Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 15-03-2017 Executado por Cliente (04-04-2017 08:46:51) Executando a partir de C:\Users\Cliente\Desktop Windows 10 Pro Versão 1607 (X64) (2016-09-06 14:53:30) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-4285994002-2279670822-4046834917-500 - Administrator - Disabled) Cliente (S-1-5-21-4285994002-2279670822-4046834917-1001 - Administrator - Enabled) => C:\Users\Cliente Convidado (S-1-5-21-4285994002-2279670822-4046834917-501 - Limited - Enabled) DefaultAccount (S-1-5-21-4285994002-2279670822-4046834917-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-4285994002-2279670822-4046834917-1006 - Limited - Enabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated) Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.) Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17354 - Microsoft Corporation) ASUS Share Link (HKLM-x32\...\{c3bcc1e3-f950-439c-bcae-f01283e9f2a4}_is1) (Version: 1.0.27.0911 - ASUSTEK) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.3.16 - ASUS) Corel Graphics - Windows Shell Extension (HKLM\...\_{3CAAE169-6001-48ED-B2C6-5B6F511552FD}) (Version: 18.0.0.448 - Corel Corporation) Corel Graphics - Windows Shell Extension (Version: 18.0.448 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit Keys (Version: 18.0.448 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - BR (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Capture (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Common (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Connect (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - CS (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - CT (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Custom Data (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - CZ (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - DE (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Draw (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - EN (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - ES (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Filters (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Font Manager (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - FR (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - IPM (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - IPM Content (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - IT (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - JP (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - NL (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - PHOTO-PAINT (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - PL (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Redist (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - RU (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Setup Files (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - VBA (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - VideoBrowser (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Workspaces (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Writing Tools (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 (64-Bit) (HKLM\...\_{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.0.0.448 - Corel Corporation) CorelDRAW Graphics Suite X8 (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 -TR (x64) (Version: 18.0 - Corel Corporation) Hidden dBpowerAMP Music Converter (HKLM-x32\...\dBpowerAMP Music Converter) (Version: - ) Dropbox (HKLM-x32\...\Dropbox) (Version: 22.4.24 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - ) hppP1100P1560P1600SeriesLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden hppusgP1100P1560P1600Series (x32 Version: 1.0.0.1 - Hewlett-Packard) Hidden HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.) Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation) Intel® CCF Manager (HKLM-x32\...\{0f3d8dd5-54af-4404-a01c-4967e485a065}) (Version: 3.0.13.2211 - Intel Corporation) IPM_Installer (Version: 2.1 - Your Company Name) Hidden KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4285994002-2279670822-4046834917-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation) Pacote de Driver do Windows - ASUS Tek. Corporation (ATP) Mouse (09/25/2015 7.0.0.9) (HKLM\...\6C3F8C7AFD19C7A76AF857BA7CD35E4CFAA9F3F0) (Version: 09/25/2015 7.0.0.9 - ASUS Tek. Corporation) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.) Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Spotify (HKU\S-1-5-21-4285994002-2279670822-4046834917-1001\...\Spotify) (Version: 1.0.52.725.g943b26a8 - Spotify AB) STCServ (Version: 3.0.0.1783 - Intel Corporation) Hidden UsbFix (HKLM-x32\...