Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 21-09-2016 Executado por Rafael (23-09-2016 19:34:17) Executando a partir de C:\Users\Rafael\Desktop Windows 10 Home Single Language Versão 1511 (X64) (2016-03-08 01:02:26) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-2734537285-1118194405-70246814-500 - Administrator - Disabled) Casa (S-1-5-21-2734537285-1118194405-70246814-1004 - Limited - Enabled) => C:\Users\Casa Convidado (S-1-5-21-2734537285-1118194405-70246814-501 - Limited - Disabled) DefaultAccount (S-1-5-21-2734537285-1118194405-70246814-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2734537285-1118194405-70246814-1003 - Limited - Enabled) Rafael (S-1-5-21-2734537285-1118194405-70246814-1001 - Administrator - Enabled) => C:\Users\Rafael ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-2734537285-1118194405-70246814-1001\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.) A360 Desktop (HKLM\...\{B209E611-5511-4AD6-B4B3-9D36F93DBCD4}) (Version: 6.0.3.1100 - Autodesk) ACA & MEP 2016 Object Enabler (Version: 7.8.41.0 - Autodesk) Hidden ACAD Private (Version: 20.1.49.0 - Autodesk) Hidden Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.176 - Adobe Systems Incorporated) Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated) Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.) Aplicativos da Autodesk em destaque 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) AutoCAD 2016 - English (Version: 20.1.49.0 - Autodesk) Hidden AutoCAD 2016 (Version: 20.1.49.0 - Autodesk) Hidden AutoCAD 2016 Language Pack - English (Version: 20.1.49.0 - Autodesk) Hidden Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk) Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk) Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.14 - Autodesk) Autodesk AutoCAD 2016 - English (HKLM\...\AutoCAD 2016 - English) (Version: 20.1.49.0 - Autodesk) Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk) Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk) Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk) Autodesk Content Service (Version: 3.2.0.0 - Autodesk) Hidden Autodesk Content Service Language Pack (Version: 3.2.0.0 - Autodesk) Hidden Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk) Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk) Autodesk ReCap 2016 (HKLM\...\Autodesk ReCap 2016) (Version: 1.5.0.33 - Autodesk) Autodesk ReCap 2016 (Version: 1.5.0.33 - Autodesk) Hidden Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant) CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) CyberLink PowerDirector 10 (Version: 10.0.0.2810 - Nome de sua empresa:) Hidden Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc) Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.5.1 - Dolby Laboratories Inc) ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.) Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo) Energy Manager (x32 Version: 1.0.0.35 - Lenovo) Hidden FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production) Galaxy Control: 3D Strategy (HKLM\...\Steam App 435440) (Version: - FX Games Media) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.) Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.) Host App Service (HKU\S-1-5-21-2734537285-1118194405-70246814-1001\...\SweetLabs_AP) (Version: 0.269.7.983 - Pokki) iCloud (HKLM\...\{724A887F-2B55-4306-B6F9-8F0E7A04B1B5}) (Version: 5.2.2.87 - Apple Inc.) Importação do SketchUp 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation) iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.) Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation) Java SE Development Kit 8 Update 91 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180910}) (Version: 8.0.910.14 - Oracle Corporation) JetBrains PyCharm 4.5.3 (HKLM-x32\...\PyCharm 4.5.3) (Version: 141.1899 - JetBrains s.r.o.) Lenovo Browser Guard (HKLM-x32\...\LenovoBrowserGuard) (Version: 2.14.0.129 - ClientConnect LTD) <==== ATENÇÃO Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited) Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.) Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.) Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Lenovo Photo Master (x32 Version: 1.0.1823.01 - CyberLink Corp.) Hidden Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited) Lenovo Solution Center (HKLM\...