Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 23-02-2017 01
Executado por wesley (23-02-2017 15:54:21)
Executando a partir de C:\Users\wesle\Desktop
Windows 10 Pro Versão 1607 (X64) (2016-09-29 15:29:42)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-1387846439-87386558-1735402146-500 - Administrator - Disabled)
Convidado (S-1-5-21-1387846439-87386558-1735402146-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1387846439-87386558-1735402146-503 - Limited - Disabled)
wesley (S-1-5-21-1387846439-87386558-1735402146-1001 - Administrator - Enabled) => C:\Users\wesle
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
. . . (Version: 2.1.28.3 - Intel) Hidden
. . . (x32 Version: 2.6.1.4 - Intel) Hidden
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM\...\Steam App 346900) (Version: - Hyper Hippo Games)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.1.2286 - AVAST Software)
Batman: Arkham City GOTY (HKLM\...\Steam App 200260) (Version: - Rocksteady Studios)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.83.6332 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Company of Heroes (New Steam Version) (HKLM\...\Steam App 228200) (Version: - Relic)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version: - SCS Software)
Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North)
Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version: - Rockstar Games)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hitman: Absolution (HKLM\...\Steam App 203140) (Version: - IO Interactive)
Injustice: Gods Among Us Ultimate Edition (HKLM\...\Steam App 242700) (Version: - NetherRealm Studios)
Intel Android Device USB driver (HKLM\...\Intel Android Device USB driver) (Version: 1.10.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{fe2eebd3-ee15-4538-bb19-b627e3f2a911}) (Version: 2.6.1.4 - Intel)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Mitos.is: The Game (HKLM\...\Steam App 389570) (Version: - Freakinware Studios)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 51.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 pt-BR)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MV RegClean 5.5 (HKLM-x32\...\MV RegClean 5.5_is1) (Version: - )
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Pacote de Driver do Windows - ASUS (ATP) Mouse (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
Pacote de Driver do Windows - Qualcomm Atheros Communications Inc. (athr) Net (07/19/2016 10.0.0.344) (HKLM\...\95987408263946D692028AE835B2B05729D9A24B) (Version: 07/19/2016 10.0.0.344 - Qualcomm Atheros Communications Inc.)
Pacote de Driver do Windows - Realtek Net (07/14/2016 10.010.0714.2016) (HKLM\...\B35B2625607146B0713C79E6F99A41BE3BA6385B) (Version: 07/14/2016 10.010.0714.2016 - Realtek)
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version: - Ndemic Creations)
Pro Evolution Soccer 2017 (HKLM\...\Steam App 456610) (Version: - Konami Digital Entertainment)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.5 - Rockstar Games)
SafeZone Stable 3.55.2393.561 (x32 Version: 3.55.2393.561 - Avast Software) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\Spotify) (Version: 1.0.49.125.g72ee7853 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Uplay (HKLM-x32\...\Uplay) (Version: 25.0 - Ubisoft)
VMware Workstation (HKLM\...\{0AD91785-F9BD-47FD-84F7-9E27B5A1853D}) (Version: 12.1.0 - VMware, Inc.)
Warsaw 1.14.2.35 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.14.2.35 - GAS Tecnologia)
Watch_Dogs 2 (HKLM\...\Steam App 447040) (Version: - Ubisoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-1387846439-87386558-1735402146-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {1AA2A090-DCD6-4377-BB31-A9A3FAA61207} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {2F5582E1-B597-4ECD-83B2-2844919AAA0F} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {419ADF61-2E5E-41E1-A54C-FB07CF2BC54E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-02-01] (AVAST Software)
Task: {45BD9F64-E34D-4553-B5BF-BF6B7F88D567} - System32\Tasks\ACC => C:\Program Files\DriverSetupUtility\FUB\FUB_Send.bat [2015-06-22] () <==== ATENÇÃO
Task: {58DB25C1-BBD2-4545-A080-DDCAB49CFA3F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-02-08] (AVAST Software)
Task: {5F669301-026B-409E-84BF-0FC5AEC02994} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-07] (Piriform Ltd)
Task: {5FE9DBAF-7BC7-4443-8B3A-0097E5179207} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\system32\MRT.exe [2017-01-15] (Microsoft Corporation)
Task: {7B974794-4A86-43A3-9694-993389A38EAD} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-08-23] (AsusTek)
Task: {9D6C72B5-695B-4761-9DB7-4A5ECC3A38D6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-29] (Google Inc.)
