Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão:06-01-2015
Executado por Cliente (2016-01-06 18:06:52)
Executando a partir de C:\Users\Cliente\Downloads
Microsoft Windows 10 Pro (X86) (2016-01-05 19:13:30)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-406296613-3901443165-2578290060-500 - Administrator - Disabled)
Cliente (S-1-5-21-406296613-3901443165-2578290060-1000 - Administrator - Enabled) => C:\Users\Cliente
Convidado (S-1-5-21-406296613-3901443165-2578290060-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-406296613-3901443165-2578290060-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-406296613-3901443165-2578290060-1002 - Limited - Enabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-406296613-3901443165-2578290060-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
Advanced Calendar 2.0.0.11153 (HKLM\...\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}) (Version: 2.0.0.11153 - MEIXIAN XIE) <==== ATENÇÃO
Atualizações da NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
aTube Catcher versão 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.3.2225 - AVAST Software)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Empire Earth Demo (HKLM\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version: - )
FMW 1 (Version: 1.42.1 - AVG Technologies) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden
K-Lite Mega Codec Pack 10.2.0 (HKLM\...\KLiteCodecPack_is1) (Version: 10.2.0 - )
Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Medal of Honor (TM) (HKLM\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)
Microsoft Office Outlook Connector (HKLM\...\{95140000-0081-0416-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Módulo de Segurança - Banco do Brasil (HKLM\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.12.1.2 - )
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need for Speed Underground 2 Demo (HKLM\...\{C5EB90E1-8A46-4ED5-009D-C793E646C04F}) (Version: - )
Nero 7 Ultra Edition (HKLM\...\{C6115A28-F277-4E82-B067-84D28BF21046}) (Version: 7.03.1357 - Nero AG)
NVIDIA Driver de áudio HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Driver de gráficos 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
osTip (HKLM\...\osTip) (Version: 1.0.0.1 - )
Painel de controle da NVIDIA 353.82 (Version: 353.82 - NVIDIA Corporation) Hidden
Sniper Elite V2 (HKLM\...\Sniper Elite V2_is1) (Version: - )
Sniper Ghost Warrior 2 (HKLM\...\Sniper Ghost Warrior 2_is1) (Version: - )
Sony PC Companion 2.10.303 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Warsaw 1.11.0.42826 32 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.11.0.42826 - GAS Tecnologia)
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-406296613-3901443165-2578290060-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Cliente\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-406296613-3901443165-2578290060-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Cliente\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {011F0CB6-D03C-40EB-917A-2F264B248C2A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {01AAE0F8-8AAA-4BA6-A03A-418CE2BBF17F} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {0F3AA1B8-1DE9-486D-B242-3640B7472456} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files\Pro PC Cleaner\Splash.exe <==== ATENÇÃO
Task: {145F1AE9-E76A-4049-9DC1-2B7A7EE750C5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {24953C37-4441-4730-9229-23E94CBF051F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {270AE423-DE54-4637-8256-B1CF9887B0BD} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Nenhum Arquivo <==== ATENÇÃO
Task: {28510ECB-62A1-47BB-9DF4-6DA98A7BD3C5} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2A914714-7376-45A0-95FA-21B767006FA7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {3838BD89-8BFA-4EDA-A12B-0232AE289219} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3BAF4A1B-E2DC-4647-BB2E-8FFC4049008E} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {443D3A98-BAE4-45CD-A3FA-A69C9088E0C6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {55D36E2B-C112-4087-B4F7-C6E2DF2EFBC3} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {59F5CD7E-0FAB-44A6-A463-3E9EC82C9ADE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {5AAC7B45-B874-4C05-80CB-4EDECF83C6DC} - System32\Tasks\{9B710929-8DF9-46C0-9CA6-B6F0D3DAC4F7} => pcalua.exe -a C:\Users\Cliente\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=slbnew
Task: {650984E5-158B-46A2-BB3A-9D0208E6CC59} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {701CF8C0-9649-4239-9C46-03F0A43536E9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {76F22C4F-8D0A-4F82-9BC4-442D0D881CED} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7969D620-3814-45B4-8612-066E27C1A600} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-04] (AVAST Software)
Task: {806124A5-B761-495C-AA3A-9E20ACD7081D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {813B4655-2511-4D72-B6F5-08C8672E953D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {8DCABDB4-5747-4A99-BFF6-02AE28A49172} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8F574EAE-14F1-41D6-8A42-8A3202608727} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {94E7CF39-08F5-4150-A5BC-84F030012C38} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {95AF8F82-7489-4B71-8F43-382422536D61} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {960ABBCD-5686-4125-B362-E27A2507CEAC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {9BA67479-52E3-4FE4-B7D7-4BBC22B51AFA} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9F393B7F-AB90-4650-B9C1-A8F6451CA098} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {A5F1F2D0-C642-4D69-B79C-A29476E13CE0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {A7189AC7-5247-4121-AC24-C0E42C0C262D} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {AC8864FA-CEC1-4B1E-8BF0-7DF328D5FE76} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {ACDEACDE-2A11-41B2-B259-115D99EBC523} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C53240BB-2EA5-46C2-A5A9-3C5F7285D0CC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {C89C4F8B-0CE5-4900-A111-B0C960F03CEA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {CA2C926E-9838-4519-B60C-077F526E5600} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CAFAC9BF-7E4C-4710-A8C6-21C25382DDD6} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CD75E412-F461-4A6F-A369-3F567D2C4D06} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Nenhum Arquivo <==== ATENÇÃO
