Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 01-01-2017
Executado por Richilie Ronnier (03-01-2017 09:18:43)
Executando a partir de C:\Users\Richilie Ronnier\Downloads
Windows 10 Pro Versão 1511 (X64) (2015-10-30 11:08:53)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-1772908142-2598305865-1026119930-500 - Administrator - Disabled)
Convidado (S-1-5-21-1772908142-2598305865-1026119930-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1772908142-2598305865-1026119930-503 - Limited - Disabled)
Richilie Ronnier (S-1-5-21-1772908142-2598305865-1026119930-1001 - Administrator - Enabled) => C:\Users\Richilie Ronnier
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-1772908142-2598305865-1026119930-1001\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Atualizações da NVIDIA 2.11.4.0 (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Contents64 (Version: 19.1.0.10 - Corel Corporation) Hidden
Corel VideoStudio Pro Title Pack (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Corel VideoStudio Pro X9 (HKLM-x32\...\_{EE80DAA0-0071-475C-A222-F1782888FC55}) (Version: 19.1.0.10 - Corel Corporation)
CPUID CPU-Z G1 1.77 (HKLM\...\CPUID CPU-Z G1_is1) (Version: 1.77 - CPUID, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
ICA (x32 Version: 19.1.0.10 - Corel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
IPM_VS_Pro64 (Version: 19.0 - Corel Corporation) Hidden
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Malwarebytes versão 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-1772908142-2598305865-1026119930-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 50.0.2 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 pt-BR)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla)
NVIDIA Driver de áudio HD 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA Driver de controle do 3D Vision 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA Driver de gráficos 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Painel de controle da NVIDIA 368.39 (Version: 368.39 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.8 - VS Revo Group, Ltd.)
Setup (x32 Version: 19.1.0.10 - Corel Corporation) Hidden
Share64 (Version: 19.1.0.10 - Corel Corporation) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Software de dispositivo do Chipset Intel® (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VSClassic64 (Version: 19.1.0.10 - Corel Corporation) Hidden
VSPro64 (Version: 19.1.0.10 - Corel Corporation) Hidden
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
HKU\S-1-5-21-1772908142-2598305865-1026119930-1001\...\ChromeHTML: -> C:\Program Files (x86)\Jamlarry\Application\chrome.exe (Google Inc.) <==== ATENÇÃO
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {0153B4DE-48A0-4C0B-BB9C-081DC6C45DAE} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-12-02] (@ByELDI)
Task: {03BD918A-DE34-407C-9728-9D1384F20A50} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {155E421E-A61F-4143-984B-15EFAEDE0C08} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-24] (Google Inc.)
Task: {27C6CD5E-DD45-4FE7-9950-21903A5319D0} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_185_pepper.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {4579749B-1026-44C0-9C70-7E0FBB5E7EA5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-24] (Google Inc.)
Task: {D1CDAAB5-20E0-44A5-B661-5B37C0A5CBD8} - System32\Tasks\Wociward Cloud => C:\Program Files (x86)\Drowiing\anaecult.exe [2016-12-26] (Glarysoft Ltd)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_185_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
Shortcut: C:\Users\Richilie Ronnier\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Jamlarry\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Richilie Ronnier\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Jamlarry\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Richilie Ronnier\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Jamlarry\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Richilie Ronnier\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Jamlarry\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Jamlarry\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Jamlarry\Application\chrome.exe (Google Inc.)