\{AB46AC6D-3E9A-4484-8061-64FF10301B41}) (Version: 3.3.002.00 - Lenovo) Lenovo Web Start (HKU\S-1-5-21-2734537285-1118194405-70246814-1001\...\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1) (Version: 1.0.2.53457 - Pokki) Manuais do usuário (x32 Version: 3.0.0.3 - Lenovo) Hidden Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.7341.2032 - Microsoft Corporation) Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.7341.2032 - Microsoft Corporation) Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.7341.2032 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Mozilla Firefox 48.0.2 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 pt-BR)) (Version: 48.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla) MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team) NitroPC (HKLM-x32\...\NitroPC) (Version: v2.04 - Intelliclick Inform tica) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team) Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7341.2032 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.7341.2032 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7341.2032 - Microsoft Corporation) Hidden Pacote de Driver do Windows - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo) Pacote de Driver do Windows - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo) PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r3113) (Version: - ) Promob Arch (HKLM\...\Promob Arch) (Version: 5 - Promob Software Solutions) Promob Cut Crack1 1.00 (HKLM-x32\...\Promob Cut Crack1 1.00) (Version: 1.00 - Cracks choch) Promob Plus (HKLM\...\Promob Plus) (Version: 5 - Promob Software Solutions) Python 3.5.2 (32-bit) (HKU\S-1-5-21-2734537285-1118194405-70246814-1001\...\{cf72a2ab-2f1d-49fd-a0d7-1065e6357e1e}) (Version: 3.5.2150.0 - Python Software Foundation) Python 3.6.0a4 (64-bit) (HKU\S-1-5-21-2734537285-1118194405-70246814-1001\...\{5e03abb1-a4c1-4087-9d60-839dc0595400}) (Version: 3.6.104.0 - Python Software Foundation) Python 3.6.0a4 Core Interpreter (64-bit) (Version: 3.6.104.0 - Python Software Foundation) Hidden Python 3.6.0a4 Development Libraries (64-bit) (Version: 3.6.104.0 - Python Software Foundation) Hidden Python 3.6.0a4 Documentation (64-bit) (Version: 3.6.104.0 - Python Software Foundation) Hidden Python 3.6.0a4 Executables (64-bit) (Version: 3.6.104.0 - Python Software Foundation) Hidden Python 3.6.0a4 pip Bootstrap (64-bit) (Version: 3.6.104.0 - Python Software Foundation) Hidden Python 3.6.0a4 Standard Library (64-bit) (Version: 3.6.104.0 - Python Software Foundation) Hidden Python 3.6.0a4 Tcl/Tk Support (64-bit) (Version: 3.6.104.0 - Python Software Foundation) Hidden Python 3.6.0a4 Test Suite (64-bit) (Version: 3.6.104.0 - Python Software Foundation) Hidden Python 3.6.0a4 Utility Scripts (64-bit) (Version: 3.6.104.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32\...\{C61F2424-F978-4C9C-BC6A-D0A730716D2F}) (Version: 3.6.104.0 - Python Software Foundation) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.308 - Qualcomm Atheros Communications) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek) Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-2734537285-1118194405-70246814-1001\...\Spotify) (Version: 1.0.37.150.gad02a02e - Spotify AB) Start Menu (HKU\S-1-5-21-2734537285-1118194405-70246814-1001\...\SweetLabs_Start_Menu) (Version: 0.269.7.983 - Pokki) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version: - ) Sublime Text Build 3114 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd) Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.) Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.) User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Warcraft III: All Products (HKU\S-1-5-21-2734537285-1118194405-70246814-1001\...\Warcraft III) (Version: - ) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) WinRAR 4.10 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.2 - win.rar GmbH) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-2734537285-1118194405-70246814-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2734537285-1118194405-70246814-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2734537285-1118194405-70246814-1001_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2734537285-1118194405-70246814-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Rafael\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2734537285-1118194405-70246814-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\en-US\acadficn.dll (Autodesk, Inc.) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {000ECAE8-E64C-4D26-ACE9-37625E26FAE9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe Task: {071012AA-F285-4D44-95FB-17B98A7C9B05} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {0F8D268C-B160-40D6-BB05-3132965518FE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO Task: {14DFCE68-0D9D-4395-B3F5-A32680D70752} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-09] (Google Inc.) Task: {1D02204E-BCE5-448C-91A3-215A93FCF3A0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [2016-09-18] (Microsoft Corporation) Task: {284CE2C5-99CF-4C1F-BF13-41E4D456B692} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2016-04-20] (Lenovo) Task: {2E7468E6-4941-409D-99EB-4870B484B787} - System32\Tasks\SweetLabs App Platform => C:\Users\Rafael\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2016-09-18] (Pokki) Task: {2EF8A5F4-970E-46B3-8DD3-20D896561425} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-09-15] (Microsoft Corporation) Task: {2F270BCF-9F7D-46DE-A00A-AF8804B238A5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-09-16] (Microsoft Corporation) Task: {34E047C5-967E-42F2-B1A2-3652D1BDF4C2} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-04-20] (Lenovo) Task: {36CECE73-6CE1-4855-8933-5E2D2C4DBEB9} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-13] (Adobe Systems Incorporated) Task: {43B54A01-E6E8-4763-9836-92AA6C72806A} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-04-20] (Lenovo) Task: {52761641-AF72-4C11-8394-B594F218EDF6} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-04-20] (Lenovo) Task: {52EF71F9-9987-474A-803A-9C6EBCE8DA38} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-09] (Google Inc.) Task: {6230F6ED-1033-4DFC-AC7B-A0787CBD1239} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-04-20] () Task: {7356C462-6591-4729-9E6E-A0ED082FD081} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-09-16] (Microsoft Corporation) Task: {9041ABFE-CB57-4473-8F12-A0F906A21B09} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] () Task: {A160196F-DCEF-4B3F-A43E-9E693CE3A2A8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-09-15] (Microsoft Corporation) Task: {A1A822FC-ACB7-4C1A-A260-C185B358753E} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2016-07-08] (Apple Inc.) Task: {A1DB822C-AB43-43DB-A763-C8C749C4211F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO Task: {A3051A98-4F8D-47D1-8AB4-2FEEEC6C1F31} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {A7D6D933-5DFD-482A-978A-4282543429F5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08] (Adobe Systems Incorporated) Task: {C54F242E-24C6-4628-AD8F-83A12A07A1F8} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Rafael\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-25] (Microsoft Corporation) Task: {CA03E953-A473-4008-B217-6EA3B6FCFF33} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.) Task: {D0AA67FC-B95E-4C5F-B811-4AB949988C55} - System32\Tasks\{261EBE5F-CCAD-4B25-8C25-8C7AAF5BD5B1} => launchwinapp.exe hxxp://ui.skype.com/ui/0/7.18.0.112/pt/abandoninstall?source=lightinstaller&page=tsBing Task: {EBA1C77E-2F5D-44B7-9F09-387073E7486A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO Task: {ED484912-01AF-4E5F-AC81-223C8A6B572E} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)" Task: {FA918FA2-6AE2-4BD6-BA52-9182659C5FC4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ==================== Módulos Carregados (Whitelisted) ============== 2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2014-11-28 09:49 - 2012-04-24 23:43 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-09-20 21:05 - 2016-09-07 02:39 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-09-20 21:05 - 2016-09-07 02:39 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-08-25 22:14 - 2016-08-25 22:14 - 01864384 _____ () C:\Users\Rafael\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll 2016-03-26 19:42 - 2016-09-19 22:25 - 08923848 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll 2016-03-12 18:53 - 2011-10-30 11:24 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll 2016-05-17 19:42 - 2016-05-17 19:42 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2015-12-19 01:08 - 2015-12-19 01:08 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe 2016-03-07 08:36 - 2016-03-07 08:36 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-07-14 07:59 - 2016-07-01 00:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-09-20 21:00 - 2016-09-07 01:15 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-09-20 21:00 - 2016-09-07 01:10 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-09-20 21:00 - 2016-09-07 01:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-09-20 21:00 - 2016-09-07 01:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2014-11-28 09:08 - 2010-10-26 12:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe 2014-11-28 09:06 - 2013-09-16 16:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2016-08-25 22:14 - 2016-08-25 22:14 - 01383616 _____ () C:\Users\Rafael\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll 2016-03-26 19:42 - 2016-09-19 22:24 - 08923848 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\ProgramData\Temp:AE9A5120 [120] AlternateDataStreams: C:\Users\Todos os Usuários\Temp:AE9A5120 [120] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) HKU\S-1-5-21-2734537285-1118194405-70246814-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1" ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2013-08-22 10:25 - 2013-08-22 10:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-2734537285-1118194405-70246814-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rafael\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{3593d464-aa5f-4059-982a-acc5cc177b6c}.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == HKLM\...\StartupApproved\Run: => "ETDCtrl" HKLM\...\StartupApproved\Run: => "Lenovo Utility" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "ADSKAppManager" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-2734537285-1118194405-70246814-1001\...\StartupApproved\Run: => "Autodesk Sync" HKU\S-1-5-21-2734537285-1118194405-70246814-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-2734537285-1118194405-70246814-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-2734537285-1118194405-70246814-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-2734537285-1118194405-70246814-1001\...\StartupApproved\Run: => "iCloudDrive" HKU\S-1-5-21-2734537285-1118194405-70246814-1001\...\StartupApproved\Run: => "iCloudPhotos" HKU\S-1-5-21-2734537285-1118194405-70246814-1001\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-2734537285-1118194405-70246814-1001\...\StartupApproved\Run: => "NitroPC" ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{8B68B08D-37DC-4F3C-BC16-C2CAF8A6DDF4}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe FirewallRules: [{FC7B510B-02A5-498D-B914-260EF32CEC91}] => (Allow) LPort=55100 FirewallRules: [{311AE834-669B-46DB-892D-411B17CADB8B}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe FirewallRules: [{6C5618C6-9EA5-47C9-9540-BB90959CB9AC}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe FirewallRules: [{008C187F-FDCA-46BE-9249-1A3CD7744CCB}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE FirewallRules: [{267BC785-454B-43AC-B0FE-E7573132D22C}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{0B672D49-75BD-48D3-AA26-2C625F3B4E6C}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{9E75FC9F-9D6C-4F71-8F89-1479CEAFDB8E}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe FirewallRules: [{6523D09A-48B7-475E-9FCF-C8B4770B559A}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{51A142DA-7ECB-477B-AFAC-5DF761A36F2F}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{B9C5E8D0-422E-45D8-8726-A7702505ACAE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{217BCF83-C2D3-40A3-A5CF-C48E24B63FFB}C:\users\rafael\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rafael\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{88CA6417-F00D-40F4-A117-84AD26C1BB47}C:\users\rafael\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rafael\appdata\roaming\spotify\spotify.exe FirewallRules: [{E573E8C9-7CD2-4AF3-9610-8CB2BF54A2C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{4BAA456A-10D2-484F-9296-4B06896AAE13}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{8EC286E2-A447-4D58-944E-2398355A7B29}] => (Allow) LPort=50248 FirewallRules: [TCP Query User{91E8E3F4-6B85-4C75-82C8-905AE8C9C177}C:\users\rafael\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rafael\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{9A0C416D-E5DA-4ED6-B31E-774062D26658}C:\users\rafael\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rafael\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{AED6351F-3964-4159-830D-753C5A6CC549}C:\users\rafael\appdata\roaming\utorrent\updates\3.4.6_42094.exe] => (Block) C:\users\rafael\appdata\roaming\utorrent\updates\3.4.6_42094.exe FirewallRules: [UDP Query User{0BB828E6-3EA0-4D0C-AEC7-2C909EBAE2D2}C:\users\rafael\appdata\roaming\utorrent\updates\3.4.6_42094.exe] => (Block) C:\users\rafael\appdata\roaming\utorrent\updates\3.4.6_42094.exe FirewallRules: [{D2E468B1-0A03-4EF0-BD70-020AB556CB51}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [TCP Query User{8065A062-3A2B-4F25-9929-1FF85C0DA097}C:\users\rafael\appdata\roaming\utorrent\updates\3.4.6_42094.exe] => (Allow) C:\users\rafael\appdata\roaming\utorrent\updates\3.4.6_42094.exe FirewallRules: [UDP Query User{4B0FF5F5-7A8B-4FCE-BDD3-5C9B4A716BBC}C:\users\rafael\appdata\roaming\utorrent\updates\3.4.6_42094.exe] => (Allow) C:\users\rafael\appdata\roaming\utorrent\updates\3.4.6_42094.exe FirewallRules: [{66182B5F-8E0F-4BAA-8B4F-07A0839230D8}] => (Allow) C:\Users\Rafael\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{4D8A7BF2-93A0-4D2A-A29E-95536F271446}] => (Allow) C:\Users\Rafael\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E2D29E74-FBA3-4DFE-A3B7-538289B2DDD6}] => (Allow) C:\Users\Rafael\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{51A51DBB-5592-44AF-B559-1698027B9004}] => (Allow) C:\Users\Rafael\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{4586A95F-EDF7-4251-A3C4-8AF628147D53}] => (Allow) C:\Users\Rafael\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{DD36D521-90E1-449D-A857-048705ECAC02}] => (Allow) C:\Users\Rafael\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{CD411C44-A37D-4DC8-BFEE-A7526DA3398C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{F1B09AD4-E347-43DD-89E0-6DB41379A232}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{1ED60EA1-4129-40BC-A34F-C2901EF2D380}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{0129B3EA-40D7-4A73-AA32-7507FE95DC67}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{68B52AE3-6C48-4961-8866-08A694A7A000}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe FirewallRules: [UDP Query User{39E6BF8A-D4F1-42DE-887D-A786FFE6B0B9}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe FirewallRules: [TCP Query User{07B74A5A-8191-4376-B3F7-6D34B1605A37}C:\program files\java\jdk1.8.0_91\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_91\bin\java.exe FirewallRules: [UDP Query User{4FC0EBEE-14F2-4536-BA66-2A969BA40AAC}C:\program files\java\jdk1.8.0_91\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_91\bin\java.exe FirewallRules: [{7E7C192C-9769-4DAB-B1CD-B2224A3C7067}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{ACA21CE5-76C2-4FD2-8075-389657722CAA}] => (Allow) C:\Program Files (x86)\NitroPC\NitroPC.exe FirewallRules: [{B93420C5-4C0C-4196-9D82-BE4C1F04B101}] => (Allow) C:\Program Files (x86)\NitroPC\NitroPC.exe FirewallRules: [TCP Query User{E07641DA-29D0-4EAB-A1FD-A075D6737C0D}C:\program files (x86)\jetbrains\pycharm 4.5.3\bin\pycharm.exe] => (Allow) C:\program files (x86)\jetbrains\pycharm 4.5.3\bin\pycharm.exe FirewallRules: [UDP Query User{71395829-A305-49D2-BDCE-B78B9E9E47E9}C:\program files (x86)\jetbrains\pycharm 4.5.3\bin\pycharm.exe] => (Allow) C:\program files (x86)\jetbrains\pycharm 4.5.3\bin\pycharm.exe FirewallRules: [TCP Query User{2E227B2D-DCA5-418E-A63F-D4F15A5F3E5A}C:\program files (x86)\jetbrains\pycharm 4.5.3\bin\pycharm.exe] => (Allow) C:\program files (x86)\jetbrains\pycharm 4.5.3\bin\pycharm.exe FirewallRules: [UDP Query User{7E75E134-17CD-4589-9A9E-9105B6115E65}C:\program files (x86)\jetbrains\pycharm 4.5.3\bin\pycharm.exe] => (Allow) C:\program files (x86)\jetbrains\pycharm 