÃO
Task: {3148109B-0119-428C-BE6A-177B0199121D} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe 
Task: {32C3F3E6-AE2C-4971-89D6-F09FBC69DD1B} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {3571E421-4B39-4C32-91C6-1BB9EB9CC91D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {363F46AF-7D71-4889-BF06-7AEA50F8E4F9} - System32\Tasks\{B0987110-0A49-4F8F-BB81-C4426FC6DAC6} => pcalua.exe -a C:\Users\Lais\Desktop\EqualizerAPO64-1.1.1.exe -d C:\Users\Lais\Desktop
Task: {375173B7-89B2-488D-9392-D2DA8FF28B6D} - \{417441D9-6458-45B5-B79C-6BD7C6810F05} -> Nenhum Arquivo <==== ATENÇÃO
Task: {398B17EF-2FFB-4199-9690-48694A9C7526} - System32\Tasks\{35315742-A36D-4C49-9AF5-3DD0958AE5D6} => msiexec.exe /package "C:\Users\Lais\Desktop\python-3.3.5.msi"
Task: {3DFD791A-2EFD-4C49-A20F-63BD02532FD3} - System32\Tasks\{4F14E6B5-6709-4318-8299-CA386B724F9D} => pcalua.exe -a K:\Install.exe -d K:\
Task: {41553B09-1DEB-4167-95BD-8D0D26DC7E1B} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe 
Task: {44A6D82F-F55F-4B97-B88A-93DBBA743B9B} - \{5471C1F6-156F-41A2-81E6-3323A332A27E} -> Nenhum Arquivo <==== ATENÇÃO
Task: {44AA9ECF-3032-4803-B083-738D59BF7045} - System32\Tasks\{7733C8E4-8F8A-4FBA-ACA3-9EFFDAD3DAF1} => pcalua.exe -a C:\UT2004\System\Setup.exe -c uninstall "UT2004"
Task: {462B3D09-26CD-473D-A52D-5EB19352727C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe 
Task: {46544A81-2C2B-4275-983F-E521676C7ABF} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe 
Task: {4661B568-8921-45AC-BFD2-11267FE52613} - \{B137A46B-3323-41D5-BF55-E66AABE8DA4A} -> Nenhum Arquivo <==== ATENÇÃO
Task: {480D42B5-2513-4BE4-A49B-24BCDF489539} - System32\Tasks\PRSEM XUSB Modem for Chrome => Rundll32.exe "C:\Program Files\PRSEM XUSB Modem for Chrome\PRSEM XUSB Modem for Chrome.dll",CEcADLd
Task: {49DF6189-CEC9-4F4C-992C-BFA6279A62FA} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {49E98686-4BCD-4FB0-A2F2-611DBC2272DF} - System32\Tasks\{9112E423-C0C9-4F95-BEEE-DB33425E4B48} => pcalua.exe -a C:\Users\Lais\Desktop\PCTV_6.0.21_SFX_Silent_10030908.exe -d C:\Users\Lais\Desktop
Task: {4A093AFB-CF8F-4B07-A61F-58D957A2B0B9} - System32\Tasks\{2F503D1F-E0F6-4F01-9905-2E70748EFBD0} => msiexec.exe /package "C:\Users\Lais\Desktop\python-3.3.5.msi"
Task: {4A550F59-59A8-46EF-93C6-EE8996BB4276} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {4A7139E2-74A5-4713-9E7B-D9E59894FD45} - System32\Tasks\{EDE81B0F-49B1-478D-9182-54E343FBCC38} => pcalua.exe -a C:\ProgramData\Installations\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}\Nokia_PC_Suite_ALL.exe
Task: {4C010B68-1F85-4FFD-90AF-C0BBDCBE55E1} - System32\Tasks\{3B546039-E52E-43C2-A4BE-05DF28E5FBDC} => pcalua.exe -a "C:\Program Files\Counter-Strike 1.6\Uninstal.exe"
Task: {4D223403-394C-4CBB-B29C-8FD60EBBD699} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {51FDAB65-44FA-40EF-998D-0CCC1A137BF3} - \{4FEAE684-C839-4D9E-8157-4529AD456B65} -> Nenhum Arquivo <==== ATENÇÃO
Task: {565B2EFF-7D7E-48A9-ACD1-CA9BAFE77709} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {5AA0BC42-E4AC-42CB-92E2-9E277F4FA7A9} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe 
Task: {5ABE2639-897D-4AE0-9B1F-98E270353277} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe 
Task: {5B492C79-F773-49BD-8063-4A3F220ECE15} - System32\Tasks\{A57AED06-307F-45C8-878B-25B2C6C7AA76} => pcalua.exe -a K:\Setup.Exe -d K:\
Task: {5B4EC045-C803-40B1-95E3-8AA45DF65406} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {5DEE4F28-6BEB-41F4-BAD2-24A7E6130B63} - System32\Tasks\{89728D5C-5D8A-4490-AE54-EED0252627F3} => pcalua.exe -a "C:\Program Files\GOG.com\Alone in the Dark 2\Graphic mode setup.exe" -d "C:\Program Files\GOG.com\Alone in the Dark 2"
