Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 21-08-2016 01
Executado por USUARIO (26-08-2016 21:56:29)
Executando a partir de C:\Users\USUARIO\Desktop
Windows 10 Home Versão 1511 (X64) (2016-03-03 21:37:07)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-2595039916-1623952900-2758885803-500 - Administrator - Disabled)
Convidado (S-1-5-21-2595039916-1623952900-2758885803-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-2595039916-1623952900-2758885803-503 - Limited - Disabled)
USUARIO (S-1-5-21-2595039916-1623952900-2758885803-1001 - Administrator - Enabled) => C:\Users\USUARIO
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Kaspersky Anti-Virus (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Anti-Virus (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-2595039916-1623952900-2758885803-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
Adobe Reader XI MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Arquivo do WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0039 - ASUS)
aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Counter Strike 2011 (HKU\S-1-5-21-2595039916-1623952900-2758885803-1001\...\Counter Strike 2011) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 8.4.21 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.35.1 - Dropbox, Inc.) Hidden
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Ghostify (HKLM-x32\...\{E1527582-8509-4011-B922-29E3FB548882}_is1) (Version: 1.4 - )
Google Chrome (HKU\S-1-5-21-2595039916-1623952900-2758885803-1001\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Intel(R) Driver Update Utility 2.5 (x32 Version: 2.5.0.22 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation)
Intel(R) Product Improvement Program (x32 Version: 2.1.27.3 - Intel) Hidden
Intel® Driver Update Utility (HKLM-x32\...\{aa1dec3b-dc4b-4db0-8c18-9157457eff1f}) (Version: 2.5.0.22 - Intel)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
K-Lite Codec Pack 10.0.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.0 - )
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 47.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 pt-BR)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MV RegClean 6.9 (HKLM-x32\...\MV RegClean 6.9_is1) (Version: - )
Nero 2014 (HKLM-x32\...\{F384C1E1-3A16-4073-95C3-7271FE0ED4C2}) (Version: 15.0.02200 - Nero AG)
Pacote de Driver do Windows - ASUS (ATP) Mouse (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
PhotoFiltre 7 (HKU\S-1-5-21-2595039916-1623952900-2758885803-1001\...\PhotoFiltre 7) (Version: - )
PhotoFiltre Studio X (HKU\S-1-5-21-2595039916-1623952900-2758885803-1001\...\PhotoFiltre Studio X) (Version: - )
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.)
Semp Toshiba Atualizador (HKLM-x32\...\SempToshibaUpdater) (Version: - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{2BA6245D-FBB9-42F6-AFD9-C0DC52763AD5}) (Version: - Microsoft)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.2.0.9 - VSO Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-2595039916-1623952900-2758885803-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\USUARIO\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2595039916-1623952900-2758885803-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\USUARIO\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2595039916-1623952900-2758885803-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\USUARIO\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2595039916-1623952900-2758885803-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\USUARIO\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2595039916-1623952900-2758885803-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\USUARIO\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2595039916-1623952900-2758885803-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2595039916-1623952900-2758885803-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\USUARIO\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {196EBCE8-FD5C-4507-AAB9-7784BFAFDF94} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2595039916-1623952900-2758885803-1001Core => C:\Users\USUARIO\AppData\Local\Google\Update\GoogleUpdate.exe [2016-07-14] (Google Inc.)
Task: {1CE8C3D0-62C7-4CB5-A6E3-214596D5DE33} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-03-31] (Dropbox, Inc.)