Task: {CE563627-83FB-4EC6-9FB9-0F3350587B55} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {D053B36E-D870-44FC-862B-AFF8C92788CC} - System32\Tasks\{CA952785-A700-42C4-8940-6F57176DDFD1} => pcalua.exe -a C:\Users\Cliente\Downloads\iGBPCEFgb.exe -d C:\Users\Cliente\Desktop
Task: {D1DA723A-5B6B-43B1-A013-97B0A6CCC13D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-16] (AVAST Software)
Task: {D496E858-2357-4836-B51D-969E7101973D} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DFFDD97F-DE0F-4FA9-9AB9-7DEC19C4AE65} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E1F7D280-0E68-4F0F-8545-4EF07B4075F1} - System32\Tasks\ProPCCleaner_Start => C:\Program Files\Pro PC Cleaner\ProPCCleaner.exe <==== ATENÇÃO
Task: {F8128C47-6632-4F6E-85F5-86F9A08736F0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {F950E01F-49BE-4183-AE10-FE84DE848528} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.321oyun.com?oem=mbtkv3&uid=6VPG112Y_ST31000524AS&tm=1432580135
ShortcutWithArgument: C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iexplore - Atalho.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.top8844.com?oem=mbtkv3&uid=6VPG112Y_ST31000524AS&tm=1432558504
==================== Módulos Carregados (Whitelisted) ==============
2015-10-30 03:44 - 2015-10-30 03:44 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-28 09:13 - 2015-12-28 09:13 - 01536952 _____ () C:\ProgramData\System32\SafeGuard32.dll
2016-01-05 16:42 - 2015-08-06 22:13 - 00106104 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2015-08-04 16:11 - 2015-08-04 16:11 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-04 16:11 - 2015-08-04 16:11 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-28 08:33 - 2015-12-28 08:33 - 02806272 _____ () C:\Program Files\AVAST Software\Avast\defs\15122706\algo.dll
2016-01-05 17:32 - 2016-01-05 17:32 - 01859448 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-01-05 18:44 - 2016-01-05 18:45 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-01-05 18:44 - 2016-01-05 18:45 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-05 18:44 - 2016-01-05 18:45 - 21845504 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-01-05 17:32 - 2016-01-05 17:32 - 01859448 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-12-10 06:15 - 2015-12-10 06:15 - 00139912 _____ () C:\Program Files\CalendarTool\2.0.0.11153\CalendarEntry.dll
2016-01-05 17:32 - 2016-01-05 17:32 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-01-05 17:32 - 2016-01-05 17:32 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-05 17:32 - 2016-01-05 17:32 - 05340672 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-05 17:32 - 2016-01-05 17:32 - 00471552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-05 17:32 - 2016-01-05 17:32 - 02365952 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-05 17:32 - 2016-01-05 17:32 - 02656768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-05-01 16:39 - 2015-05-01 16:39 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-01-05 21:40 - 2016-01-05 21:39 - 40500224 _____ () C:\Program Files\AVG\UiDll\2171\libcef.dll
2015-12-25 16:59 - 2015-12-21 11:46 - 02934272 _____ () C:\ProgramData\WindowsMsg\FA889F48BA91932CA1794DC9B9F86E43.dll
2015-09-23 06:41 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll
2015-09-23 06:41 - 2015-10-20 17:44 - 00242176 _____ () C:\Program Files\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 15:54 - 2011-07-07 15:54 - 00233984 _____ () C:\Program Files\Sony\Sony PC Companion\Report.dll
2015-03-23 20:19 - 2015-03-23 20:19 - 02620416 _____ () C:\Program Files\Sony\Sony PC Companion\libxt.dll
2015-09-23 06:41 - 2015-04-21 12:22 - 00053248 _____ () C:\Program Files\Sony\Sony PC Companion\VObject.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00802304 _____ () C:\Program Files\Sony\Sony PC Companion\PhoneUpdate.dll
2015-12-31 11:51 - 2016-01-04 15:55 - 02423296 _____ () C:\ProgramData\msdtc.exe
2015-09-23 06:41 - 2015-06-10 10:13 - 00113024 _____ () C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
2015-12-30 16:15 - 2015-12-11 01:54 - 01583432 _____ () C:\Program Files\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-30 16:15 - 2015-12-11 01:54 - 00081224 _____ () C:\Program Files\Google\Chrome\Application\47.0.2526.106\libegl.dll
2015-12-10 06:16 - 2015-12-10 06:16 - 00153224 _____ () C:\Program Files\CalendarTool\2.0.0.11153\CalendarServ.exe
2015-12-10 06:16 - 2015-12-10 06:16 - 00543368 _____ () C:\Program Files\CalendarTool\2.0.0.11153\EVPTask.dll
2015-12-10 06:16 - 2015-12-10 06:16 - 00406664 _____ () C:\Program Files\CalendarTool\2.0.0.11153\EVPNet.dll
2015-12-10 06:16 - 2015-12-10 06:16 - 00428680 _____ () C:\Program Files\CalendarTool\2.0.0.11153\EVPDR.dll
2015-12-10 06:16 - 2015-12-10 06:16 - 00747144 _____ () C:\Program Files\CalendarTool\2.0.0.11153\EVPKernel.dll
2015-12-10 06:16 - 2015-12-10 06:16 - 00327304 _____ () C:\Program Files\CalendarTool\2.0.0.11153\EVPHelp.dll
2015-12-10 06:15 - 2015-12-10 06:15 - 02259592 _____ () C:\Program Files\CalendarTool\2.0.0.11153\Calendar.exe
2016-01-06 17:51 - 2016-01-06 17:51 - 00708608 _____ () C:\Users\Cliente\AppData\Local\Temp\is-VQPL5.tmp\mbam-setup-2.2.0.1024.tmp
2016-01-06 17:51 - 2016-01-06 17:51 - 00708608 _____ () C:\Users\Cliente\AppData\Local\Temp\is-GB5HU.tmp\mbam-setup-2.2.0.1024.tmp
2016-01-06 16:03 - 2016-01-06 16:05 - 01749504 _____ () C:\Users\Cliente\Downloads\adwcleaner_5.028.exe
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files\GbPlugin:IncompleteStartProcessProtection.cnt
AlternateDataStreams: C:\Program Files\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg==
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-406296613-3901443165-2578290060-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-406296613-3901443165-2578290060-1000\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-406296613-3901443165-2578290060-1000\...\caixa.gov.br -> imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-406296613-3901443165-2578290060-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-14 00:04 - 2009-06-10 19:39 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-406296613-3901443165-2578290060-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Cliente\Pictures\minhas imagens\Monster\Kawasaki_KX450F-Monster-Energy_2010_6.jpg