Task: {5FFB8FC1-06C6-4FC8-86B5-F2AEDF896225} - \{97F95EDC-1E2D-4B4B-AA1B-44120C59F1A1} -> Nenhum Arquivo <==== ATENÇÃO
Task: {6121533C-25BB-42B6-ADE1-1FE938C982C2} - não caminho do arquivo
Task: {61EAB1D0-56C5-4746-A9E2-363EE4586E54} - \{DFE97677-A3E2-4593-B399-E4BD5801E959} -> Nenhum Arquivo <==== ATENÇÃO
Task: {620AB68E-091A-4753-93B5-1A7EE92435D3} - System32\Tasks\{8A565364-8C20-4911-8C95-EB353EC1FFD6} => pcalua.exe -a C:\Users\Lais\Desktop\cod2-v1.3.exe -d C:\Users\Lais\Desktop
Task: {63AC92EF-6186-4A89-AAF8-CCD5FCC5192A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {644A0AE9-F005-4F8E-8CFB-91303937D720} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_25_0_0_148_pepper.exe [2017-04-29] (Adobe Systems Incorporated)
Task: {64A7C9D6-756A-4767-96D2-5BB0B22A3B1F} - \{E0436DBE-F9C1-483D-B739-4300B2CEC73E} -> Nenhum Arquivo <==== ATENÇÃO
Task: {6704F8A4-CA31-4CB7-A5DD-1085BA017F6C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {67B5EF60-C98E-4BFA-89B1-EFAA3111687F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-19] (Google Inc.)
Task: {689A36D5-0EC9-4429-858D-DEF26E41C3A4} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe 
Task: {6C7E4FE4-150A-4EED-98E8-832CACF1382D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [2017-04-12] (Microsoft Corporation)
Task: {70386880-E223-4D45-872C-E4DB4DCA70E3} - System32\Tasks\User_Feed_Synchronization-{E46D1059-6CA9-4280-92C9-7A59875540FB}
Task: {70540B9A-7003-43B1-A8BD-BEBA35006375} - System32\Tasks\{042E074D-9BCD-4622-B8D8-A6E807D76E26} => pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoAppBar.exe" -d C:\Windows\system32 -c /in "C:\Users\Lais\Desktop\mediadrug.exe"
Task: {70C5AB45-55ED-49AE-8457-B1AF0C5E16B9} - \ABCscle -> Nenhum Arquivo <==== ATENÇÃO
Task: {7A0FC4E6-6477-4C10-A9A1-53D9BD38E618} - System32\Tasks\{61512151-C9B9-4B97-A883-176AF0A5C4C3} => pcalua.exe -a K:\Install.exe -d K:\
Task: {7A85CCB4-DE4C-4B9F-A2D2-2D051F74A33A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe 
Task: {7EC7E931-C81F-4D23-9121-35A4007F0420} - System32\Tasks\{7EFA4BFE-5281-42A6-8080-414E664E5A93} => pcalua.exe -a "C:\Program Files\Windows Live\Installer\wlarp.exe"
Task: {83DD0202-F84A-4F22-90B8-037AAE97345B} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {844B840E-A211-4ACD-AE7C-D89072B998C6} - System32\Tasks\{207FB378-6DB6-4A02-9EFB-78F208E3EDC9} => pcalua.exe -a K:\Setup.exe -d K:\
Task: {85ECB54C-BEEF-41C2-8F49-875A7CF4FFD2} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {877F11FA-7516-4DAA-A630-ACECAA81E315} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {8AD1163D-F27F-4E55-BA2E-F6F3AAD2DAD7} - \{CB166F7F-5EFC-4AFD-B4ED-996A9508CA25} -> Nenhum Arquivo <==== ATENÇÃO
Task: {93744401-BE70-4F02-ACF1-FA9BFF0F6F69} - System32\Tasks\{1D2C8D44-0B6D-4A43-B5D4-FB62BB1E4C68} => pcalua.exe -a "E:\Corel\CorelDRAW Graphics Suite X4\Extras\Setup\Setup.exe" -d "E:\Corel\CorelDRAW Graphics Suite X4\Extras\Setup"
Task: {9644C5CC-FE6C-48A4-BDA4-4B2FE2B2F0FE} - System32\Tasks\{97833B81-9F0A-42C4-B740-4372E05EEEE8} => pcalua.exe -a K:\Setup.exe -d K:\
Task: {9924856F-D755-4453-9756-8C8DBFFBA607} - \DefenderUpdate -> Nenhum Arquivo <==== ATENÇÃO
Task: {9EBE862B-3FF6-4BC6-9C76-2669A35768C4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-04-12] (Microsoft Corporation)
Task: {9ED95457-6663-4297-B803-3D8CBBC75746} - System32\Tasks\{2FC7CD33-98BA-407F-AD2D-E1A00E5965CB} => pcalua.exe -a "C:\Users\Lais\Desktop\Setup(instalador) VIA HD.exe" -d C:\Users\Lais\Desktop
Task: {A02D804C-E132-45F9-8969-8D2CE84EAFBD} - System32\Tasks\DivXUpdate => C:\Program Files\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [2017-03-07] (DivX, LLC)
Task: {A198456A-B468-4D80-8615-F7B4A83B48DF} - System32\Tasks\mf_launch_as_user_315a81 => /mf_uninstall_helper_launcher 