Task: {2579B0A6-0FC9-4B2F-B0C8-3C41B8601569} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {3A3EC616-E670-4E3C-9177-00DF6D273879} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\OatTask =>
Task: {422C63C8-4ED3-461F-B8FE-5EEB5052CA8C} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {479C28CE-3325-4986-BEB6-906CD2FDE953} - \Petckjahaght Module -> Nenhum Arquivo <==== ATENÇÃO
Task: {4B84AA7C-FA24-4AA2-ABE2-1F0ED0BD98AF} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {5A943EFE-6284-4B19-8651-5CF3B9F535AD} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {632C87B9-1D78-421D-AE24-C9A85D4C2E37} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {6CB4B25C-CAF6-473D-8FE0-CB4114E00CED} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {73728E6C-18C6-4223-A695-7131E030EA2A} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-08-23] (AsusTek)
Task: {7BE5F5CA-00E1-448B-900E-B7029EC9FF0D} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-08-20] (Nero AG)
Task: {8970BDD1-D694-4DFC-A6F5-3CB6BB280546} - \tasklist -> Nenhum Arquivo <==== ATENÇÃO
Task: {B5E0AC0A-A0CC-49A1-91D4-6B1556ED4277} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-04-28] (Realtek Semiconductor)
Task: {B9071A70-4740-4361-A91E-24020ADD965A} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {BA5C371E-3536-416A-93A4-F44EB27F3A27} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-04-28] (Realtek Semiconductor)
Task: {BB2BC655-3C4A-4318-802B-418812715C42} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {BD33DD7C-F2A0-4642-8818-3E5B9C28167B} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2016-07-10] ()
Task: {C63FE6F5-ED9A-45F6-BB0D-E1467EEFCBC8} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-18] (Realtek Semiconductor)
Task: {D7879826-8C1E-45F9-BA28-BE805E9C1279} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2595039916-1623952900-2758885803-1001UA => C:\Users\USUARIO\AppData\Local\Google\Update\GoogleUpdate.exe [2016-07-14] (Google Inc.)
Task: {E62F3E2D-0A5C-448A-8432-4B4BD27347D8} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-03-31] (Dropbox, Inc.)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2595039916-1623952900-2758885803-1001Core.job => C:\Users\USUARIO\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2595039916-1623952900-2758885803-1001UA.job => C:\Users\USUARIO\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\USUARIO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://yeabests.cc
ShortcutWithArgument: C:\Users\USUARIO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\86167cce530816d1\Google Chrome.lnk -> C:\Users\USUARIO\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData
==================== Módulos Carregados (Whitelisted) ==============
2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-03-09 20:43 - 2016-03-09 20:43 - 00118424 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2016-07-14 13:06 - 2016-07-01 01:48 - 02656408 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-07-14 13:06 - 2016-07-01 01:48 - 02656408 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-04-18 22:32 - 2016-04-18 22:33 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-03-04 11:25 - 2015-12-07 01:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-14 13:07 - 2016-07-01 00:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-14 13:06 - 2016-07-01 00:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-14 13:06 - 2016-07-01 00:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-14 13:06 - 2016-07-01 00:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-14 13:06 - 2016-07-01 00:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-06 08:52 - 2016-03-09 20:43 - 00416408 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2016-05-06 08:52 - 2016-03-09 20:43 - 00709272 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll
2016-05-06 08:52 - 2016-03-09 20:43 - 00130712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll
2016-05-06 08:52 - 2016-03-09 20:43 - 00025752 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll
2016-05-06 08:52 - 2016-03-09 20:43 - 00059544 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_quality_and_reliability_input.dll
2016-05-06 08:52 - 2016-03-09 20:43 - 00194712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll
2016-05-06 08:52 - 2016-03-09 20:43 - 00159896 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\sema_thermal_input.dll
2016-05-06 08:52 - 2016-03-09 20:43 - 00158360 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll
2016-05-06 08:52 - 2016-03-09 20:43 - 00050840 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll
2016-05-06 08:52 - 2016-03-09 20:43 - 00032920 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll
2016-05-06 08:52 - 2016-03-09 20:43 - 00460952 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2016-05-06 08:52 - 2016-03-09 20:43 - 00188568 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\foreground_window_input.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\kpcengine.2.3.dll
2016-04-18 22:32 - 2016-04-18 22:33 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-18 22:32 - 2016-04-18 22:33 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-05-13 14:36 - 2016-07-11 23:07 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-08-24 21:46 - 2016-07-11 23:07 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-08-24 21:46 - 2016-07-11 23:07 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-08-24 21:46 - 2016-07-11 23:07 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-05-13 14:36 - 2016-07-11 23:07 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-05-13 14:36 - 2016-07-11 23:07 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-05-13 14:36 - 2016-08-23 20:17 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-05-13 14:36 - 2016-07-11 23:07 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-05-13 14:36 - 2016-07-11 23:07 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-08-24 21:46 - 2016-07-11 23:07 