Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 26-12-2017
Executado por Fran (29-12-2017 16:25:14)
Executando a partir de D:\Downloads
Windows 10 Pro Versão 1703 15063.786 (X64) (2017-10-18 05:10:50)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-1737901907-2937910466-1665796672-500 - Administrator - Disabled)
Convidado (S-1-5-21-1737901907-2937910466-1665796672-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1737901907-2937910466-1665796672-503 - Limited - Disabled)
Fran (S-1-5-21-1737901907-2937910466-1665796672-1001 - Administrator - Enabled) => C:\Users\Fran
HomeGroupUser$ (S-1-5-21-1737901907-2937910466-1665796672-1003 - Limited - Enabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 18.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
ANDY OS (HKLM-x32\...\ANDY OS) (Version: 1.1 - andyroid.net)
Anki (HKLM-x32\...\Anki) (Version: - )
Apple Mobile Device Support (HKLM\...\{E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5}) (Version: 11.0.0.30 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Backup and Sync from Google (HKLM-x32\...\{9AC75ED0-A54A-4AEA-9563-87572879D91C}) (Version: 3.36.6721.3394 - Google, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom NetLink Controller (HKLM\...\{7FBA83D7-D58E-4B70-9B9B-12E95B183B22}) (Version: 16.6.1.3 - Broadcom Corporation)
CGS17_Setup_x64 (HKLM\...\{83646B67-A878-4E95-BB4B-AF4A6E61F28C}) (Version: 17.0 - Corel Corporation) Hidden
Core FTP LE (x64) (HKLM-x32\...\CoreFTP(x64)) (Version: - )
Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (HKLM\...\{FD4A43CE-ABAE-4161-83AC-314A3C804F42}) (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - BR (x64) (HKLM\...\{FC41DFBE-6C39-4C84-949B-7CB1E6460C7A}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (HKLM\...\{2C91CB9D-323D-43E5-A433-229B71CFB773}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (HKLM\...\{9178F0A8-B6F6-4DA7-AD63-317CC4875F4B}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (HKLM\...\{BD036E95-A9CD-4DED-B744-95AB1DCAFF0C}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (HKLM\...\{5162E418-BB43-4C8F-ACD6-069645EF98C3}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (HKLM\...\{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (HKLM\...\{D10A5CFA-FE33-4F06-AE37-554604F00A52}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (HKLM\...\{5406029B-67AD-4F8E-9F2D-F1959CD9CD86}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (HKLM\...\{EF44BCCD-13F9-4974-862C-CCFAF43EE082}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (HKLM\...\{13179AB2-69FD-459B-800F-81865A501AD4}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (HKLM\...\{C922F325-DD52-4E22-B204-431A06E63E51}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (HKLM\...\{1A73168F-5983-46A6-AAAB-FD83BC231E02}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (HKLM\...\{C57EDB5A-AC8E-4E03-9F1A-DC013A2BB9B2}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (HKLM\...\{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (HKLM\...\{5672E0DC-7489-4EAC-8CFD-E01B3868FCB5}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (HKLM\...\{966996DC-D67C-40E3-8BD4-31FA0F093571}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (HKLM\...\{D63404AC-C2F1-4B3D-96EA-9727AC9D994C}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation)
CrashPlan (HKLM\...\{08523B5C-3378-4631-8D11-EF5069716D6A}) (Version: 4.7.0.344 - Code 42 Software)
CrashPlan PRO (HKLM\...\{FB02D7E4-5CD4-47C4-8562-C30110056794}) (Version: 4.9.0.33 - Code 42 Software)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
D-Book 6.7.1 (HKLM-x32\...\D-Book) (Version: - )
FileZilla Client 3.29.0 (HKLM-x32\...\FileZilla Client) (Version: 3.29.0 - Tim Kosse)
Galeria de Fotos (HKLM-x32\...\{9EE1AE8B-4872-41CA-8C9A-C33D899523E0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.12.0.2 - )
GoLabel (HKLM-x32\...\{E90E3277-C17B-4BD6-9EE5-76B7B4C8CB79}) (Version: 1.0.290 - GoDEX)
Google Chrome (HKLM-x32\...\{C3FF5ACB-174A-3E07-AE2A-62063FBCC9B1}) (Version: 63.0.3239.84 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HD Webcam (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10275 - Realtek Semiconductor Corp.)
HP LaserJet Pro MFP M127-M128 (HKLM-x32\...\{3b050369-8d19-413d-9dec-84ff278472eb}) (Version: 15.0.15246.1255 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDXP (HKLM-x32\...\{EF292659-1504-4F78-A737-471E50D8E0A1}) (Version: 3.0.26.40 - HP) Hidden
HPLJDXPHelper (HKLM-x32\...\{010788AB-706E-4604-A46B-6785EAB64B5E}) (Version: 140.069.007 - HP) Hidden
HPLJProMFPM127M128 (HKLM-x32\...\{B5409C23-DE0C-4B48-8C8A-50AE38694955}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUTCore (HKLM-x32\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
HPLJUTM127_128 (HKLM-x32\...\{2C886751-51BD-4A8C-B33A-B4C513AB5B9A}) (Version: 008.000.0001 - HP) Hidden
hppLaserJetService (HKLM-x32\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM125LaserJetService (HKLM-x32\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM-x32\...\{E35D0ED5-716B-4E1F-8477-54DD746DF527}) (Version: 140.040.00231 - Hewlett Packard) Hidden
hpStatusAlertsM127-M128 (HKLM-x32\...\{10D7EBAF-A550-48CD-8511-7D947184EE44}) (Version: 080.046.00112 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{7464D896-C63C-412E-8ED3-3261C9F14E21}) (Version: 7.0.1.210 - Apple Inc.)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation)
IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2015) (Version: 1.0 - Receita Federal do Brasil)
IRPF2017 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2017) (Version: 1.0 - Receita Federal do Brasil)
iTunes (HKLM\...\{0FE72666-4982-4570-85EE-B5ED05B3418A}) (Version: 12.7.0.166 - Apple Inc.)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.17 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
KB4023057 (HKLM\...\{0C050BEE-16BE-4998-8959-2A421433DB6E}) (Version: 2.5.0.0 - Microsoft Corporation)
K-Lite Codec Pack 10.9.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.9.0 - )
KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - )
LJDXPHelperUI (HKLM-x32\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
Malwarebytes versão 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.20.00.03 - Huawei Technologies Co.,Ltd)
Movie Maker (HKLM-x32\...\{C05F4139-CB6B-4272-A0BF-861FEB667F27}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MPC-HC 1.7.9 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.9 - MPC-HC Team)
My Picture Book (HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\My Picture Book) (Version: My Picture Book 2015.2.0 - MyPicturebook)
Nox APP Player (HKLM-x32\...\Nox) (Version: 3.7.1.0 - Duodian Technology Co. Ltd.)
nutraCoster (HKLM-x32\...\nutraCoster) (Version: - )
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH)
PDF Architect 3 Create Module (HKLM-x32\...\{38BA288B-C4F4-4C62-9237-4BFAB374F966}) (Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Edit Module (HKLM-x32\...\{5183F03D-90FA-493B-A074-F0F78B8486AD}) (Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 View Module (HKLM-x32\...\{EB24E9E7-4BC1-4FD7-BF86-BDE07A7A03D7}) (Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.1 - pdfforge)
Photobook Designer (HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\Photobook Designer) (Version: Photobook Designer 2016.2.0 - Photobook Worldwide)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.370.70 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 1.0.1 - HP)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
Smilebox (HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\Smilebox) (Version: 1.0.0.31483 - Smilebox, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StudioTax 2016 (HKLM-x32\...\{7848E1ED-9B3C-4AF1-9BEB-FF01C38A41CE}) (Version: 12.0.4.0 - BHOK IT Consulting)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{D0E45DEC-F4B9-4370-A9DF-66837789C2EF}) (Version: 6.0.2 - Apple Inc.)
