Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 14-05-2017
Executado por ADEMIR MONTEIRO (15-05-2017 18:08:58)
Executando a partir de C:\Users\ADEMIR MONTEIRO\Desktop
Windows 10 Home Single Language Versão 1607 (X64) (2016-10-22 16:38:13)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
ADEMIR MONTEIRO (S-1-5-21-1492537628-2073842835-3753687853-1001 - Administrator - Enabled) => C:\Users\ADEMIR MONTEIRO
Administrador (S-1-5-21-1492537628-2073842835-3753687853-500 - Administrator - Disabled)
Convidado (S-1-5-21-1492537628-2073842835-3753687853-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1492537628-2073842835-3753687853-503 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty(R) 4 - Modern Warfare(TM) Demo (HKLM-x32\...\InstallShield_{6734CA10-8FB8-4C7F-B8C7-75317C617DC5}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) Demo (x32 Version: 1.00.0000 - Activision) Hidden
Chromium (HKLM-x32\...\{1D62F5A2-4DE2-2422-FC62-54A22CE28722}) (Version: - )
Citrix Online Launcher (HKLM-x32\...\{6740FE60-43C1-4D15-8C4A-001624134B14}) (Version: 1.0.312 - Citrix)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 11.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.8.1.70 - Dell Inc.)
Dell Data Vault (Version: 4.4.2.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.212 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{A10101BE-714B-42EE-B88B-5D3725B61425}) (Version: 1.4.2.2 - Dell)
Dell System Detect (HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\d24084d039586cae) (Version: 8.4.0.5 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.4 - Synaptics Incorporated)
Dell Update - SupportAssist Update Plugin (HKLM\...\{5F641343-FA40-4084-855A-7FA3251783DC}) (Version: 2.0.2.1840 - Dell Inc.)
Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
EPSON L555 Series Printer Uninstall (HKLM\...\EPSON L555 Series) (Version: - SEIKO EPSON Corporation)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.12.1 - SCS Software)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.96 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 11.3.0.1121 - Citrix Online, a division of Citrix Systems, Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
iTunes (HKLM\...\{164600BE-9CEC-44E6-9B38-2B12D5FE2342}) (Version: 12.6.0.100 - Apple Inc.)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Microsoft Office 365 Home Premium - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 53.0.2 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 pt-BR)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
Need for Speed™ Most Wanted PC Demo (HKLM-x32\...\{E085FD28-F22C-4D41-00A1-F0751BF8EFC1}) (Version: - )
Noise Reduction Plug-In 2.0 (HKLM-x32\...\{847C6940-D852-11E2-81D2-F04DA23A5C58}) (Version: 2.0.596 - Sony)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.005 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.39034 - Realtek Semiconductor Corp.)
Sawbuck (HKLM-x32\...\{459BFE07-FCF3-4274-AC8B-8E8DDA7214BA}) (Version: 0.6.8.0 - Google Inc)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype Web Plugin (HKLM-x32\...\{CD62BCB9-02D2-443F-AC7A-443377DA5B38}) (Version: 7.31.0.56 - Skype Technologies S.A.)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Software de dispositivo do Chipset Intel® (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
SpinTires Tech Demo (June 060613) (HKLM-x32\...\{9AF7D6F5-50A5-432C-9F7B-83BCE03B11A0}) (Version: 1.3 - Oovee)
Spotify (HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\Spotify) (Version: 1.0.49.125.g72ee7853 - Spotify AB)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Warsaw 1.3.1 (HKLM-x32\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.3.1 - GAS Tecnologia)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATENÇÃO
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-1492537628-2073842835-3753687853-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1492537628-2073842835-3753687853-1001_Classes\CLSID\{A62E09B4-6467-4E0F-9B52-E61D8BC9FC69}\localserver32 -> C:\Users\ADEMIR MONTEIRO\AppData\Local\SkypePlugin\7.31.0.56\GatewayVersion-x64.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1492537628-2073842835-3753687853-1001_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\ADEMIR MONTEIRO\AppData\Local\SkypePlugin\7.31.0.56\EdgeCalling.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1492537628-2073842835-3753687853-1001_Classes\CLSID\{E5A7A7B5-9D06-4DBE-BAC0-04B69FF070B5}\InprocServer32 -> C:\Users\ADEMIR MONTEIRO\AppData\Local\SkypePlugin\7.31.0.56\GatewayActiveX-x64.dll (Skype Technologies S.A.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {1FF36D07-1A84-4C32-9B78-1878EE9019A1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1492537628-2073842835-3753687853-1001UA => C:\Users\ADEMIR MONTEIRO\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-09] (Facebook Inc.)