Task: {A8449995-AB5F-4780-83AC-E9AE378D2F90} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {ABFA57E9-4CFA-4B7F-91FE-F6501BE8C3CD} - System32\Tasks\{9C9145AB-B47B-4671-8452-496754F115D3} => pcalua.exe -a "C:\Program Files\Digiarty\WinX_HD_Video_Converter_Deluxe\unins000.exe" -d "C:\Program Files\Digiarty\WinX_HD_Video_Converter_Deluxe"
Task: {AC1FAA8A-9A7C-49A2-9395-455FB8D6C664} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe 
Task: {ACD3A233-011B-42B9-B3A7-37F1C01FFB50} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {AD1AA0A3-F456-43D4-9281-D61B75EDC11E} - System32\Tasks\{A94B0264-86C5-4963-B5AB-ADEAD5C42C3C} => pcalua.exe -a "C:\Program Files\Hotspot Shield\bin\HssInstaller.exe" -d "C:\Program Files\Hotspot Shield\bin"
Task: {B4D1EBAB-D2C8-497E-9008-38A68935D51E} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe 
Task: {C379B24B-7F26-49AA-941D-D8004D41CBCF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {C3B6A2F4-D108-4A33-9C8B-1ADA93E4617A} - \Games\UpdateCheck_S-1-5-21-1181893854-1913967473-772395488-1003 -> Nenhum Arquivo <==== ATENÇÃO
Task: {C627AEF0-54FC-424E-8DAC-23F37C0CD466} - não caminho do arquivo
Task: {C8EF3C4B-C598-4FAE-B4EB-29C71F5DD0F6} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe 
Task: {C90FD386-DEEB-4DBD-A108-898E631761F5} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe 
Task: {C9A3C589-CD27-4821-8CA1-223140297CBD} - System32\Tasks\{F57D44AC-C6B8-4590-91DA-AD9391951B6F} => C:\Program Files\Activision\ESSA PORRA É 1.0\VERSÃO 1.0.exe 
Task: {CD00BFF4-3B5A-43D9-8136-73F3BA4FA398} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-19] (Google Inc.)
Task: {D17C259E-B007-4924-9F75-AFC01F82D53B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-21] (Piriform Ltd)
Task: {D1C737E4-5CC9-4AF8-8D48-23023C0C76F0} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe 
Task: {D32C9A0F-87DF-4FB4-BCB3-442609D4EF4D} - System32\Tasks\{D79D374B-A2AF-4205-AC9C-2C63D61A1423} => pcalua.exe -a C:\Users\Lais\Desktop\A808_6.0.18.09011001_Drv3.10.X.32_090227.exe -d C:\Users\Lais\Desktop
Task: {D3A0ED64-0792-4E07-86F7-9B02997D8DE1} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Nenhum Arquivo <==== ATENÇÃO
Task: {D9105D89-28D1-418C-936F-43BD1CD447DF} - System32\Tasks\Landlendal Calculator => Rundll32.exe "C:\Program Files\Landlendal Calculator\Landlendal Calculator.dll",pQGYrMBiQMj
Task: {DC0C1BDB-B117-425E-A84D-09B53A0472FC} - System32\Tasks\{A464D952-551E-4C03-89C7-ECFAEF558D3C} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}\setup.exe" -c -runfromtemp -l0x0416
Task: {DD5E9452-DCF7-4FB9-8051-B60D93B3D674} - não caminho do arquivo
Task: {DE17D86B-7A15-42B8-B9AA-FB950EBEA90C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe 
Task: {E1115BCC-97FE-40EE-898A-141739A7B485} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe 
Task: {E70EC757-71AB-4FD2-B6B0-81ADA9F6BBCF} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe 
Task: {F1C33235-3BE2-4A4E-84FE-C6BD309B2AA2} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe 
Task: {F20D16CF-4F8F-4410-9D8B-83C4C7BD3788} - System32\Tasks\53L7458a3192u89 => Rundll32.exe "C:\ProgramData\53L7458a3192u89\53L7458a3192u89.dll",LauxKxdMI <==== ATENÇÃO
Task: {F98859D8-305C-4567-91B5-0C2CDC3F4634} - System32\Tasks\D3DGearRawFrameCaptureTask => C:\PROGRA~1\D3DGear\d3dGear.exe 
Task: {FB87D7E2-43B8-4634-A13D-AED884F65D34} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {FCAE4E29-8EF3-4F2F-A231-113D25973E79} - \{90A19A9D-015C-4380-B2D3-AA04F3E983E7} -> Nenhum Arquivo <==== ATENÇÃO
Task: {FE27BCF6-708E-4C8B-BE27-169EB874F5F5} - \AutoKMS -> Nenhum Arquivo <==== ATENÇÃO
Task: {FE6D5D82-6125-4086-84A9-55C68F671504} - System32\Tasks\{816905A0-E1AE-405C-9D75-D7A98358F35B} => pcalua.exe -a C:\Users\Lais\Desktop\ie6setup.exe -d C:\Users\Lais\Desktop