Sweet Home 3D version 3.3 (HKLM-x32\...\Sweet Home 3D_is1) (Version: - eTeks)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.4 - Synaptics Incorporated)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.22298 - TeamViewer)
Unity Web Player (HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\UnityWebPlayer) (Version: 5.1.3f1 - Unity Technologies ApS)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{2BA6245D-FBB9-42F6-AFD9-C0DC52763AD5}) (Version: - Microsoft)
Warsaw 2.0.3.2 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.0.3.2 - GAS Tecnologia)
WinDirStat 1.1.2 (HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\WinDirStat) (Version: - )
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Driver Package - BigNox Corporation (VBoxUSB) USB (09/16/2015 4.3.12) (HKLM\...\76B144D15273552931249392EDB13C0BBD52C84E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation VBoxUSBMon System (09/16/2015 4.3.12) (HKLM\...\39F54A37125643D2E1E90FA7D81F36ACC9441510) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation XQHDrv System (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Fran\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Fran\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> Nenhum Arquivo
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-31] (Google)
ContextMenuHandlers1: [Kaspersky Anti-Virus 16.0.1] -> {7E2FE095-E536-4F69-AC17-997E9EAEBD4D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\shellex.dll [2015-12-22] (AO Kaspersky Lab)
ContextMenuHandlers1: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-04-28] (AO Kaspersky Lab)
ContextMenuHandlers1-x32: [PDFArchitect3_PDFManagerExt] -> {7519DD38-AA6F-4250-8E81-F1576DA1A05E} => C:\Program Files (x86)\PDF Architect 3\creator-context-menu.dll [2015-04-24] (pdfforge GmbH)
ContextMenuHandlers1-x32: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-09-18] (Apple Inc.)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> Nenhum Arquivo
ContextMenuHandlers2: [Kaspersky Anti-Virus 16.0.1] -> {7E2FE095-E536-4F69-AC17-997E9EAEBD4D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\shellex.dll [2015-12-22] (AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-04-28] (AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> Nenhum Arquivo
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-31] (Google)
ContextMenuHandlers4: [Kaspersky Anti-Virus 16.0.1] -> {7E2FE095-E536-4F69-AC17-997E9EAEBD4D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\shellex.dll [2015-12-22] (AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-04-28] (AO Kaspersky Lab)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Intel Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 16.0.1] -> {7E2FE095-E536-4F69-AC17-997E9EAEBD4D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\shellex.dll [2015-12-22] (AO Kaspersky Lab)
ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-04-28] (AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {04673291-C5EF-47A7-801D-CDA0BC7FE46D} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2013-12-11] ()
Task: {16AC08B4-D1CC-4DE1-B65C-77ACEDB9B727} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {190C8B50-3C66-4C1D-BFBF-CC375C18C09F} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {2B770522-AF31-4F5B-AF67-103A1F860BAF} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2014-10-19] (Hewlett Packard)
Task: {2CCF5D59-35C9-409C-9113-B357A6F8FB82} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {325DA9F5-6086-4BD3-BABF-7EEFA4B03692} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {377C4FEE-28BB-41A2-8734-28AA17CB730E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {37802D34-F835-4BFF-951C-970B9C438CD6} - System32\Tasks\Driver Booster SkipUAC (Fran) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {3DFE4589-2D42-4B7C-A012-13B69A1E3E39} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-12-13] (Microsoft Corporation)
Task: {42FD94CF-4D3C-4E9E-A891-A8B315660EC7} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {51C6FAFF-D02A-4F49-A813-74A6D7B74C73} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {560A9B03-FD17-42A1-990B-85FD89C85DAF} - \CCleanerSkipUAC -> Nenhum Arquivo <==== ATENÇÃO
Task: {590507B8-5DAC-4A0E-AF39-97B2AF403F07} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {60E61902-20A5-411E-A852-A9CCE3C176C7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-12] (Adobe Systems Incorporated)
Task: {68F532DA-A341-4C90-B8C8-8DB4DCB4E14D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {6A1056CF-B630-451D-BE78-C0599D20D25E} - System32\Tasks\AdobeAAMUpdater-1.0-Note-Fran => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-25] (Adobe Systems Incorporated)
Task: {6B42ADB4-029E-47CF-BE8C-000E7805A014} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {6D028A14-56D9-4356-A649-370D5C3BE00D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {70A1005F-15EF-44BE-855F-ADDF13EF3FD1} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {74EF696F-C23C-4AA1-9B05-B8D2B7D233FA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {768F9876-3F6D-45AB-80BB-DEFA66FBDD24} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {78B1F135-6FA0-417E-B147-35DF6336338B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {7D19941B-CF6D-458F-A08C-CCBCA8484C1A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {898ECF16-5849-4FED-B50A-A5592BEBF7E8} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-07-14] (Apple Inc.)
