Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:01-05-2016 Executado por Desktop (2016-05-02 07:01:45) Executando a partir de D:\Baixados_antigo\Programas\Antivirus Windows 7 Ultimate Service Pack 1 (X64) (2016-03-18 15:04:36) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-3668937693-932606914-3913485827-500 - Administrator - Disabled) Convidado (S-1-5-21-3668937693-932606914-3913485827-501 - Limited - Enabled) Desktop (S-1-5-21-3668937693-932606914-3913485827-1001 - Administrator - Enabled) => C:\Users\Desktop HomeGroupUser$ (S-1-5-21-3668937693-932606914-3913485827-1002 - Limited - Enabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKLM\...\uTorrent) (Version: 3.0.0 - ) µTorrent (HKU\S-1-5-21-3668937693-932606914-3913485827-1001\...\uTorrent) (Version: 3.4.6.42094 - BitTorrent Inc.) Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.197 - Adobe Systems Incorporated) Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.2.0 - IObit) Age of Empires II HD The African Kingdoms (HKLM-x32\...\Age of Empires II HD The African Kingdoms_is1) (Version: - ) Ashampoo Undeleter (HKLM-x32\...\{4209F371-1442-4840-6A51-97034A0D3EFF}_is1) (Version: 1.1.1 - Ashampoo GmbH & Co. KG) Atualizações da NVIDIA 2.11.2.55 (Version: 2.11.2.55 - NVIDIA Corporation) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform) DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 6.1.0.0483 - Disc Soft Ltd) Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform) Genius Scanner (HKLM-x32\...\{CCEB2144-5F5D-49E8-AADC-05CA48AE9AA5}) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden HomePageDefender (HKLM-x32\...\HomePageDefender) (Version: - ) ImageCropResize (HKU\S-1-5-21-3668937693-932606914-3913485827-1001\...\ImageCropResize) (Version: - ) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.2.6.101 - IObit) JovesModPack_0.9.14.1_v25.4_Extended.exe 25.4 (HKLM-x32\...\JovesModPack_0.9.14.1_v25.4_Extended.exe 25.4) (Version: 25.4 - wotsite.net) Men of War Assault Squad Tradução BR v1.00 (HKLM-x32\...\Men of War Assault Squad BR) (Version: 1.00 - Tribo dos Renegados Brasil®) Microsoft .NET Framework 4.6 (PTB) (HKLM\...\{12EFB522-416F-383C-9DB6-5FFDFBBA35CD}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 Hotfix Rollup (KB3099851) (HKLM\...\{6D0BA83A-67B5-326D-8394-114271F4ED35}) (Version: 4.6.00129 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Middle Earth Shadow of Mordor (HKLM-x32\...\Middle Earth Shadow of Mordor_is1) (Version: - ) NVIDIA Driver de áudio HD 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation) NVIDIA Driver de controle do 3D Vision 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation) NVIDIA Driver de gráficos 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.72 - NVIDIA Corporation) NVIDIA Driver do 3D Vision 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.72 - NVIDIA Corporation) NVIDIA GeForce Experience 2.11.2.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.55 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) OpenOffice 4.1.1 (HKLM-x32\...\{503D2C42-D698-43BC-97FE-3610F4E8CDDC}) (Version: 4.11.9775 - Apache Software Foundation) Oracle VM VirtualBox 5.0.14 (HKLM\...\{82022940-639B-48A3-86D9-B139864105F7}) (Version: 5.0.14 - Oracle Corporation) Painel de controle da NVIDIA 364.72 (Version: 364.72 - NVIDIA Corporation) Hidden PowerISO (HKLM-x32\...\PowerISO) (Version: 4.7 - PowerISO Computing, Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7746 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform) SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.2.55 - NVIDIA Corporation) Hidden Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.5.1 (HKLM\...\VulkanRT1.0.5.1) (Version: 1.0.5.1 - LunarG, Inc.) War Thunder Launcher 1.0.1.629 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment) webiums modpack 0.5.4.0 v5.4.0.01 (HKLM-x32\...