Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:12-06-2016 01 Executado por Humberto (2016-06-13 09:25:12) Executando a partir de C:\Users\Humberto\Desktop Windows 10 Pro Versão 1511 (X64) (2016-03-14 00:37:23) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-2286446856-2293430530-2563395809-500 - Administrator - Disabled) Convidado (S-1-5-21-2286446856-2293430530-2563395809-501 - Limited - Disabled) => C:\Users\Convidado.Humberto-PC DefaultAccount (S-1-5-21-2286446856-2293430530-2563395809-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2286446856-2293430530-2563395809-1002 - Limited - Enabled) Humberto (S-1-5-21-2286446856-2293430530-2563395809-1001 - Administrator - Enabled) => C:\Users\Humberto Regina (S-1-5-21-2286446856-2293430530-2563395809-1004 - Limited - Enabled) => C:\Users\Regina ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-2286446856-2293430530-2563395809-1001\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.) Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.) AMD Catalyst Install Manager (HKLM\...\{572C982F-95F5-0562-AE8F-8A9D7D024A88}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Atualizações da NVIDIA 2.11.3.5 (Version: 2.11.3.5 - NVIDIA Corporation) Hidden Avast Premier (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software) CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform) Controlador para mouse Corsair M95, V1.0 (HKLM-x32\...\{9C9EA6B0-2138-4111-BF26-9D0D40D12C0F}_is1) (Version: 1.00.00.14 - ) Corsair M95 Firmware Update Application (HKLM-x32\...\{4E44154D-0699-4D6C-996F-66D47B9A40D2}_is1) (Version: - ) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Elite: Dangerous (HKLM-x32\...\Steam App 359320) (Version: - Frontier Developments) Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.) Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2016) (Version: 1.2 - Receita Federal do Brasil) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation) K-Lite Mega Codec Pack 11.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.2.0 - ) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden MP3 Rocket (HKLM-x32\...\MP3 Rocket) (Version: 7.3.1 - MP3 Rocket Inc) NVIDIA Driver de áudio HD 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation) NVIDIA Driver de controle do 3D Vision 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation) NVIDIA Driver de gráficos 365.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 365.10 - NVIDIA Corporation) NVIDIA Driver do 3D Vision 365.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 365.10 - NVIDIA Corporation) NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation) Painel de controle da NVIDIA 365.10 (Version: 365.10 - NVIDIA Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7614 - Realtek Semiconductor Corp.) Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden SAMSUNG PC Share Manager (HKLM-x32\...\InstallShield_{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}) (Version: 4.0 - SAMSUNG) SAMSUNG PC Share Manager (x32 Version: 4.0 - SAMSUNG) Hidden Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden Star Conflict Launcher 1.0.1.62 (HKLM-x32\...\StarConflictLauncher_is1) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) World of Tanks (HKU\S-1-5-21-2286446856-2293430530-2563395809-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812na}_is1) (Version: - Wargaming.net) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-2286446856-2293430530-2563395809-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Humberto\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {06FD244C-F89E-4549-ADB8-1730E8A665D8} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {0A79C1F5-8C9D-45FD-98B9-710D79B6DFB0} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {12E6F952-6448-4D77-8DD2-4EA019E68FC5} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {1A8EB6B4-A498-4957-B880-D5686F58C094} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {20A3E894-B743-4773-B6FE-DCFD9FFA11CA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd) Task: {28243C06-BA45-4AF8-8CB7-702E7919D7F3} - System32\Tasks\SafeZone scheduled Autoupdate 1464214860 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software) Task: {2A1C31F5-4616-4BE1-8F75-97DFD5C7AA5F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {38B71195-CBE4-4B68-B1E3-C73951307BE9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-28] (Google Inc.) Task: {397EB3D7-DE69-4E54-96C5-2BE5A9FD5EE5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {46C71657-802B-4C5B-B4F6-F224530ED2E9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {47506070-1D12-4A14-8CEC-E6FCC6507450} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {5457E570-FEB1-4FF6-AFC9-B7C255ADDDB9} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {66CDAEE8-FD59-47C2-B976-A700EAA7D31F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {690C189D-19F2-4448-A60F-A32A2C5F3DDF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {6F0DBE72-CFC4-4C9D-A946-702956AED904} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-02] (Adobe