Task: {8C92139B-BA13-47DC-A2F3-6818B23C1AD6} - System32\Tasks\S-1-5-21-1737901907-2937910466-1665796672-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-11-01] (Microsoft Corporation)
Task: {8EE61BAC-4044-4091-A24E-5A23BDFFFCF8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {967F0811-6702-4DE3-8ED6-849152392384} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÇÃO
Task: {A0DFBE60-28DC-4E97-8A25-7BA41D4FBC73} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {ACA01122-3425-49AD-AEB4-57444EE79908} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {B604D968-0C77-484C-A734-E97AE4552A6B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {C91BDA67-9C71-4C73-8A32-DD551AA2E6EC} - \WPD\SqmUpload_S-1-5-21-1737901907-2937910466-1665796672-1001 -> Nenhum Arquivo <==== ATENÇÃO
Task: {DCEFC343-2C89-4BEF-8935-966C9664EC4E} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-12-12] ()
Task: {E18BAB20-BE20-477C-A91C-E405F980EDC6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {EAEB61D0-C9B1-4467-910D-8425C4F97B7D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {F51142A4-B1ED-4457-939F-B49E1A262552} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\Fran\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Frank Pardo - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
==================== Módulos Carregados (Whitelisted) ==============
2015-12-02 05:00 - 2013-04-15 05:50 - 000198144 _____ () C:\WINDOWS\System32\HP1006LM.DLL
2015-06-03 04:26 - 2009-11-20 08:43 - 000405504 _____ () C:\WINDOWS\System32\HPM1210LM.DLL
2015-12-02 05:00 - 2013-04-15 05:50 - 000065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1006PP.dll
2015-06-03 04:28 - 2009-11-20 08:43 - 000074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-09-01 01:49 - 2017-09-01 01:49 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-07-27 15:48 - 2017-07-27 15:48 - 000014848 _____ () C:\Program Files\CrashPlan\md564.dll
2017-07-27 15:48 - 2017-07-27 15:48 - 000238592 _____ () \\?\C:\Program Files\CrashPlan\cpnative64.dll
2017-07-27 15:48 - 2017-07-27 15:48 - 000082432 _____ () \\?\C:\Program Files\CrashPlan\c42archive64.dll
2017-07-27 15:48 - 2017-07-27 15:48 - 000484864 _____ () \\?\C:\Program Files\CrashPlan\libleveldb64.dll
2015-02-16 06:56 - 2013-06-21 06:35 - 000135168 _____ () C:\Windows\SysWOW64\ChgService.exe
2015-02-20 12:17 - 2013-01-27 18:49 - 000239184 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2017-11-06 11:32 - 2017-11-06 11:32 - 000076456 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2017-03-18 12:58 - 2017-03-18 12:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-08-31 16:18 - 2017-08-31 16:18 - 040257336 _____ () C:\Program Files (x86)\Google\Drive\googledrivesync.exe
2017-12-14 13:43 - 2017-12-05 20:24 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.84\libglesv2.dll
2017-12-14 13:43 - 2017-12-05 20:24 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.84\libegl.dll
2017-10-18 06:55 - 2017-10-18 06:56 - 004252672 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-09-26 04:33 - 2017-09-26 04:34 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-12-11 10:14 - 2017-12-11 10:15 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-12-11 10:14 - 2017-12-11 10:15 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-12-11 10:14 - 2017-12-11 10:15 - 024735744 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-12-11 10:14 - 2017-12-11 10:15 - 002551808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\skypert.dll
2017-12-11 10:14 - 2017-12-11 10:15 - 000671744 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2017-03-18 12:59 - 2017-03-19 19:59 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-12-06 07:27 - 2017-12-06 07:28 - 000061952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2017-07-12 21:39 - 2017-07-12 21:39 - 004321280 _____ () C:\Program Files\WindowsApps\Microsoft.XboxIdentityProvider_11.29.23003.0_x64__8wekyb3d8bbwe\XboxIdp.dll
2017-07-12 21:39 - 2017-07-12 21:39 - 000055296 _____ () C:\Program Files\WindowsApps\Microsoft.XboxIdentityProvider_11.29.23003.0_x64__8wekyb3d8bbwe\XboxIdp.Native.dll
2016-06-27 23:19 - 2016-06-27 23:19 - 000865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2015-01-27 09:31 - 1999-12-31 16:00 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-04-28 22:49 - 2017-04-28 22:49 - 001359456 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\KasperskyLab.Ksde.NativeInterop.dll
2017-12-24 15:13 - 2017-12-24 15:13 - 000088064 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\_ctypes.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000918528 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\_hashlib.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000098816 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\win32api.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000110080 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\pywintypes27.dll
2017-12-24 15:13 - 2017-12-24 15:13 - 000364544 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\pythoncom27.dll
2017-12-24 15:13 - 2017-12-24 15:13 - 000686080 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\unicodedata.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000320512 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\win32com.shell.shell.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 001177088 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\wx._core_.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000806912 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\wx._gdi_.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000816640 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\wx._windows_.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 001067520 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\wx._controls_.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000733696 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\wx._misc_.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000736256 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\pysqlite2._sqlite.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000119808 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\win32file.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000108544 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\win32security.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000007168 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\hashobjs_ext.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000017920 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\thumbnails_ext.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000082432 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\usb_ext.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000013824 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\common.time34.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000018432 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\win32event.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000088576 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\windows.volumes.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000017408 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\windows.winwrap.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000167936 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\win32gui.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000046080 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\_socket.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 001309696 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\_ssl.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000129536 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\_elementtree.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000127488 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\pyexpat.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000038912 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\win32inet.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000077824 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\wx._html2.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000036864 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\_psutil_windows.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000524248 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\windows._lib_cacheinvalidation.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000011264 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\win32crypt.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000218624 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\PIL._imaging.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000027648 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\_multiprocessing.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000020480 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\_yappi.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000035840 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\win32process.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000024064 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\win32pipe.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000010240 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\select.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000025600 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\win32pdh.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000058880 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\windows.device_monitor.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000017408 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\win32profile.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000022528 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\win32ts.pyd
2016-09-14 21:36 - 2017-11-28 21:09 - 000781088 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-09-14 21:36 - 2016-08-31 17:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-09-14 21:36 - 2017-12-15 11:59 - 002558752 _____ () C:\Program Files (x86)\Steam\video.dll
2017-12-22 19:53 - 2017-11-03 17:54 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2017-12-22 19:53 - 2017-11-03 17:54 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2017-12-22 19:53 - 2017-11-03 17:54 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2017-12-22 19:53 - 2017-11-03 17:54 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2017-12-22 19:53 - 2017-11-03 17:54 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2016-09-14 21:36 - 2016-08-31 17:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-09-14 21:36 - 2016-08-31 17:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-09-14 21:36 - 2017-12-15 11:59 - 000904992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-09-14 21:36 - 2016-07-04 14:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-12-22 19:53 - 2017-09-06 18:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2016-12-16 17:17 - 2017-10-30 20:44 - 071471904 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2016-09-14 21:36 - 2015-09-24 15:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\bb.com.br -> aapj.bb.com.br
IE trusted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\caixa.gov.br -> imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\gastecnologia.com.br -> cloud.gastecnologia.com.br
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\100sexlinks.com -> 100sexlinks.com
Existem ainda 4788 sites a mais.
