Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:06-05-2016 02 Executado por maicon (2016-05-06 12:12:20) Executando a partir de E:\chrome1 Windows 7 Ultimate Service Pack 1 (X64) (2015-11-26 21:10:34) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-649760804-1200745382-2513035121-500 - Administrator - Disabled) Convidado (S-1-5-21-649760804-1200745382-2513035121-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-649760804-1200745382-2513035121-1002 - Limited - Enabled) maicon (S-1-5-21-649760804-1200745382-2513035121-1000 - Administrator - Enabled) => C:\Users\maicon ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95} AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-649760804-1200745382-2513035121-1000\...\uTorrent) (Version: 3.4.2.31633 - BitTorrent Inc.) 3RVX (HKLM-x32\...\{66BB5D8F-D9BD-4799-A9FA-5731B3B7839A}) (Version: 2.5 - matt.malensek.net) Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated) Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated) Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{1F7424F8-F992-48BC-90EF-7C4DB0405E3F}) (Version: 1.7.17.25416 - Nome da empresa:) Alcor Micro USB Card Reader (x32 Version: 1.7.17.25416 - Nome da empresa:) Hidden ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.03 - ASUSTeK Computer Inc.) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.) Atheros Ethernet Utility (HKLM-x32\...\{FB686487-C637-4EEF-BCB1-C92463F2CC05}) (Version: 1.1.0.9 - Atheros Communications Inc.) Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft) Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft) Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft) Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft) Atualizações da NVIDIA 2.11.2.55 (Version: 2.11.2.55 - NVIDIA Corporation) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform) Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine) CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0115 - Disc Soft Ltd) Driver Genius Professional Edition (HKLM-x32\...\Driver Genius Professional Edition_is1) (Version: 10.0 - Driver-Soft Inc.) Dxtory version 2.0.122 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.122 - Dxtory Software) FMW 1 (Version: 1.32.2 - AVG Technologies) Hidden FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory) GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.12.0.2 - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.94 - Google Inc.) Google Update Helper (x32 Version: 1.3.21.57 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - ) Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation) K-Lite Mega Codec Pack 10.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.5.5 - ) Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve) Left 4 Dead 2 Authoring Tools (HKLM-x32\...\Steam App 563) (Version: - Valve) Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Medal of Honor: Pacific Assault™ (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.2.1.280 - Electronic Arts) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{070C55FA-FB9D-46DD-B30B-4B520A83A66A}) (Version: 1.20.146.0 - Microsoft) Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation) Minecraft Cracked (HKLM-x32\...\Minecraft Cracked) (Version: - ) Mozilla Firefox 45.0.2 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 pt-BR)) (Version: 45.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla) NVIDIA Driver de áudio HD 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation) NVIDIA Driver de controle do 3D Vision 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation) NVIDIA Driver de gráficos 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.72 - NVIDIA Corporation) NVIDIA Driver do 3D Vision 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.72 - NVIDIA Corporation) NVIDIA GeForce Experience 2.11.2.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.55 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.12.1.43352 - Electronic Arts, Inc.) Painel de controle da NVIDIA 364.72 (Version: 364.72 - NVIDIA Corporation) Hidden Panda Devices Agent (x32 Version: 1.03.07 - Panda Security) Hidden Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Platform (x32 Version: 1.38 - VIA Technologies, Inc.) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6402 - Realtek Semiconductor Corp.) SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.2.55 - NVIDIA Corporation) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1208 - SUPERAntiSpyware.com) TeraCopy 2.27 (HKLM\...\TeraCopy_is1) (Version: - Code Sector) TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.4000.256 - TuneUp Software) TuneUp Utilities 2013 (x32 Version: 13.0.4000.256 - TuneUp Software) Hidden TuneUp Utilities Language Pack (pt-BR) (x32 Version: 13.0.4000.256 - TuneUp Software) Hidden Turbo Key (HKLM-x32\...