Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 27-04-2017
Executado por JULIANA (29-04-2017 11:22:01)
Executando a partir de C:\Users\JULIANA\Desktop
Windows 10 Home Single Language Versão 1607 (X64) (2016-09-19 13:09:44)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3196962549-1849889996-3441038819-500 - Administrator - Disabled)
Convidado (S-1-5-21-3196962549-1849889996-3441038819-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3196962549-1849889996-3441038819-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3196962549-1849889996-3441038819-1003 - Limited - Enabled)
JULIANA (S-1-5-21-3196962549-1849889996-3441038819-1001 - Administrator - Enabled) => C:\Users\JULIANA
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-3196962549-1849889996-3441038819-1001\...\uTorrent) (Version: 3.5.0.43580 - BitTorrent Inc.)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3006 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8106.0 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3018 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: - )
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Age of Mythology: Extended Edition Tale of the Dragon (HKLM\...\YWdlb2ZteXRob2xvZ3lleHRlbmRlZGVkaXRpb24_is1) (Version: 1 - )
CCleaner (HKLM\...\CCleaner) (Version: 5.26 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5767 - CDBurnerXP)
Central de Mouse e Teclado da Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.5.166.0 - Microsoft Corporation)
Central de Mouse e Teclado da Microsoft (Version: 2.5.166.0 - Microsoft Corporation) Hidden
Company of Heroes 2 (HKLM\...\Steam App 231430) (Version: - Relic Entertainment)
Deus Ex: Game of the Year Edition (HKLM\...\Steam App 6910) (Version: - Ion Storm)
EPSON L355 Series Printer Uninstall (HKLM\...\EPSON L355 Series) (Version: - SEIKO EPSON Corporation)
Ferramentas de Verificação do Microsoft Office 2013 - Português (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Malwarebytes versão 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: - )
MegaTrainer Ultimate version 1.4.8.1 (HKLM-x32\...\{68A5CFDB-E05C-46BC-B2EB-988D1E2C2444}_is1) (Version: 1.4.8.1 - MegaDev)
Microsoft Lync Web App Plug-in (HKLM\...\{530923FF-A970-4952-9D2F-5FF3C874B50A}) (Version: 15.8.8308.920 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPRO) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{02A39130-2CF3-30CA-8623-30F6071A4221}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
PC-CCID (HKLM\...\{3DCDFCDB-4D96-4CF0-9BB3-C91DAE9073F3}) (Version: 2.0.0 - Gemalto)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21257 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.34.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
RogueKiller version 12.10.6.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.10.6.0 - Adlice Software)
SafeSign 64-bits (HKLM\...\{03A93D9E-A18D-421c-A4E3-98BA74A736C9}) (Version: 3.0.105 - A.E.T. Europe B.V.)
Service Pack 1 for Microsoft Office 2013 (KB2817430) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2817430) 64-Bit Edition (Version: - Microsoft) Hidden
SketchUp 2017 (HKLM\...\{5BF32B95-4930-40AC-A756-C2837997EAA2}) (Version: 17.2.2555 - Trimble Navigation Limited)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Software de dispositivo do Chipset Intel® (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Spotify (HKU\S-1-5-21-3196962549-1849889996-3441038819-1001\...\Spotify) (Version: 1.0.51.693.g6ea1e7f6 - Spotify AB)
TZWebChart Chrome Compat versão 1.0 (HKLM-x32\...\{11B4A1FB-2794-4E0E-B96D-8E8611FED667}_is1) (Version: 1.0 - Tradezone - IT Evolution)
TZXPI versão 1 (HKLM-x32\...\{3A52C5B2-20DC-446D-B41C-67820530E9E3}_is1) (Version: 1 - itevolution)
Update for Skype for Business 2015 (KB3172492) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{37F4C12D-75AE-46B9-A4A1-7437BAEEF3E6}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3178731) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{949C4091-F95D-418E-B215-27303F51F9AA}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3178731) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{949C4091-F95D-418E-B215-27303F51F9AA}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3178731) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPRO_{949C4091-F95D-418E-B215-27303F51F9AA}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3178731) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{949C4091-F95D-418E-B215-27303F51F9AA}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warsaw 1.16.0.89 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.16.0.89 - GAS Tecnologia)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {04F093C0-FF9D-48CB-B3C3-E7A4B72EEFC2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
Task: {1FAB1FE9-16C6-4487-BDDE-E9D8DFD4AAE4} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-07-17] ()
Task: {2476F35F-1596-4C72-A1A9-48CDF06D54CE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-04-19] (Microsoft Corporation)