Task: {AB441C39-FAF5-443F-86FF-C6CBDEEDD706} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-01-15] (Microsoft Corporation)
Task: {B03BA5C7-40D9-4485-870E-B97229EA0C7D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-29] (Google Inc.)
Task: {C36E4E62-565B-4EF5-969D-DE2DC0341FA9} - System32\Tasks\SafeZone scheduled Autoupdate 1455895062 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-02-15] (Avast Software)
Task: {E78FD37B-AAD8-467E-A426-37D674E1797A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11] (Adobe Systems Incorporated)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2015-11-25 18:09 - 2015-11-25 18:09 - 12462784 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2016-10-10 21:23 - 2016-06-08 18:12 - 00416408 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2016-10-10 21:23 - 2016-06-08 18:18 - 00709272 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll
2016-10-10 21:23 - 2016-06-08 18:15 - 00130712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll
2016-10-10 21:23 - 2016-06-08 18:16 - 00025752 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll
2016-10-10 21:23 - 2016-06-08 18:16 - 00059544 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_quality_and_reliability_input.dll
2016-10-10 21:23 - 2016-06-08 18:16 - 00194712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll
2016-10-10 21:23 - 2016-06-08 18:17 - 00159896 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\sema_thermal_input.dll
2016-10-10 21:23 - 2016-06-08 18:17 - 00158360 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll
2016-10-10 21:23 - 2016-06-08 18:16 - 00050840 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll
2016-10-10 21:23 - 2016-06-08 18:15 - 00032920 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll
2016-07-16 08:42 - 2016-07-16 08:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 20:27 - 2016-12-09 07:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-13 20:27 - 2016-12-09 07:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-13 20:27 - 2016-12-09 07:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-29 11:40 - 2016-09-29 11:40 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 15:18 - 2016-12-21 04:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 15:18 - 2016-12-21 03:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 15:18 - 2016-12-21 03:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 15:18 - 2016-12-21 03:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 15:18 - 2016-12-21 03:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 15:18 - 2016-12-21 03:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 15:18 - 2016-12-21 03:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-11-25 18:09 - 2015-11-25 18:09 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2015-11-25 18:09 - 2015-11-25 18:09 - 00165056 _____ () C:\Program Files (x86)\VMware\VMware Workstation\nfc-types.dll
2015-11-25 18:09 - 2015-11-25 18:09 - 00191680 _____ () C:\Program Files (x86)\VMware\VMware Workstation\LIBEXPAT.dll
2015-11-25 18:09 - 2015-11-25 18:09 - 00388800 _____ () C:\Program Files (x86)\VMware\VMware Workstation\ssoClient.dll
2017-02-08 15:06 - 2017-02-08 15:06 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-30 22:51 - 2016-06-30 22:51 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-02-08 15:05 - 2017-02-08 15:05 - 00289328 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-02-08 15:06 - 2017-02-08 15:06 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\bancobrasil.com.br -> hxxps://www14.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\caixa.gov.br -> imagem.caixa.gov.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2015-10-30 04:24 - 2016-09-08 16:54 - 00000027 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-1387846439-87386558-1735402146-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\wesle\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{6bd362ba-24f9-4e23-8547-821a18493c92}.jpg
DNS Servers: 192.168.15.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: igfxCUIService1.0.0.0 => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SystemUsageReportSvc_WILLAMETTE => 2
MSCONFIG\Services: USER_ESRV_SVC_WILLAMETTE => 3
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\StartupApproved\Run: => "Spotify"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{81853D92-B8C9-4478-A2C9-3A252489295B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{85526CD5-4395-4DC5-AF5A-A26E3B5FBAF9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1593D6B1-8022-4BF5-9588-BBF1E2F736DB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2107DE04-9EF9-40D2-9515-D405F082F8F0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C87E9F98-9AE6-4B30-ABF3-170CF7EB5A81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Watch_Dogs2\bin\WatchDogs2.exe
FirewallRules: [{A54D67DC-4B76-430E-9FB9-88912A6535C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Watch_Dogs2\bin\WatchDogs2.exe