4.5.3\bin\pycharm.exe FirewallRules: [{6A7AE720-310C-41E3-A622-6DA3F2267326}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{E2256D0D-0772-4DDA-83F2-6138B70237B5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{38D18D14-36EE-42BF-8286-94A3A6BE7892}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{AC72BAD8-9A29-4D79-B77F-0EEB7D108B37}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{AD6CBC18-95AE-4128-88F2-5AAB19A520AD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{2E0DEAB2-1060-484B-A146-6B665A6C80EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Galaxy Control 3D Strategy\gc.exe FirewallRules: [{F8E98EFE-E92D-4964-98AD-68D220847718}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Galaxy Control 3D Strategy\gc.exe ==================== Pontos de Restauração ========================= 08-09-2016 22:56:59 Removed Python 2.7.12rc1 (64-bit) 12-09-2016 22:06:17 Windows Update 12-09-2016 22:07:51 Windows Update 18-09-2016 13:44:05 Windows Update 18-09-2016 13:45:19 Windows Update 22-09-2016 08:51:02 Windows Update ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (09/23/2016 07:20:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: igfxHK.exe, versão: 6.15.10.4331, carimbo de data/hora: 0x564cc83e Nome do módulo com falha: igfxHK.exe, versão: 6.15.10.4331, carimbo de data/hora: 0x564cc83e Código de exceção: 0xc0000409 Deslocamento da falha: 0x0000000000015953 ID do processo com falha: 0x1634 Hora de início do aplicativo com falha: 0x01d215e8ab26792f Caminho do aplicativo com falha: C:\WINDOWS\system32\igfxHK.exe Caminho do módulo com falha: C:\WINDOWS\system32\igfxHK.exe ID do Relatório: 67cc41e7-480e-46ed-9549-553e92d29e3c Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (09/22/2016 11:04:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RAFAEL-PC) Description: Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (09/22/2016 09:34:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: igfxHK.exe, versão: 6.15.10.4331, carimbo de data/hora: 0x564cc83e Nome do módulo com falha: igfxHK.exe, versão: 6.15.10.4331, carimbo de data/hora: 0x564cc83e Código de exceção: 0xc0000409 Deslocamento da falha: 0x0000000000015953 ID do processo com falha: 0x1e84 Hora de início do aplicativo com falha: 0x01d215324794f2ae Caminho do aplicativo com falha: C:\WINDOWS\system32\igfxHK.exe Caminho do módulo com falha: C:\WINDOWS\system32\igfxHK.exe ID do Relatório: 7c023543-2457-441a-bdfe-55024e80c799 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (09/22/2016 10:06:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Rafael-PC) Description: Falha na ativação do aplicativo Microsoft.Windows.Photos_8wekyb3d8bbwe!App com o erro: -2147023170. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (09/22/2016 09:15:16 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa explorer.exe versão 10.0.10586.494 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção. ID do Processo: 7cc Hora de Início: 01d214c92ff24dae Hora de Término: 0 Caminho do Aplicativo: C:\WINDOWS\explorer.exe ID do Relatório: cbb56a7f-80bc-11e6-828d-5cc9d3481781 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (09/22/2016 09:02:26 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: igfxHK.exe, versão: 6.15.10.4331, carimbo de data/hora: 0x564cc83e Nome do módulo com falha: igfxHK.exe, versão: 6.15.10.4331, carimbo de data/hora: 0x564cc83e Código de exceção: 0xc0000409 Deslocamento da falha: 0x0000000000015953 ID do processo com falha: 0xe70 Hora de início do aplicativo com falha: 0x01d214c92b2aa830 Caminho do aplicativo com falha: C:\WINDOWS\system32\igfxHK.exe Caminho do módulo com falha: C:\WINDOWS\system32\igfxHK.exe ID do Relatório: 1b38de65-37d3-4fc7-bb09-51f116a6ce5a Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (09/22/2016 08:52:50 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP. System Error: Acesso negado. . Error: (09/20/2016 08:28:05 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: igfxHK.exe, versão: 6.15.10.4331, carimbo de data/hora: 0x564cc83e Nome do módulo com falha: igfxHK.exe, versão: 6.15.10.4331, carimbo de data/hora: 0x564cc83e Código de exceção: 0xc0000409 Deslocamento da falha: 0x0000000000015953 ID do processo com falha: 0x2ddc Hora de início do