Task: {24D4D195-D29B-4B3B-BE5E-1BCB1C4101A0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2015-07-08] (Microsoft)
Task: {29F13E9D-A47C-48C6-8A99-BD14CB7728CA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {53B9D0BC-8F38-478F-8942-0899745C3BF7} - System32\Tasks\SafeZone scheduled Autoupdate 1471112767 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {57851A65-65F4-4C04-A43E-C77F4416C5E6} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-07-08] (Microsoft Corporation)
Task: {61F6EA41-C5EC-4122-8C87-6CF27DD90036} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
Task: {6384136E-DE48-4713-BE39-B66A7052AED9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
Task: {65CAE1AE-255A-4A87-B220-B037A2FD7C7F} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-07-22] (Acer Incorporated)
Task: {67BA1D0A-DD8D-4670-8E27-1623009A2793} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-07-08] (Microsoft Corporation)
Task: {6B9E9628-9DB5-4310-B5D4-BA1E6075A217} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-17] ()
Task: {7417EF52-A2CC-4B16-9662-333F526C98A0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-21] (Piriform Ltd)
Task: {78921ED3-1264-419E-8D86-8A2894787B71} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-10-17] (Acer Incorporate)
Task: {7D36AF61-B0A5-4F0A-96FE-176EAEB05C3C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {8D939CE2-5531-4B6A-86BD-243101B89E5E} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-07-08] (Microsoft Corporation)
Task: {8F09AD33-5F60-4BD1-A6E8-7EBD4AD127C9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {A164456C-1D7C-46A5-81F1-EAAC70D93211} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
Task: {B2552655-496A-4304-AB4D-14B135ED999D} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-10-17] (Acer Incorporate)
Task: {C46B01C6-22F0-48A2-83AF-80B177D39A17} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2015-07-17] ()
Task: {EF83A1E7-7A53-4FB6-BADD-AEDF7617C6C2} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-07-08] (Microsoft Corporation)
Task: {F3AB6855-FC55-4096-A0FA-D9CD3BC84ED5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2017-04-17 12:11 - 2017-03-22 10:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-04-17 12:12 - 2017-03-23 19:40 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-07-16 08:42 - 2016-07-16 08:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-12 10:30 - 2017-03-28 03:22 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2017-04-12 10:30 - 2017-03-28 03:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-12 10:30 - 2017-03-28 03:22 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-19 10:14 - 2016-09-19 10:14 - 00959168 _____ () C:\Users\JULIANA\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2014-08-29 10:28 - 2014-07-01 18:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2015-10-13 21:33 - 2015-10-13 21:33 - 00415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-09-19 09:18 - 2016-09-19 09:18 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-16 08:34 - 2017-03-04 03:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-16 08:33 - 2017-03-04 03:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-16 08:33 - 2017-03-04 03:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-16 08:33 - 2017-03-04 03:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-12 10:30 - 2017-03-28 02:07 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-04-12 10:30 - 2017-03-28 02:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-12 10:31 - 2017-03-28 02:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-17 14:39 - 2015-07-17 14:39 - 04612448 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2017-04-05 09:39 - 2017-04-05 09:40 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-04-05 09:39 - 2017-04-05 09:40 - 22723584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-04-05 09:39 - 2017-04-05 09:40 - 00448512 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-04-05 09:39 - 2017-04-05 09:40 - 05427200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-06-03 18:21 - 2016-06-03 18:22 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-04-05 09:39 - 2017-04-05 09:40 - 00435712 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-04-05 09:39 - 2017-04-05 09:40 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-03-03 22:08 - 2016-03-03 22:14 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-03-28 18:49 - 2017-03-28 18:50 - 01668976 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17022.10311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-04-05 09:39 - 2017-04-05 09:39 - 10650112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.99.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2017-04-05 09:39 - 2017-04-05 09:39 - 02653184 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.99.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2017-04-05 09:39 - 2017-04-05 09:39 - 00761344 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.99.0_x64__8wekyb3d8bbwe\WinStore.Vui.dll