DNS Servers: 177.129.161.11 - 177.129.161.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{1DFE960C-DA42-410E-A07B-F43EC52A6EC6}C:\programdata\microsoft\network\dsq\network\sysnetwk.exe] => (Block) C:\programdata\microsoft\network\dsq\network\sysnetwk.exe
FirewallRules: [TCP Query User{6E2A21C6-F160-4666-A051-B0F4C0500A2C}C:\programdata\microsoft\network\dsq\network\sysnetwk.exe] => (Block) C:\programdata\microsoft\network\dsq\network\sysnetwk.exe
FirewallRules: [{18DA029D-B993-42EE-B8CE-E6A622C84374}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{652E30B4-603F-4B5D-AF6E-020FC02C1B9C}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [UDP Query User{3887823C-5BEF-45E9-8117-600B6EC3FF1A}C:\users\cliente\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\cliente\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{CE22A9A8-A43B-4446-A1D4-E2D50303069F}C:\users\cliente\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\cliente\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{1E105A71-D5FC-4FA0-8A68-985FBA76F02E}E:\easysetupassistant\easysetupassistant.exe] => (Allow) E:\easysetupassistant\easysetupassistant.exe
FirewallRules: [TCP Query User{6ACC888E-3E2E-447D-AE52-003B97F22501}E:\easysetupassistant\easysetupassistant.exe] => (Allow) E:\easysetupassistant\easysetupassistant.exe
FirewallRules: [UDP Query User{C28580A1-3394-4051-B9D8-BB21A0A2BDFA}E:\easysetupassistant\easysetupassistant.exe] => (Allow) E:\easysetupassistant\easysetupassistant.exe
FirewallRules: [TCP Query User{48DE4DCE-480F-4608-AB9E-8FF3FC66DC53}E:\easysetupassistant\easysetupassistant.exe] => (Allow) E:\easysetupassistant\easysetupassistant.exe
FirewallRules: [{553DDD5C-D3E9-458A-90DF-DE7B7245300F}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{9763A019-71B3-4591-AD16-D588F344E9F2}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [UDP Query User{9D7F8C55-26DB-44EC-B60B-7F9E88A48EA1}C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe
FirewallRules: [TCP Query User{85AA5E1B-399D-4935-A9C9-CBE94DE5BF67}C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe
FirewallRules: [UDP Query User{548E89FC-255A-4C8B-87E5-5185BE585B17}C:\program files\valve\cs-2015\hl.exe] => (Allow) C:\program files\valve\cs-2015\hl.exe
FirewallRules: [TCP Query User{E566FB6A-E4A6-4E69-AE62-260F4B9267A4}C:\program files\valve\cs-2015\hl.exe] => (Allow) C:\program files\valve\cs-2015\hl.exe
FirewallRules: [{314AE9B3-C6D4-41CF-92F4-C9B767DF5BFF}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [UDP Query User{1D23C2A3-B22D-498B-BA93-F0888CE4D4FE}C:\users\cliente\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\cliente\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{214359F1-A55E-4E9F-8415-9D3E151FA6EF}C:\users\cliente\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\cliente\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{86C3828F-45A2-45FF-956A-7170A0E6252D}] => (Allow) C:\Program Files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
FirewallRules: [{9825D316-A796-48ED-927A-5B536FDB66A0}] => (Block) C:\program files\counter-strike 1.6\hl.exe
FirewallRules: [{3EF68F64-69C0-4955-B4C3-587849063D93}] => (Block) C:\program files\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{D45407C1-767F-46CF-8ACA-F820C8367554}C:\program files\counter-strike 1.6\hl.exe] => (Allow) C:\program files\counter-strike 1.6\hl.exe
FirewallRules: [TCP Query User{2DFDF764-6581-4173-B96D-C0A5BAD03EB1}C:\program files\counter-strike 1.6\hl.exe] => (Allow) C:\program files\counter-strike 1.6\hl.exe
FirewallRules: [{D017993C-76DC-432B-82A2-A872890B28D0}] => (Block) C:\sierra\empire earth demo\empire earth.exe
FirewallRules: [{7FB5A32D-386E-46F2-B7B7-62730543ECE1}] => (Block) C:\sierra\empire earth demo\empire earth.exe
FirewallRules: [UDP Query User{DCAE1B8B-0FC9-4B05-BA84-4F6650112A66}C:\sierra\empire earth demo\empire earth.exe] => (Allow) C:\sierra\empire earth demo\empire earth.exe
FirewallRules: [TCP Query User{BFDD4571-1F0F-474F-A84B-F7408F130707}C:\sierra\empire earth demo\empire earth.exe] => (Allow) C:\sierra\empire earth demo\empire earth.exe
FirewallRules: [UDP Query User{14DDB045-AFDB-43FB-9F21-AA6D319792BD}C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe
FirewallRules: [TCP Query User{B670B0FB-52D3-459E-9048-E1615B17F156}C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe
FirewallRules: [UDP Query User{90433E26-A8E1-41AA-BECD-D619809CD81A}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [TCP Query User{7038DE4D-2579-4726-A7B0-031B361997E9}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{9D6B2CEF-E958-4B9A-8FB1-B27A7011D47A}C:\program files\valve\cs-2015\hl.exe] => (Allow) C:\program files\valve\cs-2015\hl.exe
FirewallRules: [TCP Query User{F60D93FF-4D45-434C-A8B3-23B56430CC56}C:\program files\valve\cs-2015\hl.exe] => (Allow) C:\program files\valve\cs-2015\hl.exe
==================== Pontos de Restauração =========================
05-01-2016 17:56:20 Ultra Adware Killer adware removal
05-01-2016 17:58:55 Ultra Adware Killer adware removal
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (01/06/2016 05:17:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: svchost.exe_DiagTrack, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d73f
Nome do módulo com falha: SafeGuard32.dll_unloaded, versão: 1.0.0.26, carimbo de data/hora: 0x561cde87
Código de exceção: 0xc00001a5
Deslocamento da falha: 0x00119678
ID do processo com falha: 0x8c0
Hora de início do aplicativo com falha: 0xsvchost.exe_DiagTrack0
Caminho do aplicativo com falha: svchost.exe_DiagTrack1
Caminho do módulo com falha: svchost.exe_DiagTrack2
ID do Relatório: svchost.exe_DiagTrack3
Nome completo do pacote com falha: svchost.exe_DiagTrack4
ID do aplicativo relativo ao pacote com falha: svchost.exe_DiagTrack5
Error: (01/06/2016 12:17:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: svchost.exe_DiagTrack, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d73f
Nome do módulo com falha: SafeGuard32.dll_unloaded, versão: 1.0.0.26, carimbo de data/hora: 0x561cde87
Código de exceção: 0xc00001a5
Deslocamento da falha: 0x00119678
ID do processo com falha: 0x8d4
Hora de início do aplicativo com falha: 0xsvchost.exe_DiagTrack0
Caminho do aplicativo com falha: svchost.exe_DiagTrack1
Caminho do módulo com falha: svchost.exe_DiagTrack2
ID do Relatório: svchost.exe_DiagTrack3
Nome completo do pacote com falha: svchost.exe_DiagTrack4