\{25DB4D0E-FBB3-477D-92D9-446005094A5D}_is1) (Version: 5.4.0.01 - myWOTmods.com) WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH) World of Tanks - Common Test (HKU\S-1-5-21-3668937693-932606914-3913485827-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812ct}_is1) (Version: - Wargaming.net) XVM versão 6.2.1.2 (HKLM-x32\...\{2865cd27-6b8b-4413-8272-cd968f316050}_is1) (Version: 6.2.1.2 - XVM team) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {2099A61D-F5DC-4477-A094-3000ABF850AC} - System32\Tasks\ASC9_SkipUac_Desktop => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2016-03-11] (IObit) Task: {25EE38D1-4E6B-4DF2-868E-F0A8122E4B78} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-01] (Adobe Systems Incorporated) Task: {388913B1-D323-4D0E-99A7-1D103ACEC67E} - System32\Tasks\MixVideoPlayer browser banner => C:\Program Files (x86)\MixVideoPlayer\BrowserBanner.exe <==== ATENÇÃO Task: {4E4C8523-D76D-4C27-B737-D3FD954B72A8} - System32\Tasks\osTip => Rundll32.exe C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll Start /AUTORUN Task: {53AAE9A9-2127-47BE-A686-CCB8ED3B62C3} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2016-03-04] (IObit) Task: {571A94C9-EBBB-41DF-8BBC-A85FCD22821F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-04-15] (Piriform Ltd) Task: {6C81B7DA-31E8-4E1D-8E9D-B925FE828D09} - System32\Tasks\Driver Booster SkipUAC (Desktop) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe Task: {AFF8FD79-00B0-4124-B510-98756E5B7F19} - System32\Tasks\MixVideoPlayer Updater => C:\Program Files (x86)\MixVideoPlayer\MixVideoPlayerUpdater.exe <==== ATENÇÃO Task: {B8643731-90B1-4029-B8E8-59FAA4B5DE06} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-18] (Google Inc.) Task: {BC220BE1-4AA5-4FF3-B67B-DCB789A3289D} - System32\Tasks\CheckMeUp Update => C:\Program Files (x86)\version09CheckMeUp\m6CheckMeUpw79.exe Task: {CD80E2A9-1C4D-4326-801F-DEE51887DE05} - System32\Tasks\Uninstaller_SkipUac_Desktop => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-03-04] (IObit) Task: {D842879F-0778-4AD9-9CE2-3B46EC2E5503} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-18] (Google Inc.) Task: {E7A0DA54-1132-4337-8EE3-BC53F223F10C} - System32\Tasks\Driver Booster Beta SkipUAC (Desktop) => D:\Arquivos de programas\Driver Booster Beta\DriverBooster.exe (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) WMI_ActiveScriptEventConsumer_ASEC: <===== ATENÇÃO (yeabests) ==================== Módulos Carregados (Whitelisted) ============== 2016-03-18 12:34 - 2016-03-21 23:25 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-03-23 16:06 - 2011-03-02 12:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll 2016-03-23 17:37 - 2016-03-29 22:21 - 00366528 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll 2016-04-04 15:56 - 2016-03-29 22:21 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll 2016-03-23 17:37 - 2016-03-29 22:22 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll 2016-03-23 17:37 - 2016-03-29 22:21 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2016-04-04 15:56 - 2016-03-29 22:21 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll 2016-04-04 15:56 - 2016-03-29 22:21 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll 2016-04-04 15:56 - 2016-03-29 22:22 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll 2016-03-23 17:37 - 2016-03-29 22:22 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll 2016-01-06 13:41 - 2016-01-06 13:41 - 00062168 _____ () C:\Program Files\CCleaner\branding.dll 2016-04-15 15:07 - 2016-04-15 15:07 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-2070.dll 2016-04-04 15:56 - 2016-03-29 22:20 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll 2016-04-04 15:56 - 2016-03-29 22:20 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll 2016-03-18 12:14 - 2015-12-23 18:32 - 00355616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madExcept_.bpl 2016-03-18 12:14 - 2015-12-23 18:32 - 00190240 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madBasic_.bpl 