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-08-24 21:46 - 2016-07-11 23:09 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-05-13 14:36 - 2016-08-23 20:17 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-05-13 14:36 - 2016-08-23 20:17 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-05-13 14:36 - 2016-08-23 20:17 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-05-13 14:36 - 2016-08-23 20:17 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-05-13 14:36 - 2016-07-11 23:07 - 00144848 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-08-24 21:46 - 2016-07-11 23:08 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-05-13 14:36 - 2016-08-23 20:17 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-05-13 14:36 - 2016-08-23 20:17 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-08-24 21:46 - 2016-07-11 23:09 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-08-24 21:46 - 2016-08-23 20:17 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-08-24 21:46 - 2016-08-23 20:02 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-08-24 21:46 - 2016-08-23 20:17 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-08-24 21:46 - 2016-08-23 20:17 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-05-13 14:36 - 2016-07-11 23:07 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 03929392 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 01972016 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-05-13 14:36 - 2016-08-23 20:17 - 00037192 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00168248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2015-10-30 04:24 - 2016-07-14 13:04 - 00001006 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-2595039916-1623952900-2758885803-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-2595039916-1623952900-2758885803-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2595039916-1623952900-2758885803-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2595039916-1623952900-2758885803-1001\...\StartupApproved\Run: => "msnmsgr"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8232DD03-AAC3-4753-81C2-A7A12E67DA4F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{B1040224-5D3A-4808-ACED-2E69384FB398}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{70DB6020-A7A0-46E6-A072-DCAC159B0F49}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A07EFCB3-A523-4737-99E8-42CAFC983456}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{D23FF196-0032-4DCA-955F-2CAE6E94E523}] => (Allow) C:\Users\USUARIO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1366A4E4-C2BA-49C3-96E9-ED55886E6824}] => (Allow) C:\Users\USUARIO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0D322F7D-4C14-4374-A27D-8E84499AF937}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{856E6D19-8F7A-4BD9-9946-F4481DD24B55}] => (Allow) LPort=2869
FirewallRules: [{F09E99C5-87F4-49E3-9B1E-A7BBFA89FC30}] => (Allow) LPort=1900
FirewallRules: [{1E98195F-9500-4A02-B83A-C41345D3A2FB}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{128C9744-36A3-4822-9BA4-FB9D7B93458B}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{BCAACD3B-818F-412B-B348-2FF2A9DCFA4D}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{6DC35510-B5EA-4009-8E18-1CCE01530D74}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{9D09033B-AAEA-48CD-9AB8-34D5B5E946DF}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [TCP Query User{D4FB5B5B-B3DB-410A-AF13-32D4725D89D8}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe
FirewallRules: [UDP Query User{A1C47C1C-6FBC-4B5B-9747-63B707C87378}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe
FirewallRules: [{1A5A03DF-1FDE-4508-87A4-2404F65A877F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{98026B47-A34E-4D73-9C26-B3F3085475E7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0B561BC2-3BD8-4D47-9D54-93589977DFCA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4BB8510A-CD2D-46E3-8986-B0CF8871585A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C0C8E53D-BC8E-4F65-89B7-A950831AA345}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{4C50881F-3921-454F-8CD8-2D716260649E}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe
FirewallRules: [UDP Query User{13EC57CA-EA3A-4666-8F55-A3271E2AD602}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe
FirewallRules: [{51314BCF-0773-4EA1-807E-79F6710A80F3}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{FEF63E24-0DC3-4D43-8F70-2E9448348C89}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{0A157A92-A9D5-46C7-88C7-209EDCB58173}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{6DC437F9-B0C2-42A5-B4F3-F06DE46956AF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{79793C70-C7E1-4E82-8A4A-06B89DE6FF6D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F9DD8613-270F-47D2-B355-04FFA91B194F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F4DA847D-0BBA-479C-9BF1-E929F8B862A9}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Pontos de Restauração =========================
25-08-2016 23:19:51 Windows Update
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (08/26/2016 12:00:20 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-RUE1DJN)
Description: Falha na ativação do aplicativo Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (08/26/2016 12:00:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-RUE1DJN)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (08/25/2016 11:20:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (08/25/2016 10:06:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-RUE1DJN)
Description: Falha na ativação do aplicativo Microsoft.WindowsMaps_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (08/25/2016 10:04:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-RUE1DJN)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (08/24/2016 10:50:25 PM) (Source: ESENT) (EventID: 454) (User: )
Description: svchost (1260) SRUJet: Falha na recuperação/restauração do banco de dados com erro inesperado -1216.