\Usbfix) (Version: 9.001 - www.SOSVirus.Net) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {07F5458F-CE35-4737-A246-A0DFE01B78BB} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-14] (Dropbox, Inc.) Task: {2E43BC5A-CD94-4B73-8793-85E21BD1BF0A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {38AEF06C-47E6-4487-9897-A9BDC25C1400} - System32\Tasks\Microsoft Office 15 Sync Maintenance for CRIACAO-Cliente CRIACAO => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation) Task: {617A2977-C3E2-4378-8C2D-21294C5E524F} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic Task: {7DFB0131-F51F-41F1-B15D-3C32ACC3FBEB} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2016-09-06] () Task: {99EF974D-E4B3-49A1-8B25-1056E56071DA} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-14] (Dropbox, Inc.) Task: {A1FA0560-E1F6-4242-AD07-908B481DAC7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-13] (Google Inc.) Task: {A9DBDD6E-C74D-48A0-B214-CD695749D172} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2016-09-22] (AsusTek) Task: {AEB5C1AA-B178-48E9-8821-B23E60B7A945} - System32\Tasks\IntelBootstrapCCDashExe => C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [2015-03-16] (Intel® Corporation) Task: {CB1CFC54-4C19-4A56-A906-25F6A7EB4FEF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-13] (Google Inc.) Task: {D7B2102B-D8E6-4660-9F13-9FAC91A4DBE4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated) Task: {E535CA31-7CB4-4A0B-B0E7-63C14079F577} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2016-02-26] (Corel Corporation) Task: {E7F61A96-3F4B-4E38-AB06-E4AE4166B373} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {ED6FA1BE-31A4-42F4-BE21-144BE478B913} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {FE23E2E0-AC9A-4179-9482-7F07A29EC16C} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-12-04] (@ByELDI) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\Cliente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ==================== Módulos Carregados (Whitelisted) ============== 2016-09-14 15:07 - 2012-08-31 15:03 - 00288768 _____ () C:\WINDOWS\System32\HP1100LM.DLL 2016-09-14 15:07 - 2012-08-31 15:02 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1100PP.DLL 2016-09-14 15:07 - 2012-08-31 15:03 - 03034112 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\hp1100su.dll 2016-09-14 15:07 - 2012-08-31 15:02 - 01038336 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\HP1100GC.dll 2016-07-16 08:42 - 2016-07-16 08:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-07-16 08:42 - 2016-07-16 08:42 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-07-16 08:42 - 2016-07-16 08:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-07-16 08:42 - 2016-07-16 08:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-07-16 08:42 - 2016-07-16 08:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll 2016-07-16 08:42 - 2016-07-16 08:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2016-07-16 08:43 - 2016-07-16 08:43 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2016-07-16 08:43 - 2016-07-16 20:15 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-09-06 11:37 - 2016-09-06 11:37 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-07-16 08:43 - 2016-07-16 20:15 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2016-07-16 08:43 - 2016-07-16 20:15 - 01033728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2016-09-06 11:37 - 2016-09-06 11:37 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-09-06 11:37 - 2016-09-06 11:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-03-13 07:34 - 2017-03-13 07:38 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-03-13 07:34 - 2017-03-13 07:38 - 00182784 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-03-13 07:34 - 2017-03-13 07:39 - 41048064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-03-13 07:34 - 2017-03-13 07:36 - 02236896 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\roottools.dll 2016-10-13 17:17 - 2017-02-28 17:56 - 00018904 _____ () C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe 2017-02-06 17:35 - 2017-02-01 06:47 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll 2017-02-06 17:35 - 2017-02-01 06:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll 2017-02-10 07:31 - 2017-04-01 18:10 - 67725936 _____ () C:\Users\Cliente\AppData\Roaming\Spotify\libcef.dll 2017-02-10 07:31 - 2017-04-01 18:10 - 00110192 _____ () C:\Users\Cliente\AppData\Roaming\Spotify\SpotifyWinRT.dll 2017-03-24 15:12 - 2017-03-21 15:06 - 00842560 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll 2016-10-13 17:17 - 2017-02-28 17:49 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2016-10-13 17:17 - 2017-02-28 17:49 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2016-10-13 17:17 - 2017-02-28 17:49 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2016-10-13 17:17 - 2017-03-21 15:10 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2017-03-24 15:12 - 2017-03-21 15:09 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2016-10-13 17:17 - 2017-02-28 17:50 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2016-10-13 17:17 - 2017-02-28 17:49 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2017-03-24 15:12 - 2017-03-21 15:09 - 01729360 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2017-03-24 15:12 - 2017-03-21 15:09 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2017-03-24 15:12 - 2017-02-28 17:49 