Task: {21ECBBF7-3B97-4D47-8369-A2079A2A349E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {32EB37C5-14B2-4DC8-9256-34ABAB7F2001} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1492537628-2073842835-3753687853-1001Core => C:\Users\ADEMIR MONTEIRO\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-09] (Facebook Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {3BB11FEE-9805-4E4C-A070-61E59461E07C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-15] (Adobe Systems Incorporated)
Task: {595301D0-FBBC-4290-BD07-916D382DF13C} - System32\Tasks\{AD415D48-A269-4E70-981F-C480E2FD8AA6} => pcalua.exe -a "C:\Users\ADEMIR MONTEIRO\AppData\Roaming\do-search\UninstallManager.exe" -c -ptid=cor
Task: {599945A8-13E2-4CE3-9C9D-B497F82365B1} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {634C2AFE-2840-4A2B-AF69-81BCE86DD08E} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\ADEMIR MONTEIRO\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {755D1900-BD04-4843-A194-FE58BE314B99} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-04-18] (PC-Doctor, Inc.)
Task: {7791C1D9-4C84-4119-B684-5B3BC288C976} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {8186247E-67E3-4CF6-B37C-85542BFB8F52} - System32\Tasks\googleupdatetaskmachineua => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {A0E0CF38-7693-4DCA-A502-A10561BF1C86} - System32\Tasks\googleupdatetaskmachinecore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {BDC4343F-A3A4-4507-8745-3FF497B5BDCA} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {BDDAE168-8F9C-4633-9A54-4728F4CFB574} - System32\Tasks\{8BA06421-6163-42DE-B7C9-7F08ADA59627} => launchwinapp.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/pt/abandoninstall?page=tsProgressBar
Task: {E040132B-4205-44A1-86B0-3EDAC6A6F355} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-15] (Microsoft Corporation)
Task: {E9F82D0F-989D-461D-BE4A-CC3DA464D176} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-04-25] (Dell Inc.)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1492537628-2073842835-3753687853-1001Core.job => C:\Users\ADEMIR MONTEIRO\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1492537628-2073842835-3753687853-1001UA.job => C:\Users\ADEMIR MONTEIRO\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2017-01-13 13:56 - 2017-01-13 13:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-03-16 16:08 - 2017-03-16 16:08 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-03 15:35 - 2013-08-23 14:45 - 00379560 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-12-03 15:35 - 2013-10-31 09:08 - 00520872 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2013-12-03 15:35 - 2013-10-31 09:07 - 00618152 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2016-12-24 00:30 - 2016-12-24 00:30 - 00152264 _____ () C:\Program Files (x86)\vSnapshot\1.0.0.0\vSnapshotServ.exe
2016-07-16 08:42 - 2016-07-16 08:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-11 17:49 - 2017-04-27 21:49 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2017-05-11 17:49 - 2017-04-27 21:49 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-11 17:49 - 2017-04-27 21:49 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-10-28 14:54 - 2016-09-07 01:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-17 10:30 - 2017-03-04 03:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-17 10:31 - 2017-03-04 03:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-17 10:31 - 2017-03-04 03:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-17 10:31 - 2017-03-04 03:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-11 17:49 - 2017-04-27 20:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-05-11 17:49 - 2017-04-27 20:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-11 17:49 - 2017-04-27 20:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-05-09 09:55 - 2017-05-09 09:58 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-09 09:55 - 2017-05-09 09:58 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-09 09:55 - 2017-05-09 09:58 - 43195904 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-09 09:55 - 2017-05-09 09:58 - 02457088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
2017-05-12 14:04 - 2017-05-12 14:04 - 00245760 _____ () C:\Users\ADEMIR MONTEIRO\AppData\Local\Packages\abc.abcnews_x0jz7fs5f51ac\AC\Microsoft\CLR_v4.0\NativeImages\ABC.Agent.WinRT\2527d7de18be2ac3f215aec612d94631\ABC.Agent.WinRT.ni.dll
