Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:10-06-2016 Executado por PAULO (2016-06-10 21:20:42) Executando a partir de C:\Users\PAULO\Desktop Windows 10 Pro Versão 1511 (X64) (2016-04-13 00:48:35) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-3024616143-3309111996-383524719-500 - Administrator - Disabled) Convidado (S-1-5-21-3024616143-3309111996-383524719-501 - Limited - Disabled) DefaultAccount (S-1-5-21-3024616143-3309111996-383524719-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3024616143-3309111996-383524719-1005 - Limited - Enabled) PAULO (S-1-5-21-3024616143-3309111996-383524719-1001 - Administrator - Enabled) => C:\Users\PAULO ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-3024616143-3309111996-383524719-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.) 7-Zip 15.06 beta (x64) (HKLM\...\7-Zip) (Version: 15.06 - Igor Pavlov) 7-Zip 15.14 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1514-000001000000}) (Version: 15.14.00.0 - Igor Pavlov) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated) Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated) Atualizações da NVIDIA 2.11.3.5 (Version: 2.11.3.5 - NVIDIA Corporation) Hidden Belarc Advisor 8.5c (HKLM-x32\...\Belarc Advisor) (Version: 8.5.3.0 - Belarc Inc.) BMW M3 Challenge (HKLM-x32\...\{C4CD208D-E3A2-488B-A4F4-FD8DE3DADD25}_is1) (Version: BMW M3 Challenge v1.0.0.0 - 10TACLE STUDIOS AG) Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform) Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine) Combined Community Codec Pack 2015-10-18 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2015.10.19.0 - CCCP Project) COMODO Programs Manager (HKLM\...\{D968E920-3A49-48EB-BA1D-8964DCDF0CA9}) (Version: 1.3_build_30 - COMODO) DARK SOULS III (HKLM\...\Steam App 374320) (Version: - FromSoftware, Inc.) Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware) DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc) Darksiders II (HKLM-x32\...\Steam App 50650) (Version: - Vigil Games) Devil May Cry 4 (HKLM-x32\...\Steam App 45700) (Version: - Capcom) DirectVobSub 2.40.4209 (HKLM-x32\...\vsfilter_is1) (Version: 2.40.4209 - MPC-HC Team) DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - ) EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts) Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software) FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts) FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.42.13482.16 - Electronic Arts) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.12.0.2 - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden i-Menu version 4.0.8 (HKLM-x32\...\{0121C0BD-363C-4B1D-8B64-FE7681A37D0A}_is1) (Version: 4.0.8 - AOC) Instalação do DivX (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3910 - Intel Corporation) Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation) Java SE Development Kit 8 Update 73 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180730}) (Version: 8.0.730.2 - Oracle Corporation) Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab) Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{F46A1003-7E9A-418C-8149-C6AF1EAF6B89}) (Version: 8.0.4.394 - Kaspersky Lab) Kaspersky Password Manager (x32 Version: 8.0.4.394 - Kaspersky Lab) Hidden K-Lite Codec Pack 11.4.0 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.4.0 - ) KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - ) Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - ) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 47.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 pt-BR)) (Version: 47.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla) NVIDIA Áudio Virtual Miracast 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.62 - NVIDIA Corporation) NVIDIA Driver de áudio HD 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation) NVIDIA Driver de controle do 3D Vision 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation) NVIDIA Driver de gráficos 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation) NVIDIA Driver do 3D Vision 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation) NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.) Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation) Painel de controle da NVIDIA 368.39 (Version: 368.39 - NVIDIA Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.) Revisores de Texto do Microsoft Office 2013 – Português do Brasil (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft) SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.4.0.1023 - Lenovo) SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation) Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.) Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.0.2 - IObit) Software de dispositivo do Chipset Intel® (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.39052 - TeamViewer) Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0416-0000-0000000FF1CE}_Office15.PROPLUS_{7BDD179E-C954-438B-937D-EB411B701EAB}) (Version: - Microsoft) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.30 - VSO-Software SARL) Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.) Warsaw 1.11.1.24 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.11.1.24 - GAS Tecnologia) Xerox WorkCentre 3045B (HKLM-x32\...\InstallShield_{645082D0-144F-42A1-B7CD-1419DC7BA06D}) (Version: 1.006.00 - Xerox) Xerox WorkCentre 3045B (x32 Version: 1.006.00 - Xerox) Hidden ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\PAULO\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\PAULO\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-3024616143-3309111996-383524719-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\PAULO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {01AC682B-0058-4318-A0E0-0C2C565EA2C3} - System32\Tasks\SafeZone scheduled Autoupdate 1456184566 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe Task: {1474425B-EC75-4F09-8280-E64E5CE061FC} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK Task: {186ED3E5-C94B-48E0-80FE-DF390985DB14} - System32\Tasks\SafeZone scheduled Autoupdate 1451431727 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe Task: {1A33D4AA-4B9B-4216-A2CE-B825B77D307C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-04-15] (Piriform Ltd) Task: {238E391B-77A6-423C-A4BC-1C884FC57542} - System32\Tasks\{B3F96D29-1135-4038-BDB6-C39434087B93} => pcalua.exe -a C:\Users\PAULO\Desktop\CPM_SETUP_1.3.2.30_xp_vista_server2003_win7.exe -d C:\Users\PAULO\Desktop Task: {2CCF1373-8617-4D61-A44A-D1F793323EFD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-11] (Microsoft Corporation) Task: {4FED72AA-3585-4BFD-B2A4-DB56A02F41B9} - System32\Tasks\{F05BEFB2-495D-4152-99B2-8542C1B89A03} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\" Task: {51AAF806-EBCA-4853-9C6D-957B972FAEDD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe Task: {53081C05-9A26-4E08-93CB-AE8174081B91} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated) Task: {6610E1F5-15A9-4339-BEA6-9FFF8DDA4DC8} - System32\Tasks\{6D13DCED-2294-4FF9-B29D-DEE76E2D5F07} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\" Task: {6ACE2B94-257B-42C7-B35C-154D4A69E437} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {89FE7362-F53F-40EE-BD11-431F1B69B82C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {8C4D41D8-EA94-4641-BFE6-028218155427} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-08-24] () Task: {8C883DAF-766B-44A8-8A49-E820AC89FC62} - System32\Tasks\{84016D63-C0E3-421E-8B71-9D9343BBB46C} => pcalua.exe -a C:\PROGRA~2\WSE_AS~1\\uninstall.exe Task: {943F738A-FF9E-462F-BB8C-306A65CCD39F} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2016-03-23] (IObit) Task: {96AFF688-61A2-4B26-B6FE-B7FCDDE067E9} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {9B953841-8C55-47E9-9E4A-A3220CF8DE96} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe [2016-05-13] (Adobe Systems Incorporated) Task: {A59C1564-7877-4E65-9C3D-49CD84CF0827} - System32\Tasks\{C26B5FFA-FAD7-4AF5-BE84-8A8DA43F09AB} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\" Task: {B88DA3DB-C6F9-4721-ADDE-ACD93D682603} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {C8996A91-1654-43F9-BF71-49C361DD1006} - System32\Tasks\Driver Booster SkipUAC (PAULO) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe Task: {C9F536A7-B843-4A51-B716-ADF957FDBDCB} - System32\Tasks\{841843E4-782A-4933-BC62-E1311650F293} => pcalua.exe -a C:\Users\PAULO\Desktop\CSC_3.0.172695.53_xp_vista_server2003_server2008_win7.exe -d C:\Users\PAULO\Desktop Task: {D934EF78-6B25-4CF8-8C1A-BAD71ED14471} - System32\Tasks\{E066C28C-6946-49DE-8BF2-1FA302394993} => pcalua.exe -a "C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe" -d "C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86" Task: {E5E7662B-C2E3-4153-B05C-A7BC20149B5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {E817CCF8-C487-44C7-BD06-F948E41BF9B1} - System32\Tasks\SafeZone scheduled Autoupdate 1456355717 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\PAULO\Desktop\Emissor de Nota Fiscal Eletronica (NF-e) 3.10 - Versao de Teste.lnk -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://www.emissornfehom.fazenda.sp.gov.br/v310/aplicativo/emissorNFe.jnlp "C:\Users\PAULO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\1735e12a-366fe556" ShortcutWithArgument: C:\Users\PAULO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas Secretaria da Fazenda\Emissor de Nota Fiscal Eletronica (NF-e) 3.10 - Versao de Teste.lnk -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://www.emissornfehom.fazenda.sp.gov.br/v310/aplicativo/emissorNFe.jnlp "C:\Users\PAULO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\1735e12a-366fe556" ShortcutWithArgument: C:\Users\PAULO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ==================== Módulos Carregados (Whitelisted) ============== 2012-03-09 14:34 - 2012-03-09 14:34 - 00022528 _____ () C:\WINDOWS\System32\xrhr3aLM.DLL 2014-10-11 23:02 - 2012-03-15 14:36 - 15054336 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\xrhr3aRC.DLL 2011-09-05 12:11 - 2011-09-05 12:11 - 00116032 _____ () C:\Program Files\COMODO\COMODO Programs Manager\CPMService.exe 2016-03-01 20:18 - 2016-05-02 02:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll 2015-12-25 00:28 - 2016-05-02 02:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2016-03-01 20:18 - 2016-05-02 02:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll 2016-05-02 21:59 - 2016-05-02 02:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll 2012-01-03 10:04 - 2012-01-03 10:04 - 00095744 _____ () C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe 2016-05-02 21:59 - 2016-05-02 02:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll 2016-05-02 21:59 - 2016-05-02 02:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll 2016-05-02 21:59 - 2016-05-02 02:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll 2016-01-27 20:19 - 2016-05-02 02:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll 2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-04-12 21:24 - 2016-06-03 00:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-04-13 00:27 - 2016-03-29 07:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-13 00:27 - 2016-03-29 07:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-05-14 19:50 - 2016-05-14 19:50 - 00959168 _____ () C:\Users\PAULO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2016-02-13 14:39 - 2016-02-13 14:39 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-05-10 21:09 - 2016-04-23 01:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-05-10 21:10 - 2016-04-23 01:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-05-10 21:10 - 2016-04-23 00:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-05-10 21:10 - 2016-04-23 00:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-05-10 21:10 - 2016-04-23 01:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-04-15 15:07 - 2016-04-15 15:07 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll 2014-10-14 21:55 - 2016-05-02 03:00 - 00167480 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll 2014-10-14 21:55 - 2016-05-02 03:01 - 00862776 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll 2012-01-03 10:04 - 2012-01-03 10:04 - 00247296 _____ () C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmW.exe 2012-01-03 10:04 - 2012-01-03 10:04 - 00227840 _____ () C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmwj.exe 2012-01-03 10:05 - 2012-01-03 10:05 - 04476928 _____ () C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe 2016-05-02 21:59 - 2016-05-02 02:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll 2016-05-02 21:59 - 2016-05-02 02:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll 2016-04-19 20:13 - 2016-04-19 20:13 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll 2016-02-25 08:11 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll 2015-03-31 00:47 - 2016-05-02 03:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-05-14 19:50 - 2016-05-14 19:50 - 00679624 _____ () C:\Users\PAULO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll 2016-04-19 20:13 - 2016-04-19 20:13 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-04-19 20:13 - 2016-04-19 20:13 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10] AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32] AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:DocumentSummaryInformation [63] AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:SummaryInformation [63] AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [1518] AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1434] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-3024616143-3309111996-383524719-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br IE trusted site: HKU\S-1-5-21-3024616143-3309111996-383524719-1001\...