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2017-03-24 15:12 - 2017-02-28 17:50 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd 2017-03-24 15:12 - 2017-02-28 17:49 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2016-10-13 17:17 - 2017-02-28 17:52 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2016-10-13 17:17 - 2017-03-21 15:10 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd 2017-03-24 15:12 - 2017-03-21 15:09 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2017-03-24 15:12 - 2017-03-21 15:09 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2016-10-13 17:17 - 2017-02-28 17:52 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2017-03-24 15:12 - 2017-02-28 17:49 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2017-03-24 15:12 - 2017-02-28 17:52 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2016-10-13 17:17 - 2017-02-28 17:52 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2016-10-13 17:17 - 2017-03-21 15:10 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2016-10-13 17:17 - 2017-02-28 17:52 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2016-10-13 17:17 - 2017-03-21 15:10 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd 2016-10-13 17:17 - 2017-02-28 17:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2016-10-13 17:17 - 2017-02-28 17:52 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2016-10-13 17:17 - 2017-02-28 17:52 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2016-10-13 17:17 - 2017-02-28 17:52 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2016-10-13 17:17 - 2017-02-28 17:52 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2016-10-13 17:17 - 2017-02-28 17:52 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2016-10-13 17:17 - 2017-02-28 17:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2017-03-24 15:12 - 2017-03-21 15:09 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd 2017-03-24 15:12 - 2017-03-21 15:09 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2016-10-13 17:17 - 2017-02-28 17:51 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd 2017-03-24 15:12 - 2017-03-21 15:09 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2016-10-13 17:17 - 2017-03-21 15:10 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2016-10-13 17:17 - 2017-02-28 17:52 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2017-03-24 15:12 - 2017-03-21 15:10 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2016-10-13 17:17 - 2017-02-28 17:50 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2017-03-24 15:12 - 2017-03-21 15:10 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2017-03-24 15:12 - 2017-03-21 15:10 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2017-03-24 15:12 - 2017-03-21 15:10 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2017-03-01 11:29 - 2017-03-21 15:10 - 00053072 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd 2017-03-24 15:12 - 2017-03-21 15:10 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2017-03-24 15:12 - 2017-03-21 15:10 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2017-03-24 15:12 - 2017-03-21 15:10 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2017-01-24 07:48 - 2017-03-21 15:10 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd 2016-10-13 17:17 - 2017-03-21 15:10 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd 2017-01-24 07:48 - 2017-03-21 15:10 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd 2017-01-24 07:48 - 2017-03-21 15:10 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd 2017-01-24 07:48 - 2017-03-21 15:10 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd 2016-10-13 17:17 - 2017-02-28 17:52 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2017-03-24 15:12 - 2017-03-21 15:10 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd 2016-10-13 17:17 - 2017-03-21 15:10 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2017-03-24 15:12 - 2017-03-21 15:09 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2017-03-24 15:12 - 2017-02-28 17:47 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2017-03-24 15:12 - 2017-03-21 15:09 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2017-03-24 15:12 - 2017-03-10 20:17 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2017-03-24 15:12 - 2017-03-21 15:09 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2016-10-13 17:17 - 2017-03-21 15:10 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd 2017-03-24 15:12 - 2017-02-28 17:56 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll 2017-03-24 15:12 - 2017-02-28 17:56 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2017-03-24 15:12 - 2017-03-21 15:10 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd 2017-03-24 15:12 - 2017-03-21 15:10 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd 2017-03-24 15:12 - 2017-03-21 15:10 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd 2016-10-13 17:17 - 2017-02-28 17:52 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd 2016-10-13 17:17 - 2017-03-21 15:10 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd 2017-03-01 11:29 - 2017-03-21 15:10 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.pyd 2017-03-24 15:12 - 2017-03-21 15:10 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd 2017-02-10 07:31 - 2017-04-01 18:10 - 01929840 _____ () C:\Users\Cliente\AppData\Roaming\Spotify\libglesv2.dll 2017-02-10 07:31 - 2017-04-01 18:10 - 00087152 _____ () C:\Users\Cliente\AppData\Roaming\Spotify\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Users\Cliente\Desktop\tabela cartão e flyer.doc:com.dropbox.attributes [168] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2015-07-10 08:04 - 2015-07-10 08:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-4285994002-2279670822-4046834917-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{1B52E72B-1417-4CB6-A0ED-EEC93D17C68D}] => (Allow) C:\Program Files\Intel\STCServ\STCServ.exe FirewallRules: [{EB5885AE-7081-4DFA-8893-28C2854746C1}] => (Allow) C:\Program Files\Intel\STCServ\STCServ.exe FirewallRules: [TCP Query User{6C771B0B-A3DB-4F6D-879A-A65A7EA1772C}C:\users\cliente\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\cliente\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{D890D0F4-2A1D-48D5-888B-E599D76B850E}C:\users\cliente\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\cliente\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{E29159BD-EF48-4387-B794-73BA61D5211B}C:\program files (x86)\dropbox\client\dropbox.exe] => (Allow) C:\program files (x86)\dropbox\client\dropbox.exe FirewallRules: [UDP Query User{319A53DE-751A-4668-8100-40AD2F44D2C3}C:\program files (x86)\dropbox\client\dropbox.exe] => (Allow) C:\program files (x86)\dropbox\client\dropbox.exe FirewallRules: [TCP Query User{F9AD0D88-E270-483B-B1A2-32E41600F131}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe FirewallRules: [UDP Query User{0FCE16AA-961B-465E-A868-810BFDE3E1E3}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe FirewallRules: [TCP Query User{48DCC8B6-B231-45C4-82C3-445F705C4DBA}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe FirewallRules: [UDP Query User{BE79767D-BD5C-456C-A972-A51E2AC24964}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe ==================== Pontos de Restauração ========================= 17-03-2017 08:03:21 Windows Update 27-03-2017 08:00:12 Ponto de Verificação Agendado 01-04-2017 10:31:46 Windows Update 04-04-2017 08:40:59 Instalador de Módulos do Windows ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Dispositivo USB Desconhecido (Falha na Solicitação de Descritor de Dispositivo) Description: Dispositivo USB Desconhecido (Falha na Solicitação de Descritor de Dispositivo) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (04/04/2017 08:41:12 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP. System Error: Acesso negado. . Error: (04/03/2017 02:42:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: Service_KMS.exe, versão: 14.0.0.6, carimbo de data/hora: 0x5480afdb Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.14393.0, carimbo de data/hora: 0x57899809 Código de exceção: 0xe0434352 Deslocamento da falha: 0x0000000000017788 ID do processo com falha: 0x8c8 Hora de início do aplicativo com falha: 0x01d2ac9ffbb1881c Caminho do aplicativo com falha: C:\Program Files\KMSpico\Service_KMS.exe Caminho do módulo com falha: C:\WINDOWS\System32\KERNELBASE.dll ID do Relatório: 36f71d4f-dace-43ab-af68-7ac19b207a24 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (04/03/2017 02:42:41 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicativo: Service_KMS.exe Versão do Framework: v4.0.30319 Descrição: O processo foi terminado devido a uma exceção sem tratamento. Informações da Exceção: System.IO.IOException em System.IO.__Error.WinIOError(Int32, System.String) em System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean) em System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean) em System.IO.StreamWriter.CreateFile(System.String, Boolean, Boolean) em System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding, Int32, Boolean) em System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding) em System.IO.File.InternalAppendAllText(System.String, System.String, System.Text.Encoding) em Service_KMS.Logging.FileLogger.ᜀ(System.String ByRef) em System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) em System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) em System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) em System.Threading.ThreadHelper.ThreadStart() Error: (04/03/2017 02:01:00 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: CorelDRW.exe, versão: 18.0.0.448, carimbo de data/hora: 0x56da6552 Nome do módulo com falha: CdrRip.dll, versão: 18.0.0.448, carimbo de data/hora: 0x56da64b4 Código de exceção: 0xc0000005 Deslocamento da falha: 0x000000000005f1d0 ID do processo com falha: 0xdac Hora de início do aplicativo com falha: 0x01d2ac9a88109266 Caminho do aplicativo com falha: C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDRW.exe Caminho do módulo com falha: C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CdrRip.dll