==================== Módulos Carregados (Whitelisted) ==============
2015-10-30 05:18 - 2015-10-30 05:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2015-10-30 09:26 - 2016-06-03 01:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-30 05:17 - 2015-10-30 05:17 - 02652784 _____ () C:\Windows\system32\CoreUIComponents.dll
2015-10-30 05:17 - 2015-10-30 05:17 - 02652784 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-12-10 19:34 - 2016-12-10 19:34 - 01678560 _____ () C:\Users\Richilie Ronnier\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2015-10-30 05:17 - 2015-10-30 05:17 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-10-30 05:17 - 2015-10-30 05:17 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-30 05:18 - 2015-10-30 17:14 - 08005632 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-30 05:18 - 2015-10-30 17:14 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-30 05:18 - 2015-10-30 17:14 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-30 05:18 - 2015-10-30 17:14 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-07-06 04:04 - 2016-07-06 04:07 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-12-29 08:24 - 2016-12-23 00:13 - 00265936 _____ () C:\Program Files (x86)\Elex-tech\YAC\iSvc.dll
2016-12-29 08:24 - 2016-12-02 02:46 - 00128848 _____ () C:\Program Files (x86)\Elex-tech\YAC\isafeupbiz.dll
2016-12-29 08:24 - 2016-05-23 00:37 - 00281648 _____ () C:\Program Files (x86)\Elex-tech\YAC\SSLEAY32.dll
2016-12-29 08:24 - 2016-05-23 00:37 - 00065696 _____ () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll
2016-12-29 08:24 - 2016-05-23 00:37 - 00143128 _____ () C:\Program Files (x86)\Elex-tech\YAC\ipcproxy.dll
2016-12-29 08:24 - 2016-12-02 02:46 - 01943936 _____ () C:\Program Files (x86)\Elex-tech\YAC\iSvc2.dll
2016-12-29 08:24 - 2016-12-02 02:45 - 01055064 _____ () C:\Program Files (x86)\Elex-tech\YAC\iSafebs.dll
2016-12-29 08:24 - 2016-12-02 02:44 - 00360504 _____ () C:\Program Files (x86)\Elex-tech\YAC\iSafeAdless.dll
2016-12-29 08:24 - 2016-12-02 02:45 - 00223864 _____ () C:\Program Files (x86)\Elex-tech\YAC\iSafenpf.dll
2016-12-29 08:24 - 2016-12-02 02:45 - 00253984 _____ () C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlCall.dll
2016-12-29 08:24 - 2016-05-23 00:41 - 00474536 _____ () C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMonCall.dll
2016-12-29 08:24 - 2016-12-02 02:45 - 00242536 _____ () C:\Program Files (x86)\Elex-tech\YAC\iSafeDisp.dll
2016-12-26 03:25 - 2016-12-26 03:25 - 00176640 _____ () c:\program files (x86)\drowiing\arerlophcmm.dll
2016-12-27 16:03 - 2016-12-30 00:38 - 00457728 _____ () c:\program files (x86)\winarcher\archer.dll
2016-12-29 08:21 - 2016-12-28 03:17 - 00475648 _____ () c:\programdata\microsoft\phone tools\corecon\12.0\1042\nonsdkaddonlangver.dll
2016-12-27 16:03 - 2016-12-28 11:31 - 00219136 _____ () c:\programdata\winsapsvc\winsap.dll
2015-10-30 09:27 - 2016-06-14 18:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-12-10 19:34 - 2016-12-10 19:34 - 01244376 _____ () C:\Users\Richilie Ronnier\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
2016-12-29 08:21 - 2016-11-30 23:29 - 01834600 _____ () C:\Program Files (x86)\Jamlarry\Application\libglesv2.dll
2016-12-29 08:21 - 2016-11-30 23:29 - 00091240 _____ () C:\Program Files (x86)\Jamlarry\Application\libegl.dll
2016-12-29 08:31 - 2016-12-11 12:37 - 17833560 _____ () C:\Users\Richilie Ronnier\AppData\Local\Jamlarry\User Data\PepperFlash\24.0.0.186\pepflashplayer.dll
2016-12-27 16:03 - 2017-01-03 09:11 - 00120320 _____ () c:\program files (x86)\gubed\gubedzl.dll
2016-07-06 04:04 - 2016-07-06 04:07 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-07-06 04:04 - 2016-07-06 04:07 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Windows\System32:9817EEAA_Bb.gbp [2]
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [2262]
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddreg64.sys:X5ZN8aGvT4 [686]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-1772908142-2598305865-1026119930-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-1772908142-2598305865-1026119930-1001\...\bb.com.br -> aapj.bb.com.br
IE trusted site: HKU\S-1-5-21-1772908142-2598305865-1026119930-1001\...\gastecnologia.com.br -> cloud.gastecnologia.com.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2015-10-30 05:24 - 2016-10-30 09:29 - 00000826 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-1772908142-2598305865-1026119930-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está desabilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKU\S-1-5-21-1772908142-2598305865-1026119930-1001\...