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\TechUtilities.job => C:\Program Files\TechUtilities\TechUtilities.exe-t C:\Program Files\TechUtilities\TechUtilities.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

Shortcut: C:\Users\Lais\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Simple Port Forwarding\SPF - Basic UI Mode.lnk -> C:\Program Files\Simple Port Forwarding\basic_ui.bat ()

==================== Módulos Carregados (Whitelisted) ==============

2016-07-16 05:25 - 2016-07-16 05:25 - 00190976 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-12 13:04 - 2017-03-28 03:15 - 02048496 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-24 22:02 - 2015-06-01 12:19 - 02817536 _____ () C:\Program Files\Landlendal Calculator\Landlendal Calculator.dll
2017-04-12 13:04 - 2017-03-28 03:15 - 02048496 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-07-16 05:25 - 2016-07-16 05:25 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-14 16:21 - 2017-03-04 03:24 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-14 16:19 - 2017-03-04 03:04 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-14 16:19 - 2017-03-04 02:58 - 01150464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-23 02:45 - 2016-10-23 02:45 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-12 13:03 - 2017-03-28 02:09 - 00779776 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-04-12 13:03 - 2017-03-28 02:10 - 01724928 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-12 13:04 - 2017-03-28 02:11 - 03158016 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-04-26 19:51 - 2017-04-26 19:51 - 00067584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x86__kzf8qxf38zg5c\SkypeHost.exe
2017-04-26 19:51 - 2017-04-26 19:51 - 00162304 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x86__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-03-31 18:40 - 2017-03-28 23:04 - 02187096 _____ () C:\Program Files\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
2017-03-31 18:40 - 2017-03-28 23:04 - 00086360 _____ () C:\Program Files\Google\Chrome\Application\57.0.2987.133\libegl.dll
2017-04-25 11:43 - 2017-04-25 11:43 - 12572146 _____ () C:\Users\Lais\Desktop\FightCade\FightCade.exe
2017-04-30 00:09 - 2017-04-30 00:09 - 00077824 _____ () C:\Users\Lais\AppData\Local\Temp\_MEI19122\sip.pyd
2017-04-30 00:09 - 2017-04-30 00:09 - 01689088 _____ () C:\Users\Lais\AppData\Local\Temp\_MEI19122\PyQt4.QtCore.pyd
2017-04-30 00:09 - 2017-04-30 00:09 - 00040960 _____ () C:\Users\Lais\AppData\Local\Temp\_MEI19122\_socket.pyd
2017-04-30 00:09 - 2017-04-30 00:09 - 00721920 _____ () C:\Users\Lais\AppData\Local\Temp\_MEI19122\_ssl.pyd
2017-04-30 00:09 - 2017-04-30 00:09 - 00098816 _____ () C:\Users\Lais\AppData\Local\Temp\_MEI19122\win32api.pyd
2017-04-30 00:09 - 2017-04-30 00:09 - 00110080 _____ () C:\Users\Lais\AppData\Local\Temp\_MEI19122\pywintypes27.dll
2017-04-30 00:09 - 2017-04-30 00:09 - 05942784 _____ () C:\Users\Lais\AppData\Local\Temp\_MEI19122\PyQt4.QtGui.pyd
2017-04-30 00:09 - 2017-04-30 00:09 - 00285184 _____ () C:\Users\Lais\AppData\Local\Temp\_MEI19122\_hashlib.pyd
2017-04-30 00:09 - 2017-04-30 00:09 - 00009728 _____ () C:\Users\Lais\AppData\Local\Temp\_MEI19122\select.pyd
2017-04-30 00:09 - 2017-04-30 00:09 - 00328192 _____ () C:\Users\Lais\AppData\Local\Temp\_MEI19122\PyQt4.phonon.pyd
2017-04-30 00:09 - 2017-04-30 00:09 - 00008704 _____ () C:\Users\Lais\AppData\Local\Temp\_MEI19122\winsound.pyd
2015-09-01 18:02 - 2015-09-01 18:02 - 00688128 _____ () C:\ZDaemon\ZRC.dll
2012-11-05 19:12 - 2012-11-05 19:12 - 04239360 _____ () C:\ZDaemon\iwadpatcher.dll
2015-03-23 05:51 - 2015-03-23 05:51 - 00742400 _____ () C:\ZDaemon\ip2c.dll
2016-11-08 04:30 - 2016-11-08 04:30 - 00038400 _____ () C:\Dimmer\Dimmer.exe
2017-04-05 07:36 - 2017-04-05 07:38 - 00019968 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-04-05 07:36 - 2017-04-05 07:38 - 18737664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x86__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-04-05 07:36 - 2017-04-05 07:38 - 00348160 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x86__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-04-05 07:36 - 2017-04-05 07:38 - 04739072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x86__8wekyb3d8bbwe\MediaEngine.dll
2016-06-03 02:35 - 2016-06-03 02:35 - 00541696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x86__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-04-05 07:36 - 2017-04-05 07:38 - 00279552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x86__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-04-05 07:36 - 2017-04-05 07:38 - 00654848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x86__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-11-22 06:50 - 2016-11-22 06:50 - 00180224 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x86__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-03-28 14:11 - 2017-03-28 14:11 - 01346416 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17022.10311.0_x86__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-03-15 14:22 - 2017-03-15 14:22 - 03013632 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1703.601.0_x86__8wekyb3d8bbwe\Calculator.exe
2017-04-27 17:56 - 2017-04-27 17:56 - 01778032 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17032.10331.0_x86__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-03-14 16:19 - 2017-03-04 02:57 - 00093184 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\ProgramData\TEMP:0888F409 [286]
AlternateDataStreams: C:\ProgramData\TEMP:3440EB47 [946]
AlternateDataStreams: C:\ProgramData\TEMP:66633281 [135]
AlternateDataStreams: C:\ProgramData\TEMP:76650B61 [103]
AlternateDataStreams: C:\ProgramData\TEMP:94A19129 [129]
AlternateDataStreams: C:\Users\Lais\AppData\Local\desktop.ini:722b2b1c349a06abf0e866180e5a7e63 [1058]
AlternateDataStreams: C:\Users\Lais\AppData\Roaming\Microsoft\Windows\Start Menu\MSN Brasil - Hotmail, Skype, Entretenimento, Notícias, Esportes e Vídeo.website:TASKICON_0854F4951FCBF6C450892031DA153B1-391562580 [2302]
AlternateDataStreams: C:\Users\Lais\AppData\Roaming\Microsoft\Windows\Start Menu\MSN Brasil - Hotmail, Skype, Entretenimento, Notícias, Esportes e Vídeo.website:TASKICON_1854F4951FCBF6C450892031DA153B11026628863 [2302]
AlternateDataStreams: C:\Users\Lais\AppData\Roaming\Microsoft\Windows\Start Menu\MSN Brasil - Hotmail, Skype, Entretenimento, Notícias, Esportes e Vídeo.website:TASKICON_2854F4951FCBF6C450892031DA153B1-567912132 [2302]
AlternateDataStreams: C:\Users\Lais\AppData\Roaming\Microsoft\Windows\Start Menu\MSN Brasil - Hotmail, Skype, Entretenimento, Notícias, Esportes e Vídeo.website:TASKICON_3854F4951FCBF6C450892031DA153B11041095353 [2302]
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:0888F409 [286]
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:3440EB47 [946]
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:66633281 [135]
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:76650B61 [103]
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:94A19129 [129]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\21425179.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\2C238C60.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\21425179.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\2C238C60.sys => ""="Driver"

