Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 26-10-2017
Executado por Bruno campos (26-10-2017 02:12:40)
Executando a partir de C:\Users\Bruno campos\Downloads
Windows 7 Professional Service Pack 1 (X64) (2017-10-25 19:16:28)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3482999910-4114749731-1815573784-500 - Administrator - Disabled)
Bruno campos (S-1-5-21-3482999910-4114749731-1815573784-1000 - Administrator - Enabled) => C:\Users\Bruno campos
Convidado (S-1-5-21-3482999910-4114749731-1815573784-501 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.62 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Microsoft .NET Framework 4.6.1 (PTB) (HKLM\...\{A4CA54C9-68EE-393F-B10F-9C44884312B0}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{BCF0C1F7-671C-3922-A7EA-8AC11F4FC0EB}) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
MySQL Workbench 6.3 CE (HKLM\...\{CD8C5EC0-56A3-4F6E-BB22-E230059DF1F2}) (Version: 6.3.9 - Oracle Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8254 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0152 - REALTEK Semiconductor Corp.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Wampserver64 3.1.0 (HKLM\...\{wampserver64}_is1) (Version: 3.1.0 - Dominique Ottello aka Otomatic)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-02-19] (Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {B4CA32E6-777E-421D-BD09-7C0F7D562C17} - System32\Tasks\R@1n-KMS\Office14ProPlus => wmic [Argument = path OfficeSoftwareProtectionProduct where (ID="6f327760-8c5c-417c-9b61-836a98287e0c") call Activate]
Task: {D48174AC-3E66-4A95-8938-65A7CE1189C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-26] (Google Inc.)
Task: {E25DFC60-9F34-4F3D-953D-1BF8A0E44AD5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-26] (Google Inc.)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\Bruno campos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\HP Print para Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cjanmonomjogheabiocdamfpknlpdehm
==================== Módulos Carregados (Whitelisted) ==============
2011-03-17 00:07 - 2011-03-17 00:07 - 004297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2017-10-26 00:14 - 2017-10-26 01:14 - 000026112 _____ () C:\Windows\KMS-R@1n.exe
2012-01-10 21:12 - 2012-01-10 21:12 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2017-10-26 00:14 - 2017-10-26 01:14 - 000005120 _____ () C:\Windows\KMS-R@1nHook.exe
2017-10-26 01:14 - 2017-10-26 01:14 - 000004096 _____ () C:\Windows\KMS-R@1nHook.dll
2017-10-26 01:27 - 2017-08-17 10:34 - 014545920 _____ () c:\wamp64\bin\mariadb\mariadb10.2.8\bin\mysqld.exe
2017-10-26 00:56 - 2017-10-17 06:08 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.62\libglesv2.dll
2017-10-26 00:56 - 2017-10-17 06:08 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.62\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-14 00:34 - 2009-06-10 19:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3482999910-4114749731-1815573784-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Bruno campos\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{4004F304-1D60-4F1A-978C-73F59CE3BC07}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{90C7752D-5AEF-4F16-A2D0-B63109D01D5B}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{CCA91BDD-E177-4C5A-B20A-0CEBA1E6130F}] => (Allow) C:\Windows\KMS-R@1n.exe
==================== Pontos de Restauração =========================
25-10-2017 23:46:35 Instalado REALTEK PCIE Wireless LAN Driver
25-10-2017 23:57:49 DriverPack 17.7.73
26-10-2017 00:06:48 Installed Microsoft Office Professional Plus 2010
26-10-2017 00:13:04 Re-Loader by R@1n
26-10-2017 00:31:15 DriverPack 17.7.73
26-10-2017 00:34:56 Windows Update
26-10-2017 00:40:31 DriverPack 17.7.73
26-10-2017 01:13:38 Re-Loader by R@1n
26-10-2017 01:15:40 Installed Microsoft .NET Framework 4.7
26-10-2017 01:24:49 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
26-10-2017 01:33:16 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
26-10-2017 01:52:22 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026
26-10-2017 01:53:03 Installed MySQL Workbench 6.3 CE
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (10/26/2017 01:54:10 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicativo: MySQLWorkbench.exe
Versão do Framework: v4.0.30319
Descrição: O processo foi terminado devido a uma exceção sem tratamento.
Informações da Exceção: System.IO.FileLoadException
em MySQL.GUI.Workbench.Program.Main(System.String[])
Error: (10/26/2017 01:48:45 AM) (Source: MsiInstaller) (EventID: 10005) (User: Brunocampos-PC)
Description: Product: MySQL Workbench 6.3 CE -- MySQL Workbench requires the Visual C++ 2015 Redistributable Package to be installed. Click the Download-Button on the next page to open a web page containing further instructions.
Error: (10/26/2017 01:22:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/26/2017 01:15:45 AM) (Source: VSS) (EventID: 12344) (User: )
Description: Erro de Cópia de Sombra de Volume: um erro 0x00000000c000014d foi encontrado enquanto o Gravador do Registro estava preparando o Registro para uma cópia de
sombra. Verifique se há erros relacionados nos logs de eventos do aplicativo e do sistema.