Error: (08/24/2016 10:50:25 PM) (Source: ESENT) (EventID: 494) (User: )
Description: svchost (1260) SRUJet: A recuperação do banco de dados falhou com o erro -1216 porque encontrou referências a um banco de dados, 'C:\Windows\system32\SRU\SRUDB.dat', que não existe mais. Ele não foi trazido a um estado de Desligamento Normal antes de ser removido (ou possivelmente movido ou renomeado). O mecanismo de banco de dados não permitirá a conclusão da recuperação dessa instância até que o banco de dados ausente seja reinstalado. Se realmente o banco de dados não estiver mais disponível e não for mais necessário, os procedimentos para a recuperação deste erro estarão disponíveis na Base de Dados de Conhecimento Microsoft ou seguindo o link de "mais informações" na parte inferior desta mensagem.
Error: (08/24/2016 10:48:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-RUE1DJN)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2147024891. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (08/24/2016 10:41:00 PM) (Source: ESENT) (EventID: 470) (User: )
Description: svchost (1272) SRUJet: O banco de dados C:\Windows\system32\SRU\SRUDB.dat está parcialmente anexado. Estágio do anexo: 3. Erro: -1019.
Error: (08/24/2016 10:41:00 PM) (Source: ESENT) (EventID: 476) (User: )
Description: svchost (1272) SRUJet: Falha na verificação da leitura de página do banco de dados do arquivo "C:\Windows\system32\SRU\SRUDB.dat" no deslocamento 8192 (0x0000000000002000) (página do banco de dados 1 (0x1)) para 4096 (0x00001000) bytes porque ele não contém dados de página. A operação de leitura falhará com o erro -1019 (0xfffffc05). Se essa condição persistir, restaure o banco de dados por meio de um backup anterior. A causa provável desse problema é falha de hardware. Contate o fornecedor de hardware para obter assistência para diagnosticar o problema.
Erros de Sistema:
=============
Error: (08/26/2016 12:00:24 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Host de Sincronização_1f5fb.
Error: (08/26/2016 12:00:20 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RUE1DJN)
Description: App
Error: (08/26/2016 12:00:19 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RUE1DJN)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca
Error: (08/26/2016 12:00:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_1f5fb foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (08/26/2016 12:00:12 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível
Error: (08/25/2016 11:56:24 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível
Error: (08/25/2016 11:19:05 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível
Error: (08/24/2016 11:47:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_1e501 foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (08/24/2016 11:47:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_1e501 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (08/24/2016 11:47:14 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível
CodeIntegrity:
===================================
Date: 2016-08-26 21:38:11.546
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-16 00:57:01.923
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-15 00:54:29.148
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-14 22:32:25.831
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-05 00:13:02.066
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-04 22:16:27.636
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-04 22:12:58.594
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-04 18:52:17.229
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-04 10:37:01.280
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-05-13 12:44:50.376
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Celeron(R) CPU N2930 @ 1.83GHz
Percentagem de memória em uso: 57%
RAM física total: 3982.51 MB
RAM física disponível: 1711.06 MB
Virtual Total: 4686.51 MB
Virtual disponível: 2102.05 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:107.85 GB) (Free:50.03 GB) NTFS
Drive d: (Disco Local ) (Fixed) (Total:357.42 GB) (Free:144.44 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D31F218D)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=107.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=357.4 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================