==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)

HKU\S-1-5-21-1181893854-1913967473-772395488-1000\Software\Classes\.exe:  =>  <===== ATENÇÃO
HKU\S-1-5-21-1181893854-1913967473-772395488-1000\Software\Classes\regfile: regedit.exe "%1" <===== ATENÇÃO

==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-1181893854-1913967473-772395488-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-1181893854-1913967473-772395488-1000\...\dell.com -> dell.com

==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-13 23:04 - 2016-05-23 00:25 - 00351238 ___RA C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1	localhost
127.0.0.1	localhost.localdomain
255.255.255.255	broadcasthost
127.0.0.1	local127.0.0.1 goatse.cx       # More information on sites such as 
127.0.0.1 www.goatse.cx   # these can be found in this article
127.0.0.1 oralse.cx       # en.wikipedia.org/wiki/List_of_shock_sites
127.0.0.1 www.oralse.cx
127.0.0.1 goatse.ca
127.0.0.1 www.goatse.ca
127.0.0.1 oralse.ca
127.0.0.1 www.oralse.ca
127.0.0.1 goat.cx
127.0.0.1 www.goat.cx
127.0.0.1 goatse.ru
127.0.0.1 www.goatse.ru127.0.0.1 1girl1pitcher.com
127.0.0.1 1girl1pitcher.org
127.0.0.1 1guy1cock.com
127.0.0.1 1man1jar.org
127.0.0.1 1man2needles.com
127.0.0.1 1priest1nun.com
127.0.0.1 2girls1cup.com
127.0.0.1 2girls1cup-free.com
127.0.0.1 2girls1cup.nl
127.0.0.1 2girls1cup.ws
127.0.0.1 2girls1finger.com
127.0.0.1 2girls1finger.org
127.0.0.1 2guys1stump.org
127.0.0.1 3guys1hammer.ws
127.0.0.1 4girlsfingerpaint.com
127.0.0.1 4girlsfingerpaint.org

Existem ainda 11326 mais linhas.


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-1181893854-1913967473-772395488-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lais\Desktop\Nina.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