\{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}) (Version: 1.01.03 - ) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VIA Gerenciador de dispositivo de plataforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.38 - VIA Technologies, Inc.) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.5.1 (HKLM\...\VulkanRT1.0.5.1) (Version: 1.0.5.1 - LunarG, Inc.) Warsaw 1.11.1.24 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.11.1.24 - GAS Tecnologia) Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation) WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) YoWindow (HKLM-x32\...\yowindow) (Version: 3 - RepkaSoft) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-649760804-1200745382-2513035121-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\maicon\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-649760804-1200745382-2513035121-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\maicon\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {011A472C-3C2A-4BF6-BECD-6EFF0497D4F4} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.01.02\AsLoader.exe [2009-12-28] (ASUSTeK Computer Inc.) Task: {12DD9685-D426-4457-889A-4724F61E1098} - System32\Tasks\{0028BB2C-62BB-4868-A19F-E3703C6D7366} => C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe [2009-11-24] (ASUSTeK Computer Inc.) Task: {1CDD1D6A-FDBA-4522-B767-1DB980D65F1D} - System32\Tasks\ByteFence Scan => C:\Program Files\ByteFence\ByteFence.exe <==== ATENÇÃO Task: {22964794-8E89-49BE-8CD1-45082153156D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated) Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Nenhum Arquivo <==== ATENÇÃO Task: {5FAF4BCD-3A94-40C9-989A-77D55C16DC3B} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> Nenhum Arquivo <==== ATENÇÃO Task: {7BB61E65-2D20-4B5B-9EE1-08E32C12D2B0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-03] (Google Inc.) Task: {84E08F88-298B-41CB-9503-434F52307B4A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-03] (Google Inc.) Task: {8AA58CB2-CC9F-442F-A5F7-9A738FEC9A7C} - System32\Tasks\{0A64DA4D-E5E7-311A-CFDC-38D39B8360DB} => C:\Users\maicon\AppData\Roaming\{0A64D~1\SYNHEL~1 Task: {91D6EFEE-7549-4408-981D-62FBC409C68D} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2014-01-28] (TuneUp Software) Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe Task: {99A51B35-6BAD-46C8-9123-D735FFE95933} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.) Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> Nenhum Arquivo <==== ATENÇÃO Task: {B66A0E66-F8E4-4089-8FCD-7EF04D4D21C0} - \{0F097947-780F-0A7E-0C11-7A087D7A1178} -> Nenhum Arquivo <==== ATENÇÃO Task: {BA3C9812-2669-49BC-B04E-BB1A540E2A53} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd) Task: {BAC2555F-C64F-489B-8BF5-2FB25F6234E3} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe <==== ATENÇÃO Task: {C338D4D2-7899-46BE-8A35-563A9A9BE95F} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> Nenhum Arquivo <==== ATENÇÃO Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> Nenhum Arquivo <==== ATENÇÃO Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> Nenhum Arquivo <==== ATENÇÃO (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\{0A64DA4D-E5E7-311A-CFDC-38D39B8360DB}.job => C:\Users\maicon\AppData\Roaming\{0A64D~1\SYNHEL~1/Checkmaicon0ߘ )֠< ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) WMI_ActiveScriptEventConsumer_ASEC: <===== ATENÇÃO (yeabests) ShortcutWithArgument: C:\Users\maicon\Desktop\chrome - Atalho.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://yeabests.cc ShortcutWithArgument: C:\Users\maicon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://yeabests.cc ShortcutWithArgument: C:\Users\maicon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://yeabests.cc ShortcutWithArgument: C:\Users\maicon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://yeabests.cc ShortcutWithArgument: C:\Users\maicon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\chrome - Atalho.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://yeabests.cc ShortcutWithArgument: C:\Users\maicon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox (2).lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://yeabests.cc ShortcutWithArgument: C:\Users\maicon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://yeabests.cc ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://yeabests.cc ==================== Módulos Carregados (Whitelisted) ============== 2015-12-13 17:31 - 2016-03-21 23:25 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-01-28 07:47 - 2014-01-28 07:47 - 00741176 _____ () C:\Program Files (x86)\TuneUp Utilities 2013\avgrepliba.dll 2015-11-27 19:43 - 2015-11-27 19:43 - 00178688 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\WaveLibMixer\f6f5b206bd2104a721d1c727b4536ba6\WaveLibMixer.ni.dll 2015-11-27 19:43 - 2015-11-27 19:43 - 