Executado por USUARIO (26-08-2016 21:56:29)
Executando a partir de C:\Users\USUARIO\Desktop
Windows 10 Home Versão 1511 (X64) (2016-03-03 21:37:07)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-2595039916-1623952900-2758885803-500 - Administrator - Disabled)
Convidado (S-1-5-21-2595039916-1623952900-2758885803-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-2595039916-1623952900-2758885803-503 - Limited - Disabled)
USUARIO (S-1-5-21-2595039916-1623952900-2758885803-1001 - Administrator - Enabled) => C:\Users\USUARIO
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Kaspersky Anti-Virus (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Anti-Virus (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-2595039916-1623952900-2758885803-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
Adobe Reader XI MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Arquivo do WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0039 - ASUS)
aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Counter Strike 2011 (HKU\S-1-5-21-2595039916-1623952900-2758885803-1001\...\Counter Strike 2011) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 8.4.21 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.35.1 - Dropbox, Inc.) Hidden
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Ghostify (HKLM-x32\...\{E1527582-8509-4011-B922-29E3FB548882}_is1) (Version: 1.4 - )
Google Chrome (HKU\S-1-5-21-2595039916-1623952900-2758885803-1001\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Intel(R) Driver Update Utility 2.5 (x32 Version: 2.5.0.22 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation)
Intel(R) Product Improvement Program (x32 Version: 2.1.27.3 - Intel) Hidden
Intel® Driver Update Utility (HKLM-x32\...\{aa1dec3b-dc4b-4db0-8c18-9157457eff1f}) (Version: 2.5.0.22 - Intel)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
K-Lite Codec Pack 10.0.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.0 - )
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 47.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 pt-BR)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MV RegClean 6.9 (HKLM-x32\...\MV RegClean 6.9_is1) (Version: - )
Nero 2014 (HKLM-x32\...\{F384C1E1-3A16-4073-95C3-7271FE0ED4C2}) (Version: 15.0.02200 - Nero AG)
Pacote de Driver do Windows - ASUS (ATP) Mouse (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
PhotoFiltre 7 (HKU\S-1-5-21-2595039916-1623952900-2758885803-1001\...\PhotoFiltre 7) (Version: - )
PhotoFiltre Studio X (HKU\S-1-5-21-2595039916-1623952900-2758885803-1001\...\PhotoFiltre Studio X) (Version: - )
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.)
Semp Toshiba Atualizador (HKLM-x32\...\SempToshibaUpdater) (Version: - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{2BA6245D-FBB9-42F6-AFD9-C0DC52763AD5}) (Version: - Microsoft)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.2.0.9 - VSO Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-2595039916-1623952900-2758885803-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\USUARIO\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2595039916-1623952900-2758885803-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\USUARIO\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2595039916-1623952900-2758885803-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\USUARIO\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2595039916-1623952900-2758885803-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\USUARIO\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2595039916-1623952900-2758885803-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\USUARIO\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2595039916-1623952900-2758885803-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2595039916-1623952900-2758885803-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\USUARIO\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {196EBCE8-FD5C-4507-AAB9-7784BFAFDF94} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2595039916-1623952900-2758885803-1001Core => C:\Users\USUARIO\AppData\Local\Google\Update\GoogleUpdate.exe [2016-07-14] (Google Inc.)
Task: {1CE8C3D0-62C7-4CB5-A6E3-214596D5DE33} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-03-31] (Dropbox, Inc.)