2017-05-12 14:05 - 2017-05-12 14:05 - 00139776 _____ () C:\Users\ADEMIR MONTEIRO\AppData\Local\Packages\abc.abcnews_x0jz7fs5f51ac\AC\Microsoft\CLR_v4.0\NativeImages\nVentive.Um114fe9fe#\c90ecf60813d8eb1021f3d9b0332563d\nVentive.Umbrella.Services.Contract.WinRT.ni.dll
2017-05-12 14:05 - 2017-05-12 14:05 - 01269760 _____ () C:\Users\ADEMIR MONTEIRO\AppData\Local\Packages\abc.abcnews_x0jz7fs5f51ac\AC\Microsoft\CLR_v4.0\NativeImages\nVentive.Um9106121c#\d8b384a1d442249a0430da03d9f82f8a\nVentive.Umbrella.Web.WinRT.ni.dll
2016-12-24 00:30 - 2016-12-24 00:30 - 00574152 _____ () C:\Program Files (x86)\vSnapshot\1.0.0.0\Updata.dll
2015-03-16 11:28 - 2015-03-16 11:28 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2015-06-24 01:07 - 2015-06-24 01:07 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-02-26 14:07 - 2015-02-09 13:14 - 01905904 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2013-10-08 04:15 - 2012-11-25 23:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2015-02-26 14:07 - 2014-02-18 16:12 - 00117568 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\itau.com.br -> bankline.itau.com.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2013-08-22 10:25 - 2017-05-09 19:04 - 00000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: OrolixDeviceMonitor => 2
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run: => "DellWPF"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "RtHDVBg"
HKLM\...\StartupApproved\Run: => "BtvStack"
HKLM\...\StartupApproved\Run: => "QuickSet"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "PSafeAV"
HKLM\...\StartupApproved\Run32: => "PSafeTray"
HKLM\...\StartupApproved\Run32: => "PSafeWDS"
HKLM\...\StartupApproved\Run32: => "BAV mini setup"
HKLM\...\StartupApproved\Run32: => "Diebold - Warsaw"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\StartupFolder: => "Enviar para o OneNote.lnk"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\StartupFolder: => "Adobe Playpanel.lnk"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\StartupFolder: => "Microsoft SharePoint Workspace.lnk"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "Facebook Update"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "OfficeSyncProcess"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_75BD889C5F695DD03545732E9F8A7932"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "VDownloader"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [TCP Query User{ABC00D73-4436-4CCF-B22B-4BCD66CF82F2}C:\users\ademir monteiro\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ademir monteiro\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{FCDC5A0A-6DCA-4712-B272-0A7578E11F06}C:\users\ademir monteiro\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ademir monteiro\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{18C3FE74-FDE4-42DE-8156-E1A733EA7C0E}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{16D067DB-6231-47FD-A3CB-8629B61E3B60}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{3608EEA0-8AA6-4702-9D10-A82439A2F0C4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{3C12E942-8ABC-4F4B-AECE-95427827D42A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{EBA14474-EF63-41DF-85B8-97647663D51D}] => (Allow) C:\Users\ADEMIR MONTEIRO\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [TCP Query User{913B2E14-C0BF-4700-A055-033DFD3AD27C}C:\users\ademir monteiro\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\ademir monteiro\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [UDP Query User{60121106-2C58-4E36-A679-AF2E6DB3288E}C:\users\ademir monteiro\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\ademir monteiro\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [TCP Query User{EE018A31-18C0-4E06-A18E-3F0B8E9FC092}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [UDP Query User{C8AF1857-9645-4672-AD85-3340E2EC4519}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [{84F9CA59-9F31-4EBB-95E5-2911621BCED1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{D3378B29-52F5-4980-84F7-1808EA9AA779}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{56ED34C6-2D84-40C3-ADEE-DDBC77129CD0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EF80BFB2-AF71-4DE9-8F2C-63265CEFC3D6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