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2013-08-22 05:25 - 2013-08-22 05:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Fran\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\IMG_1163.JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
HKLM\...\StartupApproved\Run: => "Classic Start Menu"
HKLM\...\StartupApproved\Run: => "VDownloader"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "VDownloader"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "StatusAlerts"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\StartupApproved\Run: => "Steam"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{898E1767-1EDA-4C6F-858F-77F1C09D7DAE}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{8A1F8FA5-D4F4-4D9D-9A0E-4B340B1B6D20}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{0BD6DE53-96BD-4DD6-8CBA-BEB57F9FE728}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{648426E6-2977-490F-8FB9-5118F806C6CB}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{B4F40102-9574-418B-8037-E0824363B94A}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{6A1C80B7-A0C3-4A15-9538-0DD915D7DB58}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{E23CA071-2E55-4798-A178-BE988DE67663}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C4CAD836-0583-4E8B-89D3-84A56B70E07C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6F63516D-6816-43F6-96AA-19D5B4E4EE4B}] => (Allow) F:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{4C2A4FB3-FBAA-43C7-BFBB-32EF861F8ED8}] => (Allow) F:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{012C1569-6744-4CB6-BF21-5A5B94A424B3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4DCD4CF1-FF11-48F2-AA7D-98CC5E530F92}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BFAE5984-F1C1-44F8-90AA-ABB7FFBD55FE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5AAC531E-4DFA-4A9C-B574-E9A0A5023D2A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3EB78A69-4634-4522-8511-BA008E3773D1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F80D707A-E438-493D-9C2A-A13E6783DD8E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F7AB0B0D-7A55-4CA9-8C44-A7BBAABF1D3F}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe
FirewallRules: [{8AB68059-B9A4-44B4-9874-59A752B34784}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
FirewallRules: [{4C96206B-0453-41C3-A17B-E1E219F89B79}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{04D8AD49-4D1E-441C-90AD-864137EDDA25}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{5B45DA2F-CEEC-4140-9417-85FC035834CA}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{CF5656DE-2780-47EE-BC40-4C337845D0FC}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{7BB74257-76FF-4166-BA2E-96CD24E6C3C7}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{D215905B-BB9F-4133-8E4A-6ECCE87CA7D6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{8A003FE0-12FA-419A-B61A-B65284C342E8}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{8C6FDE46-BCE0-4623-BA4D-09D76FC4898D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{63DEC453-7A99-4013-A841-1B7712350A9F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{A56569DD-DC20-4FD9-AB4A-C0E1EB8204AE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{FDB9673C-F422-4C66-B08C-4D70078BFF96}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C83DFC3F-4123-458D-B04B-38DE29FAA95A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{BF2B22D4-5299-47D2-824A-4222181180B8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8A593C5F-50C9-4859-B5C2-90B347249FAB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3AB9F682-BAAD-49FB-92DA-53BE2BE59369}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8CA5EC8A-3361-42E2-8338-723AB2F3E2B8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2C109AE2-EB69-439D-B52C-D9041B6866D4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B7DE958E-EE12-4348-B4E5-053502051C09}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{98A6D2E0-E688-4E65-82DD-276ECE8FD816}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{86EC42F2-FC86-4B8B-AB19-8A577861CFA8}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{75F522CF-BFB1-4A27-8589-E5D83BF4CDB7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{7DB0E421-2BC3-4C96-8054-3F39EEC4C3E9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{56A2BCC2-722A-407D-BB8A-DA56501AC1B2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{269E147A-DF86-456B-87A2-26307F11FE5E}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{DEDEC2F0-07B8-41B6-9F29-90220FA46834}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{BEE9A5C0-5981-4FCA-9BE9-1B58811E8C2B}] => (Allow) LPort=1688
FirewallRules: [{C0DDB4A3-7CE8-4F21-A127-628DDCD15B76}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{2049C73B-8438-4B06-BEBC-B5A59B078E0C}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{21CB6132-8EEA-48D8-B0EA-4F2036388A4A}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{4D92B305-0949-4C32-836C-6E3CE6386804}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\bin\SendAFax.exe
FirewallRules: [{02C4AC2D-975D-4E14-8F8E-B0218A532983}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{C356F03A-36B1-4193-BC99-B906B460CE4E}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\bin\FaxPrinterUtility.exe
FirewallRules: [{E0B13563-FA0F-480A-BBEE-B888934C6B28}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\bin\FaxApplications.exe
FirewallRules: [{5A841CCD-72F5-4ED5-B8E4-FBF0409B9987}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{57350A20-8AFC-4247-B3ED-9C3D9EFCBC96}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\bin\EWSProxy.exe
FirewallRules: [{CCEF287D-D3B6-46F5-BEBC-1E68890A42CE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2B90B54C-06DA-49DE-A9BA-AAB8612841BB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{947B5099-2BC8-4309-A0CE-7F893F7406A8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A6FC41A2-1BCE-42C4-9BC3-BE0288BFD2F8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{706F74B5-4813-420D-92E2-9B4841FDDA42}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D9A745DA-B27D-4F0C-A823-166F7E008591}] => (Allow) LPort=2869
FirewallRules: [{E97F26B9-613D-45F7-9085-CADF023B2515}] => (Allow) LPort=1900
FirewallRules: [{2DCB2972-099E-4043-9A82-021245AE098E}] => (Allow) C:\Users\Fran\AppData\Roaming\Nox\bin\Nox.exe
FirewallRules: [{4393268F-2C7D-4D1F-B53B-851CF981F5E0}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe
FirewallRules: [{2A8BF4EA-5841-4F75-96B9-D7120B729C53}] => (Allow) C:\Program Files\CrashPlan\CrashPlanService.exe
FirewallRules: [{CBE67E89-52EB-4E28-AB88-FA3A9A0FCF85}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
ATENÇÃO: A Restauração do Sistema está desabilitada
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (12/29/2017 03:56:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 24 4.8.B.1.6.E.9.2.D.F.5.4.A.B.9.6.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR FranciscoPardo-2.local.
Error: (12/29/2017 03:56:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 169.254.27.132:5353 22 4.8.B.1.6.E.9.2.D.F.5.4.A.B.9.6.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR FranciscoPardo.local.
Error: (12/29/2017 03:56:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 24 132.27.254.169.in-addr.arpa. PTR FranciscoPardo-2.local.
Error: (12/29/2017 03:56:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 169.254.27.132:5353 22 132.27.254.169.in-addr.arpa. PTR FranciscoPardo.local.
Error: (12/29/2017 03:56:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname FranciscoPardo.local already in use; will try FranciscoPardo-2.local instead
Error: (12/29/2017 03:56:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 FranciscoPardo.local. Addr 192.168.0.17
Error: (12/29/2017 03:56:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.17:5353 16 FranciscoPardo.local. AAAA FD00:00FC:8D34:04A2:092A:C796:C001:FAAB
Error: (12/29/2017 09:18:58 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FRANCISCOPARDO)
Description: Falha na ativação do aplicativo Microsoft.Windows.Photos_8wekyb3d8bbwe!App com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (12/28/2017 04:56:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FRANCISCOPARDO)
Description: Falha na ativação do aplicativo Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (12/28/2017 03:31:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3703
Erros de Sistema:
=============
Error: (12/29/2017 01:59:46 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/29/2017 12:42:27 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/29/2017 11:53:13 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/29/2017 11:37:29 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070643: Atualização de Segurança para o Microsoft Silverlight (KB4023307).