Systems Incorporated) Task: {73791D66-F704-473C-BCC8-752E1BF4EE79} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {786654E9-D43D-46EB-B90A-5FD87962920B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {7AF04867-2162-4C2E-87C2-8806FCB88055} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-25] (AVAST Software) Task: {921AC105-5D59-4CB4-B075-5DDCE5CDA32E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {9913D441-17E7-462B-8060-306CE135181C} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {9BA6043F-E4B7-4A3C-AF8C-9727459D414A} - System32\Tasks\{8A91F4E1-3976-483C-8679-E24FFBF227D1} => pcalua.exe -a D:\ZToolBar.exe -d D:\ Task: {9FBCD61A-F912-429D-B73A-C305D49E8CBD} - System32\Tasks\{99D1109C-B984-4E56-B974-5667F64708F9} => pcalua.exe -a C:\ProgramData\BreakingNewsAlert\uninstall.exe -c /kb=y /ic=1 Task: {A0591241-A29F-4A66-ACBA-3614E9CB13BD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-28] (Google Inc.) Task: {B455E3BE-4B29-432C-964E-C974918FC154} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {C3A6145A-C93C-4319-BEB1-3FA69CDB581A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {C5276163-E381-4370-B3BC-37609A1C13FD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {CF806D8D-3028-4E8E-BB77-CB161420D7A7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-11] (Microsoft Corporation) Task: {D2F42E33-0359-4432-9527-AFC6DEC28CE3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {D3A833A9-520B-48D5-B235-FEF3B4FE5D64} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {E9EBCDA2-01D3-4CB5-942B-E3ADE72B6411} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {EE69BB58-2564-4FC6-8C23-0F2A2021395E} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {F2F227EE-AB12-4E49-BE70-5F046FF55F4F} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ==================== Módulos Carregados (Whitelisted) ============== 2015-08-15 18:13 - 2015-08-12 17:24 - 00199456 _____ () C:\Program Files (x86)\Viva\viva.exe 2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-04-09 14:06 - 2016-04-27 09:18 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-04-12 17:09 - 2016-03-29 07:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-12 17:09 - 2016-03-29 07:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-05-13 22:38 - 2016-05-13 22:38 - 00959168 _____ () C:\Users\Humberto\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2016-02-13 14:39 - 2016-02-13 14:39 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-05-11 11:33 - 2016-04-23 01:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-05-11 11:35 - 2016-04-23 01:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-05-11 11:35 - 2016-04-23 00:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-05-11 11:35 - 2016-04-23 00:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-05-11 11:35 - 2016-04-23 01:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-04-19 07:54 - 2016-04-19 07:54 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-05-25 18:17 - 2016-05-25 18:17 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2016-05-25 18:16 - 2016-05-25 18:16 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-06-12 17:28 - 2016-06-12 17:28 - 02932736 _____ () C:\Program Files\AVAST Software\Avast\defs\16061201\algo.dll 2016-05-25 18:17 - 2016-05-25 18:17 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-05-25 18:16 - 2016-05-25 18:16 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll 2016-06-13 08:50 - 2016-06-13 08:50 - 02932736 _____ () C:\Program Files\AVAST Software\Avast\defs\16061300\algo.dll 2015-08-15 18:13 - 2015-08-10 14:56 - 00167712 _____ () C:\Program Files (x86)\Viva\nfapi.dll 2015-08-15 18:13 - 2015-08-10 14:54 - 00253728 _____ () C:\Program Files (x86)\Viva\ProtocolFilters.dll 2016-04-09 14:07 - 2016-05-02 03:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-05-13 22:38 - 2016-05-13 22:38 - 00679624 _____ () C:\Users\Humberto\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll 2016-05-25 18:23 - 2016-05-25 18:23 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2016-03-25 08:52 - 2013-05-26 14:40 - 00054272 _____ () C:\Program Files (x86)\Corsair\M95 Mouse\hidGetKey.dll 2016-04-19 07:54 - 2016-04-19 07:54 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-04-19 07:54 - 2016-04-19 07:55 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-13 23:34 - 2016-06-12 22:31 - 00000840 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-2286446856-2293430530-2563395809-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Humberto\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 200.175.89.139 - 200.175.5.139 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) MSCONFIG\Services: Update service => 2 MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent HKU\S-1-5-21-2286446856-2293430530-2563395809-1001\...