ID do aplicativo relativo ao pacote com falha: svchost.exe_DiagTrack5
Error: (01/05/2016 09:29:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: svchost.exe_DiagTrack, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d73f
Nome do módulo com falha: SafeGuard32.dll_unloaded, versão: 1.0.0.26, carimbo de data/hora: 0x561cde87
Código de exceção: 0xc00001a5
Deslocamento da falha: 0x00119678
ID do processo com falha: 0xfc
Hora de início do aplicativo com falha: 0xsvchost.exe_DiagTrack0
Caminho do aplicativo com falha: svchost.exe_DiagTrack1
Caminho do módulo com falha: svchost.exe_DiagTrack2
ID do Relatório: svchost.exe_DiagTrack3
Nome completo do pacote com falha: svchost.exe_DiagTrack4
ID do aplicativo relativo ao pacote com falha: svchost.exe_DiagTrack5
Error: (01/05/2016 09:22:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: avast_free_antivirus_setup_online.exe, versão: 0.0.0.0, carimbo de data/hora: 0x56715239
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000
ID do processo com falha: 0x384
Hora de início do aplicativo com falha: 0xavast_free_antivirus_setup_online.exe0
Caminho do aplicativo com falha: avast_free_antivirus_setup_online.exe1
Caminho do módulo com falha: avast_free_antivirus_setup_online.exe2
ID do Relatório: avast_free_antivirus_setup_online.exe3
Nome completo do pacote com falha: avast_free_antivirus_setup_online.exe4
ID do aplicativo relativo ao pacote com falha: avast_free_antivirus_setup_online.exe5
Error: (01/05/2016 08:23:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: svchost.exe_DiagTrack, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d73f
Nome do módulo com falha: SafeGuard32.dll_unloaded, versão: 1.0.0.26, carimbo de data/hora: 0x561cde87
Código de exceção: 0xc00001a5
Deslocamento da falha: 0x00119678
ID do processo com falha: 0x1350
Hora de início do aplicativo com falha: 0xsvchost.exe_DiagTrack0
Caminho do aplicativo com falha: svchost.exe_DiagTrack1
Caminho do módulo com falha: svchost.exe_DiagTrack2
ID do Relatório: svchost.exe_DiagTrack3
Nome completo do pacote com falha: svchost.exe_DiagTrack4
ID do aplicativo relativo ao pacote com falha: svchost.exe_DiagTrack5
Error: (01/05/2016 07:07:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: svchost.exe_DiagTrack, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d73f
Nome do módulo com falha: SafeGuard32.dll_unloaded, versão: 1.0.0.26, carimbo de data/hora: 0x561cde87
Código de exceção: 0xc00001a5
Deslocamento da falha: 0x00119678
ID do processo com falha: 0x8e0
Hora de início do aplicativo com falha: 0xsvchost.exe_DiagTrack0
Caminho do aplicativo com falha: svchost.exe_DiagTrack1
Caminho do módulo com falha: svchost.exe_DiagTrack2
ID do Relatório: svchost.exe_DiagTrack3
Nome completo do pacote com falha: svchost.exe_DiagTrack4
ID do aplicativo relativo ao pacote com falha: svchost.exe_DiagTrack5
Error: (01/05/2016 06:11:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Cliente-PC)
Description: Falha na ativação do aplicativo Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App com o erro: -2147024770. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/05/2016 06:05:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Cliente-PC)
Description: Falha na ativação do aplicativo Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App com o erro: -2147024770. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/05/2016 06:02:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Cliente-PC)
Description: Falha na ativação do aplicativo Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App com o erro: -2147024770. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/05/2016 05:58:56 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddWin32ServiceFiles: Unable to back up image of service The Calendar Service since QueryServiceConfig API failed
System Error:
O sistema não pode encontrar o arquivo especificado.
.
Erros de Sistema:
=============
Error: (01/06/2016 05:25:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2
Error: (01/06/2016 05:24:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço NetTcpActivator depende do serviço NetTcpPortSharing, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1058
Error: (01/06/2016 05:24:15 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento do sistema que ocorreu às 16:54:09 do dia 06/01/2016 não era esperado.
Error: (01/06/2016 05:17:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Experiências e Telemetria de Usuário Conectado foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço.
Error: (01/06/2016 04:15:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2
Error: (01/06/2016 04:14:28 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço NetTcpActivator depende do serviço NetTcpPortSharing, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1058
Error: (01/06/2016 04:13:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_5b2e7 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (01/06/2016 04:11:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço The Calendar Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (01/06/2016 04:11:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço NMIndexingService foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (01/06/2016 04:11:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Windows Search foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço.
CodeIntegrity:
===================================
Date: 2016-01-06 18:00:14.311
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard32.dll that did not meet the security requirements for Shared Sections.
Date: 2016-01-06 18:00:14.310
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard32.dll that did not meet the security requirements for Shared Sections.
Date: 2016-01-06 16:05:31.237
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard32.dll that did not meet the security requirements for Shared Sections.
Date: 2016-01-06 16:05:31.237
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard32.dll that did not meet the security requirements for Shared Sections.
Date: 2016-01-06 16:04:50.424
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard32.dll that did not meet the security requirements for Shared Sections.
Date: 2016-01-06 16:04:50.422
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard32.dll that did not meet the security requirements for Shared Sections.
