Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:05-03-2016 01 Executado por R (2016-03-24 22:30:11) Executando a partir de C:\Users\R\Downloads Windows 10 Home Single Language Versão 1511 (X64) (2016-03-04 20:55:43) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-484904427-1410592291-175631103-500 - Administrator - Disabled) Convidado (S-1-5-21-484904427-1410592291-175631103-501 - Limited - Disabled) DefaultAccount (S-1-5-21-484904427-1410592291-175631103-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-484904427-1410592291-175631103-1003 - Limited - Enabled) R (S-1-5-21-484904427-1410592291-175631103-1001 - Administrator - Enabled) => C:\Users\R ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Antivírus e antispyware da McAfee (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Antivírus e antispyware da McAfee (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-484904427-1410592291-175631103-1001\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.2.0.129 - Adobe Systems Incorporated) Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{161E08DE-252C-5567-ECEB-52D173E88224}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Avid License Control (HKLM-x32\...\{F187D064-F101-4E95-8D05-4027809AA0F8}) (Version: 3.0.1 - Avid Technology, Inc.) comowin_otut_20160324 version 1.0 (HKLM-x32\...\comowin_otut_20160324_is1) (Version: 1.0 - azec) Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.8.1.70 - Dell Inc.) Dell Customer Connect (HKLM-x32\...\{124DE80C-9BFE-4D04-A8D9-69C5019DEEBF}) (Version: 1.3.28.0 - Dell Inc.) Dell Digital Delivery (HKLM-x32\...\{BC8233D8-59BA-4D40-92B9-4FDE7452AA8B}) (Version: 3.0.3999.0 - Dell Products, LP) Dell Foundation Services (HKLM\...\{AE5E3C86-2633-4DAF-A7F4-C43D1E738BAE}) (Version: 3.1.3300.0 - Dell Inc.) Dell Product Registration (HKLM-x32\...\{24F2AD94-CC1B-4294-B184-D4D31A3186A7}) (Version: 2.42.0012 - Aviata Inc.) Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.2.57295 - Dell) Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.2 - Synaptics Incorporated) Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.) Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.) Dropbox (HKU\S-1-5-21-484904427-1410592291-175631103-1001\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.) Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.) GamesDesktop 020.021010277 (HKLM-x32\...\gmsd_br_021010277_is1) (Version: - GAMESDESKTOP) <==== ATENÇÃO Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Instalação do DivX (HKLM-x32\...\DivX Setup) (Version: 2.8.0.18 - DivX, LLC) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation) McAfee Internet Security (HKLM-x32\...\MSC) (Version: 14.0.7080 - McAfee, Inc.) Microsoft Office 365 - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 15.0.4805.1003 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) MPC-HC 1.7.8 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.8 - MPC-HC Team) MyBestOffersToday 000.037050277 (HKLM-x32\...\mbot_en_037050277_is1) (Version: - MYBESTOFFERSTODAY) <==== ATENÇÃO mysites123 uninstall (HKLM-x32\...\mysites123 uninstall) (Version: - mysites123) NewExt (HKLM\...\{629529fb-edaf-4033-89cc-5ef7b43f021a}) (Version: 1.0 - NewExt) OEM Application Profile (HKLM-x32\...\{8F92E0CF-620B-5C20-F292-59C93567B06D}) (Version: 1.00.0000 - Nome de sua empresa:) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4805.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4805.1003 - Microsoft Corporation) Hidden PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.338 - Qualcomm Atheros Communications) Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.16.012 - Dell Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.) Sibelius 7 OpenType Fonts (HKLM-x32\...\{623C2BD8-1B28-4F98-B578-E9D139827269}) (Version: 7.1.3 - Avid) Sibelius 7.5 (HKLM\...\{BBADBAB3-56A4-444B-834E-D8730B574C3E}) (Version: 7.5.0.164 - Avid Technology) Sibelius Scorch (Firefox, Opera, Netscape, Chrome only) (HKLM-x32\...\{41626CC0-A854-4402-AD06-D7939515C282}) (Version: 6.2.0 - Sibelius Software, a division of Avid Technology, Inc.) Spotify (HKU\S-1-5-21-484904427-1410592291-175631103-1001\...\Spotify) (Version: 1.0.25.127.g58007b4c - Spotify AB) SunnyDay (HKLM-x32\...\SunnyDay3_is1) (Version: - SUNNYDAY) sunnyday version 1.1 (HKLM-x32\...\sunnyday_is1) (Version: 1.1 - sunnyday) The Desktop Weather 2.0 (HKLM\...\WeatherTool) (Version: 2.0.1.11076 - ShenZhen Enode Techology co,.Ltd) <==== ATENÇÃO The Sims 4 Get Together Addon Pack (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - ) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Wajam (HKLM-x32\...