FirewallRules: [{5B7D2708-28DE-4585-B7FA-C0B1D5CC88E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Evolution Soccer 2017\PES2017.exe
FirewallRules: [{62BA42B7-CB1B-492D-9411-F8FF7EA613E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Evolution Soccer 2017\PES2017.exe
FirewallRules: [{A7533853-F7A7-485A-8E36-7F2F07BCFD64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{06C6B4A1-F618-436D-AE8B-7B74C667750E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{E147C739-7C25-469C-8ADB-B6001D9A1395}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{34E8F8BD-69B6-4C51-BA5F-98759E3BADEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{E1B0F57E-446B-4C88-BDF3-75501D055B30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{A52EE717-EB57-4C23-A19A-668303980880}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{C37469F6-B3CC-46C9-8959-B2608C8E93D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{B3A722CA-3E5F-4EE4-BBD0-9E740D582605}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{9608ABF7-B006-4781-82E7-DB902AA57364}C:\users\wesle\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\wesle\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{9C7AF024-4AE4-487D-BE07-D6CF8F0115FE}C:\users\wesle\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\wesle\appdata\roaming\spotify\spotify.exe
FirewallRules: [{931B7752-CFF0-4245-85FE-FA0545378EFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{5F57B624-705A-4493-91EE-5A9245F54A55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{146D899E-C3B2-4251-A3CB-AF71395A59F6}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe
FirewallRules: [{C0382312-BEAE-4D4D-81C2-6D1C841566DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{43B2C750-071B-4B03-B043-7CD65C3858C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{C341B74C-14F0-4290-A4CF-D26CB5B58611}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
==================== Pontos de Restauração =========================
21-02-2017 22:34:10 Windows Update
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (02/22/2017 04:09:08 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Falha no Procedimento Open para o serviço "BITS" na DLL "C:\Windows\System32\bitsperf.dll". Os dados de desempenho para este serviço não estarão disponíveis. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código do erro.
Error: (02/21/2017 10:35:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (02/20/2017 09:56:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-J1EMOQU)
Description: Falha na ativação do aplicativo Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (02/20/2017 08:22:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-J1EMOQU)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (02/20/2017 08:22:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-J1EMOQU)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (02/20/2017 08:22:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-J1EMOQU)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (02/20/2017 08:22:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-J1EMOQU)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (02/20/2017 08:22:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-J1EMOQU)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (02/20/2017 08:22:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-J1EMOQU)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (02/20/2017 08:22:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-J1EMOQU)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Erros de Sistema:
=============
Error: (02/23/2017 03:41:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (02/23/2017 03:41:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (02/23/2017 03:41:50 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (02/22/2017 11:16:14 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (02/22/2017 10:20:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (02/22/2017 10:20:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (02/22/2017 10:20:31 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (02/22/2017 12:27:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (02/22/2017 12:27:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (02/22/2017 12:27:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
CodeIntegrity:
===================================
Date: 2016-11-23 00:21:03.748
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2016-11-23 00:21:03.733
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentagem de memória em uso: 28%
RAM física total: 6030.29 MB
RAM física disponível: 4325.52 MB
Virtual Total: 12174.29 MB
Virtual disponível: 10543.68 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:585.94 GB) (Free:233.09 GB) NTFS
Drive h: (Novo volume) (Fixed) (Total:345.02 GB) (Free:327.26 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E5AF0E4E)
Partition: GPT.