2016-03-18 12:14 - 2015-12-23 18:32 - 00057632 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madDisAsm_.bpl 2016-03-23 17:37 - 2016-03-29 22:28 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-03-18 12:15 - 2015-12-23 18:32 - 00190240 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl 2016-03-18 12:15 - 2015-12-23 18:32 - 00057632 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl 2016-05-02 06:49 - 2016-04-07 11:30 - 02027520 _____ () C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll 2016-04-11 18:18 - 2016-04-06 07:04 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll 2016-04-11 18:18 - 2016-04-06 07:04 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service" ==================== EXE Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) ==================== Hosts Conteúdo: ========================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-13 23:34 - 2016-04-30 07:40 - 00001006 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-3668937693-932606914-3913485827-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 - 104.197.191.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) MSCONFIG\startupreg: IDSCPRODUCT => "C:\Program Files\Sound+\idscservice.exe" ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [TCP Query User{B3DC02ED-129E-4BDB-BA15-AC857CDED343}E:\games2\world_of_tanks\worldoftanks.exe] => (Allow) E:\games2\world_of_tanks\worldoftanks.exe FirewallRules: [UDP Query User{43443960-80CC-4BEC-A44F-E193C442AF5D}E:\games2\world_of_tanks\worldoftanks.exe] => (Allow) E:\games2\world_of_tanks\worldoftanks.exe FirewallRules: [{56ABA6BE-7192-4AD3-9CAC-A0F90CD29636}] => (Allow) D:\Program Files\uTorrent\uTorrent.exe FirewallRules: [{2025FFA5-6967-40D7-85E9-AF70BB255F8C}] => (Allow) D:\Program Files\uTorrent\uTorrent.exe FirewallRules: [{DDB1C996-00BF-4608-9D32-7C5EEA30A746}] => (Allow) C:\Users\Desktop\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{EBC472BE-3CEE-4289-999D-B5BCD77E08D9}] => (Allow) C:\Users\Desktop\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{98248F7A-351F-4BFB-980F-5F172ECB6680}] => (Allow) C:\Users\Desktop\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E136C489-29B4-450A-84EB-2017039FC9AE}] => (Allow) C:\Users\Desktop\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{B8A8935F-12DA-4E8C-A25D-4ABBED6F6646}] => (Allow) C:\Users\Desktop\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D6F997F7-1C7B-474E-884D-567E9BE74B79}] => (Allow) C:\Users\Desktop\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{19C73730-44C2-4036-85A6-5BA4A7F44B53}G:\games\world_of_warplanes\wowplauncher.exe] => (Allow) G:\games\world_of_warplanes\wowplauncher.exe FirewallRules: [UDP Query User{D23A00CE-714A-4A92-BB4C-48BA58EAF16D}G:\games\world_of_warplanes\wowplauncher.exe] => (Allow) G:\games\world_of_warplanes\wowplauncher.exe FirewallRules: [{09A7C84B-4434-403C-84D5-49B20258AFB6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{A1509B74-E18D-4657-B682-79887C824C39}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{869A4353-D2FE-42D9-85EA-8E61025B168F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{E6F0303D-C110-491F-ACDD-BACD5671CC30}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{BA459B74-3AF9-429E-90D4-BE29397AE3FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{B2DAF333-E8B5-48AD-B76C-4ED8C29CBD93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{7231555C-B8C2-4E6B-8A61-FA6E0F141B7E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{48C09ECA-3755-4D50-9362-9E20D4ADC110}F:\games\relic entertainment\company of heroes - complete edition\reliccoh.exe] => (Allow) F:\games\relic entertainment\company of heroes - complete edition\reliccoh.exe FirewallRules: [UDP Query User{48790A3B-871C-4AD6-AAFD-D4D48572CBF3}F:\games\relic entertainment\company of heroes - complete edition\reliccoh.exe] => (Allow) F:\games\relic entertainment\company of heroes - complete edition\reliccoh.exe