Additional scan result of Farbar Recovery Scan Tool (x86) Version:07-09-2015 Ran by Usuario (2015-09-09 12:35:10) Running from C:\Users\Usuario\Downloads Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2015-06-09 23:26:22) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-2741043627-4026230127-4029745268-500 - Administrator - Disabled) Convidado (S-1-5-21-2741043627-4026230127-4029745268-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2741043627-4026230127-4029745268-1002 - Limited - Enabled) Usuario (S-1-5-21-2741043627-4026230127-4029745268-1000 - Administrator - Enabled) => C:\Users\Usuario ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Arquivo do WinRAR (HKLM\...\WinRAR archiver) (Version: - ) aTube Catcher versão 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) Battery Meter (HKLM\...\InstallShield_{543A4F31-9590-416A-A621-42CEB4C6A694}) (Version: 0.0.0.3C - ) Battery Meter (Version: 0.0.0.3C - ) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform) Corel Graphics - Windows Shell Extension (HKLM\...\_{B865FDD4-E96E-4166-BB69-6E8C207E3E29}) (Version: 17.0.0.491 - Corel Corporation) Corel Graphics - Windows Shell Extension (Version: 17.0.491 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - BR (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Capture (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Common (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Connect (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Custom Data (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Draw (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Filters (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - FontNav (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM Content (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM T (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PHOTO-PAINT (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Photozoom Plugin (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Redist (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Setup Files (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VBA (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VideoBrowser (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Writing Tools (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 (HKLM\...\_{C5D9CECB-A66F-473F-B406-5C8C2DCA4DF0}) (Version: 17.0.0.491 - Corel Corporation) CorelDRAW Graphics Suite X7 (Version: 17.0 - Corel Corporation) Hidden Dic Michaelis - UOL (HKLM\...\WDIC) (Version: - ) Doro 1.75 (HKLM\...\Doro_is1) (Version: - CompSoft) DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version: - DVD Shrink) EMSC (Version: 0.0.0.9C - Compal Electronics, Inc.) Hidden Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 6.0.10.1213 - Foxit Corporation) Ghostscript GPL 8.64 (Msi Setup) (HKLM\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Ghostscript GPL 8.64 (Msi Setup) (Version: 8.64 - Corel Corporation) Hidden Google Chrome (HKLM\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.) Google Update Helper (Version: 1.3.28.13 - Google Inc.) Hidden Malwarebytes Anti-Malware versão 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2012 (HKLM\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation) Motorola SM56 Speakerphone Modem (HKLM\...\SMSERIAL) (Version: 6.12.25.06 - Motorola Inc) MPC-HC 1.7.8 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.8 - MPC-HC Team) MV RegClean 5.9 (HKLM\...\MV RegClean 5.9_is1) (Version: - ) Opera Stable 31.0.1889.174 (HKLM\...\Opera 31.0.1889.174) (Version: 31.0.1889.174 - Opera Software) Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation) Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden PDF Architect 3 (HKLM\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH) PDF Architect 3 View Module (Version: 3.0.13.22993 - pdfforge GmbH) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge) PhotoScape (HKLM\...\PhotoScape) (Version: - ) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5898 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform) RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.51.01 - ) RICOH_Media_Driver_v2.14.18.01 (HKLM\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) SiS VGA Utilities (HKLM\...\SiS VGA Utilities) (Version: 5.29 - Silicon Integrated Systems Corporation) USB2.0 UVC WebCam (HKLM\...\{EA901E9F-6204-4974-8530-CA87F24DA464}) (Version: 6.11.701.002 - D-MAX) VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN) Windows 7 Manager (HKLM\...\{A74F33CB-8C7D-404F-93F5-A63317379BD2}) (Version: 2.0.4 - Yamicsoft) ZHPDiag 2015 (HKLM\...\ZHPDiag_is1) (Version: 2015 - Nicolas Coolman) Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 29-08-2015 11:24:16 JRT Pre-Junkware Removal 31-08-2015 17:56:45 Restore Point Created by FRST 02-09-2015 17:35:05 Windows Update 03-09-2015 09:11:48 Windows Update 03-09-2015 11:57:18 Windows Update 03-09-2015 12:38:04 Installed Windows 7 USB/DVD Download Tool 03-09-2015 12:44:00 Backup do Windows 03-09-2015 14:09:37 zoek.exe restore point ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 23:04 - 2015-08-29 20:29 - 00000840 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1049827A-4489-42DF-9B38-DE686E9A4D83} - System32\Tasks\{5DBC89BD-CA2E-4A5F-A015-7790B1205D8F} => Chrome.exe http://ui.skype.com/ui/0/7.7.0.103/pt/go/help.faq.installer?source=lightinstaller&LastError=1603 Task: {20AC256D-F3BA-4C33-9448-9A2E0B414746} - System32\Tasks\GoogleUpdateTaskMachineCore1d0eb0ce95c3d49 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-09] (Google Inc.) Task: {236AA1B0-5FCB-42B7-9055-A14651D9B938} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bf6566503c5b => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-09] (Google Inc.) Task: {3015CE1F-B708-4E2F-8792-3E0F18CD58FD} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan Task: {43043F00-C709-47EE-A3AE-DE716FCEBE45} - System32\Tasks\Opera scheduled Autoupdate 1441203342 => C:\Program Files\Opera\launcher.exe [2015-08-17] (Opera Software) Task: {51416804-5FB4-4B23-AD8B-49274124CE24} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bcb887f2df93 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-09] (Google Inc.) Task: {65C1149A-0119-4403-BBB5-4D04515C84D9} - System32\Tasks\GoogleUpdateTaskMachineCore1d0d5c97f488eb => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-09] (Google Inc.) Task: {6B333739-0C21-46CB-9852-B7BCFE33BDE9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-09] (Google Inc.) Task: {6FE0FBBB-76F9-47A2-BD02-95FA8E8EB484} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bcb5e2e9a7f2 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-09] (Google Inc.) Task: {C6790A97-7CD2-46B2-BAAA-F5E1AECB67E7} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e3e71e11ea8a => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-09] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0eb0ce95c3d49.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-06-09 20:28 - 2009-08-16 17:06 - 00141312 _____ () C:\Program Files\WinRAR\rarext.dll 2007-04-19 15:21 - 2007-04-19 15:21 - 00266240 _____ () C:\Windows\system32\EMSC.dll 2014-03-14 23:02 - 2014-03-14 23:02 - 00555888 _____ () c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Draw\PsiClient.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-2741043627-4026230127-4029745268-1000\...\caixa.gov.br -> imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-2741043627-4026230127-4029745268-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br IE restricted site: HKU\S-1-5-21-2741043627-4026230127-4029745268-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-2741043627-4026230127-4029745268-1000\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-2741043627-4026230127-4029745268-1000\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-2741043627-4026230127-4029745268-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-2741043627-4026230127-4029745268-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-2741043627-4026230127-4029745268-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-2741043627-4026230127-4029745268-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-2741043627-4026230127-4029745268-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-2741043627-4026230127-4029745268-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-2741043627-4026230127-4029745268-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-2741043627-4026230127-4029745268-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-2741043627-4026230127-4029745268-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-2741043627-4026230127-4029745268-1000\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-2741043627-4026230127-4029745268-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-2741043627-4026230127-4029745268-1000\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-2741043627-4026230127-4029745268-1000\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-2741043627-4026230127-4029745268-1000\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-2741043627-4026230127-4029745268-1000\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-2741043627-4026230127-4029745268-1000\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-2741043627-4026230127-4029745268-1000\...\100sexlinks.com -> 100sexlinks.com There are 4788 more restricted sites. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2741043627-4026230127-4029745268-1000\Control Panel\Desktop\\Wallpaper -> %windir%\web\wallpaper\windows\img0.jpg DNS Servers: 189.38.95.95 - 189.38.95.96 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Advanced SystemCare 8 => "C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR MSCONFIG\startupreg: DoroServer => C:\Program Files\DoroPDFWriter\DoroServer.exe ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{7CB383DE-87E1-4385-8FC7-DEA3A5D532C1}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [TCP Query User{5CC3DBD7-D4DA-463C-B45D-9B4F7A94E24C}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [UDP Query User{1BA89C0B-E6F9-4813-B8FC-857C4728C08C}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [{FABBB210-6C09-40A6-91B8-BDFB1AC78E0F}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs\CorelDrw.exe FirewallRules: [{787F0BBD-9F6F-493E-A82D-E21F904110B4}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs\CorelPP.exe FirewallRules: [{4571C5CD-A4B0-47BE-B1EF-4DA0CE136688}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/09/2015 11:58:57 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa FRST.exe versão 7.9.2015.