Task: {2579B0A6-0FC9-4B2F-B0C8-3C41B8601569} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {3A3EC616-E670-4E3C-9177-00DF6D273879} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\OatTask =>
Task: {422C63C8-4ED3-461F-B8FE-5EEB5052CA8C} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {479C28CE-3325-4986-BEB6-906CD2FDE953} - \Petckjahaght Module -> Nenhum Arquivo <==== ATENÇÃO
Task: {4B84AA7C-FA24-4AA2-ABE2-1F0ED0BD98AF} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {5A943EFE-6284-4B19-8651-5CF3B9F535AD} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {632C87B9-1D78-421D-AE24-C9A85D4C2E37} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {6CB4B25C-CAF6-473D-8FE0-CB4114E00CED} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {73728E6C-18C6-4223-A695-7131E030EA2A} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-08-23] (AsusTek)
Task: {7BE5F5CA-00E1-448B-900E-B7029EC9FF0D} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-08-20] (Nero AG)
Task: {8970BDD1-D694-4DFC-A6F5-3CB6BB280546} - \tasklist -> Nenhum Arquivo <==== ATENÇÃO
Task: {B5E0AC0A-A0CC-49A1-91D4-6B1556ED4277} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-04-28] (Realtek Semiconductor)
Task: {B9071A70-4740-4361-A91E-24020ADD965A} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {BA5C371E-3536-416A-93A4-F44EB27F3A27} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-04-28] (Realtek Semiconductor)
Task: {BB2BC655-3C4A-4318-802B-418812715C42} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {BD33DD7C-F2A0-4642-8818-3E5B9C28167B} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2016-07-10] ()
Task: {C63FE6F5-ED9A-45F6-BB0D-E1467EEFCBC8} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-18] (Realtek Semiconductor)
Task: {D7879826-8C1E-45F9-BA28-BE805E9C1279} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2595039916-1623952900-2758885803-1001UA => C:\Users\USUARIO\AppData\Local\Google\Update\GoogleUpdate.exe [2016-07-14] (Google Inc.)
Task: {E62F3E2D-0A5C-448A-8432-4B4BD27347D8} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-03-31] (Dropbox, Inc.)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2595039916-1623952900-2758885803-1001Core.job => C:\Users\USUARIO\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2595039916-1623952900-2758885803-1001UA.job => C:\Users\USUARIO\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\USUARIO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://yeabests.cc
ShortcutWithArgument: C:\Users\USUARIO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\86167cce530816d1\Google Chrome.lnk -> C:\Users\USUARIO\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData
==================== Módulos Carregados (Whitelisted) ==============
2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-03-09 20:43 - 2016-03-09 20:43 - 00118424 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2016-07-14 13:06 - 2016-07-01 01:48 - 02656408 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-07-14 13:06 - 2016-07-01 01:48 - 02656408 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-04-18 22:32 - 2016-04-18 22:33 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-03-04 11:25 - 2015-12-07 01:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-14 13:07 - 2016-07-01 00:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-14 13:06 - 2016-07-01 00:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-14 13:06 - 2016-07-01 00:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-14 13:06 - 2016-07-01 00:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-14 13:06 - 2016-07-01 00:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-06 08:52 - 2016-03-09 20:43 - 00416408 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2016-05-06 08:52 - 2016-03-09 20:43 - 00709272 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll
2016-05-06 08:52 - 2016-03-09 20:43 - 00130712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll
2016-05-06 08:52 - 2016-03-09 20:43 - 00025752 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll
2016-05-06 08:52 - 2016-03-09 20:43 - 00059544 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_quality_and_reliability_input.dll
2016-05-06 08:52 - 2016-03-09 20:43 - 00194712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll
2016-05-06 08:52 - 2016-03-09 20:43 - 00159896 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\sema_thermal_input.dll
2016-05-06 08:52 - 2016-03-09 20:43 - 00158360 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll
2016-05-06 08:52 - 2016-03-09 20:43 - 00050840 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll
2016-05-06 08:52 - 2016-03-09 20:43 - 00032920 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll
2016-05-06 08:52 - 2016-03-09 20:43 - 00460952 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2016-05-06 08:52 - 2016-03-09 20:43 - 00188568 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\foreground_window_input.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\kpcengine.2.3.dll
2016-04-18 22:32 - 2016-04-18 22:33 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-18 22:32 - 2016-04-18 22:33 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-05-13 14:36 - 2016-07-11 23:07 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-08-24 21:46 - 2016-07-11 23:07 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-08-24 21:46 - 2016-07-11 23:07 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-08-24 21:46 - 2016-07-11 23:07 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-05-13 14:36 - 2016-07-11 23:07 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-05-13 14:36 - 2016-07-11 23:07 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-05-13 14:36 - 2016-08-23 20:17 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-05-13 14:36 - 2016-07-11 23:07 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-05-13 14:36 - 2016-07-11 23:07 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-08-24 21:46 - 2016-07-11 23:07 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-08-24 21:46 - 2016-07-11 23:09 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-05-13 