Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão:06-01-2015 Executado por Cliente (2016-01-06 18:06:52) Executando a partir de C:\Users\Cliente\Downloads Microsoft Windows 10 Pro (X86) (2016-01-05 19:13:30) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-406296613-3901443165-2578290060-500 - Administrator - Disabled) Cliente (S-1-5-21-406296613-3901443165-2578290060-1000 - Administrator - Enabled) => C:\Users\Cliente Convidado (S-1-5-21-406296613-3901443165-2578290060-501 - Limited - Disabled) DefaultAccount (S-1-5-21-406296613-3901443165-2578290060-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-406296613-3901443165-2578290060-1002 - Limited - Enabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-406296613-3901443165-2578290060-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.) Advanced Calendar 2.0.0.11153 (HKLM\...\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}) (Version: 2.0.0.11153 - MEIXIAN XIE) <==== ATENÇÃO Atualizações da NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation) aTube Catcher versão 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) Avast Free Antivirus (HKLM\...\Avast) (Version: 10.3.2225 - AVAST Software) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Empire Earth Demo (HKLM\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version: - ) FMW 1 (Version: 1.42.1 - AVG Technologies) Hidden Google Chrome (HKLM\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.) Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden K-Lite Mega Codec Pack 10.2.0 (HKLM\...\KLiteCodecPack_is1) (Version: 10.2.0 - ) Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Medal of Honor (TM) (HKLM\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts) Microsoft Office Outlook Connector (HKLM\...\{95140000-0081-0416-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Módulo de Segurança - Banco do Brasil (HKLM\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.12.1.2 - ) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Need for Speed Underground 2 Demo (HKLM\...\{C5EB90E1-8A46-4ED5-009D-C793E646C04F}) (Version: - ) Nero 7 Ultra Edition (HKLM\...\{C6115A28-F277-4E82-B067-84D28BF21046}) (Version: 7.03.1357 - Nero AG) NVIDIA Driver de áudio HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Driver de gráficos 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation) NVIDIA Driver do 3D Vision 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation) NVIDIA PhysX (HKLM\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation) osTip (HKLM\...\osTip) (Version: 1.0.0.1 - ) Painel de controle da NVIDIA 353.82 (Version: 353.82 - NVIDIA Corporation) Hidden Sniper Elite V2 (HKLM\...\Sniper Elite V2_is1) (Version: - ) Sniper Ghost Warrior 2 (HKLM\...\Sniper Ghost Warrior 2_is1) (Version: - ) Sony PC Companion 2.10.303 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony) Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Warsaw 1.11.0.42826 32 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.11.0.42826 - GAS Tecnologia) WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-406296613-3901443165-2578290060-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Cliente\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-406296613-3901443165-2578290060-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Cliente\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {011F0CB6-D03C-40EB-917A-2F264B248C2A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {01AAE0F8-8AAA-4BA6-A03A-418CE2BBF17F} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {0F3AA1B8-1DE9-486D-B242-3640B7472456} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files\Pro PC Cleaner\Splash.exe <==== ATENÇÃO Task: {145F1AE9-E76A-4049-9DC1-2B7A7EE750C5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {24953C37-4441-4730-9229-23E94CBF051F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {270AE423-DE54-4637-8256-B1CF9887B0BD} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Nenhum Arquivo <==== ATENÇÃO Task: {28510ECB-62A1-47BB-9DF4-6DA98A7BD3C5} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {2A914714-7376-45A0-95FA-21B767006FA7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {3838BD89-8BFA-4EDA-A12B-0232AE289219} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {3BAF4A1B-E2DC-4647-BB2E-8FFC4049008E} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {443D3A98-BAE4-45CD-A3FA-A69C9088E0C6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {55D36E2B-C112-4087-B4F7-C6E2DF2EFBC3} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {59F5CD7E-0FAB-44A6-A463-3E9EC82C9ADE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO Task: {5AAC7B45-B874-4C05-80CB-4EDECF83C6DC} - System32\Tasks\{9B710929-8DF9-46C0-9CA6-B6F0D3DAC4F7} => pcalua.exe -a C:\Users\Cliente\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=slbnew Task: {650984E5-158B-46A2-BB3A-9D0208E6CC59} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {701CF8C0-9649-4239-9C46-03F0A43536E9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO Task: {76F22C4F-8D0A-4F82-9BC4-442D0D881CED} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {7969D620-3814-45B4-8612-066E27C1A600} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-04] (AVAST Software) Task: {806124A5-B761-495C-AA3A-9E20ACD7081D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {813B4655-2511-4D72-B6F5-08C8672E953D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO Task: {8DCABDB4-5747-4A99-BFF6-02AE28A49172} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {8F574EAE-14F1-41D6-8A42-8A3202608727} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {94E7CF39-08F5-4150-A5BC-84F030012C38} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO Task: {95AF8F82-7489-4B71-8F43-382422536D61} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {960ABBCD-5686-4125-B362-E27A2507CEAC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {9BA67479-52E3-4FE4-B7D7-4BBC22B51AFA} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {9F393B7F-AB90-4650-B9C1-A8F6451CA098} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO Task: {A5F1F2D0-C642-4D69-B79C-A29476E13CE0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {A7189AC7-5247-4121-AC24-C0E42C0C262D} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {AC8864FA-CEC1-4B1E-8BF0-7DF328D5FE76} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {ACDEACDE-2A11-41B2-B259-115D99EBC523} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {C53240BB-2EA5-46C2-A5A9-3C5F7285D0CC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe Task: {C89C4F8B-0CE5-4900-A111-B0C960F03CEA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {CA2C926E-9838-4519-B60C-077F526E5600} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {CAFAC9BF-7E4C-4710-A8C6-21C25382DDD6} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {CD75E412-F461-4A6F-A369-3F567D2C4D06} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Nenhum Arquivo <==== ATENÇÃO Task: {CE563627-83FB-4EC6-9FB9-0F3350587B55} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {D053B36E-D870-44FC-862B-AFF8C92788CC} - System32\Tasks\{CA952785-A700-42C4-8940-6F57176DDFD1} => pcalua.exe -a C:\Users\Cliente\Downloads\iGBPCEFgb.exe -d C:\Users\Cliente\Desktop Task: {D1DA723A-5B6B-43B1-A013-97B0A6CCC13D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-16] (AVAST Software) Task: {D496E858-2357-4836-B51D-969E7101973D} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {DFFDD97F-DE0F-4FA9-9AB9-7DEC19C4AE65} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {E1F7D280-0E68-4F0F-8545-4EF07B4075F1} - System32\Tasks\ProPCCleaner_Start => C:\Program Files\Pro PC Cleaner\ProPCCleaner.exe <==== ATENÇÃO Task: {F8128C47-6632-4F6E-85F5-86F9A08736F0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {F950E01F-49BE-4183-AE10-FE84DE848528} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.321oyun.com?oem=mbtkv3&uid=6VPG112Y_ST31000524AS&tm=1432580135 ShortcutWithArgument: C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iexplore - Atalho.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.top8844.com?oem=mbtkv3&uid=6VPG112Y_ST31000524AS&tm=1432558504 ==================== Módulos Carregados (Whitelisted) ============== 2015-10-30 03:44 - 2015-10-30 03:44 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-12-28 09:13 - 2015-12-28 09:13 - 01536952 _____ () C:\ProgramData\System32\SafeGuard32.dll 2016-01-05 16:42 - 2015-08-06 22:13 - 00106104 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll 2015-08-04 16:11 - 2015-08-04 16:11 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-08-04 16:11 - 2015-08-04 16:11 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-12-28 08:33 - 2015-12-28 08:33 - 02806272 _____ () C:\Program Files\AVAST Software\Avast\defs\15122706\algo.dll 2016-01-05 17:32 - 2016-01-05 17:32 - 01859448 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-01-05 18:44 - 2016-01-05 18:45 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-01-05 18:44 - 2016-01-05 18:45 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-01-05 18:44 - 2016-01-05 18:45 - 21845504 