Operação:
Evento OnFreeze
Congelar Evento
Contexto:
Contexto de Execução: Registry Writer
Contexto de Execução: Writer
Id de Classe de Gravador: {afbab4a2-367d-4d15-a586-71dbb18f8485}
Nome do Gravador: Registry Writer
ID de Instância de Gravador: {cfc824b1-cb8b-4b9d-aa74-b34cdeab6ed1}
Error: (10/26/2017 12:43:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/26/2017 12:23:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/26/2017 12:09:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/25/2017 11:50:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/25/2017 07:19:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/25/2017 06:41:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Erros de Sistema:
=============
Error: (10/26/2017 01:15:45 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: AUTORIDADE NT)
Description: 0xc000014d32\Device\HarddiskVolume1\Boot\BCD
Error: (10/26/2017 12:41:43 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : O controlador incorporado (EC) não respondeu dentro do tempo limite especificado. Isso pode indicar erro no hardware ou firmware do EC ou que o BIOS está acessando o EC incorretamente. Verifique com o fabricante do computador se há uma versão do BIOS mais atualizada. Em algumas situações, esse erro pode fazer que o computador funcione incorretamente.
Error: (10/26/2017 12:18:20 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: O servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} não se registrou com o DCOM dentro do tempo limite requerido.
Error: (10/25/2017 05:25:35 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento anterior do sistema em 17:24:13 às 25/10/2017 não era esperado.
Error: (10/25/2017 05:16:31 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: O serviço Serviço de transferência inteligente de plano de fundo terminou com o erro específico de serviço %%-2147023781 = O sistema está sendo desligado..
Error: (10/25/2017 05:16:31 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: AUTORIDADE NT)
Description: Falha ao iniciar o serviço do BITS. Erro 2147943515.
Error: (10/25/2017 05:13:21 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Falha na inicialização do despejo de memória!
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5 CPU M 480 @ 2.67GHz
Percentagem de memória em uso: 44%
RAM física total: 5940.54 MB
RAM física disponível: 3320.01 MB
Virtual Total: 11879.27 MB
Virtual disponível: 8570.37 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:152.77 GB) (Free:116.74 GB) NTFS
Drive d: () (Fixed) (Total:312.5 GB) (Free:312.37 GB) NTFS
Drive f: (VIVACELL) (Removable) (Total:14.42 GB) (Free:2.27 GB) FAT32
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 2DE48582)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=152.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=312.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 14.4 GB) (Disk ID: 0123FBBD)
Partition 1: (Active) - (Size=14.4 GB) - (Type=0C)
==================== Fim de Addition.txt ============================
Executado por Bruno campos (26-10-2017 02:12:40)
Executando a partir de C:\Users\Bruno campos\Downloads
Windows 7 Professional Service Pack 1 (X64) (2017-10-25 19:16:28)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3482999910-4114749731-1815573784-500 - Administrator - Disabled)
Bruno campos (S-1-5-21-3482999910-4114749731-1815573784-1000 - Administrator - Enabled) => C:\Users\Bruno campos
Convidado (S-1-5-21-3482999910-4114749731-1815573784-501 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.62 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Microsoft .NET Framework 4.6.1 (PTB) (HKLM\...\{A4CA54C9-68EE-393F-B10F-9C44884312B0}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{BCF0C1F7-671C-3922-A7EA-8AC11F4FC0EB}) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
MySQL Workbench 6.3 CE (HKLM\...\{CD8C5EC0-56A3-4F6E-BB22-E230059DF1F2}) (Version: 6.3.9 - Oracle Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8254 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0152 - REALTEK Semiconductor Corp.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Wampserver64 3.1.0 (HKLM\...\{wampserver64}_is1) (Version: 3.1.0 - Dominique Ottello aka Otomatic)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-02-19] (Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {B4CA32E6-777E-421D-BD09-7C0F7D562C17} - System32\Tasks\R@1n-KMS\Office14ProPlus => wmic [Argument = path OfficeSoftwareProtectionProduct where (ID="6f327760-8c5c-417c-9b61-836a98287e0c") call Activate]
Task: {D48174AC-3E66-4A95-8938-65A7CE1189C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-26] (Google Inc.)