ID do Relatório: d3a17bcd-4e27-4e93-a40f-03e7aa6c9f20 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (04/03/2017 02:01:00 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicativo: CorelDRW.exe Versão do Framework: v4.0.30319 Descrição: O processo foi terminado devido a uma exceção sem tratamento. Informações da Exceção: código da exceção c0000005, endereço da exceção 00007FFACBC2F1D0 Pilha: Error: (04/03/2017 01:51:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: CorelDRW.exe, versão: 18.0.0.448, carimbo de data/hora: 0x56da6552 Nome do módulo com falha: CdrRip.dll, versão: 18.0.0.448, carimbo de data/hora: 0x56da64b4 Código de exceção: 0xc0000005 Deslocamento da falha: 0x000000000005f1d0 ID do processo com falha: 0x1398 Hora de início do aplicativo com falha: 0x01d2ac7659955444 Caminho do aplicativo com falha: C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDRW.exe Caminho do módulo com falha: C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CdrRip.dll ID do Relatório: a06b5973-3d2c-40ae-b3f9-db38fc7fb7cd Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (04/03/2017 01:51:16 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicativo: CorelDRW.exe Versão do Framework: v4.0.30319 Descrição: O processo foi terminado devido a uma exceção sem tratamento. Informações da Exceção: código da exceção c0000005, endereço da exceção 00007FFACADBF1D0 Pilha: Error: (04/03/2017 01:01:19 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa mbam.exe versão 2.3.173.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção. ID do Processo: 16e8 Hora de Início: 01d2ac84f6184680 Hora de Término: 12 Caminho do Aplicativo: C:\Program Files (x86)\TESTE\mbam.exe ID do Relatório: be35d5b6-1886-11e7-9bf8-fcaa14fd36fc Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (04/03/2017 09:11:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRIACAO) Description: Falha na ativação do aplicativo Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (04/03/2017 09:11:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRIACAO) Description: Falha na ativação do aplicativo Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Erros de Sistema: ============= Error: (04/04/2017 08:37:05 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} e APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (04/03/2017 07:10:02 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} e APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (04/03/2017 02:42:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Service KMSELDI foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (04/03/2017 02:32:32 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} e APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (04/03/2017 02:30:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço KMS-R@1n foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (04/03/2017 02:30:26 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: O serviço HomeGroupListener terminou com o seguinte erro específico de serviço: %%2147944153 = O mapeador de pontos de extremidade não possui mais pontos de extremidade disponíveis. Error: (04/03/2017 02:30:08 PM) (Source: Application Popup) (EventID: 56) (User: ) Description: ACPI5 Error: (04/03/2017 02:29:12 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} e APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (04/03/2017 09:27:11 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Proteção de Software, mas essa ação falhou com o seguinte erro: Uma cópia deste serviço já está sendo executada. Error: (04/03/2017 09:27:11 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Instalador de Módulos do Windows, mas essa ação falhou com o seguinte erro: Uma cópia deste serviço já está sendo executada. CodeIntegrity: =================================== Date: 2017-04-03 12:02:02.845 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-01 12:09:18.816 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-03-21 12:02:21.306 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-03-10 12:16:21.858 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-03-07 12:12:59.538 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-06 09:01:14.325 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-03 14:09:46.378 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-27 13:18:23.935 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-12-30 13:21:29.850 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-12-29 13:21:07.415 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz Percentagem de memória em uso: 40% RAM física total: 8072.64 MB RAM física disponível: 4768.21 MB Virtual Total: 10888.64 MB Virtual disponível: 7442.71 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:930.96 GB) (Free:838.73 GB) NTFS Drive e: (NOVA DESIGN) (Fixed) (Total:931.51 GB) (Free:796.56 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: BECBD405) Partition: GPT. ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: E9267669) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================