14-05-2017 14:30:47 Ponto de Verificação Agendado
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (05/15/2017 06:00:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: backgroundTaskHost.exe, versão: 10.0.14393.0, carimbo de data/hora: 0x57899bb2
Nome do módulo com falha: twinapi.appcore.dll, versão: 10.0.14393.1198, carimbo de data/hora: 0x590280b1
Código de exceção: 0xc000027b
Deslocamento da falha: 0x000000000006d1b4
ID do processo com falha: 0x36c
Hora de início do aplicativo com falha: 0x01d2cdbdecc2ab1a
Caminho do aplicativo com falha: C:\WINDOWS\system32\backgroundTaskHost.exe
Caminho do módulo com falha: C:\Windows\System32\twinapi.appcore.dll
ID do Relatório: ff78a2b4-a02e-4aa9-900d-dc76192cc738
Nome completo do pacote com falha: 21051xMrFlipFlop.FoodMoreFood_1.0.0.4_neutral__c3y39g9e468vt
ID do aplicativo relativo ao pacote com falha: App
Error: (05/15/2017 05:58:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADEMIR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (05/15/2017 01:03:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADEMIR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (05/15/2017 12:33:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADEMIR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (05/15/2017 12:07:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADEMIR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (05/15/2017 11:28:48 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (05/15/2017 11:28:08 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADEMIR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (05/15/2017 03:56:39 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADEMIR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (05/15/2017 03:26:39 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADEMIR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (05/15/2017 02:56:39 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADEMIR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Erros de Sistema:
=============
Error: (05/15/2017 06:00:45 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: O servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} não se registrou no DCOM dentro do tempo limite necessário.
Error: (05/15/2017 05:57:44 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (05/15/2017 05:57:44 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (05/15/2017 05:57:44 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (05/15/2017 01:04:30 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (05/15/2017 11:29:00 AM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: O servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} não se registrou no DCOM dentro do tempo limite necessário.
Error: (05/15/2017 11:26:01 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (05/15/2017 11:26:01 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (05/15/2017 11:26:00 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (05/15/2017 03:59:42 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
CodeIntegrity:
===================================
Date: 2017-05-13 23:37:33.964
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-05-12 13:48:25.793
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-05-11 19:26:31.048
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-05-09 19:28:13.881
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-05-08 00:06:00.341
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-05-07 23:51:00.258
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-05-07 23:36:00.334
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-05-07 23:21:00.262
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-05-07 23:06:00.229
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-05-07 22:51:00.248
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz
Percentagem de memória em uso: 45%
RAM física total: 3961.09 MB
RAM física disponível: 2149.64 MB
Virtual Total: 4665.09 MB
Virtual disponível: 2606.23 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:687.44 GB) (Free:501.97 GB) NTFS
Drive e: (ESP) (Fixed) (Total:0.48 GB) (Free:0.44 GB) FAT32
Drive y: (PBR Image) (Fixed) (Total:9.62 GB) (Free:0.72 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 33DB2EEA)
Partition: GPT.