MSCONFIG\Services: AcuWVSSchedulerv8 => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Ant App service => 3
MSCONFIG\Services: AVerRemote => 2
MSCONFIG\Services: AVerScheduleService => 2
MSCONFIG\Services: AxAutoMntSrv => 2
MSCONFIG\Services: Backupper Service => 2
MSCONFIG\Services: BstHdAndroidSvc => 3
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: Chemtable Startup Checking => 2
MSCONFIG\Services: clr_optimization_v2.0.50727_32 => 3
MSCONFIG\Services: clr_optimization_v4.0.30319_32 => 2
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: DbxSvc => 2
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: DragonUpdater => 2
MSCONFIG\Services: EaseUS Agent => 2
MSCONFIG\Services: EPSON_EB_RPCV4_04 => 2
MSCONFIG\Services: EPSON_PM_RPCV4_04 => 2
MSCONFIG\Services: FileZilla Server => 2
MSCONFIG\Services: GS In-Game Service => 2
MSCONFIG\Services: Guard Agent => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: hmevpnsvc => 2
MSCONFIG\Services: hshld => 2
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: lfsvc => 3
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: Norton PC Checkup Application Launcher => 2
MSCONFIG\Services: ogmservice => 2
MSCONFIG\Services: PCFasterSvc_{PCFaster_4.0.0.0} => 2
MSCONFIG\Services: PnkBstrA => 2
MSCONFIG\Services: PSEXESVC => 3
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\Services: PskSvcRetail => 2
MSCONFIG\Services: ptservice => 2
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SpotGPSMaxim => 2
MSCONFIG\Services: StarWindServiceAE => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\Services: TPSrv => 2
MSCONFIG\Services: Update DiVapton => 2
MSCONFIG\Services: Util DiVapton => 2
MSCONFIG\Services: VideoAcceleratorService => 2
MSCONFIG\Services: WsAppService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Assistente para criação de disco de recuperação.lnk => C:\Windows\pss\Assistente para criação de disco de recuperação.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVer HID Receiver.lnk => C:\Windows\pss\AVer HID Receiver.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerMedia GPS.lnk => C:\Windows\pss\AVerMedia GPS.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerQuick.lnk => C:\Windows\pss\AVerQuick.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^EA_RESTART_001.lnk => C:\Windows\pss\EA_RESTART_001.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PCTV Quick.lnk => C:\Windows\pss\PCTV Quick.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Refresh.lnk => C:\Windows\pss\Refresh.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RocketDock.lnk => C:\Windows\pss\RocketDock.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SnugTV Quick Start.lnk => C:\Windows\pss\SnugTV Quick Start.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^UberIcon.lnk => C:\Windows\pss\UberIcon.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Who Is On My Wifi.lnk => C:\Windows\pss\Who Is On My Wifi.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Lais^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hide.me VPN.lnk => C:\Windows\pss\hide.me VPN.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Lais^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MemInfo.lnk => C:\Windows\pss\MemInfo.lnk.Startup
MSCONFIG\startupreg: ABBYY Screenshot Reader Bonus => 
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Aeria Ignite => 
MSCONFIG\startupreg: Akamai NetSession Interface => 
MSCONFIG\startupreg: AlcoholAutomount => 
MSCONFIG\startupreg: AlSrvN => 
MSCONFIG\startupreg: APSDaemon => 
MSCONFIG\startupreg: Baidu PC Faster 4.0.0.0 => 
MSCONFIG\startupreg: CloneCDTray => 
MSCONFIG\startupreg: DFX => 
MSCONFIG\startupreg: DivXUpdate => 
MSCONFIG\startupreg: EEventManager => "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPSON TX133 TX135 Series => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHJB.EXE /FU "C:\Windows\TEMP\E_S85CE.tmp" /EF "HKCU"
MSCONFIG\startupreg: FileZilla Server Interface => 
MSCONFIG\startupreg: Gadu-Gadu => 
MSCONFIG\startupreg: Google Update => "C:\Users\Lais\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Java(TM) ME Platform SDK 3.3 => 
MSCONFIG\startupreg: Lightshot => C:\Program Files\Skillbrains\lightshot\Lightshot.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Lync => "C:\Program Files\Microsoft Office\Office15\lync.exe" /fromrunkey
MSCONFIG\startupreg: MediaDrug => "C:\MediaDrug\mediadrug.exe" -autostart
MSCONFIG\startupreg: Megacubo Update => 
MSCONFIG\startupreg: MinhaBox.br => 
MSCONFIG\startupreg: MPlayerForWindows_UpdateReminder => 
MSCONFIG\startupreg: msnmsgr => 
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVH.EXE" /quietlaunch "MSOSYNC 9014006604160000"
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RESTART_STICKY_NOTES => C:\Windows\System32\StikyNot.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skytel => 
MSCONFIG\startupreg: SpeedBitVideoAccelerator => 
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: vmware-tray.exe => "C:\Program Files\VMware\VMware Workstation\vmware-tray.exe"
MSCONFIG\startupreg: WinampAgent => 
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
MSCONFIG\startupreg: Xvid => 
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "SysTrayApp"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run: => "Aimersoft Helper Compact.exe"
HKLM\...\StartupApproved\Run: => "DelaypluginInstall"
HKLM\...\StartupApproved\Run: => "BrowserPlugInHelper"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run: => "vmware-tray.exe"
HKLM\...\StartupApproved\Run: => "Lightshot"
HKLM\...\StartupApproved\Run: => "ProductUpdater"
HKLM\...\StartupApproved\Run: => "CrashPlanTray"
HKLM\...\StartupApproved\Run: => "SOS Notifier"
HKLM\...\StartupApproved\Run: => "Dropbox"