\StartupApproved\Run: => "Steam"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{21186890-F27D-434F-A560-EFE8FAA7AEE8}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FC665715-BE47-4710-8654-570272D6A69D}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{267140C6-647E-4375-8588-F46E26D04C34}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B42403B8-53E5-4A0F-B21E-04243CECE785}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{15D55D3F-4242-432B-B84A-FC5F1C3F1BCA}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{6A813606-CEF3-4773-8F5A-148F117522BF}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{08AB11A7-75F9-4E68-9626-C3372A9B5E98}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FAC8F54B-03D7-4E3C-B73F-13FAAF0C10D8}] => E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{764BCB53-50AF-4E39-BADC-2A111A967916}] => E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BEAB5F8B-F0F8-4C71-9E58-5F6E1812A4AB}] => E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C2A3CB73-AE70-4D07-B9A8-711853144AE5}] => E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5CFAF2FE-C95F-4963-A6B7-5480858BC16E}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{337C9CB7-1349-4FC9-ABCE-BBAE5498E11F}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D96F5B3B-46A0-44F8-8124-6817F23D8576}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FCDDEF1E-10ED-4197-9F7A-F3817C6CF280}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E55A00D6-C0E0-4CFB-B776-5A4D32A1D06F}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2AF7C433-7809-4382-9B50-7C3B009A2CFC}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F6B2BAB5-A71B-4BB1-9C6A-9FE35FE0E60F}] => C:\Users\Richilie Ronnier\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AA722B42-A677-4923-8B83-F261B9517C45}] => C:\Users\Richilie Ronnier\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6B8B19E1-6880-4834-B452-AE67736A381E}] => C:\Users\Richilie Ronnier\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5BD60332-584B-405F-9856-CA990E6B737D}] => C:\Users\Richilie Ronnier\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{758BC073-2DB1-4B8A-91DA-11783E887AFD}] => C:\Users\Richilie Ronnier\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B99EF7E9-387F-4F5F-B054-7A30C313589C}] => C:\Users\Richilie Ronnier\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6F27A962-57DF-43F7-9EF5-20B55CAD48C8}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6BF2DEBE-B5D5-4E31-81E4-9E01B8D0C74B}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A59155FF-6E61-452A-967F-D9E26A1362BA}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FA34EAC2-7591-4D01-9BA3-31E809A2ED24}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E024ED69-71C9-40E8-ABDF-7B80E5DFAC20}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{974ECB4D-75FC-46E8-8713-509D3ED41991}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B34A20FE-21CE-4931-82ED-43A2BCAD1BDD}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{34F42A97-8C19-438B-A5C8-9FBDAC340B59}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0CFFB989-72C4-458F-911D-DF31790B2DF1}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1B2DE886-E419-41C4-9F5B-582E32B720C9}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AFD76674-C8A5-4ADE-8C47-9310C9AD0639}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7873DFBB-06CE-4074-A287-14574B29595B}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{14971AA7-38C9-4DD0-87B3-A48C69B36E83}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3A46DB7B-423F-4C41-957B-CFCB02CA107C}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8513DAF5-E68C-4403-9453-CD715EA9941F}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{99B87371-A330-4121-A7C9-80290610D92D}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{365BC7C2-D946-427D-9ECB-B1B64CB11861}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F3703391-460D-4CE0-8283-C47F081C71C6}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{22EAD7C0-2FB5-42AF-A955-D5E5BF72B699}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0770BD66-6F60-4BEE-B644-B93993876EB1}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{70887F5A-B6BA-4C8D-BC43-50DBC2C036F4}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{48A715F5-DD32-464C-AD59-B6C54649995C}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6DF2D0B9-E9A8-499B-848C-07DB88C6C748}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{170A7FC5-D331-4A97-8D1A-AF03D5306F99}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{833FFF54-81B7-4C03-ABDD-2FD93BA73571}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{748F754B-A962-4D11-8DF3-D2E2ECC8D150}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{212F82E4-5622-45D3-8ACB-1455765A0045}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{FE590D12-A4CB-4C0E-9C27-3A1D5403D37D}] => C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe
FirewallRules: [{1316CC9C-CB8C-4C18-BF2D-E20AE41A071D}] => C:\Program Files (x86)\Jamlarry\Application\chrome.exe
==================== Pontos de Restauração =========================
ATENÇÃO: A Restauração do Sistema está desabilitada
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (01/03/2017 09:09:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-U84LI2N)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/03/2017 09:09:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-U84LI2N)
Description: Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/02/2017 08:30:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-U84LI2N)
Description: O pacote Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy+App foi terminado porque levou muito tempo para ser suspenso.