2014-09-03 10:03 - 2014-09-03 10:03 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [2270]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-3196962549-1849889996-3441038819-1001\...\gastecnologia.com.br -> cloud.gastecnologia.com.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2013-08-22 10:25 - 2017-04-25 15:04 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3196962549-1849889996-3441038819-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\JULIANA\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{c1779e80-dd7e-4091-87c8-a5717aff887d}.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKU\S-1-5-21-3196962549-1849889996-3441038819-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3196962549-1849889996-3441038819-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3196962549-1849889996-3441038819-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3196962549-1849889996-3441038819-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3196962549-1849889996-3441038819-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{CA00FA77-005D-4215-98A8-7A27B9E79C28}] => (Allow) C:\Users\JULIANA\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6E58B69D-2A1A-48EA-AC59-D0BDCBED8F3C}] => (Allow) C:\Users\JULIANA\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{94611BF1-4CD0-4F43-A9F9-7FAC1421321C}] => (Allow) C:\Users\JULIANA\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EE455055-4624-46E4-A038-220039BEF041}] => (Allow) C:\Users\JULIANA\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4E0F768A-77D3-4F15-ABB8-A8E53CEA01A9}] => (Allow) C:\Users\JULIANA\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2DD61969-376E-4A7F-A214-5DBBC952ACFB}] => (Allow) C:\Users\JULIANA\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{C8FBFD3B-3965-444A-94EF-FDC222A3721C}C:\users\juliana\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe] => (Allow) C:\users\juliana\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe
FirewallRules: [TCP Query User{26BC2E54-7785-4E6F-9E56-9AA03C286501}C:\users\juliana\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe] => (Allow) C:\users\juliana\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe
FirewallRules: [{79BB2D59-CACB-4141-8ECE-3945D8DC6219}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{253F9D9B-D8F5-4EAD-89B6-619333EAE16D}] => (Allow) E:\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{958C3655-5394-4158-8DD6-580FB8872E58}] => (Allow) E:\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{A52ECD31-C476-470E-AB23-7B160F891419}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{C66D2CC1-5E57-4FE3-B5A3-37AA97B5B070}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{48EA8AF8-6E0E-4737-838E-1DBF95F3EC78}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{96A662CD-7937-45AA-A654-99F9E08C3259}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{C7C7293B-2F07-4F89-8D96-74F654192E54}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [TCP Query User{1CF5EF90-8E5C-4B72-9D05-101C697F501E}E:\unrealtournament\system\unrealtournament.exe] => (Allow) E:\unrealtournament\system\unrealtournament.exe
FirewallRules: [UDP Query User{7028917F-30F6-4EC8-AD31-F9CAFEEB1EE3}E:\unrealtournament\system\unrealtournament.exe] => (Allow) E:\unrealtournament\system\unrealtournament.exe
FirewallRules: [{6A69C40A-9093-4A8D-96F4-3FBDD6DB7D9D}] => (Allow) E:\Steam\steamapps\common\Deus Ex\System\DeusEx.exe
FirewallRules: [{B8ECAEAB-D969-4E7A-A2C4-D1F937D2A9F7}] => (Allow) E:\Steam\steamapps\common\Deus Ex\System\DeusEx.exe
FirewallRules: [TCP Query User{402A0949-66E9-472C-AD98-3371A37A836E}E:\age of mythology\aomx.exe] => (Allow) E:\age of mythology\aomx.exe
FirewallRules: [UDP Query User{19183838-5787-4871-9709-F06B6DEFE9C9}E:\age of mythology\aomx.exe] => (Allow) E:\age of mythology\aomx.exe
FirewallRules: [TCP Query User{BF150CDA-4A6A-437F-A53F-5658349C1B9E}C:\users\juliana\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\juliana\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{742AC782-F201-4129-8260-2FC1D2445A82}C:\users\juliana\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\juliana\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D5BF60BE-8388-4660-8B65-38B4C5222FD6}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{42701A8B-32F4-4DF0-98AB-3A15A462B923}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{79E40FA9-9A09-4C74-8F3A-DF20CA577E30}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{0B2EE9AC-C965-4624-A355-4ADA52B71D47}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{94C99925-42CF-4694-94A1-D95EA1129DFA}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{0FF91DAD-6F36-42F4-AE8B-54D7F30E1543}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{5AD84461-D9EF-4797-8395-E9B00F464231}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [TCP Query User{53931F5E-0F03-4AC5-A4B8-553BB8CD3351}E:\age of mythology\aomx.exe] => (Allow) E:\age of mythology\aomx.exe
FirewallRules: [UDP Query User{64E9C9BA-036D-4C29-960D-3FE32A25A244}E:\age of mythology\aomx.exe] => (Allow) E:\age of mythology\aomx.exe