\bb.com.br -> hxxps://seg.bb.com.br IE trusted site: HKU\S-1-5-21-3024616143-3309111996-383524719-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-3024616143-3309111996-383524719-1001\...\caixa.gov.br -> imagem.caixa.gov.br ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2013-08-22 10:25 - 2015-07-30 18:38 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-3024616143-3309111996-383524719-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PAULO\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\iracemacpd - 0052.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está desabilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) MSCONFIG\Services: lfsvc => 3 HKLM\...\StartupApproved\Run: => "mylbx" HKU\S-1-5-21-3024616143-3309111996-383524719-1001\...\StartupApproved\Run: => "kpm.exe" ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{70992762-3BA0-40D4-80A4-684BBB2946C2}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe FirewallRules: [{CDD00C71-8CD0-45D0-BE14-068CB5E7DED3}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe FirewallRules: [{BED4442C-7193-412B-B5DB-44383F94AC6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe FirewallRules: [{A28C09E9-4739-4DFB-9C76-2B0A2E5247D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe FirewallRules: [{59960DAD-1506-4485-A0CA-AEA84EEC8BA9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [UDP Query User{076591BD-14F7-4414-9D32-1C3B543CE53D}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe FirewallRules: [TCP Query User{B7492C26-A7B0-47F4-9091-A926C1A555A1}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe FirewallRules: [{46CE5ED2-F940-478E-9A19-912708FF5ED9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{B0D771F0-D1B5-4B4F-9DC2-8AEBA520552C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{CFBEDA21-8737-4D5B-AEF5-C0DC5EFB7098}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{02EA8F3C-B3B4-4045-920B-90CF60413596}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{5F693EDE-A902-442A-ACAB-4E3772F78D27}C:\users\paulo\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\paulo\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{31E7C612-A623-4CD8-ABAB-2FE1FA6C47FA}C:\users\paulo\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\paulo\appdata\roaming\utorrent\utorrent.exe FirewallRules: [{1435A851-C5CE-4749-8272-E297C02EA597}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{B50FB35C-3A75-4EF0-8DF0-AB16669F2F0C}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{8571810C-4B54-47B6-AA43-D987DA40D00B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{1CCFEA4D-C30C-4768-A992-D0DFD4EBB1D5}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [UDP Query User{6A3ADBD9-516A-4B33-A4A9-6107958BD049}C:\program files (x86)\origin games\fifa 14\game\fifa14.exe] => (Allow) C:\program files (x86)\origin games\fifa 14\game\fifa14.exe FirewallRules: [TCP Query User{EC7FBFD3-E97F-4060-B692-BF1A63837826}C:\program files (x86)\origin games\fifa 14\game\fifa14.exe] => (Allow) C:\program files (x86)\origin games\fifa 14\game\fifa14.exe FirewallRules: [{2C350990-7BC7-46B2-83C3-4B257412B65F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C45D91B2-6150-476A-B4F5-0CA992D6A731}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E2319F5B-463F-4089-A210-F3BC82AC511C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{5886A641-6688-4B54-A894-5E5E8946C1AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{04AECA1E-6ABC-4D4C-8394-7F52880DFBA2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{FC753F3E-B84D-4AD0-99C0-FC889C915FC5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{C7297453-F70B-4B45-962B-1617561DA624}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{F0BFA825-8E7D-436F-A7F9-B68CF64732B5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{863AED56-E399-4CD1-876A-F4852E8AB7BD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [UDP Query User{97224895-1F9F-4A39-835E-451A1A08CDB2}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe FirewallRules: [TCP Query User{BC9EA770-629C-467E-9C19-7E3D9740B68C}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe FirewallRules: [{D7E1B93A-2E42-47EF-B3CB-E2F813432D8E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{0072C9E3-472A-4493-914D-1D9FFB386C26}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{3BA9A58D-BA49-4242-BC2F-FAFB84D14988}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{E870D2B8-E61B-4FC0-8B37-FA5007400BB4}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{7ADED71D-FA64-44AF-8F19-C0C08F345DA4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{5C4DBA71-228F-4033-833A-54967C57BA6B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{8F94E0E9-2C05-4E33-A004-B63CD1894DA9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{F7E3E0E0-2EA9-4801-A67B-3A81A6733E11}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{8AA7745C-5DFE-4859-8B7F-5405B1BE1C85}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{C3F46FA0-06A4-44C7-996E-B7B013142B69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{ADE4B922-C693-44D0-86C0-F48AC35E4F35}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe FirewallRules: [{040F207F-3B1E-4EA0-B59D-155099187013}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe FirewallRules: [{6E8171EB-9482-4D8C-AF2E-E3A0A235E983}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe FirewallRules: [{6BE20879-7C74-4B36-A3E7-DB98C6027ED4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe FirewallRules: [{34E00C70-37C7-452F-8442-6D4BC20B39AA}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{C1F2B17F-FFA1-4E4B-B169-0856D32B86FF}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{FB54A959-2A26-4177-A1BE-C733ACA27418}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{EA3C6CCA-C67E-4D26-AC9E-2A54F511B57D}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{6EB655C3-7726-49F8-83FC-22A29546B12F}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe ==================== Pontos de Restauração ========================= 17-05-2016 19:59:47 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 02-06-2016 10:48:28 Ponto de Verificação Agendado ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (06/10/2016 12:09:23 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: dwm.exe, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d756 Nome do módulo com falha: combase.dll, versão: 10.0.10586.103, carimbo de data/hora: 0x56a849ab Código de exceção: 0xc0000005 Deslocamento da falha: 0x0000000000067e3c ID do processo com falha: 0x2330 Hora de início do aplicativo com falha: 0xdwm.exe0 Caminho do aplicativo com falha: dwm.exe1 Caminho do módulo com falha: dwm.exe2 ID do Relatório: dwm.exe3 Nome completo do pacote com falha: dwm.exe4 ID do aplicativo relativo ao pacote com falha: dwm.exe5 Error: (06/07/2016 02:14:12 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (06/06/2016 10:29:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: IEXPLORE.EXE, versão: 11.0.10586.20, carimbo de data/hora: 0x56541caa Nome do módulo com falha: MSHTML.dll, versão: 11.0.10586.306, carimbo de data/hora: 0x571af7f7 Código de exceção: 0xc0000005 Deslocamento da falha: 0x006414af ID do processo com falha: 0x1df0 Hora de início do aplicativo com falha: 0xIEXPLORE.EXE0 Caminho do aplicativo com falha: IEXPLORE.EXE1 Caminho do módulo com falha: IEXPLORE.EXE2 ID do Relatório: IEXPLORE.EXE3 Nome completo do pacote com falha: IEXPLORE.EXE4 ID do aplicativo relativo ao pacote com falha: IEXPLORE.EXE5 Error: (06/06/2016 10:28:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: IEXPLORE.EXE, versão: 11.0.10586.20, carimbo de data/hora: 0x56541caa Nome do módulo com falha: MSHTML.dll, versão: 11.0.10586.306, carimbo de data/hora: 0x571af7f7 Código de exceção: 0xc0000005 Deslocamento da falha: 0x006414af ID do processo com falha: 0x2954 Hora de início do aplicativo com falha: 0xIEXPLORE.EXE0 Caminho do aplicativo com falha: IEXPLORE.EXE1 Caminho do módulo com falha: IEXPLORE.EXE2 ID do Relatório: IEXPLORE.EXE3 Nome completo do pacote com falha: IEXPLORE.EXE4 ID do aplicativo relativo ao pacote com falha: IEXPLORE.EXE5 Error: (06/06/2016 01:03:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: WINWORD.EXE, versão: 15.0.4823.1000, carimbo de data/hora: 0x570cfab0 Nome do módulo com falha: wwlib.dll, versão: 15.0.4823.1000, carimbo de data/hora: 0x570cfaba Código de exceção: 0xc0000005 Deslocamento da falha: 0x00aef5eb ID do processo com falha: 0x271c Hora de início do aplicativo com falha: 0xWINWORD.EXE0 Caminho do aplicativo com falha: WINWORD.EXE1 Caminho do módulo com falha: WINWORD.EXE2 ID do Relatório: WINWORD.EXE3 Nome completo do pacote com falha: WINWORD.EXE4 ID do aplicativo relativo ao pacote com falha: WINWORD.EXE5 Error: (06/05/2016 06:09:25 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: bcastdvr.exe, versão: 10.0.10586.306, carimbo de data/hora: 0x571af8d9 Nome do módulo com