Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:10-01-2015 01 Executado por Usuario (2016-01-12 06:32:43) Executando a partir de C:\Users\Usuario\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2011-05-16 17:53:59) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-4088202244-695289871-602143169-500 - Administrator - Disabled) Convidado (S-1-5-21-4088202244-695289871-602143169-501 - Limited - Enabled) => C:\Users\Convidado HomeGroupUser$ (S-1-5-21-4088202244-695289871-602143169-1005 - Limited - Enabled) Reparo (S-1-5-21-4088202244-695289871-602143169-1003 - Administrator - Enabled) => C:\Users\Reparo Usuario (S-1-5-21-4088202244-695289871-602143169-1000 - Administrator - Enabled) => C:\Users\Usuario ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: avast! Antivirus (Enabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Adobe Flash Player 14 ActiveX (HKLM-x32\...\{1F5E5F2E-5E61-431D-B796-58CCC6B68E28}) (Version: 14.0.0.125 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated) Adobe Reader XI - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated) ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dynasty of Nordics versão 7.55 (HKLM-x32\...\{C8141479-83BC-4CCB-B70C-5C033F227E79}}_is1) (Version: 7.55 - Galaxy Games) Eternal Senia (HKLM-x32\...\Steam App 351640) (Version: - Holy Priest) Foxit PhantomPDF Business (HKLM-x32\...\{F54D6DB2-CEE3-4089-BE83-09F4DD180B4E}) (Version: 7.0.8.1216 - Foxit Software Inc.) Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.12.0.2 - ) Google Chrome (HKU\S-1-5-21-4088202244-695289871-602143169-1000\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro) Hotspot Shield 5.1.2 (HKLM-x32\...\HotspotShield) (Version: 5.1.2 - AnchorFree Inc.) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden MultiSync versão 1.8.4 (HKLM-x32\...\{0EEBB9D7-8544-4AB9-B1AB-B98ECE94308B}_is1) (Version: 1.8.4 - Multilaser SA) Nero 8 Ultra Edition HD (HKLM-x32\...\{D6C9AF27-9414-46C8-B9D8-D878BA041046}) (Version: 8.3.326 - Nero AG) PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Daybreak Games) Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden Proteção de Terminal Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1507.99 - Trusteer) Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.4.4 - Qualcomm Atheros Communications Inc.) RaidCall (HKLM-x32\...\RaidCall) (Version: 9.0.0-1.0.1930.378 - raidcall.com.br) Rapport (x32 Version: 3.5.1507.99 - Trusteer) Hidden Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.04 - Serpro - Serviço Federal de Processamento de Dados) Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.) Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam) Sid Meier's Civilization 4 (HKU\S-1-5-21-4088202244-695289871-602143169-1000\...\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}) (Version: 1.00.0000 - Firaxis Games) Sid Meier's Civilization 4 (x32 Version: 1.00.0000 - Firaxis Games) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) SOE Web Installer (HKU\S-1-5-21-4088202244-695289871-602143169-1000\...\SOE Web Installer) (Version: 1.0.3.171 - Sony Online Entertainment) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKU\S-1-5-21-4088202244-695289871-602143169-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden VIA Gerenciador de dispositivo de plataforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) XP Codec Pack (HKLM-x32\...\XP Codec Pack) (Version: - ) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-4088202244-695289871-602143169-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Usuario\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-4088202244-695289871-602143169-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Usuario\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-4088202244-695289871-602143169-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Usuario\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-4088202244-695289871-602143169-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Usuario\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-4088202244-695289871-602143169-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Usuario\