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-01-05 17:32 - 2016-01-05 17:32 - 01859448 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2015-12-10 06:15 - 2015-12-10 06:15 - 00139912 _____ () C:\Program Files\CalendarTool\2.0.0.11153\CalendarEntry.dll 2016-01-05 17:32 - 2016-01-05 17:32 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-01-05 17:32 - 2016-01-05 17:32 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-01-05 17:32 - 2016-01-05 17:32 - 05340672 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-01-05 17:32 - 2016-01-05 17:32 - 00471552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-01-05 17:32 - 2016-01-05 17:32 - 02365952 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-01-05 17:32 - 2016-01-05 17:32 - 02656768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-05-01 16:39 - 2015-05-01 16:39 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2016-01-05 21:40 - 2016-01-05 21:39 - 40500224 _____ () C:\Program Files\AVG\UiDll\2171\libcef.dll 2015-12-25 16:59 - 2015-12-21 11:46 - 02934272 _____ () C:\ProgramData\WindowsMsg\FA889F48BA91932CA1794DC9B9F86E43.dll 2015-09-23 06:41 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll 2015-09-23 06:41 - 2015-10-20 17:44 - 00242176 _____ () C:\Program Files\Sony\Sony PC Companion\MExplorer.dll 2011-07-07 15:54 - 2011-07-07 15:54 - 00233984 _____ () C:\Program Files\Sony\Sony PC Companion\Report.dll 2015-03-23 20:19 - 2015-03-23 20:19 - 02620416 _____ () C:\Program Files\Sony\Sony PC Companion\libxt.dll 2015-09-23 06:41 - 2015-04-21 12:22 - 00053248 _____ () C:\Program Files\Sony\Sony PC Companion\VObject.dll 2015-07-23 10:21 - 2015-07-23 10:21 - 00802304 _____ () C:\Program Files\Sony\Sony PC Companion\PhoneUpdate.dll 2015-12-31 11:51 - 2016-01-04 15:55 - 02423296 _____ () C:\ProgramData\msdtc.exe 2015-09-23 06:41 - 2015-06-10 10:13 - 00113024 _____ () C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe 2015-12-30 16:15 - 2015-12-11 01:54 - 01583432 _____ () C:\Program Files\Google\Chrome\Application\47.0.2526.106\libglesv2.dll 2015-12-30 16:15 - 2015-12-11 01:54 - 00081224 _____ () C:\Program Files\Google\Chrome\Application\47.0.2526.106\libegl.dll 2015-12-10 06:16 - 2015-12-10 06:16 - 00153224 _____ () C:\Program Files\CalendarTool\2.0.0.11153\CalendarServ.exe 2015-12-10 06:16 - 2015-12-10 06:16 - 00543368 _____ () C:\Program Files\CalendarTool\2.0.0.11153\EVPTask.dll 2015-12-10 06:16 - 2015-12-10 06:16 - 00406664 _____ () C:\Program Files\CalendarTool\2.0.0.11153\EVPNet.dll 2015-12-10 06:16 - 2015-12-10 06:16 - 00428680 _____ () C:\Program Files\CalendarTool\2.0.0.11153\EVPDR.dll 2015-12-10 06:16 - 2015-12-10 06:16 - 00747144 _____ () C:\Program Files\CalendarTool\2.0.0.11153\EVPKernel.dll 2015-12-10 06:16 - 2015-12-10 06:16 - 00327304 _____ () C:\Program Files\CalendarTool\2.0.0.11153\EVPHelp.dll 2015-12-10 06:15 - 2015-12-10 06:15 - 02259592 _____ () C:\Program Files\CalendarTool\2.0.0.11153\Calendar.exe 2016-01-06 17:51 - 2016-01-06 17:51 - 00708608 _____ () C:\Users\Cliente\AppData\Local\Temp\is-VQPL5.tmp\mbam-setup-2.2.0.1024.tmp 2016-01-06 17:51 - 2016-01-06 17:51 - 00708608 _____ () C:\Users\Cliente\AppData\Local\Temp\is-GB5HU.tmp\mbam-setup-2.2.0.1024.tmp 2016-01-06 16:03 - 2016-01-06 16:05 - 01749504 _____ () C:\Users\Cliente\Downloads\adwcleaner_5.028.exe ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Program Files\GbPlugin:IncompleteStartProcessProtection.cnt AlternateDataStreams: C:\Program Files\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== EXE Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-406296613-3901443165-2578290060-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br IE trusted site: HKU\S-1-5-21-406296613-3901443165-2578290060-1000\...\bb.com.br -> hxxps://seg.bb.com.br IE trusted site: HKU\S-1-5-21-406296613-3901443165-2578290060-1000\...\caixa.gov.br -> imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-406296613-3901443165-2578290060-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-14 00:04 - 2009-06-10 19:39 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-406296613-3901443165-2578290060-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Cliente\Pictures\minhas imagens\Monster\Kawasaki_KX450F-Monster-Energy_2010_6.jpg DNS Servers: 177.129.161.11 - 177.129.161.12 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808 FirewallRules: [UDP Query User{1DFE960C-DA42-410E-A07B-F43EC52A6EC6}C:\programdata\microsoft\network\dsq\network\sysnetwk.exe] => (Block) C:\programdata\microsoft\network\dsq\network\sysnetwk.exe FirewallRules: [TCP Query User{6E2A21C6-F160-4666-A051-B0F4C0500A2C}C:\programdata\microsoft\network\dsq\network\sysnetwk.exe] => (Block) C:\programdata\microsoft\network\dsq\network\sysnetwk.exe FirewallRules: [{18DA029D-B993-42EE-B8CE-E6A622C84374}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe FirewallRules: [{652E30B4-603F-4B5D-AF6E-020FC02C1B9C}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [UDP Query User{3887823C-5BEF-45E9-8117-600B6EC3FF1A}C:\users\cliente\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\cliente\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{CE22A9A8-A43B-4446-A1D4-E2D50303069F}C:\users\cliente\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\cliente\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{1E105A71-D5FC-4FA0-8A68-985FBA76F02E}E:\easysetupassistant\easysetupassistant.exe] => (Allow) E:\easysetupassistant\easysetupassistant.exe FirewallRules: [TCP Query User{6ACC888E-3E2E-447D-AE52-003B97F22501}E:\easysetupassistant\easysetupassistant.exe] => (Allow) E:\easysetupassistant\easysetupassistant.exe FirewallRules: [UDP Query User{C28580A1-3394-4051-B9D8-BB21A0A2BDFA}E:\easysetupassistant\easysetupassistant.exe] => (Allow) E:\easysetupassistant\easysetupassistant.exe FirewallRules: [TCP Query User{48DE4DCE-480F-4608-AB9E-8FF3FC66DC53}E:\easysetupassistant\easysetupassistant.exe] => (Allow) E:\easysetupassistant\easysetupassistant.exe FirewallRules: [{553DDD5C-D3E9-458A-90DF-DE7B7245300F}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{9763A019-71B3-4591-AD16-D588F344E9F2}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [UDP Query User{9D7F8C55-26DB-44EC-B60B-7F9E88A48EA1}C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe FirewallRules: [TCP Query User{85AA5E1B-399D-4935-A9C9-CBE94DE5BF67}C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe FirewallRules: [UDP Query User{548E89FC-255A-4C8B-87E5-5185BE585B17}C:\program files\valve\cs-2015\hl.exe] => (Allow) C:\program files\valve\cs-2015\hl.exe FirewallRules: [TCP Query User{E566FB6A-E4A6-4E69-AE62-260F4B9267A4}C:\program files\valve\cs-2015\hl.exe] => (Allow) C:\program files\valve\cs-2015\hl.exe FirewallRules: [{314AE9B3-C6D4-41CF-92F4-C9B767DF5BFF}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe FirewallRules: [UDP Query User{1D23C2A3-B22D-498B-BA93-F0888CE4D4FE}C:\users\cliente\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\cliente\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{214359F1-A55E-4E9F-8415-9D3E151FA6EF}C:\users\cliente\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\cliente\appdata\roaming\utorrent\utorrent.exe FirewallRules: [{86C3828F-45A2-45FF-956A-7170A0E6252D}] => (Allow) C:\Program Files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe FirewallRules: [{9825D316-A796-48ED-927A-5B536FDB66A0}] => (Block) C:\program files\counter-strike 1.6\hl.exe FirewallRules: [{3EF68F64-69C0-4955-B4C3-587849063D93}] => (Block) C:\program files\counter-strike 1.6\hl.exe FirewallRules: [UDP Query User{D45407C1-767F-46CF-8ACA-F820C8367554}C:\program files\counter-strike 1.6\hl.exe] => (Allow) C:\program files\counter-strike 1.6\hl.exe FirewallRules: [TCP Query User{2DFDF764-6581-4173-B96D-C0A5BAD03EB1}C:\program files\counter-strike 1.6\hl.exe] => (Allow) C:\program files\counter-strike 1.6\hl.exe FirewallRules: [{D017993C-76DC-432B-82A2-A872890B28D0}] => (Block) C:\sierra\empire earth demo\empire earth.exe FirewallRules: [{7FB5A32D-386E-46F2-B7B7-62730543ECE1}] => (Block) C:\sierra\empire earth demo\empire earth.exe FirewallRules: [UDP Query User{DCAE1B8B-0FC9-4B05-BA84-4F6650112A66}C:\sierra\empire earth demo\empire earth.exe] => (Allow) C:\sierra\empire earth demo\empire earth.exe FirewallRules: [TCP Query User{BFDD4571-1F0F-474F-A84B-F7408F130707}C:\sierra\empire earth demo\empire earth.exe] => (Allow) C:\sierra\empire earth demo\empire earth.exe FirewallRules: [UDP Query User{14DDB045-AFDB-43FB-9F21-AA6D319792BD}C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe FirewallRules: [TCP Query User{B670B0FB-52D3-459E-9048-E1615B17F156}C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe FirewallRules: [UDP Query User{90433E26-A8E1-41AA-BECD-D619809CD81A}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe FirewallRules: [TCP Query User{7038DE4D-2579-4726-A7B0-031B361997E9}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe FirewallRules: [UDP Query User{9D6B2CEF-E958-4B9A-8FB1-B27A7011D47A}C:\program files\valve\cs-2015\hl.exe] => (Allow) C:\program files\valve\cs-2015\hl.exe FirewallRules: [TCP Query