14:36 - 2016-08-23 20:17 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-05-13 14:36 - 2016-08-23 20:17 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-05-13 14:36 - 2016-08-23 20:17 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-05-13 14:36 - 2016-08-23 20:17 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-05-13 14:36 - 2016-07-11 23:07 - 00144848 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-08-24 21:46 - 2016-07-11 23:08 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-05-13 14:36 - 2016-08-23 20:17 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-05-13 14:36 - 2016-08-23 20:17 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-08-24 21:46 - 2016-07-11 23:09 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-08-24 21:46 - 2016-08-23 20:17 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-08-24 21:46 - 2016-08-23 20:02 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-08-24 21:46 - 2016-08-23 20:17 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-08-24 21:46 - 2016-08-23 20:17 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-05-13 14:36 - 2016-07-11 23:07 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 03929392 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 01972016 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-05-13 14:36 - 2016-07-11 23:09 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-05-13 14:36 - 2016-08-23 20:17 - 00037192 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00168248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-08-24 21:46 - 2016-08-23 20:17 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ==========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2015-10-30 04:24 - 2016-07-14 13:04 - 00001006 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-2595039916-1623952900-2758885803-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-2595039916-1623952900-2758885803-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2595039916-1623952900-2758885803-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2595039916-1623952900-2758885803-1001\...\StartupApproved\Run: => "msnmsgr"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8232DD03-AAC3-4753-81C2-A7A12E67DA4F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{B1040224-5D3A-4808-ACED-2E69384FB398}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{70DB6020-A7A0-46E6-A072-DCAC159B0F49}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A07EFCB3-A523-4737-99E8-42CAFC983456}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{D23FF196-0032-4DCA-955F-2CAE6E94E523}] => (Allow) C:\Users\USUARIO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1366A4E4-C2BA-49C3-96E9-ED55886E6824}] => (Allow) C:\Users\USUARIO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0D322F7D-4C14-4374-A27D-8E84499AF937}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{856E6D19-8F7A-4BD9-9946-F4481DD24B55}] => (Allow) LPort=2869
FirewallRules: [{F09E99C5-87F4-49E3-9B1E-A7BBFA89FC30}] => (Allow) LPort=1900
FirewallRules: [{1E98195F-9500-4A02-B83A-C41345D3A2FB}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{128C9744-36A3-4822-9BA4-FB9D7B93458B}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{BCAACD3B-818F-412B-B348-2FF2A9DCFA4D}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{6DC35510-B5EA-4009-8E18-1CCE01530D74}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{9D09033B-AAEA-48CD-9AB8-34D5B5E946DF}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [TCP Query User{D4FB5B5B-B3DB-410A-AF13-32D4725D89D8}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe
FirewallRules: [UDP Query User{A1C47C1C-6FBC-4B5B-9747-63B707C87378}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe
FirewallRules: [{1A5A03DF-1FDE-4508-87A4-2404F65A877F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{98026B47-A34E-4D73-9C26-B3F3085475E7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0B561BC2-3BD8-4D47-9D54-93589977DFCA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4BB8510A-CD2D-46E3-8986-B0CF8871585A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C0C8E53D-BC8E-4F65-89B7-A950831AA345}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{4C50881F-3921-454F-8CD8-2D716260649E}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe
FirewallRules: [UDP Query User{13EC57CA-EA3A-4666-8F55-A3271E2AD602}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe
FirewallRules: [{51314BCF-0773-4EA1-807E-79F6710A80F3}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{FEF63E24-0DC3-4D43-8F70-2E9448348C89}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{0A157A92-A9D5-46C7-88C7-209EDCB58173}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{6DC437F9-B0C2-42A5-B4F3-F06DE46956AF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{79793C70-C7E1-4E82-8A4A-06B89DE6FF6D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F9DD8613-270F-47D2-B355-04FFA91B194F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F4DA847D-0BBA-479C-9BF1-E929F8B862A9}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Pontos de Restauração =========================
25-08-2016 23:19:51 Windows Update
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (08/26/2016 12:00:20 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-RUE1DJN)
Description: Falha na ativação do aplicativo Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (08/26/2016 12:00:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-RUE1DJN)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (08/25/2016 11:20:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (08/25/2016 10:06:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-RUE1DJN)
Description: Falha na ativação do aplicativo Microsoft.WindowsMaps_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (08/25/2016 10:04:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-RUE1DJN)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (08/24/2016 10:50:25 PM) (Source: ESENT) (EventID: 454) (User: )
Description: svchost (1260) SRUJet: Falha na recuperação/restauração do banco de dados com erro inesperado -1216.