Error: (12/29/2017 11:14:36 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/29/2017 10:47:21 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/29/2017 10:39:30 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/29/2017 10:31:30 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/29/2017 10:22:19 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/29/2017 10:00:51 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
CodeIntegrity:
===================================
Date: 2017-12-26 13:06:09.977
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Diebold\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-26 08:47:00.260
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Diebold\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-26 08:44:47.753
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-25 12:27:05.469
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Diebold\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-24 16:53:02.524
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Diebold\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-24 16:52:50.166
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-24 12:39:55.209
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Diebold\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-23 18:01:35.388
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Diebold\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-23 18:00:44.741
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-23 11:08:19.031
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Diebold\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-3337U CPU @ 1.80GHz
Percentagem de memória em uso: 75%
RAM física total: 5959.35 MB
RAM física disponível: 1484.88 MB
Virtual Total: 11862.83 MB
Virtual disponível: 4176.67 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:116.16 GB) (Free:33.69 GB) NTFS
Drive d: (Novo volume) (Fixed) (Total:348.57 GB) (Free:12.29 GB) NTFS
==================== MBR & Tabela de Partições ==================
==================== Fim de Addition.txt ============================
Executado por Fran (29-12-2017 16:25:14)
Executando a partir de D:\Downloads
Windows 10 Pro Versão 1703 15063.786 (X64) (2017-10-18 05:10:50)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-1737901907-2937910466-1665796672-500 - Administrator - Disabled)
Convidado (S-1-5-21-1737901907-2937910466-1665796672-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1737901907-2937910466-1665796672-503 - Limited - Disabled)
Fran (S-1-5-21-1737901907-2937910466-1665796672-1001 - Administrator - Enabled) => C:\Users\Fran
HomeGroupUser$ (S-1-5-21-1737901907-2937910466-1665796672-1003 - Limited - Enabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 18.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
ANDY OS (HKLM-x32\...\ANDY OS) (Version: 1.1 - andyroid.net)
Anki (HKLM-x32\...\Anki) (Version: - )
Apple Mobile Device Support (HKLM\...\{E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5}) (Version: 11.0.0.30 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Backup and Sync from Google (HKLM-x32\...\{9AC75ED0-A54A-4AEA-9563-87572879D91C}) (Version: 3.36.6721.3394 - Google, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom NetLink Controller (HKLM\...\{7FBA83D7-D58E-4B70-9B9B-12E95B183B22}) (Version: 16.6.1.3 - Broadcom Corporation)
CGS17_Setup_x64 (HKLM\...\{83646B67-A878-4E95-BB4B-AF4A6E61F28C}) (Version: 17.0 - Corel Corporation) Hidden
Core FTP LE (x64) (HKLM-x32\...\CoreFTP(x64)) (Version: - )
Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (HKLM\...\{FD4A43CE-ABAE-4161-83AC-314A3C804F42}) (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - BR (x64) (HKLM\...\{FC41DFBE-6C39-4C84-949B-7CB1E6460C7A}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (HKLM\...\{2C91CB9D-323D-43E5-A433-229B71CFB773}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (HKLM\...\{9178F0A8-B6F6-4DA7-AD63-317CC4875F4B}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (HKLM\...\{BD036E95-A9CD-4DED-B744-95AB1DCAFF0C}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (HKLM\...\{5162E418-BB43-4C8F-ACD6-069645EF98C3}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (HKLM\...\{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (HKLM\...\{D10A5CFA-FE33-4F06-AE37-554604F00A52}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (HKLM\...\{5406029B-67AD-4F8E-9F2D-F1959CD9CD86}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (HKLM\...\{EF44BCCD-13F9-4974-862C-CCFAF43EE082}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (HKLM\...\{13179AB2-69FD-459B-800F-81865A501AD4}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (HKLM\...\{C922F325-DD52-4E22-B204-431A06E63E51}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (HKLM\...\{1A73168F-5983-46A6-AAAB-FD83BC231E02}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (HKLM\...\{C57EDB5A-AC8E-4E03-9F1A-DC013A2BB9B2}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (HKLM\...\{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (HKLM\...\{5672E0DC-7489-4EAC-8CFD-E01B3868FCB5}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (HKLM\...\{966996DC-D67C-40E3-8BD4-31FA0F093571}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (HKLM\...\{D63404AC-C2F1-4B3D-96EA-9727AC9D994C}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation)
CrashPlan (HKLM\...\{08523B5C-3378-4631-8D11-EF5069716D6A}) (Version: 4.7.0.344 - Code 42 Software)
CrashPlan PRO (HKLM\...\{FB02D7E4-5CD4-47C4-8562-C30110056794}) (Version: 4.9.0.33 - Code 42 Software)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
D-Book 6.7.1 (HKLM-x32\...\D-Book) (Version: - )
FileZilla Client 3.29.0 (HKLM-x32\...\FileZilla Client) (Version: 3.29.0 - Tim Kosse)
Galeria de Fotos (HKLM-x32\...\{9EE1AE8B-4872-41CA-8C9A-C33D899523E0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.12.0.2 - )
GoLabel (HKLM-x32\...\{E90E3277-C17B-4BD6-9EE5-76B7B4C8CB79}) (Version: 1.0.290 - GoDEX)
Google Chrome (HKLM-x32\...\{C3FF5ACB-174A-3E07-AE2A-62063FBCC9B1}) (Version: 63.0.3239.84 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HD Webcam (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10275 - Realtek Semiconductor Corp.)
HP LaserJet Pro MFP M127-M128 (HKLM-x32\...\{3b050369-8d19-413d-9dec-84ff278472eb}) (Version: 15.0.15246.1255 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDXP (HKLM-x32\...\{EF292659-1504-4F78-A737-471E50D8E0A1}) (Version: 3.0.26.40 - HP) Hidden
HPLJDXPHelper (HKLM-x32\...\{010788AB-706E-4604-A46B-6785EAB64B5E}) (Version: 140.069.007 - HP) Hidden
HPLJProMFPM127M128 (HKLM-x32\...\{B5409C23-DE0C-4B48-8C8A-50AE38694955}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUTCore (HKLM-x32\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
HPLJUTM127_128 (HKLM-x32\...\{2C886751-51BD-4A8C-B33A-B4C513AB5B9A}) (Version: 008.000.0001 - HP) Hidden
hppLaserJetService (HKLM-x32\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM125LaserJetService (HKLM-x32\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM-x32\...\{E35D0ED5-716B-4E1F-8477-54DD746DF527}) (Version: 140.040.00231 - Hewlett Packard) Hidden
hpStatusAlertsM127-M128 (HKLM-x32\...\{10D7EBAF-A550-48CD-8511-7D947184EE44}) (Version: 080.046.00112 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{7464D896-C63C-412E-8ED3-3261C9F14E21}) (Version: 7.0.1.210 - Apple Inc.)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation)
IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2015) (Version: 1.0 - Receita Federal do Brasil)
IRPF2017 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2017) (Version: 1.0 - Receita Federal do Brasil)
iTunes (HKLM\...\{0FE72666-4982-4570-85EE-B5ED05B3418A}) (Version: 12.7.0.166 - Apple Inc.)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.17 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
KB4023057 (HKLM\...\{0C050BEE-16BE-4998-8959-2A421433DB6E}) (Version: 2.5.0.0 - Microsoft Corporation)
K-Lite Codec Pack 10.9.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.9.0 - )
KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - )
LJDXPHelperUI (HKLM-x32\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
Malwarebytes versão 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.20.00.03 - Huawei Technologies Co.,Ltd)
Movie Maker (HKLM-x32\...\{C05F4139-CB6B-4272-A0BF-861FEB667F27}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MPC-HC 1.7.9 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.9 - MPC-HC Team)
My Picture Book (HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\My Picture Book) (Version: My Picture Book 2015.2.0 - MyPicturebook)
Nox APP Player (HKLM-x32\...\Nox) (Version: 3.7.1.0 - Duodian Technology Co. Ltd.)
nutraCoster (HKLM-x32\...\nutraCoster) (Version: - )
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH)
PDF Architect 3 Create Module (HKLM-x32\...\{38BA288B-C4F4-4C62-9237-4BFAB374F966}) (Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Edit Module (HKLM-x32\...\{5183F03D-90FA-493B-A074-F0F78B8486AD}) (Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 View Module (HKLM-x32\...\{EB24E9E7-4BC1-4FD7-BF86-BDE07A7A03D7}) (Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.1 - pdfforge)
Photobook Designer (HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\Photobook Designer) (Version: Photobook Designer 2016.2.0 - Photobook Worldwide)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.370.70 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 1.0.1 - HP)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
Smilebox (HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\Smilebox) (Version: 1.0.0.31483 - Smilebox, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StudioTax 2016 (HKLM-x32\...\{7848E1ED-9B3C-4AF1-9BEB-FF01C38A41CE}) (Version: 12.0.4.0 - BHOK IT Consulting)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{D0E45DEC-F4B9-4370-A9DF-66837789C2EF}) (Version: 6.0.2 - Apple Inc.)