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: c68 Hora de Início: 01d0eb0f8a17840d Hora de Término: 537 Caminho do Aplicativo: C:\Users\Usuario\Downloads\FRST.exe Id do Relatório: Error: (09/09/2015 11:34:07 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/09/2015 10:33:58 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/09/2015 10:06:24 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/07/2015 08:08:54 AM) (Source: Windows Backup) (EventID: 4104) (User: ) Description: O backup não foi bem-sucedido. Erro: O sistema não pode encontrar o arquivo especificado. (0x80070002). Error: (09/07/2015 08:00:13 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/06/2015 08:22:30 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/03/2015 02:50:21 PM) (Source: MsiInstaller) (EventID: 10005) (User: Usuario-PC) Description: Product: Google Update Helper -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2502. The arguments are: , , Error: (09/03/2015 02:50:21 PM) (Source: MsiInstaller) (EventID: 10005) (User: Usuario-PC) Description: Product: Google Update Helper -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2503. The arguments are: , , Error: (09/03/2015 02:09:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddCoreCsiFiles : BeginFileEnumeration() failed. System Error: Acesso negado. . System errors: ============= Error: (09/09/2015 11:32:54 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: O serviço MBAMService depende do serviço MBAMProtector, mas não foi possível iniciá-lo devido ao seguinte erro: %%2 Error: (09/09/2015 11:32:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço MBAMProtector devido ao seguinte erro: %%2 Error: (09/09/2015 10:34:49 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: ) Description: WMPNetworkSvc0x80004005 Error: (09/09/2015 10:32:39 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: O serviço MBAMService depende do serviço MBAMProtector, mas não foi possível iniciá-lo devido ao seguinte erro: %%2 Error: (09/09/2015 10:32:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço MBAMProtector devido ao seguinte erro: %%2 Error: (09/09/2015 10:23:12 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: O serviço PEVSystemStart está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente. Error: (09/09/2015 10:23:11 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: O serviço PEVSystemStart está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente. Error: (09/09/2015 10:23:10 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: O serviço PEVSystemStart está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente. Error: (09/09/2015 10:23:09 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: O serviço PEVSystemStart está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente. Error: (09/09/2015 10:23:08 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: O serviço PEVSystemStart está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente. Microsoft Office: ========================= Error: (09/09/2015 11:58:57 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: FRST.exe7.9.2015.0c6801d0eb0f8a17840d537C:\Users\Usuario\Downloads\FRST.exe Error: (09/09/2015 11:34:07 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/09/2015 10:33:58 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/09/2015 10:06:24 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/07/2015 08:08:54 AM) (Source: Windows Backup) (EventID: 4104) (User: ) Description: O sistema não pode encontrar o arquivo especificado. (0x80070002) Error: (09/07/2015 08:00:13 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/06/2015 08:22:30 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/03/2015 02:50:21 PM) (Source: MsiInstaller) (EventID: 10005) (User: Usuario-PC) Description: Product: Google Update Helper -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2502. The arguments are: , , (NULL)(NULL)(NULL)(NULL)(NULL) Error: (09/03/2015 02:50:21 PM) (Source: MsiInstaller) (EventID: 10005) (User: Usuario-PC) Description: Product: Google Update Helper -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2503. The arguments are: , , (NULL)(NULL)(NULL)(NULL)(NULL) Error: (09/03/2015 02:09:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddCoreCsiFiles : BeginFileEnumeration() failed. System Error: Acesso negado. CodeIntegrity: =================================== Date: 2015-09-02 10:11:23.366 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2015-09-02 10:06:30.118 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2015-09-02 10:02:48.821 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2015-09-02 10:02:25.264 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2015-09-02 09:56:20.557 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2015-09-02 09:55:50.916 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2015-09-02 09:55:27.792 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system. Date: 2015-08-20 13:43:15.611 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\6b407cd86ae71d015c05a77e0e9eb140\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22436_none_59c95d2a29958ebe\appidapi.dll because the set of per-page image hashes could not be found on the system. Date: 2015-08-20 13:43:15.283 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\6b407cd86ae71d015c05a77e0e9eb140\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22436_none_59c95d2a29958ebe\appidapi.dll because the set of per-page image hashes could not be found on the system. Date: 2015-08-20 13:43:15.017 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\6b407cd86ae71d015c05a77e0e9eb140\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22436_none_59c95d2a29958ebe\appidapi.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Pentium(R) Dual CPU T2390 @ 1.86GHz Percentage of memory in use: 61% Total physical RAM: 1789.17 MB Available physical RAM: 690.24 MB Total Virtual: 3578.34 MB Available Virtual: 2129.65 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.69 GB) (Free:81.87 GB) NTFS Drive f: (HD-EG5) (Fixed) (Total:465.76 GB) (Free:399.08 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 37A2BF8C) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: BD07A5D0) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================