Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 16.05.2018 01 Executado por User (21-05-2018 10:41:44) Executando a partir de C:\Users\User\Desktop Windows 7 Ultimate Service Pack 1 (X64) (2013-01-31 00:25:01) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-976454829-4156036392-909821612-500 - Administrator - Disabled) Convidado (S-1-5-21-976454829-4156036392-909821612-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-976454829-4156036392-909821612-1002 - Administrator - Enabled) User (S-1-5-21-976454829-4156036392-909821612-1001 - Administrator - Enabled) => C:\Users\User ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Kaspersky Anti-Virus (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AS: Kaspersky Anti-Virus (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated) Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.171 - Adobe Systems Incorporated) Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated) Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated) Adobe Photoshop CS4 1.0 (HKLM-x32\...\Tradução Adobe Photoshop CS4_is1) (Version: - Nando Backer Software Developer) AMD Catalyst Install Manager (HKLM\...\{37ED2328-4288-6720-9D34-ECD5709B4F21}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) Arquivo do WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Brasil MapleStory2 versão 0.03 (HKLM-x32\...\{E72F1EB3-BE65-42E0-9B48-FD6417A2DD2B}_is1) (Version: 0.03 - Brasil MapleStory2) BrOffice.org 3.1 (HKLM-x32\...\{CE853177-215B-4C6D-AB90-3DCE66BA7D75}) (Version: 3.1.9399 - OpenOffice.org) Camtasia 9 (HKLM\...\{5B345FC0-9E6D-4D22-9718-682DB0CF2414}) (Version: 9.0.0.1306 - TechSmith Corporation) Hidden Camtasia 9 (HKLM-x32\...\{357abfe9-0513-4326-9e53-3b7654e9819d}) (Version: 9.0.0.1306 - TechSmith Corporation) CCleaner (HKLM\...\CCleaner) (Version: 5.42 - Piriform) CERBERUS Gaming Mouse Driver v1.0.8 (HKLM-x32\...\{011BCBE3-226A-4354-A314-AC289A7EA299}_is1) (Version: - Inc.) Cisco WebEx Meetings (HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Discord (HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\Discord) (Version: 0.0.301 - Discord Inc.) Easy Custom KB-100 (HKLM-x32\...\{68754F42-DE8A-4A2C-9112-385D6CA38907}) (Version: 1.0 - Easy) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden FormatFactory 4.1.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.1.0.0 - Free Time) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.117 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.15 - Google Inc.) Hidden Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.) Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation) Kaspersky Anti-Virus (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) KCP-0.6.0.6 (HKLM-x32\...\Kawaii Codec Pack_is1) (Version: 0.6.0.6 - Haruhichan.com) K-Lite Mega Codec Pack 12.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.5.5 - KLCP) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc) MapleStory (HKLM-x32\...\MapleStory) (Version: - ) MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info) Microsoft .NET Framework 4.5.2 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation) Microsoft OneNote Home and Student 2016 - pt-br (HKLM\...\OneNoteFreeRetail - pt-br) (Version: 16.0.9226.2156 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visio Professional 2016 - pt-br (HKLM\...\VisioProRetail - pt-br) (Version: 16.0.9226.2156 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) mIRC (HKLM-x32\...\mIRC) (Version: 7.32 - mIRC Co. Ltd.) Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version: - ) Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 2.0.0 - Nexon) NVIDIA Display Control Panel (HKLM\...\{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 6.14.12.7061 - NVIDIA Corporation) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation) Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks) OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Nome de sua empresa:) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden Opera Stable 52.0.2871.64 (HKLM-x32\...\Opera 52.0.2871.64) (Version: 52.0.2871.64 - Opera Software) osu! (HKLM-x32\...\{2aff43a3-21d8-48cc-b615-f51a246f13d4}) (Version: latest - ppy Pty Ltd) Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) Hidden Prince of Persia Sands of Time (HKLM-x32\...\Uplay Install 111) (Version: - Ubisoft) Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.) RiftAnalyst (HKLM-x32\...