==================== Fim de Addition.txt ============================
Executado por ADEMIR MONTEIRO (15-05-2017 18:08:58)
Executando a partir de C:\Users\ADEMIR MONTEIRO\Desktop
Windows 10 Home Single Language Versão 1607 (X64) (2016-10-22 16:38:13)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
ADEMIR MONTEIRO (S-1-5-21-1492537628-2073842835-3753687853-1001 - Administrator - Enabled) => C:\Users\ADEMIR MONTEIRO
Administrador (S-1-5-21-1492537628-2073842835-3753687853-500 - Administrator - Disabled)
Convidado (S-1-5-21-1492537628-2073842835-3753687853-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1492537628-2073842835-3753687853-503 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty(R) 4 - Modern Warfare(TM) Demo (HKLM-x32\...\InstallShield_{6734CA10-8FB8-4C7F-B8C7-75317C617DC5}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) Demo (x32 Version: 1.00.0000 - Activision) Hidden
Chromium (HKLM-x32\...\{1D62F5A2-4DE2-2422-FC62-54A22CE28722}) (Version: - )
Citrix Online Launcher (HKLM-x32\...\{6740FE60-43C1-4D15-8C4A-001624134B14}) (Version: 1.0.312 - Citrix)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 11.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.8.1.70 - Dell Inc.)
Dell Data Vault (Version: 4.4.2.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.212 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{A10101BE-714B-42EE-B88B-5D3725B61425}) (Version: 1.4.2.2 - Dell)
Dell System Detect (HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\d24084d039586cae) (Version: 8.4.0.5 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.4 - Synaptics Incorporated)
Dell Update - SupportAssist Update Plugin (HKLM\...\{5F641343-FA40-4084-855A-7FA3251783DC}) (Version: 2.0.2.1840 - Dell Inc.)
Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
EPSON L555 Series Printer Uninstall (HKLM\...\EPSON L555 Series) (Version: - SEIKO EPSON Corporation)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.12.1 - SCS Software)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.96 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 11.3.0.1121 - Citrix Online, a division of Citrix Systems, Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
iTunes (HKLM\...\{164600BE-9CEC-44E6-9B38-2B12D5FE2342}) (Version: 12.6.0.100 - Apple Inc.)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Microsoft Office 365 Home Premium - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 53.0.2 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 pt-BR)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
Need for Speed™ Most Wanted PC Demo (HKLM-x32\...\{E085FD28-F22C-4D41-00A1-F0751BF8EFC1}) (Version: - )
Noise Reduction Plug-In 2.0 (HKLM-x32\...\{847C6940-D852-11E2-81D2-F04DA23A5C58}) (Version: 2.0.596 - Sony)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.005 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.39034 - Realtek Semiconductor Corp.)
Sawbuck (HKLM-x32\...\{459BFE07-FCF3-4274-AC8B-8E8DDA7214BA}) (Version: 0.6.8.0 - Google Inc)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype Web Plugin (HKLM-x32\...\{CD62BCB9-02D2-443F-AC7A-443377DA5B38}) (Version: 7.31.0.56 - Skype Technologies S.A.)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Software de dispositivo do Chipset Intel® (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
SpinTires Tech Demo (June 060613) (HKLM-x32\...\{9AF7D6F5-50A5-432C-9F7B-83BCE03B11A0}) (Version: 1.3 - Oovee)
Spotify (HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\Spotify) (Version: 1.0.49.125.g72ee7853 - Spotify AB)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Warsaw 1.3.1 (HKLM-x32\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.3.1 - GAS Tecnologia)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATENÇÃO
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-1492537628-2073842835-3753687853-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1492537628-2073842835-3753687853-1001_Classes\CLSID\{A62E09B4-6467-4E0F-9B52-E61D8BC9FC69}\localserver32 -> C:\Users\ADEMIR MONTEIRO\AppData\Local\SkypePlugin\7.31.0.56\GatewayVersion-x64.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1492537628-2073842835-3753687853-1001_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\ADEMIR MONTEIRO\AppData\Local\SkypePlugin\7.31.0.56\EdgeCalling.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1492537628-2073842835-3753687853-1001_Classes\CLSID\{E5A7A7B5-9D06-4DBE-BAC0-04B69FF070B5}\InprocServer32 -> C:\Users\ADEMIR MONTEIRO\AppData\Local\SkypePlugin\7.31.0.56\GatewayActiveX-x64.dll (Skype Technologies S.A.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {1FF36D07-1A84-4C32-9B78-1878EE9019A1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1492537628-2073842835-3753687853-1001UA => C:\Users\ADEMIR MONTEIRO\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-09] (Facebook Inc.)