==================== Fim de Addition.txt ============================
Executado por wesley (23-02-2017 15:54:21)
Executando a partir de C:\Users\wesle\Desktop
Windows 10 Pro Versão 1607 (X64) (2016-09-29 15:29:42)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-1387846439-87386558-1735402146-500 - Administrator - Disabled)
Convidado (S-1-5-21-1387846439-87386558-1735402146-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1387846439-87386558-1735402146-503 - Limited - Disabled)
wesley (S-1-5-21-1387846439-87386558-1735402146-1001 - Administrator - Enabled) => C:\Users\wesle
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
. . . (Version: 2.1.28.3 - Intel) Hidden
. . . (x32 Version: 2.6.1.4 - Intel) Hidden
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM\...\Steam App 346900) (Version: - Hyper Hippo Games)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.1.2286 - AVAST Software)
Batman: Arkham City GOTY (HKLM\...\Steam App 200260) (Version: - Rocksteady Studios)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.83.6332 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Company of Heroes (New Steam Version) (HKLM\...\Steam App 228200) (Version: - Relic)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version: - SCS Software)
Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North)
Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version: - Rockstar Games)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hitman: Absolution (HKLM\...\Steam App 203140) (Version: - IO Interactive)
Injustice: Gods Among Us Ultimate Edition (HKLM\...\Steam App 242700) (Version: - NetherRealm Studios)
Intel Android Device USB driver (HKLM\...\Intel Android Device USB driver) (Version: 1.10.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{fe2eebd3-ee15-4538-bb19-b627e3f2a911}) (Version: 2.6.1.4 - Intel)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Mitos.is: The Game (HKLM\...\Steam App 389570) (Version: - Freakinware Studios)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 51.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 pt-BR)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MV RegClean 5.5 (HKLM-x32\...\MV RegClean 5.5_is1) (Version: - )
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Pacote de Driver do Windows - ASUS (ATP) Mouse (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
Pacote de Driver do Windows - Qualcomm Atheros Communications Inc. (athr) Net (07/19/2016 10.0.0.344) (HKLM\...\95987408263946D692028AE835B2B05729D9A24B) (Version: 07/19/2016 10.0.0.344 - Qualcomm Atheros Communications Inc.)
Pacote de Driver do Windows - Realtek Net (07/14/2016 10.010.0714.2016) (HKLM\...\B35B2625607146B0713C79E6F99A41BE3BA6385B) (Version: 07/14/2016 10.010.0714.2016 - Realtek)
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version: - Ndemic Creations)
Pro Evolution Soccer 2017 (HKLM\...\Steam App 456610) (Version: - Konami Digital Entertainment)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.5 - Rockstar Games)
SafeZone Stable 3.55.2393.561 (x32 Version: 3.55.2393.561 - Avast Software) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\Spotify) (Version: 1.0.49.125.g72ee7853 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Uplay (HKLM-x32\...\Uplay) (Version: 25.0 - Ubisoft)
VMware Workstation (HKLM\...\{0AD91785-F9BD-47FD-84F7-9E27B5A1853D}) (Version: 12.1.0 - VMware, Inc.)
Warsaw 1.14.2.35 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.14.2.35 - GAS Tecnologia)
Watch_Dogs 2 (HKLM\...\Steam App 447040) (Version: - Ubisoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-1387846439-87386558-1735402146-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {1AA2A090-DCD6-4377-BB31-A9A3FAA61207} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {2F5582E1-B597-4ECD-83B2-2844919AAA0F} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {419ADF61-2E5E-41E1-A54C-FB07CF2BC54E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-02-01] (AVAST Software)
Task: {45BD9F64-E34D-4553-B5BF-BF6B7F88D567} - System32\Tasks\ACC => C:\Program Files\DriverSetupUtility\FUB\FUB_Send.bat [2015-06-22] () <==== ATENÇÃO
Task: {58DB25C1-BBD2-4545-A080-DDCAB49CFA3F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-02-08] (AVAST Software)
Task: {5F669301-026B-409E-84BF-0FC5AEC02994} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-07] (Piriform Ltd)
Task: {5FE9DBAF-7BC7-4443-8B3A-0097E5179207} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\system32\MRT.exe [2017-01-15] (Microsoft Corporation)
Task: {7B974794-4A86-43A3-9694-993389A38EAD} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-08-23] (AsusTek)
Task: {9D6C72B5-695B-4761-9DB7-4A5ECC3A38D6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-29] (Google Inc.)
