Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:18-04-2016 Executado por Celplan (2016-04-23 23:58:14) Executando a partir de C:\Users\Celplan\Downloads Windows 10 Pro Versão 1511 (X64) (2016-03-20 09:09:29) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-2490513090-2429994503-3030122172-500 - Administrator - Disabled) Celplan (S-1-5-21-2490513090-2429994503-3030122172-1000 - Administrator - Enabled) => C:\Users\Celplan Convidado (S-1-5-21-2490513090-2429994503-3030122172-501 - Limited - Disabled) DefaultAccount (S-1-5-21-2490513090-2429994503-3030122172-503 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Advanced Calendar 2.0.0.11189 (HKLM\...\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}) (Version: 2.0.0.11189 - MEIXIAN XIE) <==== ATENÇÃO Asterisk Key 10.0 (HKLM-x32\...\asterisk key) (Version: - ) BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.) Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version: - Cheat Engine) ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.34.55 - Huawei Technologies Co.,Ltd) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation) PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6543 - Realtek Semiconductor Corp.) Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATENÇÃO Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.13 - Synaptics Incorporated) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer) Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{2BA6245D-FBB9-42F6-AFD9-C0DC52763AD5}) (Version: - Microsoft) VisiPics V1.31 (HKLM-x32\...\VisiPics_is1) (Version: - Ozone) Winamp (HKLM-x32\...\Winamp) (Version: 5.66 - Nullsoft, Inc) WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) WirelessMon V4.0 (HKLM-x32\...\WirelessMon_is1) (Version: - PassMark Software ®) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-2490513090-2429994503-3030122172-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Celplan\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {29B2E3B5-376C-436D-AACC-A0F235EE5D0E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {508DCBFC-4A3B-4C0C-A331-AA1173A1C57C} - System32\Tasks\Dravsynlether Core => C:\Program Files (x86)\Dravsynlether\Drvcoretsk.exe [2016-04-22] () Task: {6973413F-45E3-4DCD-B412-E120D8204AA4} - System32\Tasks\{DCDD28B9-EEDD-4F90-B01D-E371340B3535} => pcalua.exe -a "C:\Program Files (x86)\Max Driver Updater\uninstaller.exe" Task: {77A0E517-402A-4D65-8924-DFEE9E004FE4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {855FF56D-23FE-438C-A282-75BA3928D416} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-20] (Google Inc.) Task: {A7D05A27-A2AB-4993-95C5-9F719383A87C} - System32\Tasks\Ezurgyua => C:\PROGRA~1\JUKMIS~1\Ogaocfu.bat <==== ATENÇÃO Task: {A8B1EBD8-8A2E-41C8-8803-EF02E76397AA} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK Task: {AAA81508-54F0-430C-86E4-F28817105E2D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {AC52EB0E-5218-4EB5-BD3F-B5836E70CAAD} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2016-04-22] () Task: {BDF166D4-F300-40BD-B25E-79431873A6A0} - System32\Tasks\osTip => C:\ProgramData\WindowsMsg\osmsg.exe [2016-02-09] () Task: {BF1CFD9D-CD72-4746-937E-5A991CFBB0CE} - System32\Tasks\AdobeAAMUpdater-1.0-Celplan-PC-Celplan => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated) Task: {C6E0064D-BC40-482A-9477-33805B9EE8C6} - System32\Tasks\Waznebum => C:\PROGRA~1\Tageno\Asenfip.bat <==== ATENÇÃO Task: {DAE83FB6-BEEE-43F9-BA69-240A2EC34BC4} - System32\Tasks\{E69052E3-07E8-4443-84AC-D6CEBABF294E} => pcalua.exe -a "C:\Program Files\WajaInterEn Browser Enhancer\WBE_uninstall.exe" Task: {DBC55B32-199E-4E85-B3DD-D6C6F711CAD1} - System32\Tasks\svchost => C:\Users\Celplan\AppData\Local\Temp\W21DIUIG2\W21DIUIG2.exe [2016-04-23] (TZ) <==== ATENÇÃO Task: {E7463406-52F1-4793-A491-5E84F5B8D9F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-20] (Google Inc.) Task: {F403302C-5ECD-498A-8A4F-6674B2A949B4} - System32\Tasks\ttwifi => C:\Program Files (x86)\ttwifi\tiantianwifi.exe (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\Celplan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://trustedsurf.com/?ssid=1461463316&a=1026400&src=sh&uuid=9cc47d04-fe24-45b9-94ff-0cf28627f44e" ShortcutWithArgument: C:\Users\Celplan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://trustedsurf.com/?ssid=1461463316&a=1026400&src=sh&uuid=9cc47d04-fe24-45b9-94ff-0cf28627f44e" --disable-quic ShortcutWithArgument: C:\Users\Celplan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://trustedsurf.com/?ssid=1461463316&a=1026400&src=sh&uuid=9cc47d04-fe24-45b9-94ff-0cf28627f44e" --disable-quic ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://trustedsurf.com/?ssid=1461463316&a=1026400&src=sh&uuid=9cc47d04-fe24-45b9-94ff-0cf28627f44e" --disable-quic ==================== Módulos Carregados (Whitelisted) ============== 2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 ____N () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-04-17 06:39 - 2016-04-17 06:39 - 00125832 _____ () C:\Users\Celplan\AppData\Roaming\TafwecIimujek\Keckepua.exe 2011-03-14 12:27 - 2011-03-14 12:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe 2016-04-23 22:41 - 2016-04-23 22:41 - 00237568 _____ () C:\Program Files (x86)\C16502CF-1461463546-E211-9E13-208984083E4F\knshCC1F.tmpfs 2016-04-23 23:06 - 2016-04-23 23:06 - 00138240 _____ () C:\Program Files (x86)\C16502CF-1461463546-E211-9E13-208984083E4F\hnssD66.tmp 2016-04-17 06:39 - 2016-04-17 06:39 - 00174472 _____ () C:\Users\Celplan\AppData\Roaming\Byknog\Byknog.exe 2015-12-25 05:42 - 2015-12-25 05:42 - 00141960 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarServ.exe 2016-04-23 23:06 - 2016-04-23 23:06 - 00389632 _____ () C:\Program Files (x86)\C16502CF-1461463546-E211-9E13-208984083E4F\jnsyE8A6.tmp 2016-03-25 19:47 - 2016-03-25 19:46 - 00224096 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe 2016-04-17 06:39 - 2016-04-17 06:39 - 00670600 _____ () C:\Users\Celplan\AppData\Roaming\Byknog\Lioega.dll 2016-04-13 20:48 - 2016-03-29 07:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-25 05:42 - 2015-12-25 05:42 - 03934344 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\Calendar.exe 2015-12-25 05:42 - 2015-12-25 05:42 - 00148104 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarEntry.dll 2016-04-13 20:48 - 2016-03-29 07:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-04-23 10:00 - 2016-04-23 10:00 - 00959176 _____ () C:\Users\Celplan\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll 2016-04-19 11:19 - 2016-04-19 11:19 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-04-17 06:39 - 2016-04-17 06:39 - 00115592 _____ () C:\Users\Celplan\AppData\Roaming\Byknog\Ejihp.exe 2016-04-17 06:39 - 2016-04-17 06:39 - 00146312 _____ () C:\Users\Celplan\AppData\Roaming\Byknog\Lioega.exe 2016-02-28 17:57 - 2016-02-28 17:57 - 00093696 ____N () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-04-13 20:46 - 2016-04-02 00:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-04-13 20:46 - 2016-04-02 00:26 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll 2016-04-13 20:48 - 2016-04-02 00:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-04-13 20:47 - 2016-04-01 23:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-04-13 20:48 - 2016-04-01 23:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-04-13 20:48 - 2016-04-02 00:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll 2016-04-23 23:06 - 2016-04-23 23:06 - 03935232 _____ () C:\Program Files (x86)\sunnyday\wincom_5PO.exe 2016-04-23 23:08 - 2016-04-23 23:08 - 03935232 _____ () C:\Program Files (x86)\Hostify\idsccom_7O4.exe 2016-03-31 14:24 - 2016-03-31 14:24 - 01417216 _____ () C:\Users\Celplan\AppData\Roaming\cpuminer\cpm.exe 2016-04-23 23:09 - 2016-02-09 12:30 - 02036224 _____ () C:\ProgramData\WindowsMsg\osmsg.exe 2016-04-17 06:39 - 2016-04-23 23:09 - 00183688 _____ () C:\Users\Celplan\AppData\Roaming\TafwecIimujek\Xartarih.din 2015-12-25 05:42 - 2015-12-25 05:42 - 00543368 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\EVPTask.dll 2015-12-25 05:42 - 2015-12-25 05:42 - 00406664 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\EVPNet.dll 2015-12-25 05:41 - 2015-12-25 05:41 - 00428680 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\EVPDR.dll 2016-03-25 19:47 - 2016-03-25 19:46 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll 2016-03-25 19:47 - 2016-03-25 19:46 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll 2016-03-25 19:47 - 2016-03-25 19:46 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll 2016-03-25 19:47 - 2016-03-25 19:46 - 02415104 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll 2016-04-19 11:19 - 2016-04-19 11:19 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-04-19 11:19 - 2016-04-19 11:19 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-04-17 06:39 - 2016-04-17 06:39 - 00262024 _____ () C:\Users\Celplan\AppData\Roaming\Byknog\Ejihp.dll 2016-04-23 10:00 - 2016-04-23 10:00 - 00679624 _____ () C:\Users\Celplan\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\ClientTelemetry.dll 2016-04-07 15:27 - 2016-04-06 07:04 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll 2016-04-07 15:27 - 2016-04-06 07:04 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll 2016-04-09 12:49 - 2016-04-08 13:53 - 17532096 _____ () C:\Users\Celplan\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.216\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== EXE Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) ==================== Hosts Conteúdo: ========================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2016-03-20 03:05 - 2016-04-23 23:03 - 00001006 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-2490513090-2429994503-3030122172-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 104.197.191.