Error: (01/02/2017 06:07:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-U84LI2N)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/02/2017 06:05:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-U84LI2N)
Description: Falha na ativação do aplicativo Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/02/2017 06:05:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-U84LI2N)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/02/2017 06:05:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-U84LI2N)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/02/2017 06:05:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-U84LI2N)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/02/2017 06:05:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-U84LI2N)
Description: Falha na ativação do aplicativo Microsoft.Windows.Photos_8wekyb3d8bbwe!App com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/02/2017 06:04:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: NvStreamUserAgent.exe, versão: 7.1.2084.9592, carimbo de data/hora: 0x57605c64
Nome do módulo com falha: ntdll.dll, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d193
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000000000002e609
ID do processo com falha: 0xde0
Hora de início do aplicativo com falha: 0x01d265335ca599cb
Caminho do aplicativo com falha: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Caminho do módulo com falha: C:\Windows\SYSTEM32\ntdll.dll
ID do Relatório: 7a3edbbc-78f4-4000-a3c6-81bf3b4321ef
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Erros de Sistema:
=============
Error: (01/03/2017 09:14:45 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U84LI2N)
Description: O servidor microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca não se registrou no DCOM dentro do tempo limite necessário.
Error: (01/03/2017 09:08:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Serviço de Licenças de Cliente (ClipSVC) devido ao seguinte erro:
O serviço não respondeu à requisição de início ou controle em tempo hábil.
Error: (01/03/2017 09:08:13 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Serviço de Licenças de Cliente (ClipSVC).
Error: (01/02/2017 08:30:57 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U84LI2N)
Description: O servidor {F9717507-6651-4EDB-BFF7-AE615179BCCF} não se registrou no DCOM dentro do tempo limite necessário.
Error: (01/02/2017 08:30:43 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U84LI2N)
Description: O servidor {F9717507-6651-4EDB-BFF7-AE615179BCCF} não se registrou no DCOM dentro do tempo limite necessário.
Error: (01/02/2017 08:30:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_6ce47 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (01/02/2017 08:30:36 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (01/02/2017 08:26:25 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Instalador de Módulos do Windows, mas essa ação falhou com o seguinte erro:
Uma cópia deste serviço já está sendo executada.
Error: (01/02/2017 08:24:55 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Windows Search, mas essa ação falhou com o seguinte erro:
Uma cópia deste serviço já está sendo executada.