FirewallRules: [TCP Query User{2CF24601-4D0D-4294-A3B2-904D13C095AC}E:\unreal tournament 3 black edition\binaries\ut3.exe] => (Allow) E:\unreal tournament 3 black edition\binaries\ut3.exe
FirewallRules: [UDP Query User{92158BCC-0AA6-4FB2-B71E-F3A120801228}E:\unreal tournament 3 black edition\binaries\ut3.exe] => (Allow) E:\unreal tournament 3 black edition\binaries\ut3.exe
FirewallRules: [TCP Query User{FEEF6DC2-4459-46DF-ADD2-740D4DD89E4A}C:\users\juliana\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\juliana\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{99706257-4AD7-4934-8914-DEDFE505DD45}C:\users\juliana\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\juliana\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{474FCBC0-06AE-4AE4-8920-A14BE4F7AD72}C:\program files (x86)\java\jre1.8.0_131\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\jp2launcher.exe
FirewallRules: [UDP Query User{2E038274-029C-4624-BC6E-DE5DEF4E5262}C:\program files (x86)\java\jre1.8.0_131\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\jp2launcher.exe
==================== Pontos de Restauração =========================
22-04-2017 22:10:33 Windows Update
25-04-2017 13:56:43 Configured Battlefield 1942
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (04/29/2017 09:25:57 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/28/2017 04:08:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: PC-JULIANA)
Description: O pacote Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe+MicrosoftEdge foi terminado porque levou muito tempo para ser suspenso.
Error: (04/28/2017 12:44:14 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina QueryFullProcessImageNameW. hr = 0x80070006, Identificador inválido.
.
Operação:
Executando Operação Assíncrona
Contexto:
Estado Atual: DoSnapshotSet
Error: (04/28/2017 12:43:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (04/28/2017 11:24:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: wmiprvse.exe, versão: 10.0.14393.0, carimbo de data/hora: 0x57899ab2
Nome do módulo com falha: ntdll.dll, versão: 10.0.14393.479, carimbo de data/hora: 0x5825887f
Código de exceção: 0xc0000374
Deslocamento da falha: 0x00000000000f8283
ID do processo com falha: 0x1308
Hora de início do aplicativo com falha: 0x01d2c01f309bd36a
Caminho do aplicativo com falha: C:\WINDOWS\system32\wbem\wmiprvse.exe
Caminho do módulo com falha: C:\WINDOWS\SYSTEM32\ntdll.dll
ID do Relatório: 32d6d35f-c896-48b5-928a-b60dc2007741
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (04/28/2017 10:19:33 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina QueryFullProcessImageNameW. hr = 0x80070006, Identificador inválido.
.
Operação:
Executando Operação Assíncrona
Contexto:
Estado Atual: DoSnapshotSet
Error: (04/28/2017 10:19:08 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (04/28/2017 10:18:40 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina QueryFullProcessImageNameW. hr = 0x80070006, Identificador inválido.
.
Operação:
Executando Operação Assíncrona
Contexto:
Estado Atual: DoSnapshotSet
Error: (04/28/2017 10:18:15 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (04/28/2017 10:17:21 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina QueryFullProcessImageNameW. hr = 0x80070006, Identificador inválido.
.
Operação:
Executando Operação Assíncrona
Contexto:
Estado Atual: DoSnapshotSet
Erros de Sistema:
=============
Error: (04/29/2017 10:27:24 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/29/2017 09:26:38 AM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: O servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} não se registrou no DCOM dentro do tempo limite necessário.
Error: (04/29/2017 09:24:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (04/29/2017 09:24:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (04/29/2017 09:24:49 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/29/2017 09:24:49 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/29/2017 09:24:47 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/28/2017 08:09:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (04/28/2017 08:09:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (04/28/2017 08:09:19 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
CodeIntegrity:
===================================
Date: 2017-04-29 09:50:43.301
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-04-28 09:26:36.668
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-04-26 09:28:59.778
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-04-25 15:10:05.356
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-04-17 12:16:12.469
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentagem de memória em uso: 30%
RAM física total: 8106.33 MB
RAM física disponível: 5639.31 MB
Virtual Total: 8618.33 MB
Virtual disponível: 6131.65 MB
==================== Drives ================================
Drive c: (Sistema) (Fixed) (Total:461.19 GB) (Free:379.1 GB) NTFS
Drive e: (Arquivos) (Fixed) (Total:453.11 GB) (Free:296.28 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7C482EB3)
Partition: GPT.
