Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 11-08-2016 01
Executado por Clayton (2016-08-13 10:03:23)
Executando a partir de C:\Users\Clayton\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-07-18 16:59:56)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-1241525271-2723492398-1228373806-500 - Administrator - Disabled)
Clayton (S-1-5-21-1241525271-2723492398-1228373806-1003 - Administrator - Enabled) => C:\Users\Clayton
Convidado (S-1-5-21-1241525271-2723492398-1228373806-501 - Limited - Disabled)
Debora V (S-1-5-21-1241525271-2723492398-1228373806-1007 - Administrator - Enabled) => C:\Users\Debora V
Débora (S-1-5-21-1241525271-2723492398-1228373806-1001 - Administrator - Enabled) => C:\Users\Débora
HomeGroupUser$ (S-1-5-21-1241525271-2723492398-1228373806-1002 - Limited - Enabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-1241525271-2723492398-1228373806-1003\...\uTorrent) (Version: 3.4.8.42449 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.1.2272 - AVAST Software)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.4.43.6254 - BlueStack Systems, Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
CGS17_Setup_x64 (Version: 17.1 - Corel Corporation) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Control Center (HKLM-x32\...\{A09AB2EA-4E3B-48A8-A716-CD4FB3529548}) (Version: 1.0 - TPS)
Corel Graphics - Windows Shell Extension (HKLM\...\_{4DC318F5-1640-4417-A218-912ED9905FAA}) (Version: 17.1.0.572 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.1.572 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.1.572 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - BR (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.1 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1.0.572 - Corel Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2246 - Intel Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  - )
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.7070.2033 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1241525271-2723492398-1228373806-1003\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7030.1021 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7030.1021 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7030.1021 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft .NET Framework 4.5 - Português (Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50709 - Microsoft Corporation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Proteção de Terminal Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1609.76 - Trusteer)
Rapport (x32 Version: 3.5.1609.76 - Trusteer) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5978 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0180 - REALTEK Semiconductor Corp.)
SafeZone Stable 1.48.2066.114 (x32 Version: 1.48.2066.114 - Avast Software) Hidden
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Software WIDCOMM Bluetooth (HKLM-x32\...\{3F4EC965-28EF-45C3-B063-04B25D4E9679}) (Version: 4.0.1.3500 - WIDCOMM, Inc.)
TpsCap (HKLM-x32\...\{46B59C73-99D7-4B23-A0F8-421E418E6794}) (Version: 1.00.00.00 - Tps)
Warsaw 1.12.3.5 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.12.3.5 - GAS Tecnologia)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {0265B86F-89AD-4F1B-9E56-5B84852286BB} - System32\Tasks\{7889B075-D93C-4680-894B-77E18800551A} => pcalua.exe -a C:\Users\Débora\Desktop\PC\H49Camera.exe -d C:\Users\Débora\Desktop\PC
Task: {04836E78-1A19-4B9B-AB10-586A453250FE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-18] (Google Inc.)
Task: {0522E82C-8563-4C44-A164-247D99F5D716} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {0EE3C430-97B5-4E87-897B-EDABCF2356C4} - System32\Tasks\{06E3B504-1C0A-49CC-8E7F-48EC8F59BA19} => pcalua.exe -a C:\Users\Débora\Desktop\PC\WlanAWNE785HXP\Install_CD\setup.exe -d C:\Users\Débora\Desktop\PC\WlanAWNE785HXP\Install_CD
Task: {3B297C0C-918F-46FC-BEC2-908357023625} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec [Argument = /RestartRecording]
Task: {56C86430-E265-44D0-8155-AC8E02B0906C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {641849B7-5B91-4EDD-AFAE-89C3D4A54926} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-07-18] (AVAST Software)
Task: {860B8F63-24C2-4DF0-AA7F-80A218E7A5A3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-08-04] (Microsoft Corporation)
Task: {8D6DBC77-2B23-4C6C-A2B1-268C2F0AC402} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-18] (Google Inc.)
Task: {9B2265A7-A14E-4D5F-8973-014C8BD9DDDB} - System32\Tasks\{7E46DFC0-5C15-43C1-8174-C0447EDC8E70} => pcalua.exe -a C:\Users\Clayton\Downloads\GBPCEF.exe -d C:\Users\Clayton\Downloads -c admin_service
Task: {AB452AB1-68AB-402F-AB2C-3D101E1E9B2F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate [Argument = $(Arg0)]
Task: {B30C3889-DEDF-4FD6-BD08-C40D055FEB7D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-07-25] (Microsoft Corporation)
Task: {BC0B81F3-526B-4297-93E2-9D12CE703E76} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
Task: {C79AAC09-C27A-4567-9B6B-F19BD50FBB72} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-07-25] (Microsoft Corporation)
Task: {D0B80695-C7FF-45BF-897C-B28EBCB70F53} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-08-30] (@ByELDI)
Task: {D363DAEA-7055-415F-8504-4F6EBD53D730} - System32\Tasks\{9A15724B-0BFE-4BCE-939D-BC2F61CD55D3} => C:\Program Files (x86)\Software WIDCOMM\Bluetooth\BTTray.exe [2006-05-12] (Broadcom Corporation.)
Task: {E50AA9E0-DDDE-49A3-97EB-88BF9A7B6E02} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-08-04] (Microsoft Corporation)
Task: {ECBAD3F7-C9A2-438E-B40F-BB70E798FC9A} - System32\Tasks\SafeZone scheduled Autoupdate 1468867408 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-06-17] (Avast Software)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