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-4088202244-695289871-602143169-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Usuario\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-4088202244-695289871-602143169-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Usuario\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-4088202244-695289871-602143169-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Usuario\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-4088202244-695289871-602143169-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Usuario\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-4088202244-695289871-602143169-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Usuario\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-4088202244-695289871-602143169-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Usuario\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {03E994D3-08A5-49AD-A554-45B7586F719F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {10111258-6185-408B-B840-D1A5217426D5} - System32\Tasks\{81A286C5-ECF0-4FAA-B8E6-3CA71606D8AF} => pcalua.exe -a "C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\46DWYPP1\iGBPCEFgb[1].exe" -d C:\Users\Usuario\Desktop Task: {142017C4-DB9C-4D8E-B9B3-E9544AA8827E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-05] (Adobe Systems Incorporated) Task: {17DCBBAB-D57B-40F0-8929-6B148BEB5A56} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-16] (AVAST Software) Task: {3CC9C1C3-57BC-4672-80C3-6FBDF68B46BE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe Task: {484631E8-4374-4C25-8BCE-34AF9464F3B4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4088202244-695289871-602143169-1000UA => C:\Users\Usuario\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {5B35888E-4FF5-4448-9961-95AE1D33152B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4088202244-695289871-602143169-1000Core => C:\Users\Usuario\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {608D967A-13C9-4CFC-9560-5ABF746A288B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-02] (Google Inc.) Task: {676D6BF7-39DD-4EB4-9E2F-56C539EC78AB} - System32\Tasks\{0AAEEAEA-C5AB-421D-BC73-74825497DC95} => pcalua.exe -a E:\SETUP.EXE -d E:\ Task: {B1EBA013-8040-4560-A052-31AB17B07829} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-02] (Google Inc.) Task: {B5752978-ED90-4313-8304-6BA9B63DB3D3} - \{4C00E39F-EC56-418C-8BED-28239473F78A} -> Nenhum Arquivo <==== ATENÇÃO Task: {BE675467-A92A-48CB-9163-95487406E6CD} - System32\Tasks\{F0FA877E-AC28-42A9-8FBA-3A758320E3E8} => Chrome.exe hxxp://ui.skype.com/ui/0/7.4.80.102/pt/abandoninstall?page=tsProgressBar Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc Task: {E80D6459-376F-4A79-9847-01B95C21C281} - \060184C3-9766-46a0-B258-F4518A0B2633 -> Nenhum Arquivo <==== ATENÇÃO Task: {E9B72845-3E2D-4348-A458-65AD6BD62676} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-24] (AVAST Software) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4088202244-695289871-602143169-1000Core.job => C:\Users\Usuario\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4088202244-695289871-602143169-1000UA.job => C:\Users\Usuario\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warface808\Warface.lnk -> C:\Users\Usuario\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.levelupgames.com.br/gerenciadorCampanhas/index.php//warface/jogue-de-graca/cadastro-a.html/?utm_campaign=Warface_IRSC&utm_source=IRSC&utm_medium=instalador&utm_content=aquisicao --app-window-size=1920,1080 ShortcutWithArgument: C:\Users\Usuario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Warface.lnk -> C:\Users\Usuario\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.levelupgames.com.br/gerenciadorCampanhas/index.php//warface/jogue-de-graca/cadastro-a.html/?utm_campaign=Warface_IRSC&utm_source=IRSC&utm_medium=instalador&utm_content=aquisicao ==================== Módulos Carregados (Whitelisted) ============== 2014-10-21 12:20 - 2011-01-27 08:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2014-10-21 12:35 - 2010-12-22 16:28 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll 2014-10-21 12:35 - 2010-12-22 16:28 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll 2014-10-21 12:35 - 2010-12-22 16:28 - 00621168 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll 2015-12-15 17:51 - 2015-12-15 17:51 - 00687840 _____ () C:\Program Files (x86)\Hotspot Shield\bin\openvpn.exe 2015-08-24 17:24 - 2015-08-24 17:24 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-08-24 17:24 - 2015-08-24 17:24 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-01-10 12:58 - 2016-01-10 12:58 - 02821120 _____ () C:\Program Files\AVAST Software\Avast\defs\16011000\algo.dll 2016-01-12 06:28 - 2016-01-12 06:28 - 02821120 _____ () C:\Program Files\AVAST Software\Avast\defs\16011100\algo.dll 2015-12-15 18:10 - 2015-12-15 18:10 - 00261328 _____ () C:\Program Files (x86)\Hotspot Shield\bin\CrashRpt1403.dll 2015-12-15 17:46 - 2015-12-15 17:46 - 00280143 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libidn-11.dll 2009-03-27 18:02 - 2009-03-27 18:02 - 01554920 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libeay32.dll 2009-03-27 18:02 - 2009-03-27 18:02 - 00332254 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libssl32.dll 2015-07-21 16:02 - 2015-07-21 16:02 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll 2009-07-13 19:03 - 2009-07-13 23:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll 2015-08-24 17:24 - 2015-08-24 17:24 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt AlternateDataStreams: C:\Windows\System32:7421B3FA_Cef.gbp ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== EXE Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\.DEFAULT\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-21-4088202244-695289871-602143169-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-4088202244-695289871-602143169-1000\...\caixa.gov.br -> imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-4088202244-695289871-602143169-1000\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-21-4088202244-695289871-602143169-1000\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-21-4088202244-695289871-602143169-1000\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-21-4088202244-695289871-602143169-1000\...\sony.com -> sony.com ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-14 00:34 - 2009-06-10 19:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-4088202244-695289871-602143169-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 - 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{9FE50098-C291-4DEE-A513-96CCBE97AEC8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{88B40F6B-6F87-4533-BABB-570F0012811B}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{284BCC4D-83B2-40E4-B4C6-172D3D4D79C7}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{2B24B699-D0DC-49C2-AC91-1170C4EF5CA2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{51BA35DA-78EF-49C6-89FD-D34D8E5A4D24}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{9C886FBD-D72D-4B63-9D6D-CE2D7474533E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{77B688FD-1973-44A1-9420-67BFFF11C117}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{4A183D4D-107A-45FC-AB8E-E290BADEE126}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe FirewallRules: [{26D2B37B-8D94-46A7-98EA-3B3E40437CF2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe FirewallRules: [{2815C01C-06CB-4301-8DF8-3E0A6CE6AADB}] => (Allow) C:\Program Files (x86)\RaidCall.BR\rcplugin.exe FirewallRules: [{970BA600-3088-4BBD-8F0B-FD8B4ADF13D6}] => (Allow) C:\Program Files (x86)\RaidCall.BR\rcplugin.exe FirewallRules: [{CC938EF0-55CA-422C-9338-4E53DD46ED81}] => (Allow) C:\Users\Usuario\AppData\Roaming\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe FirewallRules: [{216415A7-5D21-49AE-A811-F4828AFC46A6}] => (Allow) C:\Users\Usuario\AppData\Roaming\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe FirewallRules: [TCP Query User{590BB330-D405-4577-B767-92BF0AD30982}C:\program files (x86)\java\jre1.8.0_31\launch4j-tmp\irpf2015.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\launch4j-tmp\irpf2015.exe FirewallRules: [UDP Query User{462EE33D-C811-4E8A-83B7-B5F7458B2FA1}C:\program files (x86)\java\jre1.8.0_31\launch4j-tmp\irpf2015.