FirewallRules: [TCP Query User{62ECFC9D-44FA-465D-8F61-FF68E31470B4}F:\games\order of war - challenge\oow_final_dx10.exe] => (Allow) F:\games\order of war - challenge\oow_final_dx10.exe FirewallRules: [UDP Query User{DC28506C-3D8F-4A4A-9A32-C2392581CEA8}F:\games\order of war - challenge\oow_final_dx10.exe] => (Allow) F:\games\order of war - challenge\oow_final_dx10.exe FirewallRules: [TCP Query User{62E080A9-10A2-4159-B244-81DF0B2E10BE}F:\games\order of war\oow_final_dx10.exe] => (Allow) F:\games\order of war\oow_final_dx10.exe FirewallRules: [UDP Query User{A18D67B0-2F33-4114-B494-CB4406F63FFC}F:\games\order of war\oow_final_dx10.exe] => (Allow) F:\games\order of war\oow_final_dx10.exe FirewallRules: [TCP Query User{1C6EE524-91FE-4A84-8D32-A7144C0EED4D}F:\games\microsoft games\age of mythology extended edition\aomx.exe] => (Allow) F:\games\microsoft games\age of mythology extended edition\aomx.exe FirewallRules: [UDP Query User{603FBF94-451B-45FB-B656-909EEB42C31F}F:\games\microsoft games\age of mythology extended edition\aomx.exe] => (Allow) F:\games\microsoft games\age of mythology extended edition\aomx.exe FirewallRules: [TCP Query User{1E973568-C594-4355-AB5D-84315426DCEE}F:\games\1c company\men of war. condemned heroes\condemned heroes.exe] => (Allow) F:\games\1c company\men of war. condemned heroes\condemned heroes.exe FirewallRules: [UDP Query User{314A14CD-0146-43FB-B255-E133CFFDBCB6}F:\games\1c company\men of war. condemned heroes\condemned heroes.exe] => (Allow) F:\games\1c company\men of war. condemned heroes\condemned heroes.exe FirewallRules: [TCP Query User{1067511C-110F-494E-B3AC-87C49C923164}E:\games2\world_of_tanks\wotlauncher.exe] => (Allow) E:\games2\world_of_tanks\wotlauncher.exe FirewallRules: [UDP Query User{73F9AD4C-A8B9-4015-941A-C870512D2411}E:\games2\world_of_tanks\wotlauncher.exe] => (Allow) E:\games2\world_of_tanks\wotlauncher.exe FirewallRules: [TCP Query User{4E4FE906-9E58-4238-BBFD-2A29CC1E4468}F:\games\world_of_warships\wowslauncher.exe] => (Allow) F:\games\world_of_warships\wowslauncher.exe FirewallRules: [UDP Query User{CFF8F072-437C-467D-AF53-10B68A0D61F3}F:\games\world_of_warships\wowslauncher.exe] => (Allow) F:\games\world_of_warships\wowslauncher.exe FirewallRules: [{B8FBDB63-DAB3-4BDD-95BC-BC8E54788A19}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{FDFF0A4E-580E-438A-999A-6BC18D34336A}F:\games\total war rome ii\rome2.exe] => (Allow) F:\games\total war rome ii\rome2.exe FirewallRules: [UDP Query User{35D9F120-0973-4FBA-BE3A-E4BA5BFFA3FF}F:\games\total war rome ii\rome2.exe] => (Allow) F:\games\total war rome ii\rome2.exe FirewallRules: [{8499B3DC-97AE-4A16-BEEA-E643E2123883}] => (Allow) F:\Games\WarThunder\launcher.exe FirewallRules: [{D6CE9756-8B7D-4B66-8A24-EAD3125781E2}] => (Allow) F:\Games\WarThunder\launcher.exe FirewallRules: [{BFB715B8-DC6E-49BD-8709-F0055B36049F}] => (Allow) F:\Games\WarThunder\bpreport.exe FirewallRules: [{C11EF1F1-B3EB-4ED8-BE72-9C0327A66299}] => (Allow) F:\Games\WarThunder\bpreport.exe FirewallRules: [{A59840FF-A1C3-44F1-901C-01C73A220355}] => (Allow) LPort=80 FirewallRules: [{CEB9D83A-C671-463B-833E-1FCAE91E2724}] => (Allow) LPort=443 FirewallRules: [{B3BF82B5-0AE6-44C1-9379-627BC7BE2166}] => (Allow) LPort=20010 FirewallRules: [{6545618A-930C-476C-88AE-11B3D83A6577}] => (Allow) LPort=3478 FirewallRules: [{65C158E7-69CA-4334-98E5-D13F7F5403E5}] => (Allow) LPort=7850 FirewallRules: [{7DB9F30B-0737-447B-849A-BF69DA8EFC6C}] => (Allow) LPort=7852 FirewallRules: [{2BE6F2C3-CC41-42D3-858E-B1F7178911E7}] => (Allow) LPort=7853 FirewallRules: [{F4FFBB3A-A39E-46B5-A9C1-E53CC03AFA04}] => (Allow) LPort=27022 FirewallRules: [{5CF39414-420F-4676-A950-D5A6577B157C}] => (Allow) LPort=6881 FirewallRules: [{69A66584-DAA4-4BB1-9C0B-B3029445E5D5}] => (Allow) LPort=33333 FirewallRules: [{7FD71CBE-C6B1-4EB7-84C9-C7A02A0F5BB2}] => (Allow) LPort=20443 FirewallRules: [{66B8A166-F0D6-4E13-B7CF-97E31C894384}] => (Allow) LPort=8090 