==================== Módulos Carregados (Whitelisted) ==============

2016-07-18 14:21 - 2010-11-12 03:08 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-07-18 14:28 - 2016-06-23 10:26 - 02336584 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.106\libglesv2.dll
2016-07-18 14:28 - 2016-06-23 10:25 - 00107336 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.106\libegl.dll
2016-07-18 15:41 - 2016-07-18 15:41 - 00146232 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-08-13 08:32 - 2016-08-13 08:32 - 03016192 _____ () C:\Program Files\AVAST Software\Avast\defs\16081301\algo.dll
2016-07-18 15:41 - 2016-07-18 15:41 - 00479288 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-06-02 15:51 - 2015-06-02 15:51 - 00545792 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2016-07-18 15:41 - 2016-07-18 15:41 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Windows\System32:6C6735FB_Cef.gbp [2]
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [1270]
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddreg64.sys:X5ZN8aGvT4 [686]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1198]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-1241525271-2723492398-1228373806-1003\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br

==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-13 23:34 - 2016-07-18 18:19 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-1241525271-2723492398-1228373806-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Clayton\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 187.22.0.61 - 187.22.0.66
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)


==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{0B9510C6-041F-42E2-81C4-14AEF8FBD349}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{A92F3E17-1A4D-4AFC-A2D7-2F69C8C4A2AB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{5AA1F638-BE72-4D99-A4B6-3FAF32E1DF5A}] => (Allow) C:\Users\Clayton\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{D3775586-FB6D-4007-96D0-12B91B0CE361}] => (Allow) C:\Users\Clayton\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{93CF36EF-7213-428B-A00B-4A669B71646F}] => (Allow) C:\Users\Clayton\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C79D86AB-CC3A-4FB4-ADBC-5C6602E80A81}] => (Allow) C:\Users\Clayton\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8791EC1C-05BD-4F04-AC1B-519577F63BA0}] => (Allow) C:\Users\Clayton\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3177C5C6-05A1-45EC-BB7C-6A5AB19D3FAA}] => (Allow) C:\Users\Clayton\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3ABF8F16-75BE-4BBB-A292-1705CAFAF66B}] => (Allow) C:\Users\Clayton\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{845BC6A1-6354-463B-8942-6E122426FDB9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AB10EAF8-EC4D-4A12-87C2-25874C0AFC06}] => (Allow) C:\Users\Débora\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F8BAEBA6-821A-4522-9B37-F80445A9579F}] => (Allow) C:\Users\Débora\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{534D881E-E1F4-4919-85E3-8F3CF17D732D}] => (Allow) C:\Users\Débora\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D2E132FF-1DEA-4409-A982-CFC2EE3871FB}] => (Allow) C:\Users\Débora\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A488154C-1CE0-4E7E-9D93-3F9843F83C51}] => (Allow) C:\Users\Débora\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1883D7E3-29CD-4C87-A3BD-B4263A1C9FDE}] => (Allow) C:\Users\Débora\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F81ED892-17DB-4E07-9715-CA84DA5670F3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{119E9A36-0FE5-4624-B694-715257D134E9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{10F7D55A-9487-41E3-937C-2F15355E389F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{382C8B57-DCCB-433F-905B-FE188FA379DB}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
FirewallRules: [{0A871E48-6161-47CF-A4D9-BA6ADB0C80BB}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe
FirewallRules: [{553EA578-18D5-4206-9E29-D7BE87306FD8}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{B5225686-ADD6-4643-80C9-B92346E6127C}] => (Allow) LPort=1688
FirewallRules: [{3DFE1520-999B-4A6F-985E-834585880B2C}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{5C846BEA-1983-4069-AF0E-BF6044422FAD}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{1585B97D-0CA3-43B1-93D6-922434E604F3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Pontos de Restauração =========================