Task: {AB441C39-FAF5-443F-86FF-C6CBDEEDD706} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-01-15] (Microsoft Corporation)
Task: {B03BA5C7-40D9-4485-870E-B97229EA0C7D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-29] (Google Inc.)
Task: {C36E4E62-565B-4EF5-969D-DE2DC0341FA9} - System32\Tasks\SafeZone scheduled Autoupdate 1455895062 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-02-15] (Avast Software)
Task: {E78FD37B-AAD8-467E-A426-37D674E1797A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11] (Adobe Systems Incorporated)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2015-11-25 18:09 - 2015-11-25 18:09 - 12462784 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2016-10-10 21:23 - 2016-06-08 18:12 - 00416408 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2016-10-10 21:23 - 2016-06-08 18:18 - 00709272 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll
2016-10-10 21:23 - 2016-06-08 18:15 - 00130712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll
2016-10-10 21:23 - 2016-06-08 18:16 - 00025752 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll
2016-10-10 21:23 - 2016-06-08 18:16 - 00059544 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_quality_and_reliability_input.dll
2016-10-10 21:23 - 2016-06-08 18:16 - 00194712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll
2016-10-10 21:23 - 2016-06-08 18:17 - 00159896 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\sema_thermal_input.dll
2016-10-10 21:23 - 2016-06-08 18:17 - 00158360 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll
2016-10-10 21:23 - 2016-06-08 18:16 - 00050840 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll
2016-10-10 21:23 - 2016-06-08 18:15 - 00032920 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll
2016-07-16 08:42 - 2016-07-16 08:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 20:27 - 2016-12-09 07:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-13 20:27 - 2016-12-09 07:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-13 20:27 - 2016-12-09 07:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-29 11:40 - 2016-09-29 11:40 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 15:18 - 2016-12-21 04:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 15:18 - 2016-12-21 03:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 15:18 - 2016-12-21 03:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 15:18 - 2016-12-21 03:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 15:18 - 2016-12-21 03:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 15:18 - 2016-12-21 03:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 15:18 - 2016-12-21 03:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-11-25 18:09 - 2015-11-25 18:09 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2015-11-25 18:09 - 2015-11-25 18:09 - 00165056 _____ () C:\Program Files (x86)\VMware\VMware Workstation\nfc-types.dll
2015-11-25 18:09 - 2015-11-25 18:09 - 00191680 _____ () C:\Program Files (x86)\VMware\VMware Workstation\LIBEXPAT.dll
2015-11-25 18:09 - 2015-11-25 18:09 - 00388800 _____ () C:\Program Files (x86)\VMware\VMware Workstation\ssoClient.dll
2017-02-08 15:06 - 2017-02-08 15:06 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-30 22:51 - 2016-06-30 22:51 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-02-08 15:05 - 2017-02-08 15:05 - 00289328 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-02-08 15:06 - 2017-02-08 15:06 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\bancobrasil.com.br -> hxxps://www14.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\caixa.gov.br -> imagem.caixa.gov.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2015-10-30 04:24 - 2016-09-08 16:54 - 00000027 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-1387846439-87386558-1735402146-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\wesle\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{6bd362ba-24f9-4e23-8547-821a18493c92}.jpg
DNS Servers: 192.168.15.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: igfxCUIService1.0.0.0 => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SystemUsageReportSvc_WILLAMETTE => 2
MSCONFIG\Services: USER_ESRV_SVC_WILLAMETTE => 3
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-1387846439-87386558-1735402146-1001\...\StartupApproved\Run: => "Spotify"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{81853D92-B8C9-4478-A2C9-3A252489295B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{85526CD5-4395-4DC5-AF5A-A26E3B5FBAF9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1593D6B1-8022-4BF5-9588-BBF1E2F736DB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2107DE04-9EF9-40D2-9515-D405F082F8F0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C87E9F98-9AE6-4B30-ABF3-170CF7EB5A81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Watch_Dogs2\bin\WatchDogs2.exe
FirewallRules: [{A54D67DC-4B76-430E-9FB9-88912A6535C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Watch_Dogs2\bin\WatchDogs2.exe