\2bf204ce7eac1377e0899e0d1eb6163c) (Version: 1.63.1.10 (i1.0) - Wajam) <==== ATENÇÃO WIN (HKLM-x32\...\win_en_77_is1) (Version: - ) <==== ATENÇÃO WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-484904427-1410592291-175631103-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\R\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-484904427-1410592291-175631103-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\R\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-484904427-1410592291-175631103-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) CustomCLSID: HKU\S-1-5-21-484904427-1410592291-175631103-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\R\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-484904427-1410592291-175631103-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\R\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-484904427-1410592291-175631103-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\R\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-484904427-1410592291-175631103-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\R\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-484904427-1410592291-175631103-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\R\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-484904427-1410592291-175631103-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\R\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-484904427-1410592291-175631103-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\R\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-484904427-1410592291-175631103-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\R\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-484904427-1410592291-175631103-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\R\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-484904427-1410592291-175631103-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\R\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {0354FEA6-CBF5-41A4-8EB6-908253B565AD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-03-10] (Microsoft Corporation) Task: {0A583C0A-25B1-4B95-8D74-00FC9F78597D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO Task: {164F001C-6316-4A60-A0E3-01758D33C91D} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc) Task: {17A5A5F2-9550-4CA2-9A29-F4B6FA94434B} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe [2016-03-01] (DivX, LLC) Task: {1D78299B-A34A-4495-9BC5-0BABB7D0E5ED} - System32\Tasks\osTip => C:\ProgramData\WindowsMsg\osmsg.exe [2016-03-23] () Task: {24DBBAD9-254B-4029-A643-4AB2E588DA89} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e4497ca251c6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-09] (Google Inc.) Task: {31715C49-0BF9-4C2B-8F8F-05636B00FDB5} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-09-01] (Synaptics Incorporated) Task: {32448367-7385-4241-91E6-B69772D46A2E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Nenhum Arquivo <==== ATENÇÃO Task: {4C114D4C-8EF5-4835-8EFD-50F2268F9514} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent Task: {52823292-EB31-4439-84E4-BF19C792B5BD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {58657567-2156-48E1-A966-2084F59E9D07} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-09] (Google Inc.) Task: {5DE5E641-9DA9-416A-953D-312B8B93AFA7} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-484904427-1410592291-175631103-1001UA => C:\Users\R\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.) Task: {5F0F1372-2185-4CE3-B498-C708BC0B598F} - System32\Tasks\GoogleUpdateTaskMachineUA1d0bf38805fb4ae => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-09] (Google Inc.) Task: {60E39934-5A40-4D18-AD77-A9283A8072B2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-03-15] (Microsoft Corporation) Task: {619CD3C3-95C1-4306-AD80-41949BE6A4E2} - System32\Tasks\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 => C:\Windows\TEMP\DeleteFolderTask.exe Task: {67862641-E7FC-4C6E-9531-9FFC4A524EE3} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-03-04] (Dell Inc.) Task: {7A6A4D0D-38FC-4D55-87D3-0F8C4D21B9DF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO Task: {8112BCE0-3498-4ECA-80E2-9801B266D6CF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO Task: {82D82EB7-B5B4-46C2-A087-46D723136A60} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-02-22] (McAfee, Inc.) Task: {84A694F2-0B4B-462F-98DC-0861B7D4C641} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO Task: {866653A6-35E4-443B-90C3-080D2FD5C644} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {8AE7D8CC-B89B-4AA4-88CC-F364D6DB7B96} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation) Task: {ADE56E0F-C35C-46CF-AA2B-30D1F6DF3CF2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-484904427-1410592291-175631103-1001Core => C:\Users\R\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.) Task: {B58C0F1D-1344-400B-B2E1-4025D22D5417} - System32\Tasks\McAfee\McAfee Idle Detection Task Task: {BA5C7DAB-F4A4-4C1C-8009-B3CA65C10440} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation) Task: {BCA9B3A7-E3CA-4FF8-A1CA-1829644B6745} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {BF9455E3-E6DB-4BC0-9810-FC83F5203D1C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {C89AA6D2-6EE7-45CB-B0FD-24BB4E83AC25} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO Task: {CCF21A6E-DA55-4FE1-B50B-9B3DB8E63D96} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {D1E63E9D-4D06-406A-A4C9-83DEC0DE11A0} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Nenhum Arquivo <==== ATENÇÃO Task: {D49546E5-C605-4018-889A-B921830765C9} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-02-22] (McAfee, Inc.) Task: {DD87C374-855F-496A-8CD4-2E9464A0EF6C} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc) Task: {DFA1CE75-A9BF-4775-A3E0-B7314F2877C9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-09] (Google Inc.) Task: {F50530C3-7E00-4F3B-AA84-10CA4ABFF66E} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-renataescher@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-07-22] (Adobe Systems Incorporated) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-484904427-1410592291-175631103-1001Core.job => C:\Users\R\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-484904427-1410592291-175631103-1001UA.job => C:\Users\R\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bf38805fb4ae.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0e4497ca251c6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\R\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.mysites123.com/?type=sc&ts=1458868108&z=9b0d1254b90ca1302fe137agcz4w8b0b1q3b2g9g5e&from=tt4u&uid=ST1000LM014-1EJ164_W382R6YGXXXXW382R6YG --disable-quic ShortcutWithArgument: C:\Users\R\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.mysites123.com/?type=sc&ts=1458868108&z=9b0d1254b90ca1302fe137agcz4w8b0b1q3b2g9g5e&from=tt4u&uid=ST1000LM014-1EJ164_W382R6YGXXXXW382R6YG --disable-quic ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.mysites123.com/?type=sc&ts=1458868108&z=9b0d1254b90ca1302fe137agcz4w8b0b1q3b2g9g5e&from=tt4u&uid=ST1000LM014-1EJ164_W382R6YGXXXXW382R6YG --disable-quic ==================== Módulos Carregados (Whitelisted) ============== 2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-03-24 22:00 - 2016-03-24 22:00 - 03587000 _____ () C:\ProgramData\System32\SafeGuard64.dll 2015-07-02 12:12 - 2015-07-02 12:12 - 01927680 _____ () C:\Program Files\SpaceSoundPro\SpaceSoundPro.dll 2016-03-24 20:48 - 2016-03-24 20:48 - 00279040 _____ () C:\Program Files (x86)\4C4C4544-1458866544-4D10-8043-C7C04F333432\knsd1A0B.tmpfs 2015-03-08 13:26 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2015-11-25 01:16 - 2015-11-25 01:16 - 00152008 _____ () C:\Program Files (x86)\WeatherTool\2.0.1.11076\WeatherService.exe 2016-03-22 10:59 - 2016-03-22 10:59 - 03218944 _____ () C:\Program Files\2bf204ce7eac1377e0899e0d1eb6163c\2c869074d5f5aa9d4d6d96042060dc80.exe 2016-03-05 20:28 - 2016-02-23 08:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-03-05 11:57 - 2016-03-05 11:59 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-03-05 20:28 - 2016-02-23 08:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-07-22 01:02 - 2015-07-22 01:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2015-12-19 01:08 - 2015-12-19 01:08 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe 2016-03-03 21:29 - 2016-03-03 21:29 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-03-05 20:28 - 2016-02-23 05:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-03-03 21:29 - 2016-03-03 21:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-03-03 21:29 - 2016-03-03 21:29 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-03-03 21:29 - 2016-03-03 21:29 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-03-03 21:29 - 2016-03-03 21:29 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-03-22 10:56 - 2016-03-22 10:56 - 02537472 _____ () c:\program files\2bf204ce7eac1377e0899e0d1eb6163c\c5efda2cb3a5e3510d5a305bfd4cd10a.exe 2016-03-22 10:59 - 2016-03-22 10:59 - 03218944 _____ () c:\program files\2bf204ce7eac1377e0899e0d1eb6163c\2c869074d5f5aa9d4d6d96042060dc80.exe 2016-03-24 22:02 - 2016-03-24 22:02 - 12111360 _____ () c:\program files\2bf204ce7eac1377e0899e0d1eb6163c\f1c752ff912964720aa81fc21cfcee97\zpllov.dll 2016-03-24 