00108032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\CoreAudioApi\7fd494c22406deed2dfcc8e29c82cb65\CoreAudioApi.ni.dll 2016-03-20 23:23 - 2016-03-29 22:28 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-05-05 22:22 - 2016-04-27 20:25 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.94\libglesv2.dll 2016-05-05 22:22 - 2016-04-27 20:25 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.94\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10] AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32] AlternateDataStreams: C:\Windows\System32:9ED50103_Cef.gbp [2] AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1434] AlternateDataStreams: C:\ProgramData\TEMP:430C6D84 [127] AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2 [144] AlternateDataStreams: C:\Users\maicon\Local Settings:init [6485282] AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:430C6D84 [127] AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:DFC5A2B2 [144] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service" ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-649760804-1200745382-2513035121-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-649760804-1200745382-2513035121-1000\...\caixa.gov.br -> imagem.caixa.gov.br ==================== Hosts Conteúdo: ========================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-13 23:34 - 2016-04-30 21:16 - 00001006 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-649760804-1200745382-2513035121-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\maicon\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.25.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) MSCONFIG\startupfolder: C:^Users^maicon^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^YoWindow.lnk => C:\Windows\pss\YoWindow.lnk.Startup MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe MSCONFIG\startupreg: AvgUi => "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw MSCONFIG\startupreg: AVG_UI => "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: CloneCDTray => "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun MSCONFIG\startupreg: Diebold - Warsaw => C:\Program Files\Diebold\Warsaw\core.exe MSCONFIG\startupreg: Dxtory Update Checker 2.0 => C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart MSCONFIG\startupreg: GoogleChromeAutoLaunch_7133156D50F14ABC4CA76199122D2FE5 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey MSCONFIG\startupreg: MSConfig => "C:\Users\maicon\vveesdqq.exe" MSCONFIG\startupreg: msiql => C:\ProgramData\msiql.exe /RUNNING MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: PSUAMain => "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe MSCONFIG\startupreg: TaskTray => MSCONFIG\startupreg: Turbo Key => "C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe" MSCONFIG\startupreg: VIAxHCUtl => C:\VIA_XHCI\usb3Monitor.exe MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [TCP Query User{0D0721FE-3095-46EA-B904-DDDCECAB6AF2}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [UDP Query User{B6E732C6-DF3D-4F9C-91B3-B81283F702A8}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [{7D5EE018-A7F1-4E34-80B9-F5E8D9A412AF}] => (Allow) C:\Users\maicon\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D2EF91F8-8B3F-4897-80AB-B161C430BFA2}] => (Allow) C:\Users\maicon\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{753CF06B-BD21-4717-902E-5E6008E19A89}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C311E6EE-0F66-487F-AFD8-5C3B3FF477D7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B003EAC7-454E-440A-BE26-34FD393A0B32}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{F9FFC9BE-155D-4F6A-A513-8F62B6C0F94C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{897E4650-8279-4523-B64E-03F63EDAB69B}K:\left 4 dead 2\left4dead2.exe] => (Block) K:\left 4 dead 2\left4dead2.exe FirewallRules: [UDP Query User{7FF4C58D-754A-4616-A937-D8E2402D4283}K:\left 4 dead 2\left4dead2.exe] => (Block) K:\left 4 dead 2\left4dead2.exe FirewallRules: [{2C676D67-E66A-4E46-BD4E-738933E0ACDB}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe FirewallRules: [{AAD77E18-4B1A-454D-87A3-B32876E7AB8C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{58C96663-84AA-4B48-996A-6B64F435BEAF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{423BE2F5-21FD-4038-959E-C85A0F42F653}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{510F5C26-962C-4B72-A6AB-EB12C852A9BE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{FA620340-61C2-4F9B-97BB-F047ABB91A5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{9007BB25-2E55-4E11-8EAC-85F61BFDAB12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{D234D515-677E-4917-8E25-3F400BE5DD8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\bin\SDKLauncher.exe FirewallRules: [{BD635086-D7B4-408B-81FC-B7D066324C50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\bin\SDKLauncher.exe