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{BD12BCAA-F250-44D9-AAD9-E3E85C08E6CC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{2919CF26-BCA8-4A58-A3BF-D1935DB93ECA}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{A1D24284-4C43-4747-8193-C757ECA02A7D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{C838B25D-7152-4BCE-9A1F-66C631F23638}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{597B4E84-E78E-4FA1-B731-BAF03E5F5604}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{697C8BE6-7602-4A6C-91EB-4F4305BEA13E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{9518A59D-55FC-4C41-AB4C-EEE16105FCB0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{5FD0A783-246C-453D-AFDF-95DDB1272075}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{A2C0EDC1-9DC2-47A4-8914-D0A984683ADD}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{C6054CFB-27E9-47C1-BED5-45E5B5F79020}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{A8449042-2F1D-466E-870F-D1CC4967BFD4}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{110CD84D-F65D-4F45-8123-514872C393BB}] => (Allow) C:\Program Files (x86)\Max Driver Updater\maxdu.exe FirewallRules: [{0E56388E-0429-4B10-A76C-3A3E062B5CE1}] => (Allow) C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe FirewallRules: [{EC760966-FCE8-43AF-8391-A2000A122EE6}] => (Allow) C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe FirewallRules: [{F477BD6C-9F3F-47B5-BDD5-58B4ED3FB0E2}] => (Allow) C:\Program Files (x86)\SrpnFiles\downloader.exe FirewallRules: [{C9D433CF-6D3E-4819-B70E-0E70453A9D62}] => (Allow) C:\Program Files (x86)\SrpnFiles\downloader.exe FirewallRules: [{F84F5D34-C526-428E-8B3F-293DF3866887}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{C6C92B48-FE6F-4C65-BC02-8501FC3FA062}] => (Allow) C:\Program Files\NewExt\jsinjector.exe ==================== Pontos de Restauração ========================= 13-04-2016 21:02:01 Windows Update 13-04-2016 21:03:23 Windows Update 18-04-2016 10:29:07 DirectX instalado 22-04-2016 11:58:47 Installed Microsoft Office Professional Plus 2013 ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (04/23/2016 11:35:32 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: svchost.exe, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d7ba Nome do módulo com falha: ESENT.dll, versão: 10.0.10586.212, carimbo de data/hora: 0x56fa1686 Código de exceção: 0xc0000602 Deslocamento da falha: 0x000000000022885f ID do processo com falha: 0x7b8 Hora de início do aplicativo com falha: 0xsvchost.exe0 Caminho do aplicativo com falha: svchost.exe1 Caminho do módulo com falha: svchost.exe2 ID do Relatório: svchost.exe3 Nome completo do pacote com falha: svchost.exe4 ID do aplicativo relativo ao pacote com falha: svchost.exe5 Error: (04/23/2016 11:35:32 PM) (Source: ESENT) (EventID: 908) (User: ) Description: svchost (1976) Terminando o processo devido à falha não recuperável: PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -1603(fucb.cxx:359): dllentry.cxx(103) (ESENT[10.0.10586.0] RETAIL RTM MBCS) Error: (04/22/2016 02:32:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: AutoKMS.exe, versão: 2.5.0.0, carimbo de data/hora: 0x52ea7aea Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.10586.162, carimbo de data/hora: 0x56cd45b4 Código de exceção: 0xe0434352 Deslocamento da falha: 0x0000000000071f28 ID do processo com falha: 0x578 Hora de início do aplicativo com falha: 0xAutoKMS.exe0 Caminho do aplicativo com falha: AutoKMS.exe1 Caminho do módulo com falha: AutoKMS.exe2 ID do Relatório: AutoKMS.exe3 Nome completo do pacote com falha: AutoKMS.exe4 ID do aplicativo relativo ao pacote com falha: AutoKMS.exe5 Error: (04/22/2016 02:32:02 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicativo: AutoKMS.exe Versão do Framework: v4.0.30319 Descrição: O processo foi terminado devido a uma exceção sem tratamento. Informações da Exceção: System.ComponentModel.Win32Exception em System.Diagnostics.Process.Kill() em ..(System.Diagnostics.Process) em ..(System.String) em ..(., System.String, Boolean, System.String, Int32, System.String, System.String, Boolean, Boolean, Boolean, Boolean, Boolean, Boolean, System.String, System.String) em ..