\{01b9ed3f-fadd-478f-94a0-930880124c1d}) (Version: 1.2.2.25 - Fluendo S.A.) RiftAnalyst (HKLM-x32\...\{FDA66461-9843-428E-86F9-1927878F2224}) (Version: 1.2.2.25 - Fluendo S.A.) Hidden Songr (HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\Songr) (Version: 2.1 - Xamasoft) Spotify (HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\Spotify) (Version: 1.0.80.474.gef6b503e - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) sXe Injected (HKLM-x32\...\sXe Injected) (Version: 15.9.0.0 - Alejandro Cortés) Uplay (HKLM-x32\...\Uplay) (Version: 20.0 - Ubisoft) VIA Gerenciador de dispositivo de plataforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) X-Mouse Button Control 2.16.1 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.16.1 - Highresolution Enterprises) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-976454829-4156036392-909821612-1001_Classes\CLSID\{0FF9CF5C-2BA3-66E2-7D42-233151B52C0A}\InprocServer32 -> não caminho do arquivo ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.) ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2018-05-10] (AO Kaspersky Lab) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2018-05-10] (AO Kaspersky Lab) ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FreeTime\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time) ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2018-05-10] (AO Kaspersky Lab) ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-11-19] (Advanced Micro Devices, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2011-04-07] (NVIDIA Corporation) ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2018-05-10] (AO Kaspersky Lab) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {0497D6A7-C6FC-44E0-9BC4-50A8AD44B2A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-13] (Google Inc.) Task: {0EC39240-4A1F-422B-807B-B09EB244C1C1} - \Aero -> Nenhum Arquivo <==== ATENÇÃO Task: {1A8A4EB8-5FD4-44C2-947F-5F7D6E2DDD0B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-05-12] (Microsoft Corporation) Task: {1E31FEA5-14E8-4E9F-9D5B-5FA6DBFB87DE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-05-10] (Piriform Ltd) Task: {445E6F9B-4F98-4BFF-B1EC-74895614A6F6} - System32\Tasks\{DE2EC5B8-B876-41BB-9F58-5822EAC71E1A} => C:\Windows\system32\pcalua.exe -a C:\Users\User\Downloads\Programs\chromeinstall-8u73.exe -d C:\Users\User\AppData\Roaming\IDM Task: {6C2DE44C-6885-4581-B55D-B8E92E2D2861} - System32\Tasks\Opera scheduled Autoupdate 1469979298 => C:\Program Files (x86)\Opera\launcher.exe [2018-04-10] (Opera Software) Task: {745FC00B-E0A4-4CF5-93E1-9CC9AA3791E0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-05-17] (Microsoft Corporation) Task: {7E0F9328-F1EF-425E-8B3B-C962F49F1040} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-13] (Google Inc.) Task: {91A719D7-62FE-4E0B-9ED7-E958DFAD9B52} - System32\Tasks\{4AA24475-98DA-4843-AB24-B8A6A2E70324} => C:\Program Files (x86)\Brasil MapleStory2\Patcher.exe [2015-08-30] () Task: {9AA2321C-7690-4B34-9E75-39002B7EB837} - System32\Tasks\{4A8C4A57-BE69-44C9-BF9B-45688CBBE39C} => C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\Geral\Easy Custom KB-100.exe" -d C:\Users\User\Desktop\Geral Task: {A7ABF5D7-0B56-41E0-BD21-D9931723DD62} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-05-17] (Microsoft Corporation) Task: {AE73A8A9-CBB1-4652-BEFE-E0FC8CDE3E9D} - System32\Tasks\{15310C99-6FD8-4B9B-B728-3D04964730C9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\GameVicio\Rome Total War\Atualizador.exe" -d "C:\Program Files (x86)\GameVicio\Rome Total War" Task: {B27E00B3-1BFD-43FF-B879-0D1AA0805614} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_Plugin.exe [2018-05-08] (Adobe Systems Incorporated) Task: {B2D66468-C147-4E82-BDA3-B9B822D222B9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-08] (Adobe Systems Incorporated) Task: {BF24D7AA-E3AB-4117-AE1C-13B315640533} - System32\Tasks\{A982A235-A7B0-49DD-AC63-A4C2CF77D2FF} => C:\Program Files (x86)\Brasil MapleStory2\Patcher.exe [2015-08-30] () Task: {C23B8D63-F522-4211-B6A8-DE5992364539} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_pepper.exe [2018-05-08] (Adobe Systems Incorporated) Task: {CC0EFA5C-ACFF-4482-99DF-062D3CFF243F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-05-10] (Piriform Ltd) Task: {E2E128F3-954D-471E-B746-E2F2697FB0BB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-05-12] (Microsoft Corporation) Task: {E3B642B9-EAC0-46EC-B296-AB8CD5B3EA3C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-05-17] (Microsoft