\StartupApproved\Run: => "YandexElements" ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{5D6F90E9-CFFA-4E17-BFE1-1B75621A3884}] => (Allow) C:\Users\Humberto\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E96E81BA-7414-405D-9F39-81D52DB14148}] => (Allow) C:\Users\Humberto\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2FF97D1D-1F6D-40E3-85EE-72D8299E3C65}] => (Allow) C:\Users\Humberto\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{B02A70DD-5119-4359-9002-3E63251FC3EB}] => (Allow) C:\Users\Humberto\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{912019F9-BF3E-413B-98B5-6912393F9F60}] => (Allow) C:\Users\Humberto\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{476B686A-8912-4372-9F6D-920A31F5FE1E}] => (Allow) C:\Users\Humberto\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6BF9789C-9159-4DE1-B465-77388A218126}] => (Allow) LPort=1900 FirewallRules: [{8DB320BE-A1EA-4499-9A0D-F67B09544B0A}] => (Allow) LPort=2869 FirewallRules: [{7415EA0B-AEA4-49C6-B114-C4E1F8A53379}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [UDP Query User{8BD3925D-E400-4686-A4A2-7BAF3AF547CF}C:\program files (x86)\steam\steamapps\common\elite dangerous\products\forc-fdev-d-1010\elitedangerous32.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\elite dangerous\products\forc-fdev-d-1010\elitedangerous32.exe FirewallRules: [TCP Query User{8C448010-31E1-40F1-875E-DD6354B1944B}C:\program files (x86)\steam\steamapps\common\elite dangerous\products\forc-fdev-d-1010\elitedangerous32.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\elite dangerous\products\forc-fdev-d-1010\elitedangerous32.exe FirewallRules: [{A6B8E440-7270-452D-A3C4-5EF4300F8D4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe FirewallRules: [{37221C1C-0B20-4F48-81BE-3828BCB71FBE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe FirewallRules: [{17FE78F4-01D9-4E87-BA6F-9AD4FC27ECFC}] => (Allow) C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe FirewallRules: [{3A292ECD-A799-4C4E-BEE8-864177570E6C}] => (Allow) C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe FirewallRules: [{53CDD3FD-B103-45DF-B500-8828B98BCDD0}] => (Allow) C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe FirewallRules: [{B36937F8-7C18-4064-A38E-8E08AE3AF253}] => (Allow) C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe FirewallRules: [{CE8FFBFF-2A80-4BA4-9362-F3309DF4D4CB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{6CA31BCD-3CCE-4FCA-A20E-D77768028ACB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{375CB32D-9BBB-43A9-89B8-A1BDE8997B33}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{F66E2D3D-A8A7-4E77-B6BE-1B80143DBD1B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [TCP Query User{C702B32F-2500-463B-B873-C8E82FA53D92}C:\users\humberto\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\humberto\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{01016A33-4246-4031-B654-41E500428D29}C:\users\humberto\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\humberto\appdata\roaming\utorrent\utorrent.exe FirewallRules: [{7A678E49-A89F-4ED1-A2BF-B03A37BF3795}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe FirewallRules: [{3996A4A5-5F31-4CCB-A953-D046226DBCD0}] => (Allow) C:\Games\World_of_Tanks\WorldofTanks.exe FirewallRules: [{B57E7A85-039F-487C-B59A-FF5E49E50A02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe FirewallRules: [{D56D2B03-1307-4C20-A03C-5AFA284419FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe FirewallRules: [TCP Query User{CCD7A16F-6DD1-4D26-A100-0A51840862F7}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe FirewallRules: [UDP Query User{0A127DAE-B7BB-470A-BE16-E2F3DA8A19CF}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe FirewallRules: [TCP Query User{66353212-4538-4778-A0C4-340CCCE9CA2E}C:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe FirewallRules: [UDP Query User{CD5C4D53-0AB0-43E3-BB99-AC2D492E5E4A}C:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe FirewallRules: [TCP Query User{B527FB2D-CDC8-451D-A83D-1883C36E27E1}C:\program files (x86)\star conflict\launcher.exe] => (Allow) C:\program files (x86)\star conflict\launcher.exe FirewallRules: [UDP Query User{EC891C4E-E3CB-437A-B286-8D728222E2F9}C:\program files (x86)\star conflict\launcher.exe] => (Allow) C:\program files (x86)\star conflict\launcher.exe FirewallRules: [{AE33D62F-4F39-419B-B7C7-F46E1899FEE8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{638D96B1-4961-4D76-8B1B-8D34C1166016}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{D7EB1DE2-A4AE-4222-960B-EAE62A4B64BA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{F75ACC0E-761E-444C-A13B-962CEF3F0165}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{0883D811-A2F6-4DDC-80F5-4FAF244FAFAF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{2DC7CEB3-0306-47BA-95B2-A0D716F91151}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{1AA7FE84-BAD9-406F-9B28-97EC103D68F2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{D1237658-393D-48C7-80A6-151A8BF4D4D1}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe FirewallRules: [UDP Query User{E353ADA4-337E-4C97-B258-C537969B4C78}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe FirewallRules: [{C6F488E8-B397-41C0-BA10-24DB71C34750}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{56CA9140-D7A5-44FE-9507-2896AE9C70E5}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{9A7E9C2E-1AF1-48FB-8794-F98DF0ECEDAE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Pontos de Restauração ========================= 02-06-2016 18:26:00 Ponto de Verificação Agendado 06-06-2016 22:44:16 Removed Visual Studio 2012 x64 Redistributables 10-06-2016 22:03:54 WinThruster sex, jun 10, 16 22:03 12-06-2016 13:02:20 Revo Uninstaller's restore point - WinThruster ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (06/12/2016 11:27:44 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: atieclxx.exe, versão: 6.14.11.1199, carimbo de data/hora: 0x563a76a9 Nome do módulo com falha: atieclxx.exe, versão: 6.14.11.1199, carimbo de data/hora: 0x563a76a9 Código de exceção: 0xc0000005 Deslocamento da falha: 0x00000000000425c6 ID do processo com falha: 0x12d0 Hora de início do aplicativo com falha: 0xatieclxx.exe0 Caminho do aplicativo com falha: atieclxx.exe1 Caminho do módulo com falha: atieclxx.exe2 ID do Relatório: atieclxx.exe3 Nome completo do pacote com falha: atieclxx.exe4 ID do aplicativo relativo ao pacote com falha: atieclxx.exe5 Error: (06/12/2016 11:02:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: atieclxx.exe, versão: 6.14.11.1199, carimbo de data/hora: 0x563a76a9 Nome do módulo com falha: atieclxx.exe, versão: 6.14.11.1199, carimbo de data/hora: 0x563a76a9 Código de exceção: 0xc0000005 Deslocamento da falha: 0x00000000000425c6 ID do processo com falha: 0x5c0 Hora de início do aplicativo com falha: 0xatieclxx.exe0 Caminho do aplicativo com falha: atieclxx.exe1 Caminho do módulo com falha: atieclxx.exe2 ID do Relatório: atieclxx.exe3 Nome completo do pacote com falha: atieclxx.exe4 ID do aplicativo relativo ao pacote com falha: atieclxx.exe5 Error: (06/12/2016 10:48:45 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: NvStreamNetworkService.exe, versão: 7.1.2071.1338, carimbo de data/hora: 0x5726e00c Nome do módulo com falha: NvMdnsPlugin.dll_unloaded, versão: 0.0.0.0, carimbo de data/hora: 0x5726e510 Código de exceção: 0xc0000005 Deslocamento da falha: 0x00000000000d45a0 ID do processo com falha: 0x314 Hora de início do aplicativo com falha: 0xNvStreamNetworkService.exe0 Caminho do aplicativo com falha: NvStreamNetworkService.exe1 Caminho do módulo com falha: NvStreamNetworkService.exe2 ID do Relatório: NvStreamNetworkService.exe3 Nome completo do pacote com falha: NvStreamNetworkService.exe4 ID do aplicativo relativo ao pacote com falha: NvStreamNetworkService.exe5 Error: (06/12/2016 10:48:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: atieclxx.exe, versão: 6.14.11.1199, carimbo de data/hora: 0x563a76a9 Nome do módulo com falha: atieclxx.exe, versão: 6.14.11.1199, carimbo de data/hora: 0x563a76a9 Código de exceção: 0xc0000005 Deslocamento da falha: 0x00000000000425c6 ID do processo com falha: 0x338 Hora de início do aplicativo com falha: 0xatieclxx.exe0 Caminho do aplicativo com falha: atieclxx.exe1 Caminho do módulo com falha: atieclxx.exe2 ID do Relatório: atieclxx.exe3 Nome completo do pacote com falha: atieclxx.exe4 ID do aplicativo relativo ao pacote com falha: atieclxx.exe5 Error: (06/12/2016 10:42:25 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: atieclxx.exe, versão: 6.14.11.1199, carimbo de data/hora: 0x563a76a9 Nome do módulo com falha: atieclxx.exe, versão: 6.14.11.1199, carimbo de data/hora: 0x563a76a9 Código de exceção: 0xc0000005 Deslocamento da falha: 0x00000000000425c6 ID do processo com falha: 0x6ac Hora de início do aplicativo com falha: 0xatieclxx.exe0 Caminho do aplicativo com falha: atieclxx.exe1 Caminho do módulo com falha: atieclxx.exe2 ID do Relatório: atieclxx.exe3 Nome completo do pacote com falha: atieclxx.exe4 ID do aplicativo relativo ao pacote com falha: atieclxx.exe5 Error: (06/12/2016 05:33:14 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: atieclxx.exe, versão: 6.14.11.1199, carimbo de data/hora: 0x563a76a9 Nome do módulo com falha: atieclxx.exe, versão: 6.14.11.1199, carimbo de data/hora: 0x563a76a9 Código de