(Int32, System.String, System.String, System.String, Boolean, Boolean, Boolean, ., Boolean, Boolean, System.String, Boolean, Boolean, System.String) em ..(.) em ..() Error: (04/22/2016 11:59:00 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP. System Error: Acesso negado. . Error: (04/21/2016 12:35:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: svchost.exe, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d7ba Nome do módulo com falha: ESENT.dll, versão: 10.0.10586.212, carimbo de data/hora: 0x56fa1686 Código de exceção: 0xc0000602 Deslocamento da falha: 0x000000000022885f ID do processo com falha: 0x714 Hora de início do aplicativo com falha: 0xsvchost.exe0 Caminho do aplicativo com falha: svchost.exe1 Caminho do módulo com falha: svchost.exe2 ID do Relatório: svchost.exe3 Nome completo do pacote com falha: svchost.exe4 ID do aplicativo relativo ao pacote com falha: svchost.exe5 Error: (04/21/2016 12:35:20 PM) (Source: ESENT) (EventID: 908) (User: ) Description: svchost (1812) Terminando o processo devido à falha não recuperável: PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -1603(fucb.cxx:359): dllentry.cxx(103) (ESENT[10.0.10586.0] RETAIL RTM MBCS) Error: (04/19/2016 01:11:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Celplan-PC) Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2147023174. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (04/18/2016 10:31:09 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: winamp.exe, versão: 5.6.6.3507, carimbo de data/hora: 0x528cdc50 Nome do módulo com falha: ntdll.dll, versão: 10.0.10586.122, carimbo de data/hora: 0x56cc16f5 Código de exceção: 0xc000000d Deslocamento da falha: 0x000ea22c ID do processo com falha: 0x85c Hora de início do aplicativo com falha: 0xwinamp.exe0 Caminho do aplicativo com falha: winamp.exe1 Caminho do módulo com falha: winamp.exe2 ID do Relatório: winamp.exe3 Nome completo do pacote com falha: winamp.exe4 ID do aplicativo relativo ao pacote com falha: winamp.exe5 Error: (04/18/2016 10:29:34 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP. System Error: Acesso negado. . Erros de Sistema: ============= Error: (04/23/2016 11:36:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço ProntSpooler devido ao seguinte erro: %%1053 Error: (04/23/2016 11:36:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço ProntSpooler. Error: (04/23/2016 11:36:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Internet Manager. RunOuc devido ao seguinte erro: %%1053 Error: (04/23/2016 11:36:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Internet Manager. RunOuc. Error: (04/23/2016 11:36:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Ugokcogq devido ao seguinte erro: %%2 Error: (04/23/2016 11:35:54 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: BMLoad.sys Error: (04/23/2016 11:35:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Serviço de Repositório de Estado foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 120000 milissegundos: Reiniciar o serviço. Error: (04/23/2016 11:35:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: O serviço Configuração Automática de WWAN terminou com o erro: %%997 Error: (04/23/2016 11:35:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Host de Sincronização_34319 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço. Error: (04/23/2016 11:32:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço TahsaMixrenp foi encerrado inesperadamente. Isso aconteceu 1 vez(es). CodeIntegrity: =================================== Date: 2016-04-23 10:26:48.340 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-04-22 14:35:03.902 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-22 14:27:58.657 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-22 13:58:04.434 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-22 12:05:50.353 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-16 15:06:16.273 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-14 13:22:18.984 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-14 09:45:35.974 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-08 17:10:35.970 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-06 14:06:07.637 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i3-2348M CPU @ 2.30GHz Percentagem de memória em uso: 48% RAM física total: 3912.36 MB RAM física disponível: 2013.55 MB Virtual Total: 4616.36 MB Virtual disponível: 2729.44 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:246.12 GB) (Free:197.34 GB) NTFS Drive d: (Novo volume) (Fixed) (Total:219.06 GB) (Free:206.9 GB) NTFS ==================== MBR & Tabela de Partições ================== ==================== Fim de Addition.txt ============================