==================== Fim de Addition.txt ============================
Executado por JULIANA (29-04-2017 11:22:01)
Executando a partir de C:\Users\JULIANA\Desktop
Windows 10 Home Single Language Versão 1607 (X64) (2016-09-19 13:09:44)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3196962549-1849889996-3441038819-500 - Administrator - Disabled)
Convidado (S-1-5-21-3196962549-1849889996-3441038819-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3196962549-1849889996-3441038819-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3196962549-1849889996-3441038819-1003 - Limited - Enabled)
JULIANA (S-1-5-21-3196962549-1849889996-3441038819-1001 - Administrator - Enabled) => C:\Users\JULIANA
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-3196962549-1849889996-3441038819-1001\...\uTorrent) (Version: 3.5.0.43580 - BitTorrent Inc.)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3006 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8106.0 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3018 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: - )
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Age of Mythology: Extended Edition Tale of the Dragon (HKLM\...\YWdlb2ZteXRob2xvZ3lleHRlbmRlZGVkaXRpb24_is1) (Version: 1 - )
CCleaner (HKLM\...\CCleaner) (Version: 5.26 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5767 - CDBurnerXP)
Central de Mouse e Teclado da Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.5.166.0 - Microsoft Corporation)
Central de Mouse e Teclado da Microsoft (Version: 2.5.166.0 - Microsoft Corporation) Hidden
Company of Heroes 2 (HKLM\...\Steam App 231430) (Version: - Relic Entertainment)
Deus Ex: Game of the Year Edition (HKLM\...\Steam App 6910) (Version: - Ion Storm)
EPSON L355 Series Printer Uninstall (HKLM\...\EPSON L355 Series) (Version: - SEIKO EPSON Corporation)
Ferramentas de Verificação do Microsoft Office 2013 - Português (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Malwarebytes versão 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: - )
MegaTrainer Ultimate version 1.4.8.1 (HKLM-x32\...\{68A5CFDB-E05C-46BC-B2EB-988D1E2C2444}_is1) (Version: 1.4.8.1 - MegaDev)
Microsoft Lync Web App Plug-in (HKLM\...\{530923FF-A970-4952-9D2F-5FF3C874B50A}) (Version: 15.8.8308.920 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPRO) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{02A39130-2CF3-30CA-8623-30F6071A4221}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
PC-CCID (HKLM\...\{3DCDFCDB-4D96-4CF0-9BB3-C91DAE9073F3}) (Version: 2.0.0 - Gemalto)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21257 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.34.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
RogueKiller version 12.10.6.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.10.6.0 - Adlice Software)
SafeSign 64-bits (HKLM\...\{03A93D9E-A18D-421c-A4E3-98BA74A736C9}) (Version: 3.0.105 - A.E.T. Europe B.V.)
Service Pack 1 for Microsoft Office 2013 (KB2817430) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2817430) 64-Bit Edition (Version: - Microsoft) Hidden
SketchUp 2017 (HKLM\...\{5BF32B95-4930-40AC-A756-C2837997EAA2}) (Version: 17.2.2555 - Trimble Navigation Limited)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Software de dispositivo do Chipset Intel® (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Spotify (HKU\S-1-5-21-3196962549-1849889996-3441038819-1001\...\Spotify) (Version: 1.0.51.693.g6ea1e7f6 - Spotify AB)
TZWebChart Chrome Compat versão 1.0 (HKLM-x32\...\{11B4A1FB-2794-4E0E-B96D-8E8611FED667}_is1) (Version: 1.0 - Tradezone - IT Evolution)
TZXPI versão 1 (HKLM-x32\...\{3A52C5B2-20DC-446D-B41C-67820530E9E3}_is1) (Version: 1 - itevolution)
Update for Skype for Business 2015 (KB3172492) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{37F4C12D-75AE-46B9-A4A1-7437BAEEF3E6}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3178731) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{949C4091-F95D-418E-B215-27303F51F9AA}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3178731) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{949C4091-F95D-418E-B215-27303F51F9AA}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3178731) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPRO_{949C4091-F95D-418E-B215-27303F51F9AA}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3178731) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{949C4091-F95D-418E-B215-27303F51F9AA}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warsaw 1.16.0.89 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.16.0.89 - GAS Tecnologia)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {04F093C0-FF9D-48CB-B3C3-E7A4B72EEFC2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
Task: {1FAB1FE9-16C6-4487-BDDE-E9D8DFD4AAE4} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-07-17] ()
Task: {2476F35F-1596-4C72-A1A9-48CDF06D54CE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-04-19] (Microsoft Corporation)
Task: {24D4D195-D29B-4B3B-BE5E-1BCB1C4101A0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2015-07-08] (Microsoft)