Date: 2016-01-05 23:20:35.874
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-05 20:11:22.705
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-05 19:24:04.395
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-05 16:55:37.643
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Pentium(R) Dual-Core CPU E5500 @ 2.80GHz
Percentagem de memória em uso: 57%
RAM física total: 3583.24 MB
RAM física disponível: 1512.01 MB
Virtual Total: 7167.24 MB
Virtual disponível: 4540.41 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:585.4 GB) (Free:380.34 GB) NTFS
Drive d: () (Fixed) (Total:345.57 GB) (Free:234.6 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00026B7D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=585.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=345.6 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================
Executado por Cliente (2016-01-06 18:06:52)
Executando a partir de C:\Users\Cliente\Downloads
Microsoft Windows 10 Pro (X86) (2016-01-05 19:13:30)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-406296613-3901443165-2578290060-500 - Administrator - Disabled)
Cliente (S-1-5-21-406296613-3901443165-2578290060-1000 - Administrator - Enabled) => C:\Users\Cliente
Convidado (S-1-5-21-406296613-3901443165-2578290060-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-406296613-3901443165-2578290060-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-406296613-3901443165-2578290060-1002 - Limited - Enabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-406296613-3901443165-2578290060-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
Advanced Calendar 2.0.0.11153 (HKLM\...\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}) (Version: 2.0.0.11153 - MEIXIAN XIE) <==== ATENÇÃO
Atualizações da NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
aTube Catcher versão 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.3.2225 - AVAST Software)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Empire Earth Demo (HKLM\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version: - )
FMW 1 (Version: 1.42.1 - AVG Technologies) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden
K-Lite Mega Codec Pack 10.2.0 (HKLM\...\KLiteCodecPack_is1) (Version: 10.2.0 - )
Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Medal of Honor (TM) (HKLM\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)
Microsoft Office Outlook Connector (HKLM\...\{95140000-0081-0416-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Módulo de Segurança - Banco do Brasil (HKLM\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.12.1.2 - )
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need for Speed Underground 2 Demo (HKLM\...\{C5EB90E1-8A46-4ED5-009D-C793E646C04F}) (Version: - )
Nero 7 Ultra Edition (HKLM\...\{C6115A28-F277-4E82-B067-84D28BF21046}) (Version: 7.03.1357 - Nero AG)
NVIDIA Driver de áudio HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Driver de gráficos 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
osTip (HKLM\...\osTip) (Version: 1.0.0.1 - )
Painel de controle da NVIDIA 353.82 (Version: 353.82 - NVIDIA Corporation) Hidden
Sniper Elite V2 (HKLM\...\Sniper Elite V2_is1) (Version: - )
Sniper Ghost Warrior 2 (HKLM\...\Sniper Ghost Warrior 2_is1) (Version: - )
Sony PC Companion 2.10.303 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Warsaw 1.11.0.42826 32 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.11.0.42826 - GAS Tecnologia)
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-406296613-3901443165-2578290060-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Cliente\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-406296613-3901443165-2578290060-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Cliente\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {011F0CB6-D03C-40EB-917A-2F264B248C2A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {01AAE0F8-8AAA-4BA6-A03A-418CE2BBF17F} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {0F3AA1B8-1DE9-486D-B242-3640B7472456} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files\Pro PC Cleaner\Splash.exe <==== ATENÇÃO
Task: {145F1AE9-E76A-4049-9DC1-2B7A7EE750C5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {24953C37-4441-4730-9229-23E94CBF051F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {270AE423-DE54-4637-8256-B1CF9887B0BD} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Nenhum Arquivo <==== ATENÇÃO
Task: {28510ECB-62A1-47BB-9DF4-6DA98A7BD3C5} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2A914714-7376-45A0-95FA-21B767006FA7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {3838BD89-8BFA-4EDA-A12B-0232AE289219} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3BAF4A1B-E2DC-4647-BB2E-8FFC4049008E} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {443D3A98-BAE4-45CD-A3FA-A69C9088E0C6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {55D36E2B-C112-4087-B4F7-C6E2DF2EFBC3} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {59F5CD7E-0FAB-44A6-A463-3E9EC82C9ADE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {5AAC7B45-B874-4C05-80CB-4EDECF83C6DC} - System32\Tasks\{9B710929-8DF9-46C0-9CA6-B6F0D3DAC4F7} => pcalua.exe -a C:\Users\Cliente\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=slbnew
Task: {650984E5-158B-46A2-BB3A-9D0208E6CC59} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {701CF8C0-9649-4239-9C46-03F0A43536E9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {76F22C4F-8D0A-4F82-9BC4-442D0D881CED} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7969D620-3814-45B4-8612-066E27C1A600} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-04] (AVAST Software)
Task: {806124A5-B761-495C-AA3A-9E20ACD7081D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {813B4655-2511-4D72-B6F5-08C8672E953D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {8DCABDB4-5747-4A99-BFF6-02AE28A49172} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8F574EAE-14F1-41D6-8A42-8A3202608727} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {94E7CF39-08F5-4150-A5BC-84F030012C38} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {95AF8F82-7489-4B71-8F43-382422536D61} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {960ABBCD-5686-4125-B362-E27A2507CEAC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {9BA67479-52E3-4FE4-B7D7-4BBC22B51AFA} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9F393B7F-AB90-4650-B9C1-A8F6451CA098} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {A5F1F2D0-C642-4D69-B79C-A29476E13CE0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {A7189AC7-5247-4121-AC24-C0E42C0C262D} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {AC8864FA-CEC1-4B1E-8BF0-7DF328D5FE76} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {ACDEACDE-2A11-41B2-B259-115D99EBC523} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C53240BB-2EA5-46C2-A5A9-3C5F7285D0CC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {C89C4F8B-0CE5-4900-A111-B0C960F03CEA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {CA2C926E-9838-4519-B60C-077F526E5600} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CAFAC9BF-7E4C-4710-A8C6-21C25382DDD6} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CD75E412-F461-4A6F-A369-3F567D2C4D06} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Nenhum Arquivo <==== ATENÇÃO