Error: (01/02/2017 08:24:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Cópia de Sombra de Volume foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
CodeIntegrity:
===================================
Date: 2017-01-03 09:12:44.859
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-01-03 09:08:39.248
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-01-02 19:20:19.709
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-01-02 19:11:46.115
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-01-02 19:11:40.421
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-01-02 18:43:42.799
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-01-02 18:30:56.968
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-01-02 18:08:34.078
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-01-02 18:05:10.408
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-01-02 11:04:32.884
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Pentium(R) CPU G3258 @ 3.20GHz
Percentagem de memória em uso: 26%
RAM física total: 8078.7 MB
RAM física disponível: 5950.64 MB
Virtual Total: 9358.7 MB
Virtual disponível: 7060.1 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:74.04 GB) (Free:27.57 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: A7DBA7DB)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=74 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================
Executado por Richilie Ronnier (03-01-2017 09:18:43)
Executando a partir de C:\Users\Richilie Ronnier\Downloads
Windows 10 Pro Versão 1511 (X64) (2015-10-30 11:08:53)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-1772908142-2598305865-1026119930-500 - Administrator - Disabled)
Convidado (S-1-5-21-1772908142-2598305865-1026119930-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1772908142-2598305865-1026119930-503 - Limited - Disabled)
Richilie Ronnier (S-1-5-21-1772908142-2598305865-1026119930-1001 - Administrator - Enabled) => C:\Users\Richilie Ronnier
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-1772908142-2598305865-1026119930-1001\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Atualizações da NVIDIA 2.11.4.0 (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Contents64 (Version: 19.1.0.10 - Corel Corporation) Hidden
Corel VideoStudio Pro Title Pack (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Corel VideoStudio Pro X9 (HKLM-x32\...\_{EE80DAA0-0071-475C-A222-F1782888FC55}) (Version: 19.1.0.10 - Corel Corporation)
CPUID CPU-Z G1 1.77 (HKLM\...\CPUID CPU-Z G1_is1) (Version: 1.77 - CPUID, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
ICA (x32 Version: 19.1.0.10 - Corel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
IPM_VS_Pro64 (Version: 19.0 - Corel Corporation) Hidden
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Malwarebytes versão 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-1772908142-2598305865-1026119930-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 50.0.2 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 pt-BR)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla)
NVIDIA Driver de áudio HD 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA Driver de controle do 3D Vision 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA Driver de gráficos 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Painel de controle da NVIDIA 368.39 (Version: 368.39 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.8 - VS Revo Group, Ltd.)
Setup (x32 Version: 19.1.0.10 - Corel Corporation) Hidden
Share64 (Version: 19.1.0.10 - Corel Corporation) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Software de dispositivo do Chipset Intel® (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VSClassic64 (Version: 19.1.0.10 - Corel Corporation) Hidden
VSPro64 (Version: 19.1.0.10 - Corel Corporation) Hidden
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
HKU\S-1-5-21-1772908142-2598305865-1026119930-1001\...\ChromeHTML: -> C:\Program Files (x86)\Jamlarry\Application\chrome.exe (Google Inc.) <==== ATENÇÃO
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {0153B4DE-48A0-4C0B-BB9C-081DC6C45DAE} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-12-02] (@ByELDI)
Task: {03BD918A-DE34-407C-9728-9D1384F20A50} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {155E421E-A61F-4143-984B-15EFAEDE0C08} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-24] (Google Inc.)
Task: {27C6CD5E-DD45-4FE7-9950-21903A5319D0} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_185_pepper.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {4579749B-1026-44C0-9C70-7E0FBB5E7EA5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-24] (Google Inc.)
Task: {D1CDAAB5-20E0-44A5-B661-5B37C0A5CBD8} - System32\Tasks\Wociward Cloud => C:\Program Files (x86)\Drowiing\anaecult.exe [2016-12-26] (Glarysoft Ltd)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_185_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
Shortcut: C:\Users\Richilie Ronnier\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Jamlarry\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Richilie Ronnier\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Jamlarry\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Richilie Ronnier\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Jamlarry\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Richilie Ronnier\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Jamlarry\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Jamlarry\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Jamlarry\Application\chrome.exe (Google Inc.)