21:59 - 2016-03-24 22:00 - 03954688 _____ () C:\Program Files (x86)\sunnyday\wincom_71W.exe 2016-03-24 21:36 - 2016-03-23 14:49 - 02036736 _____ () C:\ProgramData\WindowsMsg\osmsg.exe 2015-07-22 01:02 - 2015-07-22 01:02 - 31535264 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe 2016-03-24 22:05 - 2016-03-24 22:05 - 00294912 _____ () C:\Program Files\NewExt\nssm.exe 2016-03-24 21:55 - 2016-03-23 15:21 - 04055256 _____ () C:\Program Files (x86)\win_en_77\win_en_77.exe 2016-03-24 22:05 - 2016-03-24 22:05 - 07556203 _____ () C:\Program Files\NewExt\jsinjector.exe 2016-03-24 22:00 - 2016-03-24 22:00 - 02771896 _____ () C:\ProgramData\System32\SafeGuard32.dll 2016-03-05 11:57 - 2016-03-05 11:59 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-03-05 11:57 - 2016-03-05 11:59 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-03-24 22:02 - 2016-03-24 22:02 - 11875328 _____ () c:\program files\2bf204ce7eac1377e0899e0d1eb6163c\f1c752ff912964720aa81fc21cfcee97\cumdnu.dll 2015-07-22 15:32 - 2015-07-22 15:32 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll 2016-02-24 07:20 - 2015-04-28 15:22 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll 2016-02-24 07:20 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll 2016-02-23 18:09 - 2016-02-23 18:09 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll 2015-01-30 16:07 - 2013-12-18 14:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-02-26 14:07 - 2015-02-09 14:14 - 01905904 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll 2015-01-30 16:22 - 2012-11-25 22:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll 2015-02-26 14:07 - 2014-02-18 16:12 - 00117568 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll 2016-03-15 01:09 - 2016-03-04 15:51 - 00096768 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\chrome_elf.dll 2016-03-24 22:08 - 2016-03-04 15:51 - 00732160 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\chrome_elf_wk.dll 2016-03-15 01:09 - 2016-03-07 23:48 - 01676440 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libglesv2.dll 2016-03-15 01:09 - 2016-03-07 23:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libegl.dll 2016-03-21 17:37 - 2016-03-08 12:16 - 17541312 _____ () C:\Users\R\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.182\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" ==================== EXE Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) ==================== Hosts Conteúdo: ========================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2013-08-22 10:25 - 2016-03-24 21:39 - 00001006 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-484904427-1410592291-175631103-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\R\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [UDP Query User{1D7678C7-9069-43B3-ABE9-CC7231D07DC7}C:\users\r\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\r\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{97479C7B-8017-4FE9-A690-EDA0B5E3851D}C:\users\r\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\r\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{067887A7-1C8C-4A5A-94DB-08B3A40F5860}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{DF03E038-E0E6-4FB2-8A96-782D34612E06}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{B29D156F-ADB9-4D04-BBD3-43239B8CCAE0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{8B48C54A-E3A1-40D3-97E2-808BFFE2452D}C:\users\r\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\r\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{F752969D-29D2-46EE-8E88-1350CBE4610E}C:\users\r\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\r\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{9650B7E3-66F9-467D-B57B-6A0BE002E7E5}C:\users\r\appdata\local\popcorn time\nw.exe] => (Block) C:\users\r\appdata\local\popcorn time\nw.exe FirewallRules: [TCP Query User{02845151-9C4D-48DA-8161-1F028F34294C}C:\users\r\appdata\local\popcorn time\nw.exe] => (Block) C:\users\r\appdata\local\popcorn time\nw.exe FirewallRules: [UDP Query User{462F642F-BB94-4ABD-86B2-28FBBAAEE698}C:\users\r\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\r\appdata\local\popcorn time\nw.exe FirewallRules: [TCP Query User{78A9D89C-F6FB-4760-98BA-AC4A70FEBC1B}C:\users\r\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\r\appdata\local\popcorn time\nw.exe FirewallRules: [UDP Query User{4C0F5DB9-097D-4EF3-A367-57AFBA21F95A}C:\users\r\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\r\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{7B69E3FD-52A5-493E-AC42-A3D1DA804BBA}C:\users\r\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\r\appdata\roaming\utorrent\utorrent.exe