Task: {CE563627-83FB-4EC6-9FB9-0F3350587B55} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {D053B36E-D870-44FC-862B-AFF8C92788CC} - System32\Tasks\{CA952785-A700-42C4-8940-6F57176DDFD1} => pcalua.exe -a C:\Users\Cliente\Downloads\iGBPCEFgb.exe -d C:\Users\Cliente\Desktop
Task: {D1DA723A-5B6B-43B1-A013-97B0A6CCC13D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-16] (AVAST Software)
Task: {D496E858-2357-4836-B51D-969E7101973D} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DFFDD97F-DE0F-4FA9-9AB9-7DEC19C4AE65} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E1F7D280-0E68-4F0F-8545-4EF07B4075F1} - System32\Tasks\ProPCCleaner_Start => C:\Program Files\Pro PC Cleaner\ProPCCleaner.exe <==== ATENÇÃO
Task: {F8128C47-6632-4F6E-85F5-86F9A08736F0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {F950E01F-49BE-4183-AE10-FE84DE848528} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.321oyun.com?oem=mbtkv3&uid=6VPG112Y_ST31000524AS&tm=1432580135
ShortcutWithArgument: C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iexplore - Atalho.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.top8844.com?oem=mbtkv3&uid=6VPG112Y_ST31000524AS&tm=1432558504
==================== Módulos Carregados (Whitelisted) ==============
2015-10-30 03:44 - 2015-10-30 03:44 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-28 09:13 - 2015-12-28 09:13 - 01536952 _____ () C:\ProgramData\System32\SafeGuard32.dll
2016-01-05 16:42 - 2015-08-06 22:13 - 00106104 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2015-08-04 16:11 - 2015-08-04 16:11 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-04 16:11 - 2015-08-04 16:11 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-28 08:33 - 2015-12-28 08:33 - 02806272 _____ () C:\Program Files\AVAST Software\Avast\defs\15122706\algo.dll
2016-01-05 17:32 - 2016-01-05 17:32 - 01859448 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-01-05 18:44 - 2016-01-05 18:45 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-01-05 18:44 - 2016-01-05 18:45 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-05 18:44 - 2016-01-05 18:45 - 21845504 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-01-05 17:32 - 2016-01-05 17:32 - 01859448 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-12-10 06:15 - 2015-12-10 06:15 - 00139912 _____ () C:\Program Files\CalendarTool\2.0.0.11153\CalendarEntry.dll
2016-01-05 17:32 - 2016-01-05 17:32 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-01-05 17:32 - 2016-01-05 17:32 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-05 17:32 - 2016-01-05 17:32 - 05340672 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-05 17:32 - 2016-01-05 17:32 - 00471552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-05 17:32 - 2016-01-05 17:32 - 02365952 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-05 17:32 - 2016-01-05 17:32 - 02656768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-05-01 16:39 - 2015-05-01 16:39 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-01-05 21:40 - 2016-01-05 21:39 - 40500224 _____ () C:\Program Files\AVG\UiDll\2171\libcef.dll
2015-12-25 16:59 - 2015-12-21 11:46 - 02934272 _____ () C:\ProgramData\WindowsMsg\FA889F48BA91932CA1794DC9B9F86E43.dll
2015-09-23 06:41 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll
2015-09-23 06:41 - 2015-10-20 17:44 - 00242176 _____ () C:\Program Files\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 15:54 - 2011-07-07 15:54 - 00233984 _____ () C:\Program Files\Sony\Sony PC Companion\Report.dll
2015-03-23 20:19 - 2015-03-23 20:19 - 02620416 _____ () C:\Program Files\Sony\Sony PC Companion\libxt.dll
2015-09-23 06:41 - 2015-04-21 12:22 - 00053248 _____ () C:\Program Files\Sony\Sony PC Companion\VObject.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00802304 _____ () C:\Program Files\Sony\Sony PC Companion\PhoneUpdate.dll
2015-12-31 11:51 - 2016-01-04 15:55 - 02423296 _____ () C:\ProgramData\msdtc.exe
2015-09-23 06:41 - 2015-06-10 10:13 - 00113024 _____ () C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
2015-12-30 16:15 - 2015-12-11 01:54 - 01583432 _____ () C:\Program Files\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-30 16:15 - 2015-12-11 01:54 - 00081224 _____ () C:\Program Files\Google\Chrome\Application\47.0.2526.106\libegl.dll
2015-12-10 06:16 - 2015-12-10 06:16 - 00153224 _____ () C:\Program Files\CalendarTool\2.0.0.11153\CalendarServ.exe
2015-12-10 06:16 - 2015-12-10 06:16 - 00543368 _____ () C:\Program Files\CalendarTool\2.0.0.11153\EVPTask.dll
2015-12-10 06:16 - 2015-12-10 06:16 - 00406664 _____ () C:\Program Files\CalendarTool\2.0.0.11153\EVPNet.dll
2015-12-10 06:16 - 2015-12-10 06:16 - 00428680 _____ () C:\Program Files\CalendarTool\2.0.0.11153\EVPDR.dll
2015-12-10 06:16 - 2015-12-10 06:16 - 00747144 _____ () C:\Program Files\CalendarTool\2.0.0.11153\EVPKernel.dll
2015-12-10 06:16 - 2015-12-10 06:16 - 00327304 _____ () C:\Program Files\CalendarTool\2.0.0.11153\EVPHelp.dll
2015-12-10 06:15 - 2015-12-10 06:15 - 02259592 _____ () C:\Program Files\CalendarTool\2.0.0.11153\Calendar.exe
2016-01-06 17:51 - 2016-01-06 17:51 - 00708608 _____ () C:\Users\Cliente\AppData\Local\Temp\is-VQPL5.tmp\mbam-setup-2.2.0.1024.tmp
2016-01-06 17:51 - 2016-01-06 17:51 - 00708608 _____ () C:\Users\Cliente\AppData\Local\Temp\is-GB5HU.tmp\mbam-setup-2.2.0.1024.tmp
2016-01-06 16:03 - 2016-01-06 16:05 - 01749504 _____ () C:\Users\Cliente\Downloads\adwcleaner_5.028.exe
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files\GbPlugin:IncompleteStartProcessProtection.cnt
AlternateDataStreams: C:\Program Files\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg==
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-406296613-3901443165-2578290060-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-406296613-3901443165-2578290060-1000\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-406296613-3901443165-2578290060-1000\...\caixa.gov.br -> imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-406296613-3901443165-2578290060-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-14 00:04 - 2009-06-10 19:39 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-406296613-3901443165-2578290060-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Cliente\Pictures\minhas imagens\Monster\Kawasaki_KX450F-Monster-Energy_2010_6.jpg