Task: {29F13E9D-A47C-48C6-8A99-BD14CB7728CA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {53B9D0BC-8F38-478F-8942-0899745C3BF7} - System32\Tasks\SafeZone scheduled Autoupdate 1471112767 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {57851A65-65F4-4C04-A43E-C77F4416C5E6} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-07-08] (Microsoft Corporation)
Task: {61F6EA41-C5EC-4122-8C87-6CF27DD90036} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
Task: {6384136E-DE48-4713-BE39-B66A7052AED9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
Task: {65CAE1AE-255A-4A87-B220-B037A2FD7C7F} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-07-22] (Acer Incorporated)
Task: {67BA1D0A-DD8D-4670-8E27-1623009A2793} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-07-08] (Microsoft Corporation)
Task: {6B9E9628-9DB5-4310-B5D4-BA1E6075A217} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-17] ()
Task: {7417EF52-A2CC-4B16-9662-333F526C98A0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-21] (Piriform Ltd)
Task: {78921ED3-1264-419E-8D86-8A2894787B71} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-10-17] (Acer Incorporate)
Task: {7D36AF61-B0A5-4F0A-96FE-176EAEB05C3C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {8D939CE2-5531-4B6A-86BD-243101B89E5E} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-07-08] (Microsoft Corporation)
Task: {8F09AD33-5F60-4BD1-A6E8-7EBD4AD127C9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {A164456C-1D7C-46A5-81F1-EAAC70D93211} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
Task: {B2552655-496A-4304-AB4D-14B135ED999D} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-10-17] (Acer Incorporate)
Task: {C46B01C6-22F0-48A2-83AF-80B177D39A17} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2015-07-17] ()
Task: {EF83A1E7-7A53-4FB6-BADD-AEDF7617C6C2} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-07-08] (Microsoft Corporation)
Task: {F3AB6855-FC55-4096-A0FA-D9CD3BC84ED5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2017-04-17 12:11 - 2017-03-22 10:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-04-17 12:12 - 2017-03-23 19:40 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-07-16 08:42 - 2016-07-16 08:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-12 10:30 - 2017-03-28 03:22 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2017-04-12 10:30 - 2017-03-28 03:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-12 10:30 - 2017-03-28 03:22 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-19 10:14 - 2016-09-19 10:14 - 00959168 _____ () C:\Users\JULIANA\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2014-08-29 10:28 - 2014-07-01 18:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2015-10-13 21:33 - 2015-10-13 21:33 - 00415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-09-19 09:18 - 2016-09-19 09:18 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-16 08:34 - 2017-03-04 03:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-16 08:33 - 2017-03-04 03:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-16 08:33 - 2017-03-04 03:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-16 08:33 - 2017-03-04 03:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-12 10:30 - 2017-03-28 02:07 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-04-12 10:30 - 2017-03-28 02:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-12 10:31 - 2017-03-28 02:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-17 14:39 - 2015-07-17 14:39 - 04612448 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2017-04-05 09:39 - 2017-04-05 09:40 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-04-05 09:39 - 2017-04-05 09:40 - 22723584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-04-05 09:39 - 2017-04-05 09:40 - 00448512 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-04-05 09:39 - 2017-04-05 09:40 - 05427200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-06-03 18:21 - 2016-06-03 18:22 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-04-05 09:39 - 2017-04-05 09:40 - 00435712 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-04-05 09:39 - 2017-04-05 09:40 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-03-03 22:08 - 2016-03-03 22:14 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-03-28 18:49 - 2017-03-28 18:50 - 01668976 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17022.10311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-04-05 09:39 - 2017-04-05 09:39 - 10650112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.99.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2017-04-05 09:39 - 2017-04-05 09:39 - 02653184 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.99.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2017-04-05 09:39 - 2017-04-05 09:39 - 00761344 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.99.0_x64__8wekyb3d8bbwe\WinStore.Vui.dll