Sweet Home 3D version 3.3 (HKLM-x32\...\Sweet Home 3D_is1) (Version: - eTeks)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.4 - Synaptics Incorporated)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.22298 - TeamViewer)
Unity Web Player (HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\UnityWebPlayer) (Version: 5.1.3f1 - Unity Technologies ApS)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{2BA6245D-FBB9-42F6-AFD9-C0DC52763AD5}) (Version: - Microsoft)
Warsaw 2.0.3.2 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.0.3.2 - GAS Tecnologia)
WinDirStat 1.1.2 (HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\WinDirStat) (Version: - )
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Driver Package - BigNox Corporation (VBoxUSB) USB (09/16/2015 4.3.12) (HKLM\...\76B144D15273552931249392EDB13C0BBD52C84E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation VBoxUSBMon System (09/16/2015 4.3.12) (HKLM\...\39F54A37125643D2E1E90FA7D81F36ACC9441510) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation XQHDrv System (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Fran\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Fran\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> Nenhum Arquivo
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-31] (Google)
ContextMenuHandlers1: [Kaspersky Anti-Virus 16.0.1] -> {7E2FE095-E536-4F69-AC17-997E9EAEBD4D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\shellex.dll [2015-12-22] (AO Kaspersky Lab)
ContextMenuHandlers1: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-04-28] (AO Kaspersky Lab)
ContextMenuHandlers1-x32: [PDFArchitect3_PDFManagerExt] -> {7519DD38-AA6F-4250-8E81-F1576DA1A05E} => C:\Program Files (x86)\PDF Architect 3\creator-context-menu.dll [2015-04-24] (pdfforge GmbH)
ContextMenuHandlers1-x32: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-09-18] (Apple Inc.)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> Nenhum Arquivo
ContextMenuHandlers2: [Kaspersky Anti-Virus 16.0.1] -> {7E2FE095-E536-4F69-AC17-997E9EAEBD4D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\shellex.dll [2015-12-22] (AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-04-28] (AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> Nenhum Arquivo
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-31] (Google)
ContextMenuHandlers4: [Kaspersky Anti-Virus 16.0.1] -> {7E2FE095-E536-4F69-AC17-997E9EAEBD4D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\shellex.dll [2015-12-22] (AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-04-28] (AO Kaspersky Lab)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Intel Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 16.0.1] -> {7E2FE095-E536-4F69-AC17-997E9EAEBD4D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\shellex.dll [2015-12-22] (AO Kaspersky Lab)
ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-04-28] (AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {04673291-C5EF-47A7-801D-CDA0BC7FE46D} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2013-12-11] ()
Task: {16AC08B4-D1CC-4DE1-B65C-77ACEDB9B727} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {190C8B50-3C66-4C1D-BFBF-CC375C18C09F} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {2B770522-AF31-4F5B-AF67-103A1F860BAF} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2014-10-19] (Hewlett Packard)
Task: {2CCF5D59-35C9-409C-9113-B357A6F8FB82} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {325DA9F5-6086-4BD3-BABF-7EEFA4B03692} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {377C4FEE-28BB-41A2-8734-28AA17CB730E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {37802D34-F835-4BFF-951C-970B9C438CD6} - System32\Tasks\Driver Booster SkipUAC (Fran) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {3DFE4589-2D42-4B7C-A012-13B69A1E3E39} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-12-13] (Microsoft Corporation)
Task: {42FD94CF-4D3C-4E9E-A891-A8B315660EC7} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {51C6FAFF-D02A-4F49-A813-74A6D7B74C73} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {560A9B03-FD17-42A1-990B-85FD89C85DAF} - \CCleanerSkipUAC -> Nenhum Arquivo <==== ATENÇÃO
Task: {590507B8-5DAC-4A0E-AF39-97B2AF403F07} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {60E61902-20A5-411E-A852-A9CCE3C176C7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-12] (Adobe Systems Incorporated)
Task: {68F532DA-A341-4C90-B8C8-8DB4DCB4E14D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {6A1056CF-B630-451D-BE78-C0599D20D25E} - System32\Tasks\AdobeAAMUpdater-1.0-Note-Fran => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-25] (Adobe Systems Incorporated)
Task: {6B42ADB4-029E-47CF-BE8C-000E7805A014} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {6D028A14-56D9-4356-A649-370D5C3BE00D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {70A1005F-15EF-44BE-855F-ADDF13EF3FD1} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {74EF696F-C23C-4AA1-9B05-B8D2B7D233FA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {768F9876-3F6D-45AB-80BB-DEFA66FBDD24} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {78B1F135-6FA0-417E-B147-35DF6336338B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {7D19941B-CF6D-458F-A08C-CCBCA8484C1A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {898ECF16-5849-4FED-B50A-A5592BEBF7E8} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-07-14] (Apple Inc.)