Task: {21ECBBF7-3B97-4D47-8369-A2079A2A349E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {32EB37C5-14B2-4DC8-9256-34ABAB7F2001} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1492537628-2073842835-3753687853-1001Core => C:\Users\ADEMIR MONTEIRO\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-09] (Facebook Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {3BB11FEE-9805-4E4C-A070-61E59461E07C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-15] (Adobe Systems Incorporated)
Task: {595301D0-FBBC-4290-BD07-916D382DF13C} - System32\Tasks\{AD415D48-A269-4E70-981F-C480E2FD8AA6} => pcalua.exe -a "C:\Users\ADEMIR MONTEIRO\AppData\Roaming\do-search\UninstallManager.exe" -c -ptid=cor
Task: {599945A8-13E2-4CE3-9C9D-B497F82365B1} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {634C2AFE-2840-4A2B-AF69-81BCE86DD08E} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\ADEMIR MONTEIRO\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {755D1900-BD04-4843-A194-FE58BE314B99} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-04-18] (PC-Doctor, Inc.)
Task: {7791C1D9-4C84-4119-B684-5B3BC288C976} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {8186247E-67E3-4CF6-B37C-85542BFB8F52} - System32\Tasks\googleupdatetaskmachineua => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {A0E0CF38-7693-4DCA-A502-A10561BF1C86} - System32\Tasks\googleupdatetaskmachinecore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {BDC4343F-A3A4-4507-8745-3FF497B5BDCA} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {BDDAE168-8F9C-4633-9A54-4728F4CFB574} - System32\Tasks\{8BA06421-6163-42DE-B7C9-7F08ADA59627} => launchwinapp.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/pt/abandoninstall?page=tsProgressBar
Task: {E040132B-4205-44A1-86B0-3EDAC6A6F355} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-15] (Microsoft Corporation)
Task: {E9F82D0F-989D-461D-BE4A-CC3DA464D176} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-04-25] (Dell Inc.)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1492537628-2073842835-3753687853-1001Core.job => C:\Users\ADEMIR MONTEIRO\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1492537628-2073842835-3753687853-1001UA.job => C:\Users\ADEMIR MONTEIRO\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2017-01-13 13:56 - 2017-01-13 13:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-03-16 16:08 - 2017-03-16 16:08 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-03 15:35 - 2013-08-23 14:45 - 00379560 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-12-03 15:35 - 2013-10-31 09:08 - 00520872 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2013-12-03 15:35 - 2013-10-31 09:07 - 00618152 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2016-12-24 00:30 - 2016-12-24 00:30 - 00152264 _____ () C:\Program Files (x86)\vSnapshot\1.0.0.0\vSnapshotServ.exe
2016-07-16 08:42 - 2016-07-16 08:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-11 17:49 - 2017-04-27 21:49 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2017-05-11 17:49 - 2017-04-27 21:49 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-11 17:49 - 2017-04-27 21:49 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-10-28 14:54 - 2016-09-07 01:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-17 10:30 - 2017-03-04 03:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-17 10:31 - 2017-03-04 03:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-17 10:31 - 2017-03-04 03:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-17 10:31 - 2017-03-04 03:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-11 17:49 - 2017-04-27 20:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-05-11 17:49 - 2017-04-27 20:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-11 17:49 - 2017-04-27 20:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-05-09 09:55 - 2017-05-09 09:58 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-09 09:55 - 2017-05-09 09:58 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-09 09:55 - 2017-05-09 09:58 - 43195904 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-09 09:55 - 2017-05-09 09:58 - 02457088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
2017-05-12 14:04 - 2017-05-12 14:04 - 00245760 _____ () C:\Users\ADEMIR MONTEIRO\AppData\Local\Packages\abc.abcnews_x0jz7fs5f51ac\AC\Microsoft\CLR_v4.0\NativeImages\ABC.Agent.WinRT\2527d7de18be2ac3f215aec612d94631\ABC.Agent.WinRT.ni.dll