FirewallRules: [TCP Query User{20B67574-F28C-412E-80B6-805550094999}F:\games\warthunder\win64\aces.exe] => (Allow) F:\games\warthunder\win64\aces.exe FirewallRules: [UDP Query User{CE74F9C6-4085-4688-A065-769B857AC5DA}F:\games\warthunder\win64\aces.exe] => (Allow) F:\games\warthunder\win64\aces.exe FirewallRules: [{9C1B82D7-22E1-420A-A53F-E8FD9A7C0C18}] => (Allow) G:\Games\WoT2\WoTLauncher.exe FirewallRules: [{391E5EE8-3872-4E89-BFFE-11BA7EAB6F50}] => (Allow) G:\Games\WoT2\WoTLauncher.exe FirewallRules: [{F1EF3ECF-DCB9-4A53-AED1-840CCDDAC3B1}] => (Allow) G:\Games\WoT2\worldoftanks.exe FirewallRules: [{9B93591B-382A-4A82-8705-9F0320B2D5FA}] => (Allow) G:\Games\WoT2\worldoftanks.exe FirewallRules: [{2936B54E-1E27-48D5-AD84-75B4EA14481F}] => (Allow) C:\Users\Desktop\AppData\Roaming\UPUpdata\download\MiniThunderPlatform.exe FirewallRules: [{263764B8-1BD2-4057-8D9A-C9E22D3963D2}] => (Allow) C:\Users\Desktop\AppData\Roaming\UPUpdata\download\MiniThunderPlatform.exe FirewallRules: [{45FE3F3D-6383-448B-8EC9-222733AACADF}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe FirewallRules: [{2A1D94C0-71FC-4B49-9111-EDA8BAE4FE08}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe ==================== Pontos de Restauração ========================= ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: 600DPI USB Scanner Description: 600DPI USB Scanner Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: tencent QMUdisk Description: tencent QMUdisk Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: QMUdisk Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Controlador de áudio de multimídia Description: Controlador de áudio de multimídia Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: TsNetHlpX64.sys Description: TsNetHlpX64.sys Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: tsnethlpx64 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Teredo Tunneling Pseudo-Interface Description: Adaptador de Túnel Teredo da Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: softaal Description: softaal Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: softaal Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (05/02/2016 06:46:40 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/02/2016 06:46:32 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: NvStreamNetworkService.exe, versão: 7.1.2059.1762, carimbo de hora: 0x56fb173e Nome do módulo de falhas: MessageBus.dll, versão: 0.0.0.0, carimbo de hora: 0x56fb1121 Código de exceção: 0xc0000005 Deslocamento com falha: 0x0000000000010f73 Identificação do processo com falha: 0xa00 Hora de início do aplicativo com falha: 0xNvStreamNetworkService.exe0 Caminho do aplicativo com falha: NvStreamNetworkService.exe1 FCaminho do módulo de falhas: NvStreamNetworkService.exe2 Identificação do Relatório: NvStreamNetworkService.exe3 Error: (05/01/2016 02:29:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddWin32ServiceFiles: Unable to back up image of service Live Socket since QueryServiceConfig API failed System Error: O sistema não pode encontrar o arquivo especificado. . Error: (05/01/2016 02:29:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddWin32ServiceFiles: Unable to back up image of service Reservation Plastic since QueryServiceConfig API failed System Error: O sistema não pode encontrar o arquivo especificado. . Error: (05/01/2016 02:29:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddWin32ServiceFiles: Unable to back up image of service Hotel Template since QueryServiceConfig API failed System Error: O sistema não pode encontrar o arquivo especificado. . Error: (05/01/2016 02:29:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddLegacyDriverFiles: Unable to back up image of binary TSSysKit. System Error: O sistema não pode encontrar o arquivo especificado. . Error: (05/01/2016 02:29:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddLegacyDriverFiles: Unable to back up image of binary