Corporation) Task: {EB5AFB0E-7E08-402A-A088-E8A262E9A5C4} - System32\Tasks\{0A54752F-E585-4232-95EA-69B815BAEF99} => C:\Windows\system32\pcalua.exe -a "C:\Users\User\Desktop\Easy Custom KB-100.exe" -d C:\Users\User\Desktop Task: {F7D3F7F4-708B-4098-9CD1-148D8A8DFC97} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-05-17] (Microsoft Corporation) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) ==================== Atalhos & WMI ======================== (As entradas podem ser listadas para serem restauradas ou removidas.) ==================== Módulos Carregados (Whitelisted) ============== 2017-06-20 00:57 - 2012-10-25 17:26 - 000078456 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll 2017-06-20 00:57 - 2012-10-25 17:26 - 000386168 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll 2010-01-30 01:40 - 2010-01-30 01:40 - 004254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2018-04-25 15:22 - 2018-04-17 02:01 - 004443992 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.117\libglesv2.dll 2018-04-25 15:22 - 2018-04-17 02:01 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.117\libegl.dll 2018-05-10 22:04 - 2018-05-10 22:04 - 000836968 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\kpcengine.2.3.dll 2010-01-30 01:41 - 2010-01-30 01:41 - 004254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2016-02-06 17:07 - 2018-05-08 12:15 - 081767312 _____ () C:\Users\User\AppData\Roaming\Spotify\libcef.dll 2016-02-06 17:07 - 2018-05-08 12:15 - 003740560 _____ () C:\Users\User\AppData\Roaming\Spotify\libglesv2.dll 2016-02-06 17:07 - 2018-05-08 12:15 - 000088464 _____ () C:\Users\User\AppData\Roaming\Spotify\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> 008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> 00hq.com IE restricted site: HKU\.DEFAULT\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\.DEFAULT\...\01i.info -> 01i.info IE restricted site: HKU\.DEFAULT\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\.DEFAULT\...\05p.com -> 05p.com IE restricted site: HKU\.DEFAULT\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\.DEFAULT\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\.DEFAULT\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\.DEFAULT\...\0calories.net -> 0calories.net IE restricted site: HKU\.DEFAULT\...\0cj.net -> 0cj.net IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0scan.com IE restricted site: HKU\.DEFAULT\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1-se.com -> 1-se.com IE restricted site: HKU\.DEFAULT\...\1001movie.com -> 1001movie.com IE restricted site: HKU\.DEFAULT\...\1001night.biz -> 1001night.biz IE restricted site: HKU\.DEFAULT\...\100gal.net -> 100gal.net IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com Existem ainda 4788 sites a mais. IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-976454829-4156036392-909821612-1001\...\100sexlinks.com -> 100sexlinks.com Existem ainda 4788 sites a mais. ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-13 23:34 - 2018-05-20 23:12 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-976454829-4156036392-909821612-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == MSCONFIG\Services: BEService => 3 MSCONFIG\Services: CodeMeter.exe => 3 MSCONFIG\Services: IObitUnSvr => 2 MSCONFIG\Services: MBAMService => 3 MSCONFIG\startupfolder: C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BrOffice.org 3.1.lnk => C:\Windows\pss\BrOffice.org 3.1.lnk.Startup MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{4A53DFA6-8B89-4E64-B038-CB6E06354ED4}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{951622C0-0480-4BB9-9EA1-CACBBAF91B44}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{CB63AE89-27FB-40ED-BF9C-3669E2A04661}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{CEB1128A-55C0-403F-A1D5-1D0AC597BD60}] => (Allow) LPort=2869 FirewallRules: [{47A09E3B-3F27-4AA4-9C33-6477F4DD7557}] => (Allow) LPort=1900 FirewallRules: [{C77D712A-9F2A-45AC-8ED2-20FC7C6D32E3}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{1FA85B2A-4051-4A84-9C4C-A7611BF1E37E}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{5E01399B-38DC-4304-BF9C-63BE0E18C5F1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{4799E4F5-6819-4B5F-803F-9AE851095CAC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [TCP Query User{15A47459-56CD-4439-BAB0-8665D1C45079}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{87A09F04-D92C-4602-8890-96EA761B033B}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe FirewallRules: [{62FB8FB8-8A47-42E0-97B0-EB78E369D104}] => (Block) C:\users\user\appdata\roaming\spotify\spotify.exe FirewallRules: [{8D633651-B1BD-4832-88F3-C072A48A77E2}] => (Block) C:\users\user\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{45014A96-2CC3-4A76-8635-D8162E24A675}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe FirewallRules: [UDP Query User{66BE3863-9FD9-4E2D-9F6A-857EECF6D4F1}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe FirewallRules: [TCP Query User{E1D70244-FA1A-48CF-AFAB-AA323FEED5E2}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe FirewallRules: [UDP Query User{F5604168-D190-4F94-B8C8-A900FC021686}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe FirewallRules: [{356E98A7-F883-4450-8F99-1D1997A98139}] => (Allow) LPort=29000 FirewallRules: [{0497DFBE-F188-4E62-958A-1EF8738043D2}] => (Allow) LPort=29001 FirewallRules: [{0CD84221-AD22-43C9-8B0B-93BFA91D4B94}] => (Allow) LPort=29002 FirewallRules: [{93D58BC9-245B-4944-AD3A-C679E2446097}] => (Allow) LPort=29003 FirewallRules: [{252BCC39-0C09-46B0-9D62-F4AA1BDCA84E}] => (Allow) LPort=29004 FirewallRules: [{F58554BB-52EF-4A94-B833-1A91C3BD4741}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\PrinceOfPersia.EXE FirewallRules: [{FE03D9D0-C37B-43E4-AEE3-9095783E3EEF}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\PrinceOfPersia.EXE FirewallRules: [{A7475E60-876D-4B24-B04F-1F44200D8DD1}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\POP.EXE FirewallRules: [{9C219188-E034-4BBD-8684-8899D07A6567}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\POP.EXE FirewallRules: [TCP Query User{C6F62DC1-3715-4CE7-AC56-05FE265ED637}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe FirewallRules: [UDP Query User{349FF5DC-6616-46C7-949E-EA4B8DFFED5D}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe FirewallRules: [{0C089EF6-4544-4E42-8D48-FABC8BB90505}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe FirewallRules: [{3BAF5F47-EB3D-4531-9944-62A8406F996F}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{A30B92D7-D4FE-4103-92B7-D6F93350BCB1}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe FirewallRules: [{86478D9D-4952-4164-9D3A-D2103B8942D5}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{36EAA819-BB2D-4306-9DB3-9FD9094F3C55}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\PTInstOnline.exe FirewallRules: [{C0936FF2-9AA5-485B-ACFC-98202460CF35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Reigns\Reigns.exe FirewallRules: [{6E764C1A-D4F1-4270-8712-D3D897EB5AE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Reigns\Reigns.exe FirewallRules: [{B27CDD49-C5B5-484F-B844-5FB8CA3C7B8B}] => (Allow) LPort=29000 FirewallRules: [{E72D2747-3A41-43C7-A945-49DD6F40E1E3}] => (Allow) LPort=29001 FirewallRules: [{5B37978F-8C55-44D0-B6FA-174D65B3B72A}] => (Allow) LPort=29002 FirewallRules: [{48A09268-9FB2-4911-99ED-E2FE6A3F328A}] => (Allow) LPort=29003 FirewallRules: [{1ADFEC35-08EC-4F0C-BDFB-55B93FF6292E}] => (Allow) LPort=29004 FirewallRules: [{EE23487B-0997-467F-9916-0A0D356513AF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{2981A7C0-0351-4C58-BE35-6630CC40E441}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{35C70082-926D-4EFA-96DE-F24C1155B6A6}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe FirewallRules: [{DD8C2C34-3AF0-4D12-B029-D2FC90B7602F}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{29148AE2-F10D-4997-9B52-C63227E49C4F}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe FirewallRules: [{7F8792E7-1EB8-43C2-9432-84A339F7ED19}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{F1596828-2AD3-4907-8E3D-A04C7490FA81}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\PTInstOnline.exe FirewallRules: [{D79E6768-AE8A-4112-BDF8-F5028F5168D7}] => (Block) LPort=445 FirewallRules: [{8EFAB116-4BF3-41AF-A2F0-D438BF15356E}] => (Block) LPort=445 FirewallRules: [{9130C65F-FE9B-4397-BDBD-2F312D403BC5}] => (Allow) C:\Program Files (x86)\Brasil MapleStory2\Patcher.exe FirewallRules: [{F559AB52-40FE-4613-8E26-196C7610B71C}] => (Allow) C:\Program Files (x86)\Brasil MapleStory2\Patcher.exe FirewallRules: [{15E98447-FC67-4D7C-B42B-356E489A20D8}] => (Allow) C:\Program Files (x86)\Brasil MapleStory2\Patcher.exe FirewallRules: [{CAC61D0E-6C19-4F33-849D-DEF9593C86F5}] => (Allow) C:\Program Files (x86)\Brasil MapleStory2\Patcher.exe FirewallRules: [{FD8E87C2-E8EF-4F33-AE80-F7AB0610740D}] => (Allow) C:\Users\User\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe FirewallRules: [{1A9C9E96-BBCF-4199-B52F-01F0C677D64C}] => (Allow) C:\Users\User\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe FirewallRules: [{9EF01518-829A-422B-85AA-DD84AE0FFC9C}] => (Allow) C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe FirewallRules: [{EC57E5AD-6F49-41CB-B774-B0DB0EAE3DCE}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{5F602E29-2822-4103-8AB7-737F358275C9}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{0FF9DAD9-70B1-425D-8CF3-F414ADD43FE3}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{EE335716-80CC-4561-801B-0B0E890C8518}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{64B7243F-FD24-40B3-B9A2-2676C2FE6B21}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{481CE2F3-895F-4CAF-B2AC-105CC8F73E91}] => (Allow) LPort=8318 FirewallRules: [{A95553C1-0FCB-405F-8BFE-5E8786F10E73}] => (Allow) C:\Program Files (x86)\Opera\52.0.2871.40\opera.exe FirewallRules: [{3BC249BB-20E4-4D79-9148-67ECCE9FF9EC}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe FirewallRules: [{E37C694A-9AE5-49A5-81F6-8031F3DBEA58}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe FirewallRules: [{81B5F2D9-4121-46FD-964B-B537573FF7A4}] => (Allow) C:\Nexon\MapleStory\Croosade.exe FirewallRules: [{FCF49E44-7CA5-4A19-A40C-10DDD9E057C6}] => (Allow) C:\Nexon\MapleStory\Croosade.exe FirewallRules: [{2C82E60E-B224-46E1-AEB3-96E6E6ABF117}] => (Allow) C:\Nexon\MapleStory\Croosade.exe FirewallRules: [{CF7281A3-282D-4F47-9275-DEDFED1FB8ED}] => (Allow) C:\Nexon\MapleStory\Croosade.exe FirewallRules: [{543D8FFC-AB4F-49A1-8BA5-19A1DB0EC897}] => (Allow) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe FirewallRules: [{FE8EC2D5-453F-442A-B6E8-F926A8C923DF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{7C1CC380-0868-4197-BC4E-6923EC80DB2B}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe FirewallRules: [UDP Query User{F8FBDE0D-3508-46E1-B67F-2B9BF3550E55}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe FirewallRules: [TCP Query User{D1532624-1812-4D66-920E-67F95308BC9A}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe FirewallRules: [UDP Query User{B2C1FB8A-B96C-4310-A1C1-CA0F65B8E7C5}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server ==================== Pontos de Restauração ========================= 19-05-2018 21:07:35 Operação de restauração 19-05-2018 21:25:55 Revo Uninstaller's restore point - Advanced SystemCare 11 20-05-2018 22:13:18 Revo Uninstaller's restore point - IObit Uninstaller 20-05-2018 22:15:55 Revo Uninstaller's restore point - Malwarebytes versão 3.5.1.2522 20-05-2018 23:12:21 Restore Point Created by FRST ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: ARKMWDAN IDE Controller Description: ARKMWDAN IDE Controller Class Guid: {4D36E97B-E325-11CE-BFC1-08002BE10318} Manufacturer: (Standard mass storage controllers) Service: a4v4uvs9 Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39) Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver. Name: Lexmark X422 Description: Lexmark X422 Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: Lexmark Service: usbscan Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Teredo Tunneling Pseudo-Interface Description: Adaptador de Túnel Teredo da Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (05/21/2018 10:42:16 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado. . Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante. Operação: Obtendo Dados do Gravador Contexto: Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220} Nome do Gravador: System Writer ID de Instância de Gravador: {4caa72aa-b453-4949-ab98-75164ac23ef7} Error: (05/20/2018 11:12:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddWin32ServiceFiles: Unable to back up image of service Win I Service since QueryServiceConfig API failed System Error: O sistema não pode encontrar o arquivo especificado. . Error: (05/20/2018 11:12:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddWin32ServiceFiles: Unable to back up image of service KMService since QueryServiceConfig API failed System Error: O sistema não pode encontrar o arquivo especificado. . Error: (05/20/2018 11:12:20 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado. . Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante. Operação: Obtendo Dados do Gravador Contexto: Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220} Nome do Gravador: System Writer ID de Instância de Gravador: {d87f3aa2-6d7f-4182-94c0-773263c3677c} Error: (05/20/2018 10:13:18 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado. . Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante. Operação: Obtendo Dados do Gravador Contexto: Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220} Nome do Gravador: System Writer ID de Instância de Gravador: {63dbb339-1454-495a-8bac-4f622011adc1} Error: (05/19/2018 09:25:55 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado. . Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante. Operação: Obtendo Dados do Gravador Contexto: Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220} Nome do Gravador: System Writer ID de Instância de Gravador: {1b5c666d-a4f2-49db-85d1-fa0da506af46} Erros de Sistema: ============= Error: (05/21/2018 10:20:50 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: O serviço Agrupamento de Rede de Mesmo Nível depende do serviço Protocolo PNRP, mas não foi possível iniciá-lo devido ao seguinte erro: %%-2140993535 Error: (05/21/2018 10:20:50 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: O serviço Protocolo PNRP terminou com o erro: %%-2140993535 Error: (05/21/2018 10:20:50 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: O serviço Agrupamento de Rede de Mesmo Nível depende do serviço Protocolo PNRP, mas não foi possível iniciá-lo devido ao seguinte erro: %%-2140993535 Error: (05/21/2018 10:20:50 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: O serviço Protocolo PNRP terminou com o erro: %%-2140993535 Error: (05/21/2018 10:20:50 AM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: A nuvem do Protocolo de Resolução de Nomes de Mesmo Nível não foi iniciada porque houve falha na criação da identidade padrão com o código de erro: 0x80630801. Error: (05/21/2018 10:20:50 AM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: A nuvem do Protocolo de Resolução de Nomes de Mesmo Nível não foi iniciada porque houve falha na criação da identidade padrão com o código de erro: 0x80630801. Error: (05/21/2018 10:11:50 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: O servidor {DCAB0989-1301-4319-BE5F-ADE89F88581C} não se registrou com o DCOM dentro do tempo limite requerido. Error: (05/21/2018 10:02:24 AM) (Source: Schannel) (EventID: 4119) (User: AUTORIDADE NT) Description: O seguinte alerta fatal foi recebido: 112. CodeIntegrity: =================================== Date: 2018-05-21 10:01:00.274 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FMAPO64.dll because the set of per-page image hashes could not be found on the system. Date: 2018-05-21 02:30:04.975 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FMAPO64.dll because the set of per-page image hashes could not be found on the system. Date: 2018-05-21 02:25:17.416 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FMAPO64.dll because the set of per-page image hashes could not be found on the system. Date: 2018-05-21 01:53:35.799 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FMAPO64.dll because the set of per-page image hashes could not be found on the system. Date: 2018-05-20 23:18:10.813 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FMAPO64.dll because the set of per-page image hashes could not be found on the system. Date: 2018-05-20 23:01:27.102 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FMAPO64.dll because the set of per-page image hashes could not be found on the system. Date: 2018-05-20 16:22:07.571 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FMAPO64.dll because the set of per-page image hashes could not be found on the system. Date: 2018-05-20 12:32:57.219 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FMAPO64.dll because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: AMD Phenom(tm) II X4 850 Processor Percentagem de memória em uso: 41% RAM física total: 8191.3 MB RAM física disponível: 4763.64 MB Virtual Total: 16380.78 MB Virtual disponível: 12278.02 MB ==================== Drives ================================ Drive c: (Windows 7 64 Bits) (Fixed) (Total:931.41 GB) (Free:4.95 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)] Drive d: (DVD_QI) (CDROM) (Total:3.95 GB) (Free:0 GB) UDF \\?\Volume{867523ab-ccd4-11e5-9e16-806e6f6e6963}\ (Reservado pelo Sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 790A11FA) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================