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\launch4j-tmp\irpf2015.exe FirewallRules: [TCP Query User{2679ADDD-B810-4DCD-9059-5154CA3AED9D}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe FirewallRules: [UDP Query User{25F1EEF2-DD4A-4695-8000-B9B00F8F4BCD}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe FirewallRules: [{2D9F11AF-63AD-4FCE-BF69-A0E3FA82DAF9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{CE4D683F-4D08-49AB-AE70-8D2CB7DAD35C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{DC858852-BFF6-4C74-A264-121C55EE5FC2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{09E55012-77CC-46DE-8F49-6E041524B52F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{8ABE2949-594E-4D7D-BCBB-AA8F549FDC5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe FirewallRules: [{1F74CB43-CA75-41A9-93D3-5CB9403A6727}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe FirewallRules: [{7970A876-4510-4DEA-AC3B-222605F46CFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{3B7AF153-5D9C-4C3B-BADB-952B04B53FDA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{62254912-B9FF-4CB2-8D76-B72FE602D78D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameServer.exe FirewallRules: [{72C95D3A-C852-47A7-86B7-3A6FA70F5EEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameServer.exe FirewallRules: [{60116B1C-41D2-4138-B2ED-451AA9637FD0}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{A3C599EA-4490-4D8F-958D-166ABE223387}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [TCP Query User{364F030E-B6F5-467E-BBA2-7FCF5D1D7A00}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [UDP Query User{650A5B84-C6F7-4664-B1F1-C233649D38E1}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [{50D40D95-C6C1-4AAE-9E63-D3CA26C390F6}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{3AAE3F8D-8B2E-4304-AE4D-E9B184C0C3AC}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{84EF048D-FCD0-4EEE-A39C-38588515E043}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe FirewallRules: [{36EB5114-0042-4F21-BCC6-2FA0F6525C12}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe FirewallRules: [{07C8408D-04DF-4376-AF0A-615C1413E709}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe FirewallRules: [{04DC912E-274D-4915-9CB0-CB9073F5A160}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe FirewallRules: [{95A8AC9E-868E-4F49-935D-BED76A4DC878}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{B5E43AD5-1711-4790-B35E-E9AAC9CFD3AE}] => (Allow) LPort=2869 FirewallRules: [{349A0347-1A9D-4334-A8FB-D0F97F362B46}] => (Allow) LPort=1900 FirewallRules: [{23449E70-53EE-4D55-AABC-FCC421852C76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Eternal Senia\Game.exe FirewallRules: [{DD7B4927-DEF2-4336-9B93-A65DC949ED5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Eternal Senia\Game.exe FirewallRules: [{9E8373D7-ED15-43BB-BD8D-0B587477219C}] => (Allow) C:\Users\Usuario\AppData\Local\Google\Chrome\Application\chrome.exe FirewallRules: [{021499F0-E991-48AC-910D-60D5C34A0398}] => (Block) C:\Users\Usuario\AppData\Local\Google\Chrome\Application\chrome.exe FirewallRules: [{AF3026A3-8DE6-49BF-B7D9-1184C753EF18}] => (Block) C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE FirewallRules: [{451D6358-6585-4E90-A7D8-B14E06D671D9}] => (Block) %SystemRoot%\system32\svchost.exe ==================== Pontos de Restauração ========================= 14-12-2015 17:49:02 Ponto de Verificação Agendado 21-12-2015 18:48:23 Backup do Windows 08-01-2016 21:48:24 Backup do Windows ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: mosfilterdrv Description: mosfilterdrv Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: mosfilterdrv Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Adaptador de Túnel Teredo da Microsoft Description: Adaptador de Túnel Teredo da Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Controlador de comunicação PCI simples Description: Controlador de comunicação PCI simples Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (01/12/2016 06:30:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: wmpnetwk.exe, versão: 