FirewallRules: [{5B7D2708-28DE-4585-B7FA-C0B1D5CC88E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Evolution Soccer 2017\PES2017.exe
FirewallRules: [{62BA42B7-CB1B-492D-9411-F8FF7EA613E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Evolution Soccer 2017\PES2017.exe
FirewallRules: [{A7533853-F7A7-485A-8E36-7F2F07BCFD64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{06C6B4A1-F618-436D-AE8B-7B74C667750E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{E147C739-7C25-469C-8ADB-B6001D9A1395}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{34E8F8BD-69B6-4C51-BA5F-98759E3BADEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{E1B0F57E-446B-4C88-BDF3-75501D055B30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{A52EE717-EB57-4C23-A19A-668303980880}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{C37469F6-B3CC-46C9-8959-B2608C8E93D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{B3A722CA-3E5F-4EE4-BBD0-9E740D582605}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{9608ABF7-B006-4781-82E7-DB902AA57364}C:\users\wesle\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\wesle\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{9C7AF024-4AE4-487D-BE07-D6CF8F0115FE}C:\users\wesle\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\wesle\appdata\roaming\spotify\spotify.exe
FirewallRules: [{931B7752-CFF0-4245-85FE-FA0545378EFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{5F57B624-705A-4493-91EE-5A9245F54A55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{146D899E-C3B2-4251-A3CB-AF71395A59F6}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe
FirewallRules: [{C0382312-BEAE-4D4D-81C2-6D1C841566DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{43B2C750-071B-4B03-B043-7CD65C3858C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{C341B74C-14F0-4290-A4CF-D26CB5B58611}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
==================== Pontos de Restauração =========================
21-02-2017 22:34:10 Windows Update
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (02/22/2017 04:09:08 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Falha no Procedimento Open para o serviço "BITS" na DLL "C:\Windows\System32\bitsperf.dll". Os dados de desempenho para este serviço não estarão disponíveis. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código do erro.
Error: (02/21/2017 10:35:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (02/20/2017 09:56:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-J1EMOQU)
Description: Falha na ativação do aplicativo Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (02/20/2017 08:22:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-J1EMOQU)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (02/20/2017 08:22:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-J1EMOQU)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (02/20/2017 08:22:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-J1EMOQU)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (02/20/2017 08:22:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-J1EMOQU)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (02/20/2017 08:22:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-J1EMOQU)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (02/20/2017 08:22:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-J1EMOQU)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (02/20/2017 08:22:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-J1EMOQU)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Erros de Sistema:
=============
Error: (02/23/2017 03:41:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (02/23/2017 03:41:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (02/23/2017 03:41:50 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (02/22/2017 11:16:14 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (02/22/2017 10:20:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (02/22/2017 10:20:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (02/22/2017 10:20:31 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (02/22/2017 12:27:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (02/22/2017 12:27:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (02/22/2017 12:27:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
CodeIntegrity:
===================================
Date: 2016-11-23 00:21:03.748
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
Date: 2016-11-23 00:21:03.733
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Diebold\Warsaw\wslbdhm64.dll that did not meet the Store signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentagem de memória em uso: 28%
RAM física total: 6030.29 MB
RAM física disponível: 4325.52 MB
Virtual Total: 12174.29 MB
Virtual disponível: 10543.68 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:585.94 GB) (Free:233.09 GB) NTFS
Drive h: (Novo volume) (Fixed) (Total:345.02 GB) (Free:327.26 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E5AF0E4E)
Partition: GPT.
==================== Fim de Addition.txt ============================