==================== Módulos Carregados (Whitelisted) ==============
2015-10-30 05:18 - 2015-10-30 05:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2015-10-30 09:26 - 2016-06-03 01:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-30 05:17 - 2015-10-30 05:17 - 02652784 _____ () C:\Windows\system32\CoreUIComponents.dll
2015-10-30 05:17 - 2015-10-30 05:17 - 02652784 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-12-10 19:34 - 2016-12-10 19:34 - 01678560 _____ () C:\Users\Richilie Ronnier\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2015-10-30 05:17 - 2015-10-30 05:17 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-10-30 05:17 - 2015-10-30 05:17 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-30 05:18 - 2015-10-30 17:14 - 08005632 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-30 05:18 - 2015-10-30 17:14 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-30 05:18 - 2015-10-30 17:14 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-30 05:18 - 2015-10-30 17:14 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-07-06 04:04 - 2016-07-06 04:07 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-12-29 08:24 - 2016-12-23 00:13 - 00265936 _____ () C:\Program Files (x86)\Elex-tech\YAC\iSvc.dll
2016-12-29 08:24 - 2016-12-02 02:46 - 00128848 _____ () C:\Program Files (x86)\Elex-tech\YAC\isafeupbiz.dll
2016-12-29 08:24 - 2016-05-23 00:37 - 00281648 _____ () C:\Program Files (x86)\Elex-tech\YAC\SSLEAY32.dll
2016-12-29 08:24 - 2016-05-23 00:37 - 00065696 _____ () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll
2016-12-29 08:24 - 2016-05-23 00:37 - 00143128 _____ () C:\Program Files (x86)\Elex-tech\YAC\ipcproxy.dll
2016-12-29 08:24 - 2016-12-02 02:46 - 01943936 _____ () C:\Program Files (x86)\Elex-tech\YAC\iSvc2.dll
2016-12-29 08:24 - 2016-12-02 02:45 - 01055064 _____ () C:\Program Files (x86)\Elex-tech\YAC\iSafebs.dll
2016-12-29 08:24 - 2016-12-02 02:44 - 00360504 _____ () C:\Program Files (x86)\Elex-tech\YAC\iSafeAdless.dll
2016-12-29 08:24 - 2016-12-02 02:45 - 00223864 _____ () C:\Program Files (x86)\Elex-tech\YAC\iSafenpf.dll
2016-12-29 08:24 - 2016-12-02 02:45 - 00253984 _____ () C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlCall.dll
2016-12-29 08:24 - 2016-05-23 00:41 - 00474536 _____ () C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMonCall.dll
2016-12-29 08:24 - 2016-12-02 02:45 - 00242536 _____ () C:\Program Files (x86)\Elex-tech\YAC\iSafeDisp.dll
2016-12-26 03:25 - 2016-12-26 03:25 - 00176640 _____ () c:\program files (x86)\drowiing\arerlophcmm.dll
2016-12-27 16:03 - 2016-12-30 00:38 - 00457728 _____ () c:\program files (x86)\winarcher\archer.dll
2016-12-29 08:21 - 2016-12-28 03:17 - 00475648 _____ () c:\programdata\microsoft\phone tools\corecon\12.0\1042\nonsdkaddonlangver.dll
2016-12-27 16:03 - 2016-12-28 11:31 - 00219136 _____ () c:\programdata\winsapsvc\winsap.dll
2015-10-30 09:27 - 2016-06-14 18:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-12-10 19:34 - 2016-12-10 19:34 - 01244376 _____ () C:\Users\Richilie Ronnier\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
2016-12-29 08:21 - 2016-11-30 23:29 - 01834600 _____ () C:\Program Files (x86)\Jamlarry\Application\libglesv2.dll
2016-12-29 08:21 - 2016-11-30 23:29 - 00091240 _____ () C:\Program Files (x86)\Jamlarry\Application\libegl.dll
2016-12-29 08:31 - 2016-12-11 12:37 - 17833560 _____ () C:\Users\Richilie Ronnier\AppData\Local\Jamlarry\User Data\PepperFlash\24.0.0.186\pepflashplayer.dll
2016-12-27 16:03 - 2017-01-03 09:11 - 00120320 _____ () c:\program files (x86)\gubed\gubedzl.dll
2016-07-06 04:04 - 2016-07-06 04:07 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-07-06 04:04 - 2016-07-06 04:07 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Windows\System32:9817EEAA_Bb.gbp [2]
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [2262]
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddreg64.sys:X5ZN8aGvT4 [686]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-1772908142-2598305865-1026119930-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-1772908142-2598305865-1026119930-1001\...\bb.com.br -> aapj.bb.com.br
IE trusted site: HKU\S-1-5-21-1772908142-2598305865-1026119930-1001\...\gastecnologia.com.br -> cloud.gastecnologia.com.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2015-10-30 05:24 - 2016-10-30 09:29 - 00000826 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-1772908142-2598305865-1026119930-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está desabilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKU\S-1-5-21-1772908142-2598305865-1026119930-1001\...