Task: {8C92139B-BA13-47DC-A2F3-6818B23C1AD6} - System32\Tasks\S-1-5-21-1737901907-2937910466-1665796672-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-11-01] (Microsoft Corporation)
Task: {8EE61BAC-4044-4091-A24E-5A23BDFFFCF8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {967F0811-6702-4DE3-8ED6-849152392384} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÇÃO
Task: {A0DFBE60-28DC-4E97-8A25-7BA41D4FBC73} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {ACA01122-3425-49AD-AEB4-57444EE79908} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {B604D968-0C77-484C-A734-E97AE4552A6B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {C91BDA67-9C71-4C73-8A32-DD551AA2E6EC} - \WPD\SqmUpload_S-1-5-21-1737901907-2937910466-1665796672-1001 -> Nenhum Arquivo <==== ATENÇÃO
Task: {DCEFC343-2C89-4BEF-8935-966C9664EC4E} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-12-12] ()
Task: {E18BAB20-BE20-477C-A91C-E405F980EDC6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {EAEB61D0-C9B1-4467-910D-8425C4F97B7D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {F51142A4-B1ED-4457-939F-B49E1A262552} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\Fran\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Frank Pardo - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
==================== Módulos Carregados (Whitelisted) ==============
2015-12-02 05:00 - 2013-04-15 05:50 - 000198144 _____ () C:\WINDOWS\System32\HP1006LM.DLL
2015-06-03 04:26 - 2009-11-20 08:43 - 000405504 _____ () C:\WINDOWS\System32\HPM1210LM.DLL
2015-12-02 05:00 - 2013-04-15 05:50 - 000065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1006PP.dll
2015-06-03 04:28 - 2009-11-20 08:43 - 000074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-09-01 01:49 - 2017-09-01 01:49 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-07-27 15:48 - 2017-07-27 15:48 - 000014848 _____ () C:\Program Files\CrashPlan\md564.dll
2017-07-27 15:48 - 2017-07-27 15:48 - 000238592 _____ () \\?\C:\Program Files\CrashPlan\cpnative64.dll
2017-07-27 15:48 - 2017-07-27 15:48 - 000082432 _____ () \\?\C:\Program Files\CrashPlan\c42archive64.dll
2017-07-27 15:48 - 2017-07-27 15:48 - 000484864 _____ () \\?\C:\Program Files\CrashPlan\libleveldb64.dll
2015-02-16 06:56 - 2013-06-21 06:35 - 000135168 _____ () C:\Windows\SysWOW64\ChgService.exe
2015-02-20 12:17 - 2013-01-27 18:49 - 000239184 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2017-11-06 11:32 - 2017-11-06 11:32 - 000076456 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2017-03-18 12:58 - 2017-03-18 12:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-08-31 16:18 - 2017-08-31 16:18 - 040257336 _____ () C:\Program Files (x86)\Google\Drive\googledrivesync.exe
2017-12-14 13:43 - 2017-12-05 20:24 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.84\libglesv2.dll
2017-12-14 13:43 - 2017-12-05 20:24 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.84\libegl.dll
2017-10-18 06:55 - 2017-10-18 06:56 - 004252672 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-09-26 04:33 - 2017-09-26 04:34 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-12-11 10:14 - 2017-12-11 10:15 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-12-11 10:14 - 2017-12-11 10:15 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-12-11 10:14 - 2017-12-11 10:15 - 024735744 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-12-11 10:14 - 2017-12-11 10:15 - 002551808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\skypert.dll
2017-12-11 10:14 - 2017-12-11 10:15 - 000671744 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2017-03-18 12:59 - 2017-03-19 19:59 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-12-06 07:27 - 2017-12-06 07:28 - 000061952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2017-07-12 21:39 - 2017-07-12 21:39 - 004321280 _____ () C:\Program Files\WindowsApps\Microsoft.XboxIdentityProvider_11.29.23003.0_x64__8wekyb3d8bbwe\XboxIdp.dll
2017-07-12 21:39 - 2017-07-12 21:39 - 000055296 _____ () C:\Program Files\WindowsApps\Microsoft.XboxIdentityProvider_11.29.23003.0_x64__8wekyb3d8bbwe\XboxIdp.Native.dll
2016-06-27 23:19 - 2016-06-27 23:19 - 000865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2015-01-27 09:31 - 1999-12-31 16:00 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-04-28 22:49 - 2017-04-28 22:49 - 001359456 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\KasperskyLab.Ksde.NativeInterop.dll
2017-12-24 15:13 - 2017-12-24 15:13 - 000088064 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\_ctypes.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000918528 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\_hashlib.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000098816 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\win32api.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000110080 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\pywintypes27.dll
2017-12-24 15:13 - 2017-12-24 15:13 - 000364544 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\pythoncom27.dll
2017-12-24 15:13 - 2017-12-24 15:13 - 000686080 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\unicodedata.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000320512 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\win32com.shell.shell.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 001177088 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\wx._core_.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000806912 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\wx._gdi_.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000816640 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\wx._windows_.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 001067520 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\wx._controls_.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000733696 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\wx._misc_.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000736256 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\pysqlite2._sqlite.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000119808 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\win32file.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000108544 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\win32security.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000007168 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\hashobjs_ext.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000017920 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\thumbnails_ext.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000082432 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\usb_ext.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000013824 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\common.time34.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000018432 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\win32event.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000088576 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\windows.volumes.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000017408 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\windows.winwrap.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000167936 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\win32gui.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000046080 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\_socket.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 001309696 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\_ssl.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000129536 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\_elementtree.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000127488 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\pyexpat.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000038912 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\win32inet.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000077824 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\wx._html2.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000036864 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\_psutil_windows.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000524248 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\windows._lib_cacheinvalidation.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000011264 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\win32crypt.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000218624 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\PIL._imaging.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000027648 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\_multiprocessing.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000020480 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\_yappi.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000035840 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\win32process.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000024064 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\win32pipe.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000010240 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\select.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000025600 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\win32pdh.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000058880 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\windows.device_monitor.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000017408 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\win32profile.pyd
2017-12-24 15:13 - 2017-12-24 15:13 - 000022528 _____ () C:\Users\Fran\AppData\Local\Temp\_MEI110762\win32ts.pyd
2016-09-14 21:36 - 2017-11-28 21:09 - 000781088 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-09-14 21:36 - 2016-08-31 17:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-09-14 21:36 - 2017-12-15 11:59 - 002558752 _____ () C:\Program Files (x86)\Steam\video.dll
2017-12-22 19:53 - 2017-11-03 17:54 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2017-12-22 19:53 - 2017-11-03 17:54 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2017-12-22 19:53 - 2017-11-03 17:54 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2017-12-22 19:53 - 2017-11-03 17:54 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2017-12-22 19:53 - 2017-11-03 17:54 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2016-09-14 21:36 - 2016-08-31 17:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-09-14 21:36 - 2016-08-31 17:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-09-14 21:36 - 2017-12-15 11:59 - 000904992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-09-14 21:36 - 2016-07-04 14:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-12-22 19:53 - 2017-09-06 18:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2016-12-16 17:17 - 2017-10-30 20:44 - 071471904 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2016-09-14 21:36 - 2015-09-24 15:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\bb.com.br -> aapj.bb.com.br
IE trusted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\caixa.gov.br -> imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\gastecnologia.com.br -> cloud.gastecnologia.com.br
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\100sexlinks.com -> 100sexlinks.com
Existem ainda 4788 sites a mais.