Error: (08/24/2016 10:50:25 PM) (Source: ESENT) (EventID: 494) (User: )
Description: svchost (1260) SRUJet: A recuperação do banco de dados falhou com o erro -1216 porque encontrou referências a um banco de dados, 'C:\Windows\system32\SRU\SRUDB.dat', que não existe mais. Ele não foi trazido a um estado de Desligamento Normal antes de ser removido (ou possivelmente movido ou renomeado). O mecanismo de banco de dados não permitirá a conclusão da recuperação dessa instância até que o banco de dados ausente seja reinstalado. Se realmente o banco de dados não estiver mais disponível e não for mais necessário, os procedimentos para a recuperação deste erro estarão disponíveis na Base de Dados de Conhecimento Microsoft ou seguindo o link de "mais informações" na parte inferior desta mensagem.
Error: (08/24/2016 10:48:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-RUE1DJN)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2147024891. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (08/24/2016 10:41:00 PM) (Source: ESENT) (EventID: 470) (User: )
Description: svchost (1272) SRUJet: O banco de dados C:\Windows\system32\SRU\SRUDB.dat está parcialmente anexado. Estágio do anexo: 3. Erro: -1019.
Error: (08/24/2016 10:41:00 PM) (Source: ESENT) (EventID: 476) (User: )
Description: svchost (1272) SRUJet: Falha na verificação da leitura de página do banco de dados do arquivo "C:\Windows\system32\SRU\SRUDB.dat" no deslocamento 8192 (0x0000000000002000) (página do banco de dados 1 (0x1)) para 4096 (0x00001000) bytes porque ele não contém dados de página. A operação de leitura falhará com o erro -1019 (0xfffffc05). Se essa condição persistir, restaure o banco de dados por meio de um backup anterior. A causa provável desse problema é falha de hardware. Contate o fornecedor de hardware para obter assistência para diagnosticar o problema.
Erros de Sistema:
=============
Error: (08/26/2016 12:00:24 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Host de Sincronização_1f5fb.
Error: (08/26/2016 12:00:20 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RUE1DJN)
Description: App
Error: (08/26/2016 12:00:19 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RUE1DJN)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca
Error: (08/26/2016 12:00:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_1f5fb foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (08/26/2016 12:00:12 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível
Error: (08/25/2016 11:56:24 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível
Error: (08/25/2016 11:19:05 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível
Error: (08/24/2016 11:47:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_1e501 foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (08/24/2016 11:47:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_1e501 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (08/24/2016 11:47:14 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível
CodeIntegrity:
===================================
Date: 2016-08-26 21:38:11.546
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-16 00:57:01.923
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-15 00:54:29.148
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-14 22:32:25.831
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-05 00:13:02.066
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-04 22:16:27.636
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-04 22:12:58.594
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-04 18:52:17.229
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-04 10:37:01.280
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-05-13 12:44:50.376
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Informações da Memória ===========================
Processador: Intel(R) Celeron(R) CPU N2930 @ 1.83GHz
Percentagem de memória em uso: 57%
RAM física total: 3982.51 MB
RAM física disponível: 1711.06 MB
Virtual Total: 4686.51 MB
Virtual disponível: 2102.05 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:107.85 GB) (Free:50.03 GB) NTFS
Drive d: (Disco Local ) (Fixed) (Total:357.42 GB) (Free:144.44 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D31F218D)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=107.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=357.4 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================