2017-05-12 14:05 - 2017-05-12 14:05 - 00139776 _____ () C:\Users\ADEMIR MONTEIRO\AppData\Local\Packages\abc.abcnews_x0jz7fs5f51ac\AC\Microsoft\CLR_v4.0\NativeImages\nVentive.Um114fe9fe#\c90ecf60813d8eb1021f3d9b0332563d\nVentive.Umbrella.Services.Contract.WinRT.ni.dll
2017-05-12 14:05 - 2017-05-12 14:05 - 01269760 _____ () C:\Users\ADEMIR MONTEIRO\AppData\Local\Packages\abc.abcnews_x0jz7fs5f51ac\AC\Microsoft\CLR_v4.0\NativeImages\nVentive.Um9106121c#\d8b384a1d442249a0430da03d9f82f8a\nVentive.Umbrella.Web.WinRT.ni.dll
2016-12-24 00:30 - 2016-12-24 00:30 - 00574152 _____ () C:\Program Files (x86)\vSnapshot\1.0.0.0\Updata.dll
2015-03-16 11:28 - 2015-03-16 11:28 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2015-06-24 01:07 - 2015-06-24 01:07 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-02-26 14:07 - 2015-02-09 13:14 - 01905904 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2013-10-08 04:15 - 2012-11-25 23:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2015-02-26 14:07 - 2014-02-18 16:12 - 00117568 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\itau.com.br -> bankline.itau.com.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2013-08-22 10:25 - 2017-05-09 19:04 - 00000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: OrolixDeviceMonitor => 2
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run: => "DellWPF"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "RtHDVBg"
HKLM\...\StartupApproved\Run: => "BtvStack"
HKLM\...\StartupApproved\Run: => "QuickSet"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "PSafeAV"
HKLM\...\StartupApproved\Run32: => "PSafeTray"
HKLM\...\StartupApproved\Run32: => "PSafeWDS"
HKLM\...\StartupApproved\Run32: => "BAV mini setup"
HKLM\...\StartupApproved\Run32: => "Diebold - Warsaw"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\StartupFolder: => "Enviar para o OneNote.lnk"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\StartupFolder: => "Adobe Playpanel.lnk"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\StartupFolder: => "Microsoft SharePoint Workspace.lnk"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "Facebook Update"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "OfficeSyncProcess"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_75BD889C5F695DD03545732E9F8A7932"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-1492537628-2073842835-3753687853-1001\...\StartupApproved\Run: => "VDownloader"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [TCP Query User{ABC00D73-4436-4CCF-B22B-4BCD66CF82F2}C:\users\ademir monteiro\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ademir monteiro\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{FCDC5A0A-6DCA-4712-B272-0A7578E11F06}C:\users\ademir monteiro\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ademir monteiro\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{18C3FE74-FDE4-42DE-8156-E1A733EA7C0E}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{16D067DB-6231-47FD-A3CB-8629B61E3B60}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{3608EEA0-8AA6-4702-9D10-A82439A2F0C4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{3C12E942-8ABC-4F4B-AECE-95427827D42A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{EBA14474-EF63-41DF-85B8-97647663D51D}] => (Allow) C:\Users\ADEMIR MONTEIRO\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [TCP Query User{913B2E14-C0BF-4700-A055-033DFD3AD27C}C:\users\ademir monteiro\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\ademir monteiro\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [UDP Query User{60121106-2C58-4E36-A679-AF2E6DB3288E}C:\users\ademir monteiro\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\ademir monteiro\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [TCP Query User{EE018A31-18C0-4E06-A18E-3F0B8E9FC092}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [UDP Query User{C8AF1857-9645-4672-AD85-3340E2EC4519}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [{84F9CA59-9F31-4EBB-95E5-2911621BCED1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{D3378B29-52F5-4980-84F7-1808EA9AA779}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{56ED34C6-2D84-40C3-ADEE-DDBC77129CD0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EF80BFB2-AF71-4DE9-8F2C-63265CEFC3D6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
14-05-2017 14:30:47 Ponto de Verificação Agendado