exceção: 0xc0000005 Deslocamento da falha: 0x00000000000425c6 ID do processo com falha: 0x19a4 Hora de início do aplicativo com falha: 0xatieclxx.exe0 Caminho do aplicativo com falha: atieclxx.exe1 Caminho do módulo com falha: atieclxx.exe2 ID do Relatório: atieclxx.exe3 Nome completo do pacote com falha: atieclxx.exe4 ID do aplicativo relativo ao pacote com falha: atieclxx.exe5 Error: (06/12/2016 03:36:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: atieclxx.exe, versão: 6.14.11.1199, carimbo de data/hora: 0x563a76a9 Nome do módulo com falha: atieclxx.exe, versão: 6.14.11.1199, carimbo de data/hora: 0x563a76a9 Código de exceção: 0xc0000005 Deslocamento da falha: 0x00000000000425c6 ID do processo com falha: 0x5d0 Hora de início do aplicativo com falha: 0xatieclxx.exe0 Caminho do aplicativo com falha: atieclxx.exe1 Caminho do módulo com falha: atieclxx.exe2 ID do Relatório: atieclxx.exe3 Nome completo do pacote com falha: atieclxx.exe4 ID do aplicativo relativo ao pacote com falha: atieclxx.exe5 Error: (06/12/2016 01:02:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP. System Error: Acesso negado. . Error: (06/12/2016 11:17:43 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (06/12/2016 12:13:33 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: atieclxx.exe, versão: 6.14.11.1199, carimbo de data/hora: 0x563a76a9 Nome do módulo com falha: atieclxx.exe, versão: 6.14.11.1199, carimbo de data/hora: 0x563a76a9 Código de exceção: 0xc0000005 Deslocamento da falha: 0x00000000000425c6 ID do processo com falha: 0x1250 Hora de início do aplicativo com falha: 0xatieclxx.exe0 Caminho do aplicativo com falha: atieclxx.exe1 Caminho do módulo com falha: atieclxx.exe2 ID do Relatório: atieclxx.exe3 Nome completo do pacote com falha: atieclxx.exe4 ID do aplicativo relativo ao pacote com falha: atieclxx.exe5 Erros de Sistema: ============= Error: (06/13/2016 09:01:50 AM) (Source: DCOM) (EventID: 10016) (User: Humberto-PC) Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Humberto-PCHumbertoS-1-5-21-2286446856-2293430530-2563395809-1001LocalHost (Usando LRPC)Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewyS-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795 Error: (06/12/2016 11:27:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Host de Sincronização_10ba6d. Error: (06/12/2016 11:27:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Host de Sincronização_10ba6d foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço. Error: (06/12/2016 11:03:14 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT) Description: {7006698D-2974-4091-A424-85DD0B909E23} Error: (06/12/2016 11:02:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Host de Sincronização_3e6a4. Error: (06/12/2016 11:02:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Host de Sincronização_3e6a4 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço. Error: (06/12/2016 10:52:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço NvStreamSvc. Error: (06/12/2016 10:52:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço VBoxAswDrv devido ao seguinte erro: %%3 Error: (06/12/2016 10:52:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: O serviço NetTcpActivator depende do serviço NetTcpPortSharing, mas não foi possível iniciá-lo devido ao seguinte erro: %%1058 Error: (06/12/2016 10:51:25 PM) (Source: volmgr) (EventID: 46) (User: ) Description: Falha na inicialização do despejo de memória! CodeIntegrity: =================================== Date: 2016-05-14 20:23:06.233 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-13 11:16:56.663 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-12 14:40:52.939 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-13 18:12:50.700 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-13 07:51:18.713 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-24 19:50:01.711 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-21 00:17:14.243 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-14 22:02:32.644 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-03-14 22:02:32.336 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-03-14 22:02:26.457 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Informações da Memória =========================== Processador: AMD Phenom(tm) II X6 1075T Processor Percentagem de memória em uso: 18% RAM física total: 8191.3 MB RAM física disponível: 6666.77 MB Virtual Total: 8191.3 MB Virtual disponível: 6711.6 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:930.97 GB) (Free:614.05 GB) NTFS Drive e: (Reservado pelo Sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)] ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 31AB3189) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ==================== Fim de Addition.txt ============================