2014-09-03 10:03 - 2014-09-03 10:03 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [2270]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-3196962549-1849889996-3441038819-1001\...\gastecnologia.com.br -> cloud.gastecnologia.com.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2013-08-22 10:25 - 2017-04-25 15:04 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3196962549-1849889996-3441038819-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\JULIANA\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{c1779e80-dd7e-4091-87c8-a5717aff887d}.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKU\S-1-5-21-3196962549-1849889996-3441038819-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3196962549-1849889996-3441038819-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3196962549-1849889996-3441038819-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3196962549-1849889996-3441038819-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3196962549-1849889996-3441038819-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{CA00FA77-005D-4215-98A8-7A27B9E79C28}] => (Allow) C:\Users\JULIANA\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6E58B69D-2A1A-48EA-AC59-D0BDCBED8F3C}] => (Allow) C:\Users\JULIANA\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{94611BF1-4CD0-4F43-A9F9-7FAC1421321C}] => (Allow) C:\Users\JULIANA\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EE455055-4624-46E4-A038-220039BEF041}] => (Allow) C:\Users\JULIANA\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4E0F768A-77D3-4F15-ABB8-A8E53CEA01A9}] => (Allow) C:\Users\JULIANA\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2DD61969-376E-4A7F-A214-5DBBC952ACFB}] => (Allow) C:\Users\JULIANA\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{C8FBFD3B-3965-444A-94EF-FDC222A3721C}C:\users\juliana\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe] => (Allow) C:\users\juliana\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe
FirewallRules: [TCP Query User{26BC2E54-7785-4E6F-9E56-9AA03C286501}C:\users\juliana\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe] => (Allow) C:\users\juliana\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe
FirewallRules: [{79BB2D59-CACB-4141-8ECE-3945D8DC6219}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{253F9D9B-D8F5-4EAD-89B6-619333EAE16D}] => (Allow) E:\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{958C3655-5394-4158-8DD6-580FB8872E58}] => (Allow) E:\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{A52ECD31-C476-470E-AB23-7B160F891419}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{C66D2CC1-5E57-4FE3-B5A3-37AA97B5B070}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{48EA8AF8-6E0E-4737-838E-1DBF95F3EC78}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{96A662CD-7937-45AA-A654-99F9E08C3259}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{C7C7293B-2F07-4F89-8D96-74F654192E54}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [TCP Query User{1CF5EF90-8E5C-4B72-9D05-101C697F501E}E:\unrealtournament\system\unrealtournament.exe] => (Allow) E:\unrealtournament\system\unrealtournament.exe
FirewallRules: [UDP Query User{7028917F-30F6-4EC8-AD31-F9CAFEEB1EE3}E:\unrealtournament\system\unrealtournament.exe] => (Allow) E:\unrealtournament\system\unrealtournament.exe
FirewallRules: [{6A69C40A-9093-4A8D-96F4-3FBDD6DB7D9D}] => (Allow) E:\Steam\steamapps\common\Deus Ex\System\DeusEx.exe
FirewallRules: [{B8ECAEAB-D969-4E7A-A2C4-D1F937D2A9F7}] => (Allow) E:\Steam\steamapps\common\Deus Ex\System\DeusEx.exe
FirewallRules: [TCP Query User{402A0949-66E9-472C-AD98-3371A37A836E}E:\age of mythology\aomx.exe] => (Allow) E:\age of mythology\aomx.exe
FirewallRules: [UDP Query User{19183838-5787-4871-9709-F06B6DEFE9C9}E:\age of mythology\aomx.exe] => (Allow) E:\age of mythology\aomx.exe
FirewallRules: [TCP Query User{BF150CDA-4A6A-437F-A53F-5658349C1B9E}C:\users\juliana\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\juliana\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{742AC782-F201-4129-8260-2FC1D2445A82}C:\users\juliana\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\juliana\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D5BF60BE-8388-4660-8B65-38B4C5222FD6}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{42701A8B-32F4-4DF0-98AB-3A15A462B923}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{79E40FA9-9A09-4C74-8F3A-DF20CA577E30}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{0B2EE9AC-C965-4624-A355-4ADA52B71D47}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{94C99925-42CF-4694-94A1-D95EA1129DFA}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{0FF91DAD-6F36-42F4-AE8B-54D7F30E1543}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{5AD84461-D9EF-4797-8395-E9B00F464231}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [TCP Query User{53931F5E-0F03-4AC5-A4B8-553BB8CD3351}E:\age of mythology\aomx.exe] => (Allow) E:\age of mythology\aomx.exe
FirewallRules: [UDP Query User{64E9C9BA-036D-4C29-960D-3FE32A25A244}E:\age of mythology\aomx.exe] => (Allow) E:\age of mythology\aomx.exe
FirewallRules: [TCP Query User{2CF24601-4D0D-4294-A3B2-904D13C095AC}E:\unreal tournament 3 black edition\binaries\ut3.exe] => (Allow) E:\unreal tournament 3 black edition\binaries\ut3.exe