FirewallRules: [{DD2F2E78-578C-4283-BA3F-424155EBA454}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{C451E83B-CC1C-482A-9DF0-E13460EB616A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{A73A70E1-E90A-464B-9B4C-83E6A443932B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{45795B96-D21C-4A7A-8030-0084F1B170F9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{4CDF2B2F-5F4C-4177-AEF0-E2A8AE6CE262}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{CDDE9CBB-05E9-49D7-920F-90E9534CDCCE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{51EC6802-1549-4DBD-9344-825FDDD0A561}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{2D0BB994-6CD8-44D3-9D98-1BB71C4D8A11}C:\program files (x86)\activision\call of duty black ops ii_2_2\t6zmv41.exe] => (Block) C:\program files (x86)\activision\call of duty black ops ii_2_2\t6zmv41.exe FirewallRules: [UDP Query User{EAC319C9-C900-478A-89C3-40C96721FA9C}C:\program files (x86)\activision\call of duty black ops ii_2_2\t6zmv41.exe] => (Block) C:\program files (x86)\activision\call of duty black ops ii_2_2\t6zmv41.exe FirewallRules: [TCP Query User{86FC2461-C71A-4717-8433-D1A01D68E6F0}C:\program files (x86)\activision\call of duty black ops ii_2_2\t6mp.exe] => (Block) C:\program files (x86)\activision\call of duty black ops ii_2_2\t6mp.exe FirewallRules: [UDP Query User{B6C2CD21-F0ED-462C-B95F-CF4207C6626E}C:\program files (x86)\activision\call of duty black ops ii_2_2\t6mp.exe] => (Block) C:\program files (x86)\activision\call of duty black ops ii_2_2\t6mp.exe FirewallRules: [{8E2F4961-AE95-460F-BA43-311631D32CB5}] => (Allow) C:\Users\maicon\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2951350B-5287-44BD-A3CC-C4B94D178FAA}] => (Allow) C:\Users\maicon\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E0242BB7-E38B-4634-B89C-0BC0707C92D2}] => (Allow) C:\Users\maicon\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0B8C2ED2-9264-4CE3-B7DD-F80DAEC0DA0E}] => (Allow) C:\Users\maicon\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{DFF3E8F1-9A95-4AE6-997A-F317F045129A}] => (Allow) C:\Users\maicon\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{526CA3E1-1A8B-4317-9EE9-4D4059C1725B}] => (Allow) C:\Users\maicon\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{864E47D9-52E4-4AAD-94A0-2CEBB3243BA4}] => (Allow) C:\Users\maicon\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{CF1EE57B-AE19-46B3-AE05-9F85CABF575D}] => (Allow) C:\Users\maicon\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{522E2AC5-2DBE-4ED0-85A7-2484F83CB7B1}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [UDP Query User{9D5C80A5-80A6-495B-840D-E16ABEBDA5FE}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [{3E545133-AA77-4E69-82D3-282838C2B6F6}] => (Allow) C:\Users\maicon\AppData\Roaming\UPUpdata\download\MiniThunderPlatform.exe FirewallRules: [{83C8894F-48C6-41CE-9A59-45FBC5074DB1}] => (Allow) C:\Users\maicon\AppData\Roaming\UPUpdata\download\MiniThunderPlatform.exe FirewallRules: [{AABFD70C-AB85-4AED-B90C-89FE903206A4}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe FirewallRules: [{E0E72F87-D76E-4C9A-91FB-2761AD9BE751}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe FirewallRules: [TCP Query User{22B7BA43-6F82-46F7-A588-A27D013D2A60}C:\windows\syswow64\svchost.exe] => (Allow) C:\windows\syswow64\svchost.exe FirewallRules: [UDP Query User{051E2745-A4DB-43DC-807F-C660D23BFC09}C:\windows\syswow64\svchost.exe] => (Allow) C:\windows\syswow64\svchost.exe FirewallRules: [{20F9FE40-4DB8-4BD8-9C0A-3DB0CF3B70F1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{B7C9FB20-6067-4FA7-9A4D-9516E70408AE}C:\program files (x86)\activision\call of duty black ops ii_2_2\t6zm.exe] => (Allow) C:\program files (x86)\activision\call of duty black ops ii_2_2\t6zm.exe FirewallRules: [UDP Query User{577DE580-8E7C-40DA-93CC-D3C0C55F3E32}C:\program files (x86)\activision\call of duty black ops ii_2_2\t6zm.exe] => (Allow) C:\program files (x86)\activision\call of duty black ops ii_2_2\t6zm.exe FirewallRules: [{FE8790DE-12D3-4EC3-8877-847E8E33EAAE}] => (Block) C:\program files (x86)\activision\call of duty black ops ii_2_2\t6zm.exe FirewallRules: [{6DA76A6E-9537-4524-93B6-65E00615B591}] => (Block) C:\program files (x86)\activision\call of duty black ops ii_2_2\t6zm.exe FirewallRules: [{B991AF2A-D715-404B-8AB9-7E4AF091CD67}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa.exe FirewallRules: [{E3BFAEDB-660E-48D0-B35C-A39E9A098693}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa.exe FirewallRules: [{8E7260C3-207F-4C28-AC22-6F9E9CEB82A8}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe FirewallRules: [{AD7D27FB-90A7-4E5E-A44A-EDE59FD41276}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe ==================== Pontos de Restauração ========================= 