Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:09-06-2016 Executado por Mrbelo (2016-06-09 00:07:35) Executando a partir de C:\Users\Mrbelo\Downloads Windows 7 Ultimate (X64) (2016-06-08 20:54:42) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-3804191614-2513765726-3744303832-500 - Administrator - Disabled) Convidado (S-1-5-21-3804191614-2513765726-3744303832-501 - Limited - Disabled) Mrbelo (S-1-5-21-3804191614-2513765726-3744303832-1000 - Administrator - Enabled) => C:\Users\Mrbelo ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.4.4 - Atheros Communications Inc.) Driver Easy 5.0.5 (HKLM\...\DriverEasy_is1) (Version: 5.0.5 - Easeware) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2509 - Intel Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden VIA Gerenciador de dispositivo de plataforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) WinDS PRO 2016.04.08 (HKLM\...\{4237FF56-4BD0-481E-BD44-C1A8DDA9C753}_is1) (Version: 2016.04.08 - WinDS PRO Central) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {3C508E0C-F683-4CDC-ABAC-C6E0600E38B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-08] (Google Inc.) Task: {4E854D56-877C-4B81-AEF5-026E7A7580CD} - System32\Tasks\{E0BA5C3B-36ED-455D-AE3B-9CB8260820C9} => C:\Instalador Gc H\httpwww.filmesonlinegratis.netassistir-ataque-dos-titas-2-o-fim-do-mundo-legendado-online.html\chipset_6,5,4,3,900_2K-7_(32-64).exe [2015-08-25] (Intel Corporation) Task: {52BF60CB-B2F1-4FF8-9E0F-E8A212EF0578} - System32\Tasks\{2B67B26A-EB73-4E0D-9B1B-CB879C6D5612} => C:\Instalador Gc H\httpwww.filmesonlinegratis.netassistir-ataque-dos-titas-2-o-fim-do-mundo-legendado-online.html\chipset_6,5,4,3,900_2K-7_(32-64).exe [2015-08-25] (Intel Corporation) Task: {57302CC2-F541-4F24-9863-D557398CF2BA} - System32\Tasks\{1A54EC76-050F-40A9-B94B-8A1CC5BF44C2} => C:\Instalador Gc H\httpwww.filmesonlinegratis.netassistir-ataque-dos-titas-2-o-fim-do-mundo-legendado-online.html\Win7Vista_VGA1155.exe [2015-08-25] (Intel Corporation) Task: {6F962BBF-41DB-4375-8F78-521012119488} - System32\Tasks\{1E19302E-E806-4DC6-8ED9-A0BC0A9446F2} => pcalua.exe -a "C:\Instalador Gc H\httpwww.filmesonlinegratis.netassistir-ataque-dos-titas-2-o-fim-do-mundo-legendado-online.html\Win7Vista_VGA1155.exe" -d "C:\Instalador Gc H\httpwww.filmesonlinegratis.netassistir-ataque-dos-titas-2-o-fim-do-mundo-legendado-online.html" Task: {BA46DB0C-9058-4725-AC42-B102429DEE81} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2016-05-09] (Easeware) Task: {BF92DBA5-4C30-4E41-91CA-527A2E9B8F76} - System32\Tasks\{FFBA3469-95E0-4FFC-9383-4EC781E7663B} => C:\Instalador Gc H\httpwww.filmesonlinegratis.netassistir-ataque-dos-titas-2-o-fim-do-mundo-legendado-online.html\chipset_6,5,4,3,900_2K-7_(32-64).exe [2015-08-25] (Intel Corporation) Task: {EA6C5243-D9CC-454F-A2C7-F6AC91484752} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-08] (Google Inc.) Task: {FDBCD322-1B21-482E-9D45-8A178CD9105C} - System32\Tasks\{1EA19857-9A9C-4E2C-8F85-328F3F72D952} => C:\Instalador Gc H\httpwww.filmesonlinegratis.netassistir-ataque-dos-titas-2-o-fim-do-mundo-legendado-online.html\chipset_6,5,4,3,900_2K-7_(32-64).exe [2015-08-25] (Intel Corporation) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ==================== Módulos Carregados (Whitelisted) ============== 2011-08-31 12:13 - 2011-08-31 12:13 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2016-06-08 17:58 - 2010-08-11 10:32 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll 2016-06-08 17:58 - 2010-08-11 10:32 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll 2016-06-08 17:58 - 2010-08-11 10:32 - 00105584 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll 2016-06-08 17:58 - 2010-08-11 10:32 - 64643696 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll 2016-06-08 23:16 - 2016-06-03 22:01 - 02334360 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libglesv2.dll 2016-06-08 23:16 - 2016-06-03 22:01 - 00105112 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-13 23:34 - 2009-06-10 18:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-3804191614-2513765726-3744303832-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mrbelo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{76FCA00C-EAA7-4282-A19F-17E4DC618B1B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Pontos de Restauração ========================= 08-06-2016 17:56:17 Instalado Atheros Communications Inc.(R) AR81Family Gigabit/FastG ùw 08-06-2016 17:57:25 Windows Update 08-06-2016 18:25:36 Windows Update 08-06-2016 18:50:24 DirectX instalado 08-06-2016 23:47:36 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 08-06-2016 23:48:03 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 08-06-2016 23:52:10 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 08-06-2016 23:54:45 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 08-06-2016 23:58:59 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (06/08/2016 11:54:25 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa Explorer.EXE versão 6.1.7600.16385 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: 540 Hora de Início: 01d1c1f847c3e0d1 Hora de Término: 11 Caminho do Aplicativo: C:\Windows\Explorer.EXE Id do Relatório: 744a7d4d-2ded-11e6-9238-c89cdc4cf004 Erros de Sistema: ============= Error: (06/08/2016 11:48:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço cpuz139 devido ao seguinte erro: %%3 Error: (06/08/2016 11:10:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço DrvAgent64 devido ao seguinte erro: %%577 Error: (06/08/2016 11:10:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço DrvAgent64 devido ao seguinte erro: %%577 Error: (06/08/2016 11:10:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço DrvAgent64 devido ao seguinte erro: %%577 Error: (06/08/2016 11:10:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço DrvAgent64 devido ao seguinte erro: %%577 Error: (06/08/2016 11:10:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço DrvAgent64 devido ao seguinte erro: %%577 Error: (06/08/2016 11:10:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço DrvAgent64 devido ao seguinte erro: %%577 Error: (06/08/2016 11:10:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço DrvAgent64 devido ao seguinte erro: %%577 Error: (06/08/2016 11:10:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço DrvAgent64 devido ao seguinte erro: %%577 Error: (06/08/2016 11:10:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço DrvAgent64 devido ao seguinte erro: %%577 CodeIntegrity: =================================== Date: 2016-06-08 23:10:50.840 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-06-08 23:10:50.837 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-06-08 23:10:50.833 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-06-08 23:10:50.830 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-06-08 23:10:50.826 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-06-08 23:10:50.823 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-06-08 23:10:50.820 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-06-08 23:10:50.817 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-06-08 23:10:50.813 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-06-08 23:10:50.809 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i5-2310 CPU @ 2.90GHz Percentagem de memória em uso: 64% RAM física total: 4002.91 MB RAM física disponível: 1435.84 MB Virtual Total: 8003.96 MB Virtual disponível: 5169.89 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:930.53 GB) (Free:765.89 GB) NTFS Drive d: (GRMCULFRER_EN_DVD) (CDROM) (Total:4.02 GB) (Free:0 GB) UDF ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 32FA6F64) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=930.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=449 MB) - (Type=27) ==================== Fim de Addition.txt ============================