FirewallRules: [UDP Query User{92158BCC-0AA6-4FB2-B71E-F3A120801228}E:\unreal tournament 3 black edition\binaries\ut3.exe] => (Allow) E:\unreal tournament 3 black edition\binaries\ut3.exe
FirewallRules: [TCP Query User{FEEF6DC2-4459-46DF-ADD2-740D4DD89E4A}C:\users\juliana\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\juliana\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{99706257-4AD7-4934-8914-DEDFE505DD45}C:\users\juliana\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\juliana\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{474FCBC0-06AE-4AE4-8920-A14BE4F7AD72}C:\program files (x86)\java\jre1.8.0_131\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\jp2launcher.exe
FirewallRules: [UDP Query User{2E038274-029C-4624-BC6E-DE5DEF4E5262}C:\program files (x86)\java\jre1.8.0_131\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\jp2launcher.exe
==================== Pontos de Restauração =========================
22-04-2017 22:10:33 Windows Update
25-04-2017 13:56:43 Configured Battlefield 1942
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (04/29/2017 09:25:57 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/28/2017 04:08:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: PC-JULIANA)
Description: O pacote Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe+MicrosoftEdge foi terminado porque levou muito tempo para ser suspenso.
Error: (04/28/2017 12:44:14 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina QueryFullProcessImageNameW. hr = 0x80070006, Identificador inválido.
.
Operação:
Executando Operação Assíncrona
Contexto:
Estado Atual: DoSnapshotSet
Error: (04/28/2017 12:43:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (04/28/2017 11:24:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: wmiprvse.exe, versão: 10.0.14393.0, carimbo de data/hora: 0x57899ab2
Nome do módulo com falha: ntdll.dll, versão: 10.0.14393.479, carimbo de data/hora: 0x5825887f
Código de exceção: 0xc0000374
Deslocamento da falha: 0x00000000000f8283
ID do processo com falha: 0x1308
Hora de início do aplicativo com falha: 0x01d2c01f309bd36a
Caminho do aplicativo com falha: C:\WINDOWS\system32\wbem\wmiprvse.exe
Caminho do módulo com falha: C:\WINDOWS\SYSTEM32\ntdll.dll
ID do Relatório: 32d6d35f-c896-48b5-928a-b60dc2007741
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Error: (04/28/2017 10:19:33 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina QueryFullProcessImageNameW. hr = 0x80070006, Identificador inválido.
.
Operação:
Executando Operação Assíncrona
Contexto:
Estado Atual: DoSnapshotSet
Error: (04/28/2017 10:19:08 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (04/28/2017 10:18:40 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina QueryFullProcessImageNameW. hr = 0x80070006, Identificador inválido.
.
Operação:
Executando Operação Assíncrona
Contexto:
Estado Atual: DoSnapshotSet
Error: (04/28/2017 10:18:15 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.
System Error:
Acesso negado.
.
Error: (04/28/2017 10:17:21 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina QueryFullProcessImageNameW. hr = 0x80070006, Identificador inválido.
.
Operação:
Executando Operação Assíncrona
Contexto:
Estado Atual: DoSnapshotSet
Erros de Sistema:
=============
Error: (04/29/2017 10:27:24 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/29/2017 09:26:38 AM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: O servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} não se registrou no DCOM dentro do tempo limite necessário.
Error: (04/29/2017 09:24:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (04/29/2017 09:24:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (04/29/2017 09:24:49 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/29/2017 09:24:49 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/29/2017 09:24:47 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (04/28/2017 08:09:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (04/28/2017 08:09:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (04/28/2017 08:09:19 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
CodeIntegrity:
===================================
Date: 2017-04-29 09:50:43.301
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-04-28 09:26:36.668
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-04-26 09:28:59.778
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-04-25 15:10:05.356
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-04-17 12:16:12.469
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentagem de memória em uso: 30%
RAM física total: 8106.33 MB
RAM física disponível: 5639.31 MB
Virtual Total: 8618.33 MB
Virtual disponível: 6131.65 MB
==================== Drives ================================
Drive c: (Sistema) (Fixed) (Total:461.19 GB) (Free:379.1 GB) NTFS
Drive e: (Arquivos) (Fixed) (Total:453.11 GB) (Free:296.28 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7C482EB3)
Partition: GPT.
==================== Fim de Addition.txt ============================