FirewallRules: [{C78B0549-FE8A-4E7D-85E6-389EC4C0DD16}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{1ED32D41-F95D-4FBC-BC2C-5CD77B5BC78D}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe FirewallRules: [UDP Query User{DCDBA223-EBD5-4139-A8FD-D9872E0E5F79}C:\users\r\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\r\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{3A050760-0DA7-46E0-91E2-BB78E4E9887C}C:\users\r\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\r\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{8B624D0B-9EF3-40E2-907D-1803F605E5E7}] => (Allow) C:\Users\R\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{5AE4289B-9D0C-4A2C-8D5E-222506CA20B4}] => (Allow) C:\Users\R\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [UDP Query User{AFEDB707-FA40-454F-B44A-CD5B25341FCC}C:\users\r\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\r\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [TCP Query User{1B9AE3D6-5A4B-41C1-ACC2-14056704D66E}C:\users\r\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\r\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [{F5DC8B38-A238-4F5E-BD4F-E37C735F7E05}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{397DE500-2D00-4DFD-9C37-013234EF750D}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{6A76CFB4-D159-42C9-B02E-1160B790B61B}] => (Allow) C:\Users\R\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{56320049-28CB-4579-8C11-272493337E32}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [UDP Query User{41F2D955-F38D-4851-8A15-00C1FB4601AD}C:\users\r\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\r\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{7DA21B07-DE21-4EFD-93ED-DC29543AD505}C:\users\r\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\r\appdata\roaming\utorrent\utorrent.exe FirewallRules: [{F3D74417-8C6B-4B97-9583-6F1F6DB08565}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{2DF728DD-8014-4291-ADA7-C65D45FA0A91}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{32CA34E4-456A-4923-BE8D-5BB4CC1D7F04}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{D1EF5CD1-AC8C-47E9-8999-8ECA99EF4D83}C:\program files (x86)\wondershare\vcu\dscheck.exe] => (Allow) C:\program files (x86)\wondershare\vcu\dscheck.exe FirewallRules: [UDP Query User{4645F82B-2D2C-444C-B0E4-95466D85972F}C:\program files (x86)\wondershare\vcu\dscheck.exe] => (Allow) C:\program files (x86)\wondershare\vcu\dscheck.exe FirewallRules: [{C63B9DA7-1480-4B69-83FE-1890BBAC9E68}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{2F0CB814-B52F-462D-AF43-739906EC7CC7}] => (Allow) C:\Program Files\NewExt\jsinjector.exe ==================== Pontos de Restauração ========================= 21-03-2016 18:38:45 Removed Skype™ 7.18 21-03-2016 18:40:13 Removed Skype Click to Call ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (03/24/2016 10:29:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-ESCHER) Description: Falha na ativação do aplicativo Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge com o erro: -2144927149. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (03/24/2016 10:19:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-ESCHER) Description: Falha na ativação do aplicativo Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge com o erro: -2144927149. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (03/24/2016 10:18:30 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: MPCProtectService.exe, versão: 3.4.9883.323, carimbo de data/hora: 0x56f26c5e Nome do módulo com falha: SafeGuard32.dll_unloaded, versão: 2.2.0.40, carimbo de data/hora: 0x568382a8 Código de exceção: 0xc00001a5 Deslocamento da falha: 0x001442c3 ID do processo com falha: 0x964 Hora de início do aplicativo com falha: 0xMPCProtectService.exe0 Caminho do aplicativo com falha: MPCProtectService.exe1 Caminho do módulo com falha: MPCProtectService.exe2 ID do Relatório: MPCProtectService.exe3 Nome completo do pacote com falha: MPCProtectService.exe4 ID do aplicativo relativo ao pacote com falha: MPCProtectService.exe5 Error: (03/24/2016 10:17:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-ESCHER) Description: Falha na ativação do aplicativo Microsoft.WindowsStore_8wekyb3d8bbwe!App com o erro: -2144927149. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (03/24/2016 10:17:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-ESCHER) Description: Falha na ativação do aplicativo Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge com o erro: -2144927149. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (03/24/2016 10:15:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-ESCHER) Description: Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927149. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (03/24/2016 10:15:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-ESCHER) Description: Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927149. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (03/24/2016 10:14:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-ESCHER) Description: Falha na ativação do aplicativo Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge com o erro: -2144927149. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (03/24/2016 10:11:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-ESCHER) Description: Falha na ativação do aplicativo Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge com o erro: -2144927149. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (03/24/2016 10:11:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: svchost.exe_DiagTrack, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d7ba Nome do módulo com falha: SafeGuard64.dll_unloaded, versão: 2.2.0.40, carimbo de data/hora: 0x5683828f Código de exceção: 0xc0000005 Deslocamento da falha: 0x000000000005827b ID do processo com falha: 0x22e8 Hora de início do aplicativo com falha: 0xsvchost.exe_DiagTrack0 Caminho do aplicativo com falha: svchost.exe_DiagTrack1 Caminho do módulo com falha: svchost.exe_DiagTrack2 ID do Relatório: svchost.exe_DiagTrack3 Nome completo do pacote com falha: svchost.exe_DiagTrack4 ID do aplicativo relativo ao pacote com falha: svchost.exe_DiagTrack5 Erros de Sistema: ============= Error: (03/24/2016 10:18:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço MPC Core Protect Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (03/24/2016 10:11:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Experiências e Telemetria de Usuário Conectado foi encerrado inesperadamente. Isso aconteceu 3 vez(es). Error: (03/24/2016 10:07:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Experiências e Telemetria de Usuário Conectado foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço. Error: (03/24/2016 10:05:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço McAfee CSP Service foi encerrado inesperadamente. Isso aconteceu 2 vez(es). Error: (03/24/2016 10:05:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço McAfee CSP Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (03/24/2016 10:04:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Experiências e Telemetria de Usuário Conectado foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço. Error: (03/24/2016 10:02:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço SupportAssistAgent devido ao seguinte erro: %%1053 Error: (03/24/2016 10:02:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço SupportAssistAgent. Error: (03/24/2016 10:02:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço luafv devido ao seguinte erro: %%1275 Error: (03/24/2016 10:01:06 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: O serviço SkypeUpdateEx está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente. CodeIntegrity: =================================== Date: 2016-03-24 22:13:24.439 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-24 22:13:23.566 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\amdhdl64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-24 21:56:52.846 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-24 21:56:52.809 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-24 21:56:40.440 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-24 21:56:40.411 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-24 21:56:27.546 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-24 21:56:27.504 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-24 21:55:13.578 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-24 21:55:13.557 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz Percentagem de memória em uso: 40% RAM física total: 8072.96 MB RAM física disponível: 4808.21 MB Virtual Total: 9352.96 MB Virtual disponível: 5615.01 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:921.87 GB) (Free:764.95 GB) NTFS Drive d: (ESP) (Fixed) (Total:0.48 GB) (Free:0.44 GB) FAT32 Drive e: (KINGSTON) (Removable) (Total:7.3 GB) (Free:6.39 GB) FAT32 Drive w: (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.44 GB) NTFS Drive x: (PBR Image) (Fixed) (Total:7.78 GB) (Free:0.73 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: BF458B5D) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 7.3 GB) (Disk ID: 8B125F34) Partition 1: (Active) - (Size=7.3 GB) - (Type=0C) ==================== Fim de Addition.txt ============================