DNS Servers: 177.129.161.11 - 177.129.161.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{1DFE960C-DA42-410E-A07B-F43EC52A6EC6}C:\programdata\microsoft\network\dsq\network\sysnetwk.exe] => (Block) C:\programdata\microsoft\network\dsq\network\sysnetwk.exe
FirewallRules: [TCP Query User{6E2A21C6-F160-4666-A051-B0F4C0500A2C}C:\programdata\microsoft\network\dsq\network\sysnetwk.exe] => (Block) C:\programdata\microsoft\network\dsq\network\sysnetwk.exe
FirewallRules: [{18DA029D-B993-42EE-B8CE-E6A622C84374}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{652E30B4-603F-4B5D-AF6E-020FC02C1B9C}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [UDP Query User{3887823C-5BEF-45E9-8117-600B6EC3FF1A}C:\users\cliente\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\cliente\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{CE22A9A8-A43B-4446-A1D4-E2D50303069F}C:\users\cliente\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\cliente\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{1E105A71-D5FC-4FA0-8A68-985FBA76F02E}E:\easysetupassistant\easysetupassistant.exe] => (Allow) E:\easysetupassistant\easysetupassistant.exe
FirewallRules: [TCP Query User{6ACC888E-3E2E-447D-AE52-003B97F22501}E:\easysetupassistant\easysetupassistant.exe] => (Allow) E:\easysetupassistant\easysetupassistant.exe
FirewallRules: [UDP Query User{C28580A1-3394-4051-B9D8-BB21A0A2BDFA}E:\easysetupassistant\easysetupassistant.exe] => (Allow) E:\easysetupassistant\easysetupassistant.exe
FirewallRules: [TCP Query User{48DE4DCE-480F-4608-AB9E-8FF3FC66DC53}E:\easysetupassistant\easysetupassistant.exe] => (Allow) E:\easysetupassistant\easysetupassistant.exe
FirewallRules: [{553DDD5C-D3E9-458A-90DF-DE7B7245300F}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{9763A019-71B3-4591-AD16-D588F344E9F2}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [UDP Query User{9D7F8C55-26DB-44EC-B60B-7F9E88A48EA1}C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe
FirewallRules: [TCP Query User{85AA5E1B-399D-4935-A9C9-CBE94DE5BF67}C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe
FirewallRules: [UDP Query User{548E89FC-255A-4C8B-87E5-5185BE585B17}C:\program files\valve\cs-2015\hl.exe] => (Allow) C:\program files\valve\cs-2015\hl.exe
FirewallRules: [TCP Query User{E566FB6A-E4A6-4E69-AE62-260F4B9267A4}C:\program files\valve\cs-2015\hl.exe] => (Allow) C:\program files\valve\cs-2015\hl.exe
FirewallRules: [{314AE9B3-C6D4-41CF-92F4-C9B767DF5BFF}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [UDP Query User{1D23C2A3-B22D-498B-BA93-F0888CE4D4FE}C:\users\cliente\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\cliente\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{214359F1-A55E-4E9F-8415-9D3E151FA6EF}C:\users\cliente\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\cliente\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{86C3828F-45A2-45FF-956A-7170A0E6252D}] => (Allow) C:\Program Files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
FirewallRules: [{9825D316-A796-48ED-927A-5B536FDB66A0}] => (Block) C:\program files\counter-strike 1.6\hl.exe
FirewallRules: [{3EF68F64-69C0-4955-B4C3-587849063D93}] => (Block) C:\program files\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{D45407C1-767F-46CF-8ACA-F820C8367554}C:\program files\counter-strike 1.6\hl.exe] => (Allow) C:\program files\counter-strike 1.6\hl.exe
FirewallRules: [TCP Query User{2DFDF764-6581-4173-B96D-C0A5BAD03EB1}C:\program files\counter-strike 1.6\hl.exe] => (Allow) C:\program files\counter-strike 1.6\hl.exe
FirewallRules: [{D017993C-76DC-432B-82A2-A872890B28D0}] => (Block) C:\sierra\empire earth demo\empire earth.exe
FirewallRules: [{7FB5A32D-386E-46F2-B7B7-62730543ECE1}] => (Block) C:\sierra\empire earth demo\empire earth.exe
FirewallRules: [UDP Query User{DCAE1B8B-0FC9-4B05-BA84-4F6650112A66}C:\sierra\empire earth demo\empire earth.exe] => (Allow) C:\sierra\empire earth demo\empire earth.exe
FirewallRules: [TCP Query User{BFDD4571-1F0F-474F-A84B-F7408F130707}C:\sierra\empire earth demo\empire earth.exe] => (Allow) C:\sierra\empire earth demo\empire earth.exe
FirewallRules: [UDP Query User{14DDB045-AFDB-43FB-9F21-AA6D319792BD}C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe
FirewallRules: [TCP Query User{B670B0FB-52D3-459E-9048-E1615B17F156}C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe
FirewallRules: [UDP Query User{90433E26-A8E1-41AA-BECD-D619809CD81A}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [TCP Query User{7038DE4D-2579-4726-A7B0-031B361997E9}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{9D6B2CEF-E958-4B9A-8FB1-B27A7011D47A}C:\program files\valve\cs-2015\hl.exe] => (Allow) C:\program files\valve\cs-2015\hl.exe
FirewallRules: [TCP Query User{F60D93FF-4D45-434C-A8B3-23B56430CC56}C:\program files\valve\cs-2015\hl.exe] => (Allow) C:\program files\valve\cs-2015\hl.exe
==================== Pontos de Restauração =========================
05-01-2016 17:56:20 Ultra Adware Killer adware removal
05-01-2016 17:58:55 Ultra Adware Killer adware removal
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (01/06/2016 05:17:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: svchost.exe_DiagTrack, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d73f
Nome do módulo com falha: SafeGuard32.dll_unloaded, versão: 1.0.0.26, carimbo de data/hora: 0x561cde87
Código de exceção: 0xc00001a5
Deslocamento da falha: 0x00119678
ID do processo com falha: 0x8c0
Hora de início do aplicativo com falha: 0xsvchost.exe_DiagTrack0
Caminho do aplicativo com falha: svchost.exe_DiagTrack1
Caminho do módulo com falha: svchost.exe_DiagTrack2
ID do Relatório: svchost.exe_DiagTrack3
Nome completo do pacote com falha: svchost.exe_DiagTrack4
ID do aplicativo relativo ao pacote com falha: svchost.exe_DiagTrack5
Error: (01/06/2016 12:17:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: svchost.exe_DiagTrack, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d73f
Nome do módulo com falha: SafeGuard32.dll_unloaded, versão: 1.0.0.26, carimbo de data/hora: 0x561cde87
Código de exceção: 0xc00001a5
Deslocamento da falha: 0x00119678
ID do processo com falha: 0x8d4
Hora de início do aplicativo com falha: 0xsvchost.exe_DiagTrack0
Caminho do aplicativo com falha: svchost.exe_DiagTrack1
Caminho do módulo com falha: svchost.exe_DiagTrack2
ID do Relatório: svchost.exe_DiagTrack3
Nome completo do pacote com falha: svchost.exe_DiagTrack4
ID do aplicativo relativo ao pacote com falha: svchost.exe_DiagTrack5
Error: (01/05/2016 09:29:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: svchost.exe_DiagTrack, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d73f
Nome do módulo com falha: SafeGuard32.dll_unloaded, versão: 1.0.0.26, carimbo de data/hora: 0x561cde87
Código de exceção: 0xc00001a5
Deslocamento da falha: 0x00119678
ID do processo com falha: 0xfc