HKLM\...\StartupApproved\Run: => "AmIcoSinglun"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "DivXMediaServer"
HKLM\...\StartupApproved\Run: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run: => "SwitchBoard"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "LAIS-PC"
HKU\S-1-5-21-1181893854-1913967473-772395488-1000\...\StartupApproved\StartupFolder: => "hide.me VPN.lnk"
HKU\S-1-5-21-1181893854-1913967473-772395488-1000\...\StartupApproved\StartupFolder: => "Sidebar88.lnk"
HKU\S-1-5-21-1181893854-1913967473-772395488-1000\...\StartupApproved\StartupFolder: => "Sidebar118.lnk"
HKU\S-1-5-21-1181893854-1913967473-772395488-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1181893854-1913967473-772395488-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1181893854-1913967473-772395488-1000\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1181893854-1913967473-772395488-1000\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1181893854-1913967473-772395488-1000\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1181893854-1913967473-772395488-1000\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-1181893854-1913967473-772395488-1000\...\StartupApproved\Run: => "MediaDrug"
HKU\S-1-5-21-1181893854-1913967473-772395488-1000\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1181893854-1913967473-772395488-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1181893854-1913967473-772395488-1000\...\StartupApproved\Run: => "SOS Browser Monitor"
HKU\S-1-5-21-1181893854-1913967473-772395488-1000\...\StartupApproved\Run: => "GameJoltClient"
HKU\S-1-5-21-1181893854-1913967473-772395488-1000\...\StartupApproved\Run: => "Free Download Manager"
HKU\S-1-5-21-1181893854-1913967473-772395488-1000\...\StartupApproved\Run: => "Iperius Backup"
HKU\S-1-5-21-1181893854-1913967473-772395488-1000\...\StartupApproved\Run: => "Xvid"
HKU\S-1-5-21-1181893854-1913967473-772395488-1000\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-1181893854-1913967473-772395488-1000\...\StartupApproved\Run: => "AdobeBridge"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [TCP Query User{08BF3135-54D6-4B12-8CE7-8E3419AE8D00}C:\users\lais\desktop\fightcade\ggpofba.exe] => (Allow) C:\users\lais\desktop\fightcade\ggpofba.exe
FirewallRules: [UDP Query User{8F9AF25A-E2E9-4AEB-93CD-005AFCBE6867}C:\users\lais\desktop\fightcade\ggpofba.exe] => (Allow) C:\users\lais\desktop\fightcade\ggpofba.exe
FirewallRules: [TCP Query User{2AEE161F-8C1F-492D-980D-10663EE7DE71}C:\users\lais\desktop\fightcade\ggpofba-ng.exe] => (Allow) C:\users\lais\desktop\fightcade\ggpofba-ng.exe
FirewallRules: [UDP Query User{DC9CA554-0663-48C6-AC28-041A87A3F40C}C:\users\lais\desktop\fightcade\ggpofba-ng.exe] => (Allow) C:\users\lais\desktop\fightcade\ggpofba-ng.exe
FirewallRules: [TCP Query User{D1F829DC-3A66-408B-89E8-3352263C8BD9}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{0DDB43D4-C679-4FC4-9A2D-20245FBAD54F}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{8B4CEAB2-C54F-4999-999E-68F5B612ACA1}C:\zdaemon\zlauncher.exe] => (Allow) C:\zdaemon\zlauncher.exe
FirewallRules: [UDP Query User{E94BED9F-2FC4-44E4-B3C1-3F1E5C58991B}C:\zdaemon\zlauncher.exe] => (Allow) C:\zdaemon\zlauncher.exe
FirewallRules: [{D3BC9B45-9CC9-4B2E-A4D3-54B60D01A196}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [TCP Query User{18EC73DB-FB37-4922-9CAC-86332A05D1FD}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{67ACEC0D-A229-4E75-8FBD-94175907BCD1}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{6C79B8B7-0272-403C-ABB2-748C8F7D21C5}C:\users\lais\desktop\fightcade\fightcade.exe] => (Allow) C:\users\lais\desktop\fightcade\fightcade.exe
FirewallRules: [UDP Query User{11F8E5E9-E996-4303-9C23-A58EB57CEA7A}C:\users\lais\desktop\fightcade\fightcade.exe] => (Allow) C:\users\lais\desktop\fightcade\fightcade.exe
FirewallRules: [TCP Query User{D8D142EC-B9A4-47F9-BE1F-6D4829264B35}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe
FirewallRules: [UDP Query User{5C14A2B0-365F-444E-9829-62E33AC5A7B4}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe
FirewallRules: [TCP Query User{767CDC7D-D724-4647-96C6-A7FB20351477}C:\users\lais\desktop\fightcade\fightcade.exe] => (Allow) C:\users\lais\desktop\fightcade\fightcade.exe
FirewallRules: [UDP Query User{295CC437-F329-42CD-974C-645F681C18A0}C:\users\lais\desktop\fightcade\fightcade.exe] => (Allow) C:\users\lais\desktop\fightcade\fightcade.exe
FirewallRules: [TCP Query User{1F56F6A8-C32E-4CFC-814B-C78DFF4F94AB}C:\program files\adiirc\adiirc.exe] => (Allow) C:\program files\adiirc\adiirc.exe
FirewallRules: [UDP Query User{CB2A1971-AC46-4A5C-A686-6C049A0131BD}C:\program files\adiirc\adiirc.exe] => (Allow) C:\program files\adiirc\adiirc.exe
FirewallRules: [{A3B52ACA-1213-4025-889C-439557A512AD}] => (Allow) C:\Meltdown\Meltdown.exe
FirewallRules: [{D88A1C8A-ED81-4726-8C66-316889A4B64F}] => (Allow) C:\Meltdown\Duke Nukem 3D\hDuke\hduke.exe
FirewallRules: [{45942A7D-F0FF-4BA6-90DD-5873BBE548CB}] => (Allow) C:\Meltdown\Duke Nukem 3D\xDuke\duke3d_w32.exe
FirewallRules: [{D3CA66CE-316A-445E-960A-2B5048AC317B}] => (Allow) C:\Program Files\UnHackMe\Unhackme.exe
FirewallRules: [{539A16C4-C6B6-4856-83AB-4C844EC0B3E3}] => (Allow) C:\Program Files\UnHackMe\Unhackme.exe
FirewallRules: [{E1F1A683-ED5E-4F7A-A3A0-6721CDCF3EDE}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{737DC384-F2EC-41A1-8517-88A5A3A28272}] => (Allow) C:\Windows\System32\rundll32.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Oruhi\orbitdm.exe] => Enabled:Orbit
StandardProfile\AuthorizedApplications: [C:\Program Files\Oruhi\orbitnet.exe] => Enabled:Orbit
StandardProfile\AuthorizedApplications: [C:\Program Files\xchat\xchat.exe] => Enabled:XChat IRC Client