Task: {E25DFC60-9F34-4F3D-953D-1BF8A0E44AD5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-26] (Google Inc.)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\Bruno campos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\HP Print para Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cjanmonomjogheabiocdamfpknlpdehm
==================== Módulos Carregados (Whitelisted) ==============
2011-03-17 00:07 - 2011-03-17 00:07 - 004297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2017-10-26 00:14 - 2017-10-26 01:14 - 000026112 _____ () C:\Windows\KMS-R@1n.exe
2012-01-10 21:12 - 2012-01-10 21:12 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2017-10-26 00:14 - 2017-10-26 01:14 - 000005120 _____ () C:\Windows\KMS-R@1nHook.exe
2017-10-26 01:14 - 2017-10-26 01:14 - 000004096 _____ () C:\Windows\KMS-R@1nHook.dll
2017-10-26 01:27 - 2017-08-17 10:34 - 014545920 _____ () c:\wamp64\bin\mariadb\mariadb10.2.8\bin\mysqld.exe
2017-10-26 00:56 - 2017-10-17 06:08 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.62\libglesv2.dll
2017-10-26 00:56 - 2017-10-17 06:08 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.62\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-14 00:34 - 2009-06-10 19:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3482999910-4114749731-1815573784-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Bruno campos\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{4004F304-1D60-4F1A-978C-73F59CE3BC07}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{90C7752D-5AEF-4F16-A2D0-B63109D01D5B}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{CCA91BDD-E177-4C5A-B20A-0CEBA1E6130F}] => (Allow) C:\Windows\KMS-R@1n.exe
==================== Pontos de Restauração =========================
25-10-2017 23:46:35 Instalado REALTEK PCIE Wireless LAN Driver
25-10-2017 23:57:49 DriverPack 17.7.73
26-10-2017 00:06:48 Installed Microsoft Office Professional Plus 2010
26-10-2017 00:13:04 Re-Loader by R@1n
26-10-2017 00:31:15 DriverPack 17.7.73
26-10-2017 00:34:56 Windows Update
26-10-2017 00:40:31 DriverPack 17.7.73
26-10-2017 01:13:38 Re-Loader by R@1n
26-10-2017 01:15:40 Installed Microsoft .NET Framework 4.7
26-10-2017 01:24:49 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
26-10-2017 01:33:16 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
26-10-2017 01:52:22 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026
26-10-2017 01:53:03 Installed MySQL Workbench 6.3 CE
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (10/26/2017 01:54:10 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicativo: MySQLWorkbench.exe
Versão do Framework: v4.0.30319
Descrição: O processo foi terminado devido a uma exceção sem tratamento.
Informações da Exceção: System.IO.FileLoadException
em MySQL.GUI.Workbench.Program.Main(System.String[])
Error: (10/26/2017 01:48:45 AM) (Source: MsiInstaller) (EventID: 10005) (User: Brunocampos-PC)
Description: Product: MySQL Workbench 6.3 CE -- MySQL Workbench requires the Visual C++ 2015 Redistributable Package to be installed. Click the Download-Button on the next page to open a web page containing further instructions.
Error: (10/26/2017 01:22:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/26/2017 01:15:45 AM) (Source: VSS) (EventID: 12344) (User: )
Description: Erro de Cópia de Sombra de Volume: um erro 0x00000000c000014d foi encontrado enquanto o Gravador do Registro estava preparando o Registro para uma cópia de
sombra. Verifique se há erros relacionados nos logs de eventos do aplicativo e do sistema.
Operação:
Evento OnFreeze
Congelar Evento
Contexto:
Contexto de Execução: Registry Writer
Contexto de Execução: Writer
Id de Classe de Gravador: {afbab4a2-367d-4d15-a586-71dbb18f8485}
Nome do Gravador: Registry Writer
ID de Instância de Gravador: {cfc824b1-cb8b-4b9d-aa74-b34cdeab6ed1}
Error: (10/26/2017 12:43:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/26/2017 12:23:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/26/2017 12:09:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/25/2017 11:50:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/25/2017 07:19:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/25/2017 06:41:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Erros de Sistema:
=============
Error: (10/26/2017 01:15:45 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: AUTORIDADE NT)
Description: 0xc000014d32\Device\HarddiskVolume1\Boot\BCD
Error: (10/26/2017 12:41:43 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : O controlador incorporado (EC) não respondeu dentro do tempo limite especificado. Isso pode indicar erro no hardware ou firmware do EC ou que o BIOS está acessando o EC incorretamente. Verifique com o fabricante do computador se há uma versão do BIOS mais atualizada. Em algumas situações, esse erro pode fazer que o computador funcione incorretamente.
Error: (10/26/2017 12:18:20 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: O servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} não se registrou com o DCOM dentro do tempo limite requerido.
Error: (10/25/2017 05:25:35 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento anterior do sistema em 17:24:13 às 25/10/2017 não era esperado.
Error: (10/25/2017 05:16:31 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: O serviço Serviço de transferência inteligente de plano de fundo terminou com o erro específico de serviço %%-2147023781 = O sistema está sendo desligado..
Error: (10/25/2017 05:16:31 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: AUTORIDADE NT)
Description: Falha ao iniciar o serviço do BITS. Erro 2147943515.
Error: (10/25/2017 05:13:21 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Falha na inicialização do despejo de memória!
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5 CPU M 480 @ 2.67GHz
Percentagem de memória em uso: 44%
RAM física total: 5940.54 MB
RAM física disponível: 3320.01 MB
Virtual Total: 11879.27 MB
Virtual disponível: 8570.37 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:152.77 GB) (Free:116.74 GB) NTFS
Drive d: () (Fixed) (Total:312.5 GB) (Free:312.37 GB) NTFS
Drive f: (VIVACELL) (Removable) (Total:14.42 GB) (Free:2.27 GB) FAT32
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 2DE48582)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=152.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=312.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 14.4 GB) (Disk ID: 0123FBBD)
Partition 1: (Active) - (Size=14.4 GB) - (Type=0C)
==================== Fim de Addition.txt ============================