aplicativo com falha: 0x01d21396a3116d10 Caminho do aplicativo com falha: C:\WINDOWS\system32\igfxHK.exe Caminho do módulo com falha: C:\WINDOWS\system32\igfxHK.exe ID do Relatório: 01a1da64-d51c-4b9a-bda5-9a0446a969b5 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (09/20/2016 08:25:57 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: igfxHK.exe, versão: 6.15.10.4331, carimbo de data/hora: 0x564cc83e Nome do módulo com falha: igfxHK.exe, versão: 6.15.10.4331, carimbo de data/hora: 0x564cc83e Código de exceção: 0xc0000409 Deslocamento da falha: 0x0000000000015953 ID do processo com falha: 0x1be4 Hora de início do aplicativo com falha: 0x01d2139654560640 Caminho do aplicativo com falha: C:\WINDOWS\system32\igfxHK.exe Caminho do módulo com falha: C:\WINDOWS\system32\igfxHK.exe ID do Relatório: 7a37737b-16dd-4d8a-9273-30cc1151e832 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (09/20/2016 09:03:14 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Rafael-PC) Description: O pacote Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy+App foi terminado porque levou muito tempo para ser suspenso. Erros de Sistema: ============= Error: (09/23/2016 07:23:00 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT) Description: O servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} não se registrou no DCOM dentro do tempo limite necessário. Error: (09/23/2016 07:12:55 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT) Description: O servidor {F3B4E234-7A68-4E43-B813-E4BA55A065F6} não se registrou no DCOM dentro do tempo limite necessário. Error: (09/23/2016 06:48:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço AdAppMgrSvc devido ao seguinte erro: O serviço não respondeu à requisição de início ou controle em tempo hábil. Error: (09/23/2016 06:48:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço AdAppMgrSvc. Error: (09/23/2016 06:48:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço ClickToRunSvc devido ao seguinte erro: O serviço não respondeu à requisição de início ou controle em tempo hábil. Error: (09/23/2016 06:48:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço ClickToRunSvc. Error: (09/23/2016 06:48:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Autodesk Content Service devido ao seguinte erro: O serviço não respondeu à requisição de início ou controle em tempo hábil. Error: (09/23/2016 06:48:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Autodesk Content Service. Error: (09/23/2016 06:47:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço SAService devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (09/23/2016 06:47:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Proteq devido ao seguinte erro: O carregamento deste driver foi bloqueado CodeIntegrity: =================================== Date: 2016-09-23 19:02:43.838 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-09-23 18:49:26.734 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-09-22 09:36:39.674 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-09-22 09:33:39.585 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-09-20 20:44:15.665 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-09-20 20:27:55.091 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-09-20 09:19:49.225 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-09-19 22:28:09.029 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-09-18 17:05:41.574 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-09-18 13:48:08.126 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz Percentagem de memória em uso: 60% RAM física total: 3988.27 MB RAM física disponível: 1563.04 MB Virtual Total: 6164.27 MB Virtual disponível: 3832.23 MB ==================== Drives ================================ Drive c: (Windows8_OS) (Fixed) (Total:889.92 GB) (Free:770.49 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)] Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:19.01 GB) NTFS Drive h: (Rafa (HD)) (Fixed) (Total:298.09 GB) (Free:125.42 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: B6F9C425) Partition: GPT. ======================================================== Disk: 1 (Size: 298.1 GB) (Disk ID: C1CF3B58) Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================