12.0.7601.17514, carimbo de hora: 0x4ce7ae7f Nome do módulo de falhas: wmpnetwk.exe, versão: 12.0.7601.17514, carimbo de hora: 0x4ce7ae7f Código de exceção: 0xc0000005 Deslocamento com falha: 0x000000000004d188 Identificação do processo com falha: 0x18e0 Hora de início do aplicativo com falha: 0xwmpnetwk.exe0 Caminho do aplicativo com falha: wmpnetwk.exe1 FCaminho do módulo de falhas: wmpnetwk.exe2 Identificação do Relatório: wmpnetwk.exe3 Error: (01/12/2016 06:30:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: wmpnetwk.exe, versão: 12.0.7601.17514, carimbo de hora: 0x4ce7ae7f Nome do módulo de falhas: wmpnetwk.exe, versão: 12.0.7601.17514, carimbo de hora: 0x4ce7ae7f Código de exceção: 0xc0000005 Deslocamento com falha: 0x000000000004d188 Identificação do processo com falha: 0x3f0 Hora de início do aplicativo com falha: 0xwmpnetwk.exe0 Caminho do aplicativo com falha: wmpnetwk.exe1 FCaminho do módulo de falhas: wmpnetwk.exe2 Identificação do Relatório: wmpnetwk.exe3 Error: (01/12/2016 06:30:42 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: wmpnetwk.exe, versão: 12.0.7601.17514, carimbo de hora: 0x4ce7ae7f Nome do módulo de falhas: wmpnetwk.exe, versão: 12.0.7601.17514, carimbo de hora: 0x4ce7ae7f Código de exceção: 0xc0000005 Deslocamento com falha: 0x000000000004d188 Identificação do processo com falha: 0x798 Hora de início do aplicativo com falha: 0xwmpnetwk.exe0 Caminho do aplicativo com falha: wmpnetwk.exe1 FCaminho do módulo de falhas: wmpnetwk.exe2 Identificação do Relatório: wmpnetwk.exe3 Error: (01/12/2016 06:27:53 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: wmpnetwk.exe, versão: 12.0.7601.17514, carimbo de hora: 0x4ce7ae7f Nome do módulo de falhas: wmpnetwk.exe, versão: 12.0.7601.17514, carimbo de hora: 0x4ce7ae7f Código de exceção: 0xc0000005 Deslocamento com falha: 0x000000000004d188 Identificação do processo com falha: 0x14ec Hora de início do aplicativo com falha: 0xwmpnetwk.exe0 Caminho do aplicativo com falha: wmpnetwk.exe1 FCaminho do módulo de falhas: wmpnetwk.exe2 Identificação do Relatório: wmpnetwk.exe3 Error: (01/12/2016 06:27:52 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: wmpnetwk.exe, versão: 12.0.7601.17514, carimbo de hora: 0x4ce7ae7f Nome do módulo de falhas: wmpnetwk.exe, versão: 12.0.7601.17514, carimbo de hora: 0x4ce7ae7f Código de exceção: 0xc0000005 Deslocamento com falha: 0x000000000004d188 Identificação do processo com falha: 0x1bbc Hora de início do aplicativo com falha: 0xwmpnetwk.exe0 Caminho do aplicativo com falha: wmpnetwk.exe1 FCaminho do módulo de falhas: wmpnetwk.exe2 Identificação do Relatório: wmpnetwk.exe3 Error: (01/12/2016 06:26:45 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: wmpnetwk.exe, versão: 12.0.7601.17514, carimbo de hora: 0x4ce7ae7f Nome do módulo de falhas: wmpnetwk.exe, versão: 12.0.7601.17514, carimbo de hora: 0x4ce7ae7f Código de exceção: 0xc0000005 Deslocamento com falha: 0x000000000004d188 Identificação do processo com falha: 0x1954 Hora de início do aplicativo com falha: 0xwmpnetwk.exe0 Caminho do aplicativo com falha: wmpnetwk.exe1 FCaminho do módulo de falhas: wmpnetwk.exe2 Identificação do Relatório: wmpnetwk.exe3 Error: (01/12/2016 06:26:44 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: wmpnetwk.exe, versão: 12.0.7601.17514, carimbo de hora: 0x4ce7ae7f Nome do módulo de falhas: wmpnetwk.exe, versão: 12.0.7601.17514, carimbo de hora: 0x4ce7ae7f Código de exceção: 0xc0000005 Deslocamento com falha: 0x000000000004d188 Identificação do processo com falha: 0x1900 Hora de início do aplicativo com falha: 0xwmpnetwk.exe0 Caminho do aplicativo com falha: wmpnetwk.exe1 FCaminho do módulo de falhas: wmpnetwk.exe2 Identificação do Relatório: wmpnetwk.exe3 Error: (01/12/2016 06:26:38 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: wmpnetwk.exe, versão: 12.0.7601.17514, carimbo de hora: 0x4ce7ae7f Nome do módulo de falhas: wmpnetwk.exe, versão: 12.0.7601.17514, carimbo de hora: 0x4ce7ae7f Código de exceção: 0xc0000005 Deslocamento com falha: 0x000000000004d188 Identificação do processo com falha: 0x754 Hora de início do aplicativo com falha: 0xwmpnetwk.exe0 