Hora de início do aplicativo com falha: 0xsvchost.exe_DiagTrack0
Caminho do aplicativo com falha: svchost.exe_DiagTrack1
Caminho do módulo com falha: svchost.exe_DiagTrack2
ID do Relatório: svchost.exe_DiagTrack3
Nome completo do pacote com falha: svchost.exe_DiagTrack4
ID do aplicativo relativo ao pacote com falha: svchost.exe_DiagTrack5
Error: (01/05/2016 09:22:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: avast_free_antivirus_setup_online.exe, versão: 0.0.0.0, carimbo de data/hora: 0x56715239
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000
ID do processo com falha: 0x384
Hora de início do aplicativo com falha: 0xavast_free_antivirus_setup_online.exe0
Caminho do aplicativo com falha: avast_free_antivirus_setup_online.exe1
Caminho do módulo com falha: avast_free_antivirus_setup_online.exe2
ID do Relatório: avast_free_antivirus_setup_online.exe3
Nome completo do pacote com falha: avast_free_antivirus_setup_online.exe4
ID do aplicativo relativo ao pacote com falha: avast_free_antivirus_setup_online.exe5
Error: (01/05/2016 08:23:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: svchost.exe_DiagTrack, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d73f
Nome do módulo com falha: SafeGuard32.dll_unloaded, versão: 1.0.0.26, carimbo de data/hora: 0x561cde87
Código de exceção: 0xc00001a5
Deslocamento da falha: 0x00119678
ID do processo com falha: 0x1350
Hora de início do aplicativo com falha: 0xsvchost.exe_DiagTrack0
Caminho do aplicativo com falha: svchost.exe_DiagTrack1
Caminho do módulo com falha: svchost.exe_DiagTrack2
ID do Relatório: svchost.exe_DiagTrack3
Nome completo do pacote com falha: svchost.exe_DiagTrack4
ID do aplicativo relativo ao pacote com falha: svchost.exe_DiagTrack5
Error: (01/05/2016 07:07:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: svchost.exe_DiagTrack, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d73f
Nome do módulo com falha: SafeGuard32.dll_unloaded, versão: 1.0.0.26, carimbo de data/hora: 0x561cde87
Código de exceção: 0xc00001a5
Deslocamento da falha: 0x00119678
ID do processo com falha: 0x8e0
Hora de início do aplicativo com falha: 0xsvchost.exe_DiagTrack0
Caminho do aplicativo com falha: svchost.exe_DiagTrack1
Caminho do módulo com falha: svchost.exe_DiagTrack2
ID do Relatório: svchost.exe_DiagTrack3
Nome completo do pacote com falha: svchost.exe_DiagTrack4
ID do aplicativo relativo ao pacote com falha: svchost.exe_DiagTrack5
Error: (01/05/2016 06:11:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Cliente-PC)
Description: Falha na ativação do aplicativo Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App com o erro: -2147024770. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/05/2016 06:05:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Cliente-PC)
Description: Falha na ativação do aplicativo Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App com o erro: -2147024770. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/05/2016 06:02:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Cliente-PC)
Description: Falha na ativação do aplicativo Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App com o erro: -2147024770. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/05/2016 05:58:56 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddWin32ServiceFiles: Unable to back up image of service The Calendar Service since QueryServiceConfig API failed
System Error:
O sistema não pode encontrar o arquivo especificado.
.
Erros de Sistema:
=============
Error: (01/06/2016 05:25:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2
Error: (01/06/2016 05:24:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço NetTcpActivator depende do serviço NetTcpPortSharing, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1058
Error: (01/06/2016 05:24:15 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento do sistema que ocorreu às 16:54:09 do dia 06/01/2016 não era esperado.
Error: (01/06/2016 05:17:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Experiências e Telemetria de Usuário Conectado foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço.
Error: (01/06/2016 04:15:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2
Error: (01/06/2016 04:14:28 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço NetTcpActivator depende do serviço NetTcpPortSharing, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1058
Error: (01/06/2016 04:13:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_5b2e7 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (01/06/2016 04:11:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço The Calendar Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (01/06/2016 04:11:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço NMIndexingService foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (01/06/2016 04:11:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Windows Search foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço.
CodeIntegrity:
===================================
Date: 2016-01-06 18:00:14.311
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard32.dll that did not meet the security requirements for Shared Sections.
Date: 2016-01-06 18:00:14.310
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard32.dll that did not meet the security requirements for Shared Sections.
Date: 2016-01-06 16:05:31.237
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard32.dll that did not meet the security requirements for Shared Sections.
Date: 2016-01-06 16:05:31.237
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard32.dll that did not meet the security requirements for Shared Sections.
Date: 2016-01-06 16:04:50.424
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard32.dll that did not meet the security requirements for Shared Sections.
Date: 2016-01-06 16:04:50.422
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard32.dll that did not meet the security requirements for Shared Sections.
Date: 2016-01-05 23:20:35.874
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-05 20:11:22.705
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-05 19:24:04.395
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-05 16:55:37.643
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Pentium(R) Dual-Core CPU E5500 @ 2.80GHz
Percentagem de memória em uso: 57%
RAM física total: 3583.24 MB
RAM física disponível: 1512.01 MB
Virtual Total: 7167.24 MB
Virtual disponível: 4540.41 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:585.4 GB) (Free:380.34 GB) NTFS
Drive d: () (Fixed) (Total:345.57 GB) (Free:234.6 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00026B7D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=585.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=345.6 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================