\StartupApproved\Run: => "Steam"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{21186890-F27D-434F-A560-EFE8FAA7AEE8}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FC665715-BE47-4710-8654-570272D6A69D}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{267140C6-647E-4375-8588-F46E26D04C34}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B42403B8-53E5-4A0F-B21E-04243CECE785}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{15D55D3F-4242-432B-B84A-FC5F1C3F1BCA}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{6A813606-CEF3-4773-8F5A-148F117522BF}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{08AB11A7-75F9-4E68-9626-C3372A9B5E98}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FAC8F54B-03D7-4E3C-B73F-13FAAF0C10D8}] => E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{764BCB53-50AF-4E39-BADC-2A111A967916}] => E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BEAB5F8B-F0F8-4C71-9E58-5F6E1812A4AB}] => E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C2A3CB73-AE70-4D07-B9A8-711853144AE5}] => E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5CFAF2FE-C95F-4963-A6B7-5480858BC16E}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{337C9CB7-1349-4FC9-ABCE-BBAE5498E11F}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D96F5B3B-46A0-44F8-8124-6817F23D8576}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FCDDEF1E-10ED-4197-9F7A-F3817C6CF280}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E55A00D6-C0E0-4CFB-B776-5A4D32A1D06F}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2AF7C433-7809-4382-9B50-7C3B009A2CFC}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F6B2BAB5-A71B-4BB1-9C6A-9FE35FE0E60F}] => C:\Users\Richilie Ronnier\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AA722B42-A677-4923-8B83-F261B9517C45}] => C:\Users\Richilie Ronnier\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6B8B19E1-6880-4834-B452-AE67736A381E}] => C:\Users\Richilie Ronnier\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5BD60332-584B-405F-9856-CA990E6B737D}] => C:\Users\Richilie Ronnier\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{758BC073-2DB1-4B8A-91DA-11783E887AFD}] => C:\Users\Richilie Ronnier\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B99EF7E9-387F-4F5F-B054-7A30C313589C}] => C:\Users\Richilie Ronnier\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6F27A962-57DF-43F7-9EF5-20B55CAD48C8}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6BF2DEBE-B5D5-4E31-81E4-9E01B8D0C74B}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A59155FF-6E61-452A-967F-D9E26A1362BA}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FA34EAC2-7591-4D01-9BA3-31E809A2ED24}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E024ED69-71C9-40E8-ABDF-7B80E5DFAC20}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{974ECB4D-75FC-46E8-8713-509D3ED41991}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B34A20FE-21CE-4931-82ED-43A2BCAD1BDD}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{34F42A97-8C19-438B-A5C8-9FBDAC340B59}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0CFFB989-72C4-458F-911D-DF31790B2DF1}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1B2DE886-E419-41C4-9F5B-582E32B720C9}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AFD76674-C8A5-4ADE-8C47-9310C9AD0639}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7873DFBB-06CE-4074-A287-14574B29595B}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{14971AA7-38C9-4DD0-87B3-A48C69B36E83}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3A46DB7B-423F-4C41-957B-CFCB02CA107C}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8513DAF5-E68C-4403-9453-CD715EA9941F}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{99B87371-A330-4121-A7C9-80290610D92D}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{365BC7C2-D946-427D-9ECB-B1B64CB11861}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F3703391-460D-4CE0-8283-C47F081C71C6}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{22EAD7C0-2FB5-42AF-A955-D5E5BF72B699}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0770BD66-6F60-4BEE-B644-B93993876EB1}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{70887F5A-B6BA-4C8D-BC43-50DBC2C036F4}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{48A715F5-DD32-464C-AD59-B6C54649995C}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6DF2D0B9-E9A8-499B-848C-07DB88C6C748}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{170A7FC5-D331-4A97-8D1A-AF03D5306F99}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{833FFF54-81B7-4C03-ABDD-2FD93BA73571}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{748F754B-A962-4D11-8DF3-D2E2ECC8D150}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{212F82E4-5622-45D3-8ACB-1455765A0045}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{FE590D12-A4CB-4C0E-9C27-3A1D5403D37D}] => C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe
FirewallRules: [{1316CC9C-CB8C-4C18-BF2D-E20AE41A071D}] => C:\Program Files (x86)\Jamlarry\Application\chrome.exe
==================== Pontos de Restauração =========================
ATENÇÃO: A Restauração do Sistema está desabilitada
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (01/03/2017 09:09:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-U84LI2N)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/03/2017 09:09:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-U84LI2N)
Description: Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/02/2017 08:30:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-U84LI2N)
Description: O pacote Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy+App foi terminado porque levou muito tempo para ser suspenso.