falha: nvwgf2umx.dll, versão: 10.18.13.6822, carimbo de data/hora: 0x573e67a3 Código de exceção: 0xc0000005 Deslocamento da falha: 0x000000000090d51d ID do processo com falha: 0x1c20 Hora de início do aplicativo com falha: 0xbcastdvr.exe0 Caminho do aplicativo com falha: bcastdvr.exe1 Caminho do módulo com falha: bcastdvr.exe2 ID do Relatório: bcastdvr.exe3 Nome completo do pacote com falha: bcastdvr.exe4 ID do aplicativo relativo ao pacote com falha: bcastdvr.exe5 Error: (06/05/2016 03:02:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: bcastdvr.exe, versão: 10.0.10586.306, carimbo de data/hora: 0x571af8d9 Nome do módulo com falha: nvwgf2umx.dll, versão: 10.18.13.6822, carimbo de data/hora: 0x573e67a3 Código de exceção: 0xc0000005 Deslocamento da falha: 0x000000000090d51d ID do processo com falha: 0x2d1c Hora de início do aplicativo com falha: 0xbcastdvr.exe0 Caminho do aplicativo com falha: bcastdvr.exe1 Caminho do módulo com falha: bcastdvr.exe2 ID do Relatório: bcastdvr.exe3 Nome completo do pacote com falha: bcastdvr.exe4 ID do aplicativo relativo ao pacote com falha: bcastdvr.exe5 Error: (06/05/2016 11:36:41 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (06/04/2016 01:37:38 PM) (Source: Microsoft Office 15) (EventID: 2001) (User: ) Description: Microsoft Word: Rejected Safe Mode action : O Word não pôde ser iniciado na última tentativa. O modo de segurança pode ajudá-lo a solucionar o problema, mas talvez alguns recursos não estejam disponíveis nesse modo. Deseja iniciar no modo de segurança?. Rejected Safe Mode action : Microsoft Word. Error: (06/04/2016 01:37:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: WINWORD.EXE, versão: 15.0.4823.1000, carimbo de data/hora: 0x570cfab0 Nome do módulo com falha: MSPTLS.DLL, versão: 15.0.4745.1000, carimbo de data/hora: 0x55a4b35a Código de exceção: 0xc0000005 Deslocamento da falha: 0x000a7408 ID do processo com falha: 0x2b58 Hora de início do aplicativo com falha: 0xWINWORD.EXE0 Caminho do aplicativo com falha: WINWORD.EXE1 Caminho do módulo com falha: WINWORD.EXE2 ID do Relatório: WINWORD.EXE3 Nome completo do pacote com falha: WINWORD.EXE4 ID do aplicativo relativo ao pacote com falha: WINWORD.EXE5 Erros de Sistema: ============= Error: (06/10/2016 09:16:16 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (06/10/2016 09:13:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: %%2 Error: (06/10/2016 09:13:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: %%2 Error: (06/10/2016 06:43:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Acesso a Dados de Usuário_c3053 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço. Error: (06/10/2016 06:43:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Armazenamento de Dados de Usuário_c3053 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço. Error: (06/10/2016 06:43:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Dados de Contato_c3053 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço. Error: (06/10/2016 06:43:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Host de Sincronização_c3053 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço. Error: (06/10/2016 06:43:13 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível Error: (06/10/2016 02:52:51 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (06/10/2016 02:49:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: %%2 CodeIntegrity: =================================== Date: 2016-05-16 18:01:55.498 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-15 18:26:49.850 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-13 16:07:21.108 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-12 02:49:55.903 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-11 16:22:19.772 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-28 20:57:21.018 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-20 14:05:59.162 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-13 20:41:48.457 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-13 16:22:42.563 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-12 21:54:07.499 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i5-3340 CPU @ 3.10GHz Percentagem de memória em uso: 17% RAM física total: 16347.46 MB RAM física disponível: 13469.44 MB Virtual Total: 18779.46 MB Virtual disponível: 15732.79 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:930.12 GB) (Free:664.17 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 000DB11A) Partition: GPT. ==================== Fim de Addition.txt ============================