==================== Pontos de Restauração =========================

24-04-2017 04:07:55 Windows Update
27-04-2017 12:27:56 Windows Update

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (04/30/2017 01:23:03 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Falha no Procedimento Open para o serviço "BITS" na DLL "C:\Windows\System32\bitsperf.dll". Os dados de desempenho para este serviço não estarão disponíveis. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código do erro.

Error: (04/30/2017 01:23:02 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: O Windows não consegue carregar a DLL ASP.NET_1.1.4322 do contador extensível. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código de erro do Windows.

Error: (04/29/2017 11:32:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lais-PC)
Description: Falha na ativação do aplicativo Microsoft.Windows.Photos_8wekyb3d8bbwe!App com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (04/29/2017 11:32:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Lais-PC)
Description: O aplicativo Microsoft.Windows.Photos_17.313.10010.0_x86__8wekyb3d8bbwe+App não foi iniciado dentro do tempo alocado.

Error: (04/29/2017 09:48:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Microsoft.Photos.exe, versão: 1.0.1703.13001, carimbo de data/hora: 0x58c6f1ce
Nome do módulo com falha: Windows.UI.Xaml.dll, versão: 10.0.14393.953, carimbo de data/hora: 0x58ba5ca3
Código de exceção: 0xc000027b
Deslocamento da falha: 0x008b72a8
ID do processo com falha: 0xa98
Hora de início do aplicativo com falha: 0x01d2c146a2e2d6f8
Caminho do aplicativo com falha: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
Caminho do módulo com falha: C:\Windows\System32\Windows.UI.Xaml.dll
ID do Relatório: a7d2f3f0-403c-42e9-bd25-d1a6b0c2919d
Nome completo do pacote com falha: Microsoft.Windows.Photos_17.313.10010.0_x86__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: App

Error: (04/29/2017 09:09:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Microsoft.Photos.exe versão 1.0.1703.13001 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.

ID do Processo: 21a0

Hora de Início: 01d2c145eef56027

Hora de Término: 4294967295

Caminho do Aplicativo: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe

ID do Relatório: 36ed93a3-2d39-11e7-9715-c8ffbf3f7bf7

Nome completo do pacote com falha: Microsoft.Windows.Photos_17.313.10010.0_x86__8wekyb3d8bbwe

ID do aplicativo relativo ao pacote com falha: App

Error: (04/29/2017 09:09:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lais-PC)
Description: Falha na ativação do aplicativo Microsoft.Windows.Photos_8wekyb3d8bbwe!App com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (04/29/2017 09:08:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Lais-PC)
Description: O pacote Microsoft.Windows.Photos_17.313.10010.0_x86__8wekyb3d8bbwe+App foi terminado porque levou muito tempo para ser suspenso.

Error: (04/29/2017 07:43:44 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Falha ao criar ponto de restauração (Processo = C:\Users\Lais\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT Pre-Junkware Removal"; Descrição = JRT Pre-Junkware Removal; Erro = 0x80070005).

Error: (04/29/2017 07:42:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.

System Error:
Acesso negado.
.


Erros de Sistema:
=============
Error: (04/30/2017 01:36:03 AM) (Source: DCOM) (EventID: 10010) (User: Lais-PC)
Description: O servidor {37998346-3765-45B1-8C66-AA88CA6B20B8} não se registrou no DCOM dentro do tempo limite necessário.

Error: (04/30/2017 01:34:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Serviço de Plataforma de Dispositivos Conectados terminou com o erro: 
Erro não especificado

Error: (04/30/2017 12:06:24 AM) (Source: DCOM) (EventID: 10010) (User: Lais-PC)
Description: O servidor {37998346-3765-45B1-8C66-AA88CA6B20B8} não se registrou no DCOM dentro do tempo limite necessário.

Error: (04/30/2017 12:04:24 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Serviço de Plataforma de Dispositivos Conectados terminou com o erro: 
Erro não especificado

Error: (04/29/2017 11:22:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Serviço de Plataforma de Dispositivos Conectados terminou com o erro: 
Erro não especificado

Error: (04/29/2017 11:20:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço NetPipeActivator depende do serviço WAS, mas não foi possível iniciá-lo devido ao seguinte erro: 
O sistema não pode encontrar o caminho especificado.

Error: (04/29/2017 11:20:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço W3SVC depende do serviço WAS, mas não foi possível iniciá-lo devido ao seguinte erro: 
O sistema não pode encontrar o caminho especificado.

Error: (04/29/2017 11:20:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço NetMsmqActivator depende do serviço WAS, mas não foi possível iniciá-lo devido ao seguinte erro: 
O sistema não pode encontrar o caminho especificado.

Error: (04/29/2017 11:20:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço WAS terminou com o erro: 
O sistema não pode encontrar o caminho especificado.

Error: (04/29/2017 11:20:14 PM) (Source: APPHOSTSVC) (EventID: 9010) (User: )
Description: O Serviço Auxiliar de Host do Aplicativo encontrou um erro ao tentar acessar o diretório do histórico raiz 'C:\inetpub\history'. O diretório não existe ou as permissões nele não permitem que o serviço de histórico o acesse. O recurso de histórico de configuração está desabilitado por enquanto e será habilitado novamente após a resolução do problema. Para resolver o problema, verifique se o diretório existe e se o grupo Administradores tem acesso de leitura e gravação a ele. O campo de dados contém o número do erro.


CodeIntegrity:
===================================
  Date: 2017-04-26 03:50:08.991
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-04-13 16:16:51.916
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-04-13 16:16:51.632
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-04-07 08:27:46.777
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-04-07 08:27:45.408
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-03-23 22:38:40.750
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-03-19 04:12:53.199
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-03-17 11:04:43.647
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-03-17 11:04:43.318
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-01-12 12:48:04.361
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Informa��es da Mem�ria =========================== 

Processador: Intel(R) Celeron(R) CPU E3300 @ 2.50GHz
Percentagem de mem�ria em uso: 80%
RAM f�sica total: 2013.24 MB
RAM f�sica dispon�vel: 395.73 MB
Virtual Total: 4061.24 MB
Virtual dispon�vel: 1132.27 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:455.99 GB) (Free:16.35 GB) NTFS ==>[drive com componentes de inicializa��o (obtido atrav�s de BCD)]

==================== MBR & Tabela de Parti��es ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 2813FC89)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Active) - (Size=456 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================