05-05-2016 19:40:51 Removido TuneUp Utilities Language Pack (pt-BR) 05-05-2016 19:42:57 Instalado TuneUp Utilities 2013 05-05-2016 20:14:59 DirectX instalado 05-05-2016 20:17:23 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 05-05-2016 20:18:56 DirectX instalado 05-05-2016 22:06:47 DirectX instalado 05-05-2016 22:57:38 AA11 06-05-2016 08:15:15 Windows Update 06-05-2016 09:10:26 DirectX instalado ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: softaal Description: softaal Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: softaal Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: tencent QMUdisk Description: tencent QMUdisk Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: QMUdisk Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: TsNetHlpX64.sys Description: TsNetHlpX64.sys Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: tsnethlpx64 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (05/06/2016 09:51:51 AM) (Source: .NET Runtime) (EventID: 1022) (User: ) Description: .NET Runtime version 4.0.30319.34209 - Falha ao inicializar a infra-estrutura de anexação da API do criador de perfil. Esse processo não permite que um perfil seja anexado. HRESULT: 0x80004005. ID do Processo (decimal): 4624. ID da Mensagem: [0x2509]. Error: (05/06/2016 08:12:34 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/06/2016 08:06:09 AM) (Source: System Restore) (EventID: 8210) (User: ) Description: Erro não especificado durante a Restauração do Sistema: (Windows Update). Informações adicionais: 0x80070005. Error: (05/06/2016 07:54:48 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/06/2016 07:49:39 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/06/2016 07:34:19 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/05/2016 11:15:01 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa pctsGui.exe versão 9.1.0.2898 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: 738 Hora de Início: 01d1a73cb994d5d9 Hora de Término: 34 Caminho do Aplicativo: C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe Id do Relatório: 4d7cad1f-1330-11e6-9de6-c860008ab8cc Error: (05/05/2016 10:37:48 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado. Error: (05/05/2016 10:10:44 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado. Error: (05/05/2016 08:06:13 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Erros de Sistema: ============= Error: (05/06/2016 08:12:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: %%2 Error: (05/06/2016 08:12:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro: %%2 Error: (05/06/2016 08:12:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro: %%2 Error: (05/06/2016 08:11:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro: %%2 Error: (05/06/2016 08:11:13 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: gbpddfac gbpddreg Error: (05/06/2016 08:11:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Warsaw File Access svc devido ao seguinte erro: %%2 Error: (05/06/2016 08:11:01 AM) (Source: Microsoft Antimalware) (EventID: 2004) (User: ) Description: %60 encontrou um erro ao tentar carregar assinaturas e tentará reverter ao conjunto de assinaturas válidas. Tentativas de Assinaturas: %24 Código de Erro: 0x80070002 Descrição do erro: O sistema não pode encontrar o arquivo especificado. Versão da assinatura: 0.0.0.0;0.0.0.0 Versão do mecanismo: %600 Error: (05/06/2016 08:07:24 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {3EB3C877-1F16-487C-9050-104DBCD66683} Error: (05/06/2016 08:06:20 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: O serviço Pesquisador de Computadores depende do serviço Server, mas não foi possível iniciá-lo devido ao seguinte erro: %%1068 Error: (05/06/2016 08:06:20 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: O serviço Pesquisador de Computadores depende do serviço Server, mas não foi possível iniciá-lo devido ao seguinte erro: %%1068 CodeIntegrity: =================================== Date: 2016-05-05 01:06:47.955 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-05-05 01:06:47.175 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-05-05 01:05:42.856 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-05-05 01:05:42.107 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz Percentagem de memória em uso: 29% RAM física total: 8191.12 MB RAM física disponível: 5771.48 MB Virtual Total: 16380.42 MB Virtual disponível: 13640.11 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:149.9 GB) (Free:53.81 GB) NTFS Drive d: (josieli) (Fixed) (Total:50 GB) (Free:19.01 GB) NTFS Drive e: (michael) (Fixed) (Total:365.5 GB) (Free:34.89 GB) NTFS Drive k: (jogos) (Fixed) (Total:366.01 GB) (Free:224.23 GB) NTFS ==================== MBR & Tabela de Partições ================== ==================== Fim de Addition.txt ============================