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2013-08-22 05:25 - 2013-08-22 05:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Fran\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\IMG_1163.JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
HKLM\...\StartupApproved\Run: => "Classic Start Menu"
HKLM\...\StartupApproved\Run: => "VDownloader"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "VDownloader"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "StatusAlerts"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-1737901907-2937910466-1665796672-1001\...\StartupApproved\Run: => "Steam"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{898E1767-1EDA-4C6F-858F-77F1C09D7DAE}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{8A1F8FA5-D4F4-4D9D-9A0E-4B340B1B6D20}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{0BD6DE53-96BD-4DD6-8CBA-BEB57F9FE728}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{648426E6-2977-490F-8FB9-5118F806C6CB}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{B4F40102-9574-418B-8037-E0824363B94A}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{6A1C80B7-A0C3-4A15-9538-0DD915D7DB58}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{E23CA071-2E55-4798-A178-BE988DE67663}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C4CAD836-0583-4E8B-89D3-84A56B70E07C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6F63516D-6816-43F6-96AA-19D5B4E4EE4B}] => (Allow) F:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{4C2A4FB3-FBAA-43C7-BFBB-32EF861F8ED8}] => (Allow) F:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{012C1569-6744-4CB6-BF21-5A5B94A424B3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4DCD4CF1-FF11-48F2-AA7D-98CC5E530F92}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BFAE5984-F1C1-44F8-90AA-ABB7FFBD55FE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5AAC531E-4DFA-4A9C-B574-E9A0A5023D2A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3EB78A69-4634-4522-8511-BA008E3773D1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F80D707A-E438-493D-9C2A-A13E6783DD8E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F7AB0B0D-7A55-4CA9-8C44-A7BBAABF1D3F}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe
FirewallRules: [{8AB68059-B9A4-44B4-9874-59A752B34784}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
FirewallRules: [{4C96206B-0453-41C3-A17B-E1E219F89B79}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{04D8AD49-4D1E-441C-90AD-864137EDDA25}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{5B45DA2F-CEEC-4140-9417-85FC035834CA}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{CF5656DE-2780-47EE-BC40-4C337845D0FC}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{7BB74257-76FF-4166-BA2E-96CD24E6C3C7}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{D215905B-BB9F-4133-8E4A-6ECCE87CA7D6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{8A003FE0-12FA-419A-B61A-B65284C342E8}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{8C6FDE46-BCE0-4623-BA4D-09D76FC4898D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{63DEC453-7A99-4013-A841-1B7712350A9F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{A56569DD-DC20-4FD9-AB4A-C0E1EB8204AE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{FDB9673C-F422-4C66-B08C-4D70078BFF96}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C83DFC3F-4123-458D-B04B-38DE29FAA95A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{BF2B22D4-5299-47D2-824A-4222181180B8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8A593C5F-50C9-4859-B5C2-90B347249FAB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3AB9F682-BAAD-49FB-92DA-53BE2BE59369}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8CA5EC8A-3361-42E2-8338-723AB2F3E2B8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2C109AE2-EB69-439D-B52C-D9041B6866D4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B7DE958E-EE12-4348-B4E5-053502051C09}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{98A6D2E0-E688-4E65-82DD-276ECE8FD816}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{86EC42F2-FC86-4B8B-AB19-8A577861CFA8}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{75F522CF-BFB1-4A27-8589-E5D83BF4CDB7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{7DB0E421-2BC3-4C96-8054-3F39EEC4C3E9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{56A2BCC2-722A-407D-BB8A-DA56501AC1B2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{269E147A-DF86-456B-87A2-26307F11FE5E}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{DEDEC2F0-07B8-41B6-9F29-90220FA46834}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{BEE9A5C0-5981-4FCA-9BE9-1B58811E8C2B}] => (Allow) LPort=1688
FirewallRules: [{C0DDB4A3-7CE8-4F21-A127-628DDCD15B76}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{2049C73B-8438-4B06-BEBC-B5A59B078E0C}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{21CB6132-8EEA-48D8-B0EA-4F2036388A4A}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{4D92B305-0949-4C32-836C-6E3CE6386804}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\bin\SendAFax.exe
FirewallRules: [{02C4AC2D-975D-4E14-8F8E-B0218A532983}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{C356F03A-36B1-4193-BC99-B906B460CE4E}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\bin\FaxPrinterUtility.exe
FirewallRules: [{E0B13563-FA0F-480A-BBEE-B888934C6B28}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\bin\FaxApplications.exe
FirewallRules: [{5A841CCD-72F5-4ED5-B8E4-FBF0409B9987}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{57350A20-8AFC-4247-B3ED-9C3D9EFCBC96}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\bin\EWSProxy.exe
FirewallRules: [{CCEF287D-D3B6-46F5-BEBC-1E68890A42CE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2B90B54C-06DA-49DE-A9BA-AAB8612841BB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{947B5099-2BC8-4309-A0CE-7F893F7406A8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A6FC41A2-1BCE-42C4-9BC3-BE0288BFD2F8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{706F74B5-4813-420D-92E2-9B4841FDDA42}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D9A745DA-B27D-4F0C-A823-166F7E008591}] => (Allow) LPort=2869
FirewallRules: [{E97F26B9-613D-45F7-9085-CADF023B2515}] => (Allow) LPort=1900
FirewallRules: [{2DCB2972-099E-4043-9A82-021245AE098E}] => (Allow) C:\Users\Fran\AppData\Roaming\Nox\bin\Nox.exe
FirewallRules: [{4393268F-2C7D-4D1F-B53B-851CF981F5E0}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe
FirewallRules: [{2A8BF4EA-5841-4F75-96B9-D7120B729C53}] => (Allow) C:\Program Files\CrashPlan\CrashPlanService.exe
FirewallRules: [{CBE67E89-52EB-4E28-AB88-FA3A9A0FCF85}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
ATENÇÃO: A Restauração do Sistema está desabilitada
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (12/29/2017 03:56:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 24 4.8.B.1.6.E.9.2.D.F.5.4.A.B.9.6.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR FranciscoPardo-2.local.
Error: (12/29/2017 03:56:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 169.254.27.132:5353 22 4.8.B.1.6.E.9.2.D.F.5.4.A.B.9.6.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR FranciscoPardo.local.
Error: (12/29/2017 03:56:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 24 132.27.254.169.in-addr.arpa. PTR FranciscoPardo-2.local.
Error: (12/29/2017 03:56:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 169.254.27.132:5353 22 132.27.254.169.in-addr.arpa. PTR FranciscoPardo.local.
Error: (12/29/2017 03:56:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname FranciscoPardo.local already in use; will try FranciscoPardo-2.local instead
Error: (12/29/2017 03:56:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 FranciscoPardo.local. Addr 192.168.0.17
Error: (12/29/2017 03:56:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.17:5353 16 FranciscoPardo.local. AAAA FD00:00FC:8D34:04A2:092A:C796:C001:FAAB
Error: (12/29/2017 09:18:58 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FRANCISCOPARDO)
Description: Falha na ativação do aplicativo Microsoft.Windows.Photos_8wekyb3d8bbwe!App com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (12/28/2017 04:56:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FRANCISCOPARDO)
Description: Falha na ativação do aplicativo Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (12/28/2017 03:31:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3703
Erros de Sistema:
=============
Error: (12/29/2017 01:59:46 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/29/2017 12:42:27 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/29/2017 11:53:13 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/29/2017 11:37:29 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070643: Atualização de Segurança para o Microsoft Silverlight (KB4023307).
Error: (12/29/2017 11:14:36 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/29/2017 10:47:21 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/29/2017 10:39:30 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/29/2017 10:31:30 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/29/2017 10:22:19 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/29/2017 10:00:51 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
CodeIntegrity:
===================================
Date: 2017-12-26 13:06:09.977
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Diebold\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-26 08:47:00.260
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Diebold\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-26 08:44:47.753
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-25 12:27:05.469
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Diebold\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-24 16:53:02.524
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Diebold\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-24 16:52:50.166
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-24 12:39:55.209
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Diebold\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-23 18:01:35.388
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Diebold\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-23 18:00:44.741
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-23 11:08:19.031
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Diebold\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-3337U CPU @ 1.80GHz
Percentagem de memória em uso: 75%
RAM física total: 5959.35 MB
RAM física disponível: 1484.88 MB
Virtual Total: 11862.83 MB
Virtual disponível: 4176.67 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:116.16 GB) (Free:33.69 GB) NTFS
Drive d: (Novo volume) (Fixed) (Total:348.57 GB) (Free:12.29 GB) NTFS
==================== MBR & Tabela de Partições ==================
==================== Fim de Addition.txt ============================