Caminho do aplicativo com falha: wmpnetwk.exe1 FCaminho do módulo de falhas: wmpnetwk.exe2 Identificação do Relatório: wmpnetwk.exe3 Error: (01/10/2016 01:51:11 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: wmpnetwk.exe, versão: 12.0.7601.17514, carimbo de hora: 0x4ce7ae7f Nome do módulo de falhas: wmpnetwk.exe, versão: 12.0.7601.17514, carimbo de hora: 0x4ce7ae7f Código de exceção: 0xc0000005 Deslocamento com falha: 0x000000000004d188 Identificação do processo com falha: 0x790 Hora de início do aplicativo com falha: 0xwmpnetwk.exe0 Caminho do aplicativo com falha: wmpnetwk.exe1 FCaminho do módulo de falhas: wmpnetwk.exe2 Identificação do Relatório: wmpnetwk.exe3 Error: (01/10/2016 01:51:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: wmpnetwk.exe, versão: 12.0.7601.17514, carimbo de hora: 0x4ce7ae7f Nome do módulo de falhas: wmpnetwk.exe, versão: 12.0.7601.17514, carimbo de hora: 0x4ce7ae7f Código de exceção: 0xc0000005 Deslocamento com falha: 0x000000000004d188 Identificação do processo com falha: 0x1f8 Hora de início do aplicativo com falha: 0xwmpnetwk.exe0 Caminho do aplicativo com falha: wmpnetwk.exe1 FCaminho do módulo de falhas: wmpnetwk.exe2 Identificação do Relatório: wmpnetwk.exe3 Erros de Sistema: ============= Error: (01/12/2016 06:30:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Serviço de Compartilhamento de Rede do Windows Media Player devido ao seguinte erro: %%1053 Error: (01/12/2016 06:30:43 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Serviço de Compartilhamento de Rede do Windows Media Player. Error: (01/12/2016 06:30:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Serviço de Compartilhamento de Rede do Windows Media Player devido ao seguinte erro: %%1053 Error: (01/12/2016 06:30:43 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Serviço de Compartilhamento de Rede do Windows Media Player. Error: (01/12/2016 06:30:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Serviço de Compartilhamento de Rede do Windows Media Player devido ao seguinte erro: %%1053 Error: (01/12/2016 06:30:43 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Serviço de Compartilhamento de Rede do Windows Media Player. Error: (01/12/2016 06:27:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Serviço de Compartilhamento de Rede do Windows Media Player devido ao seguinte erro: %%1053 Error: (01/12/2016 06:27:53 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Serviço de Compartilhamento de Rede do Windows Media Player. Error: (01/12/2016 06:27:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Serviço de Compartilhamento de Rede do Windows Media Player devido ao seguinte erro: %%1053 Error: (01/12/2016 06:27:53 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Serviço de Compartilhamento de Rede do Windows Media Player. CodeIntegrity: =================================== Date: 2015-08-23 18:18:37.836 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-23 18:18:37.836 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-23 18:18:37.836 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-23 18:18:37.805 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-23 18:18:37.805 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-23 18:18:37.805 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-22 13:32:04.761 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-22 13:32:04.761 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-22 13:32:04.746 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-22 13:32:04.730 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i5-2300 CPU @ 2.80GHz Percentagem de memória em uso: 23% RAM física total: 8098.91 MB RAM física disponível: 6206.98 MB Virtual Total: 16196.01 MB Virtual disponível: 14225.32 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:244.04 GB) (Free:77.62 GB) NTFS Drive d: () (Fixed) (Total:221.62 GB) (Free:20.91 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 86B57702) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=244 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=221.6 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================