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (05/15/2017 06:00:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: backgroundTaskHost.exe, versão: 10.0.14393.0, carimbo de data/hora: 0x57899bb2
Nome do módulo com falha: twinapi.appcore.dll, versão: 10.0.14393.1198, carimbo de data/hora: 0x590280b1
Código de exceção: 0xc000027b
Deslocamento da falha: 0x000000000006d1b4
ID do processo com falha: 0x36c
Hora de início do aplicativo com falha: 0x01d2cdbdecc2ab1a
Caminho do aplicativo com falha: C:\WINDOWS\system32\backgroundTaskHost.exe
Caminho do módulo com falha: C:\Windows\System32\twinapi.appcore.dll
ID do Relatório: ff78a2b4-a02e-4aa9-900d-dc76192cc738
Nome completo do pacote com falha: 21051xMrFlipFlop.FoodMoreFood_1.0.0.4_neutral__c3y39g9e468vt
ID do aplicativo relativo ao pacote com falha: App
Error: (05/15/2017 05:58:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADEMIR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (05/15/2017 01:03:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADEMIR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (05/15/2017 12:33:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADEMIR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (05/15/2017 12:07:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADEMIR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (05/15/2017 11:28:48 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (05/15/2017 11:28:08 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADEMIR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (05/15/2017 03:56:39 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADEMIR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (05/15/2017 03:26:39 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADEMIR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (05/15/2017 02:56:39 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADEMIR)
Description: Falha na ativação do aplicativo Microsoft.BingWeather_8wekyb3d8bbwe!App com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Erros de Sistema:
=============
Error: (05/15/2017 06:00:45 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: O servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} não se registrou no DCOM dentro do tempo limite necessário.
Error: (05/15/2017 05:57:44 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (05/15/2017 05:57:44 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (05/15/2017 05:57:44 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (05/15/2017 01:04:30 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (05/15/2017 11:29:00 AM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: O servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} não se registrou no DCOM dentro do tempo limite necessário.
Error: (05/15/2017 11:26:01 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (05/15/2017 11:26:01 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (05/15/2017 11:26:00 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (05/15/2017 03:59:42 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
CodeIntegrity:
===================================
Date: 2017-05-13 23:37:33.964
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-05-12 13:48:25.793
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-05-11 19:26:31.048
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-05-09 19:28:13.881
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-05-08 00:06:00.341
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-05-07 23:51:00.258
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-05-07 23:36:00.334
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-05-07 23:21:00.262
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-05-07 23:06:00.229
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-05-07 22:51:00.248
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz
Percentagem de memória em uso: 45%
RAM física total: 3961.09 MB
RAM física disponível: 2149.64 MB
Virtual Total: 4665.09 MB
Virtual disponível: 2606.23 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:687.44 GB) (Free:501.97 GB) NTFS
Drive e: (ESP) (Fixed) (Total:0.48 GB) (Free:0.44 GB) FAT32
Drive y: (PBR Image) (Fixed) (Total:9.62 GB) (Free:0.72 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 33DB2EEA)
Partition: GPT.
==================== Fim de Addition.txt ============================