Error: (01/02/2017 06:07:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-U84LI2N)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/02/2017 06:05:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-U84LI2N)
Description: Falha na ativação do aplicativo Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/02/2017 06:05:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-U84LI2N)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/02/2017 06:05:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-U84LI2N)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/02/2017 06:05:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-U84LI2N)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/02/2017 06:05:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-U84LI2N)
Description: Falha na ativação do aplicativo Microsoft.Windows.Photos_8wekyb3d8bbwe!App com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (01/02/2017 06:04:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: NvStreamUserAgent.exe, versão: 7.1.2084.9592, carimbo de data/hora: 0x57605c64
Nome do módulo com falha: ntdll.dll, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d193
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000000000002e609
ID do processo com falha: 0xde0
Hora de início do aplicativo com falha: 0x01d265335ca599cb
Caminho do aplicativo com falha: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Caminho do módulo com falha: C:\Windows\SYSTEM32\ntdll.dll
ID do Relatório: 7a3edbbc-78f4-4000-a3c6-81bf3b4321ef
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Erros de Sistema:
=============
Error: (01/03/2017 09:14:45 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U84LI2N)
Description: O servidor microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca não se registrou no DCOM dentro do tempo limite necessário.
Error: (01/03/2017 09:08:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Serviço de Licenças de Cliente (ClipSVC) devido ao seguinte erro:
O serviço não respondeu à requisição de início ou controle em tempo hábil.
Error: (01/03/2017 09:08:13 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Serviço de Licenças de Cliente (ClipSVC).
Error: (01/02/2017 08:30:57 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U84LI2N)
Description: O servidor {F9717507-6651-4EDB-BFF7-AE615179BCCF} não se registrou no DCOM dentro do tempo limite necessário.
Error: (01/02/2017 08:30:43 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U84LI2N)
Description: O servidor {F9717507-6651-4EDB-BFF7-AE615179BCCF} não se registrou no DCOM dentro do tempo limite necessário.
Error: (01/02/2017 08:30:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_6ce47 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (01/02/2017 08:30:36 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (01/02/2017 08:26:25 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Instalador de Módulos do Windows, mas essa ação falhou com o seguinte erro:
Uma cópia deste serviço já está sendo executada.
Error: (01/02/2017 08:24:55 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Windows Search, mas essa ação falhou com o seguinte erro:
Uma cópia deste serviço já está sendo executada.
Error: (01/02/2017 08:24:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Cópia de Sombra de Volume foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
CodeIntegrity:
===================================
Date: 2017-01-03 09:12:44.859
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-01-03 09:08:39.248
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-01-02 19:20:19.709
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-01-02 19:11:46.115
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-01-02 19:11:40.421
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-01-02 18:43:42.799
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-01-02 18:30:56.968
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-01-02 18:08:34.078
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-01-02 18:05:10.408
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-01-02 11:04:32.884
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Pentium(R) CPU G3258 @ 3.20GHz
Percentagem de memória em uso: 26%
RAM física total: 8078.7 MB
RAM física disponível: 5950.64 MB
Virtual Total: 9358.7 MB
Virtual disponível: 7060.1 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:74.04 GB) (Free:27.57 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: A7DBA7DB)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=74 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================