TSDefenseBt. System Error: O sistema não pode encontrar o arquivo especificado. . Error: (05/01/2016 02:29:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddLegacyDriverFiles: Unable to back up image of binary QQSysMonX64. System Error: O sistema não pode encontrar o arquivo especificado. . Error: (05/01/2016 08:02:07 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/01/2016 07:40:03 AM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: O serviço Pesquisa do Windows está sendo interrompido devido a um problema no indexador:The catalog is corrupt. Detalhes: O catálogo do índice de conteúdo está corrompido. (HRESULT : 0xc0041801) (0xc0041801) Erros de Sistema: ============= Error: (05/02/2016 06:54:21 AM) (Source: cdrom) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\CdRom0. Error: (05/02/2016 06:54:14 AM) (Source: cdrom) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\CdRom0. Error: (05/02/2016 06:54:07 AM) (Source: cdrom) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\CdRom0. Error: (05/02/2016 06:54:00 AM) (Source: cdrom) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\CdRom0. Error: (05/02/2016 06:53:53 AM) (Source: cdrom) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\CdRom0. Error: (05/02/2016 06:53:46 AM) (Source: cdrom) (EventID: 11) (User: ) Description: O driver detectou um erro de controlador em \Device\CdRom0. Error: (05/02/2016 06:49:10 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: O serviço GoogleChromeUpSvc está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente. Error: (05/02/2016 06:48:28 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: O serviço HP Network Devices Support terminou com o erro: %%126 Error: (05/02/2016 06:46:27 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: MPCKpt Error: (05/01/2016 02:33:05 PM) (Source: volsnap) (EventID: 36) (User: ) Description: As cópias de sombra do volume C: foram anuladas porque o armazenamento de cópia de sombra não pôde crescer devido a um limite imposto pelo usuário. CodeIntegrity: =================================== Date: 2016-04-30 07:45:37.980 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-30 07:45:37.622 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-30 07:45:29.432 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-30 07:45:29.057 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-30 07:45:15.868 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-30 07:45:15.354 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-30 07:45:08.720 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-30 07:45:08.330 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-30 07:44:46.117 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-30 07:44:45.743 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz Percentagem de memória em uso: 27% RAM física total: 6143.12 MB RAM física disponível: 4481.12 MB Virtual Total: 12284.44 MB Virtual disponível: 10458.12 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:60.85 GB) (Free:18.27 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)] Drive d: (Disciple) (Fixed) (Total:186.31 GB) (Free:19.15 GB) NTFS Drive e: (Slave) (Fixed) (Total:149.05 GB) (Free:6.16 GB) NTFS Drive f: (Reino) (Fixed) (Total:465.76 GB) (Free:37.06 GB) NTFS Drive g: (Discipulo) (Fixed) (Total:88.2 GB) (Free:10.87 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 034D034C) Partition 1: (Active) - (Size=60.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=88.2 GB) - (Type=OF Extended) ======================================================== Disk: 1 (Size: 186.3 GB) (Disk ID: C362C362) Partition 1: (Not Active) - (Size=186.3 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 465.8 GB) (Disk ID: F2C1F2C1) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ======================================================== Disk: 3 (Size: 149 GB) (Disk ID: E5E5E5E5) Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================