User{F60D93FF-4D45-434C-A8B3-23B56430CC56}C:\program files\valve\cs-2015\hl.exe] => (Allow) C:\program files\valve\cs-2015\hl.exe ==================== Pontos de Restauração ========================= 05-01-2016 17:56:20 Ultra Adware Killer adware removal 05-01-2016 17:58:55 Ultra Adware Killer adware removal ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (01/06/2016 05:17:04 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: svchost.exe_DiagTrack, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d73f Nome do módulo com falha: SafeGuard32.dll_unloaded, versão: 1.0.0.26, carimbo de data/hora: 0x561cde87 Código de exceção: 0xc00001a5 Deslocamento da falha: 0x00119678 ID do processo com falha: 0x8c0 Hora de início do aplicativo com falha: 0xsvchost.exe_DiagTrack0 Caminho do aplicativo com falha: svchost.exe_DiagTrack1 Caminho do módulo com falha: svchost.exe_DiagTrack2 ID do Relatório: svchost.exe_DiagTrack3 Nome completo do pacote com falha: svchost.exe_DiagTrack4 ID do aplicativo relativo ao pacote com falha: svchost.exe_DiagTrack5 Error: (01/06/2016 12:17:23 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: svchost.exe_DiagTrack, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d73f Nome do módulo com falha: SafeGuard32.dll_unloaded, versão: 1.0.0.26, carimbo de data/hora: 0x561cde87 Código de exceção: 0xc00001a5 Deslocamento da falha: 0x00119678 ID do processo com falha: 0x8d4 Hora de início do aplicativo com falha: 0xsvchost.exe_DiagTrack0 Caminho do aplicativo com falha: svchost.exe_DiagTrack1 Caminho do módulo com falha: svchost.exe_DiagTrack2 ID do Relatório: svchost.exe_DiagTrack3 Nome completo do pacote com falha: svchost.exe_DiagTrack4 ID do aplicativo relativo ao pacote com falha: svchost.exe_DiagTrack5 Error: (01/05/2016 09:29:21 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: svchost.exe_DiagTrack, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d73f Nome do módulo com falha: SafeGuard32.dll_unloaded, versão: 1.0.0.26, carimbo de data/hora: 0x561cde87 Código de exceção: 0xc00001a5 Deslocamento da falha: 0x00119678 ID do processo com falha: 0xfc Hora de início do aplicativo com falha: 0xsvchost.exe_DiagTrack0 Caminho do aplicativo com falha: svchost.exe_DiagTrack1 Caminho do módulo com falha: svchost.exe_DiagTrack2 ID do Relatório: svchost.exe_DiagTrack3 Nome completo do pacote com falha: svchost.exe_DiagTrack4 ID do aplicativo relativo ao pacote com falha: svchost.exe_DiagTrack5 Error: (01/05/2016 09:22:38 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: avast_free_antivirus_setup_online.exe, versão: 0.0.0.0, carimbo de data/hora: 0x56715239 Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000 Código de exceção: 0xc0000005 Deslocamento da falha: 0x00000000 ID do processo com falha: 0x384 Hora de início do aplicativo com falha: 0xavast_free_antivirus_setup_online.exe0 Caminho do aplicativo com falha: avast_free_antivirus_setup_online.exe1 Caminho do módulo com falha: avast_free_antivirus_setup_online.exe2 ID do Relatório: avast_free_antivirus_setup_online.exe3 Nome completo do pacote com falha: avast_free_antivirus_setup_online.exe4 ID do aplicativo relativo ao pacote com falha: avast_free_antivirus_setup_online.exe5 Error: (01/05/2016 08:23:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: svchost.exe_DiagTrack, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d73f Nome do módulo com falha: SafeGuard32.dll_unloaded, versão: 1.0.0.26, carimbo de data/hora: 0x561cde87 Código de exceção: 0xc00001a5 Deslocamento da falha: 0x00119678 ID do processo com falha: 0x1350 Hora de início do aplicativo com falha: 0xsvchost.exe_DiagTrack0 Caminho do aplicativo com falha: svchost.exe_DiagTrack1 Caminho do módulo com falha: svchost.exe_DiagTrack2 ID do Relatório: svchost.exe_DiagTrack3 Nome completo do pacote com falha: svchost.exe_DiagTrack4 ID do aplicativo relativo ao pacote com falha: svchost.exe_DiagTrack5 Error: (01/05/2016 07:07:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: svchost.exe_DiagTrack, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d73f Nome do módulo com falha: SafeGuard32.dll_unloaded, versão: 1.0.0.26, carimbo de data/hora: 0x561cde87 Código de exceção: 0xc00001a5 Deslocamento da falha: 0x00119678 ID do processo com falha: 0x8e0 Hora de início do aplicativo com falha: 0xsvchost.exe_DiagTrack0 Caminho do aplicativo com falha: svchost.exe_DiagTrack1 Caminho do módulo com falha: svchost.exe_DiagTrack2 ID do Relatório: svchost.exe_DiagTrack3 Nome completo do pacote com falha: svchost.exe_DiagTrack4 ID do aplicativo relativo ao pacote com falha: svchost.exe_DiagTrack5 Error: (01/05/2016 06:11:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Cliente-PC) Description: Falha na ativação do aplicativo Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App com o erro: -2147024770. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (01/05/2016 06:05:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Cliente-PC) Description: Falha na ativação do aplicativo Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App com o erro: -2147024770. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (01/05/2016 06:02:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Cliente-PC) Description: Falha na ativação do aplicativo Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App com o erro: -2147024770. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (01/05/2016 05:58:56 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddWin32ServiceFiles: Unable to back up image of service The Calendar Service since QueryServiceConfig API failed System Error: O sistema não pode encontrar o arquivo especificado. . Erros de Sistema: ============= Error: (01/06/2016 05:25:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: %%2 Error: (01/06/2016 05:24:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: O serviço NetTcpActivator depende do serviço NetTcpPortSharing, mas não foi possível iniciá-lo devido ao seguinte erro: %%1058 Error: (01/06/2016 05:24:15 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: O desligamento do sistema que ocorreu às 16:54:09 do dia ‎06/‎01/‎2016 não era esperado. Error: (01/06/2016 05:17:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Experiências e Telemetria de Usuário Conectado foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço. Error: (01/06/2016 04:15:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: %%2 Error: (01/06/2016 04:14:28 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: O serviço NetTcpActivator depende do serviço NetTcpPortSharing, mas não foi possível iniciá-lo devido ao seguinte erro: %%1058 Error: (01/06/2016 04:13:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Host de Sincronização_5b2e7 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço. Error: (01/06/2016 04:11:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço The Calendar Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (01/06/2016 04:11:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço NMIndexingService foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (01/06/2016 04:11:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Windows Search foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço. CodeIntegrity: =================================== Date: 2016-01-06 18:00:14.311 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard32.dll that did not meet the security requirements for Shared Sections. Date: 2016-01-06 18:00:14.310 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard32.dll that did not meet the security requirements for Shared Sections. Date: 2016-01-06 16:05:31.237 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard32.dll that did not meet the security requirements for Shared Sections. Date: 2016-01-06 16:05:31.237 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard32.dll that did not meet the security requirements for Shared Sections. Date: 2016-01-06 16:04:50.424 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard32.dll that did not meet the security requirements for Shared Sections. Date: 2016-01-06 16:04:50.422 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard32.dll that did not meet the security requirements for Shared Sections. Date: 2016-01-05 23:20:35.874 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-05 20:11:22.705 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-05 19:24:04.395 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-05 16:55:37.643 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: Pentium(R) Dual-Core CPU E5500 @ 2.80GHz Percentagem de memória em uso: 57% RAM física total: 3583.24 MB RAM física disponível: 1512.01 MB Virtual Total: 7167.24 MB Virtual disponível: 4540.41 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:585.4 GB) (Free:380.34 GB) NTFS Drive d: () (Fixed) (Total:345.57 GB) (Free:234.6 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00026B7D) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=585.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=345.6 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================