27-07-2016 22:16:14 ASU_MSI_TRAN
02-08-2016 21:49:25 Installed Bluetooth Software
02-08-2016 21:51:10 Instalação de Pacote de Driver de Dispositivo: WIDCOMM
02-08-2016 21:52:00 Instalação de Pacote de Driver de Dispositivo: WIDCOMM
02-08-2016 21:52:34 Instalação de Pacote de Driver de Dispositivo: WIDCOMM
02-08-2016 21:53:08 Instalação de Pacote de Driver de Dispositivo: WIDCOMM
02-08-2016 21:53:38 Instalação de Pacote de Driver de Dispositivo: WIDCOMM, Inc. Portas (COM e LPT)
02-08-2016 21:54:08 Instalação de Pacote de Driver de Dispositivo: WIDCOMM Modems
02-08-2016 21:54:53 Instalação de Pacote de Driver de Dispositivo: WIDCOMM Dispositivos de Interface Humana
02-08-2016 21:55:22 Instalação de Pacote de Driver de Dispositivo: WIDCOMM, Inc. Adaptadores de rede
02-08-2016 22:03:40 Instalação de Pacote de Driver de Dispositivo: WIDCOMM
02-08-2016 22:04:54 Instalação de Pacote de Driver de Dispositivo: WIDCOMM
02-08-2016 22:05:27 Instalação de Pacote de Driver de Dispositivo: WIDCOMM
02-08-2016 22:05:59 Instalação de Pacote de Driver de Dispositivo: WIDCOMM
02-08-2016 22:06:33 Instalação de Pacote de Driver de Dispositivo: WIDCOMM, Inc. Portas (COM e LPT)
03-08-2016 09:06:55 Instalação de Pacote de Driver de Dispositivo: WIDCOMM Modems
13-08-2016 08:42:54 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918
13-08-2016 09:58:14 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (08/13/2016 09:58:15 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina ConvertStringSidToSid(S-1-5-21-1241525271-2723492398-1228373806-1005.bak).  hr = 0x80070539, A estrutura da identificação de segurança é inválida.
.


Operação:
   Evento OnIdentify
   Obtendo Dados do Gravador

Contexto:
   Contexto de Execução: Shadow Copy Optimization Writer
   Id de Classe de Gravador: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Nome do Gravador: Shadow Copy Optimization Writer
   ID de Instância de Gravador: {22498817-14dd-4c9a-b5b6-69ad6c5c8fc9}

Error: (08/13/2016 09:30:43 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha na geração de contexto de ativação para "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1". Erro no arquivo de manifesto ou de diretiva UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2", na linha UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Use o arquivo sxstrace.exe para obter um dignóstico detalhado.

Error: (08/13/2016 09:30:43 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha na geração de contexto de ativação para "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1". Erro no arquivo de manifesto ou de diretiva UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2", na linha UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Use o arquivo sxstrace.exe para obter um dignóstico detalhado.

Error: (08/13/2016 08:51:27 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha na geração de contexto de ativação para "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1". Erro no arquivo de manifesto ou de diretiva UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2", na linha UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Use o arquivo sxstrace.exe para obter um dignóstico detalhado.

Error: (08/13/2016 08:51:26 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha na geração de contexto de ativação para "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1". Erro no arquivo de manifesto ou de diretiva UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2", na linha UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Use o arquivo sxstrace.exe para obter um dignóstico detalhado.

Error: (08/13/2016 08:42:54 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina ConvertStringSidToSid(S-1-5-21-1241525271-2723492398-1228373806-1005.bak).  hr = 0x80070539, A estrutura da identificação de segurança é inválida.
.


Operação:
   Evento OnIdentify
   Obtendo Dados do Gravador

Contexto:
   Contexto de Execução: Shadow Copy Optimization Writer
   Id de Classe de Gravador: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Nome do Gravador: Shadow Copy Optimization Writer
   ID de Instância de Gravador: {762be579-e89d-41d9-a9a3-06a218f7720e}

Error: (08/13/2016 08:37:49 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha na geração de contexto de ativação para "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1". Erro no arquivo de manifesto ou de diretiva UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2", na linha UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Use o arquivo sxstrace.exe para obter um dignóstico detalhado.

Error: (08/13/2016 08:37:49 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha na geração de contexto de ativação para "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1". Erro no arquivo de manifesto ou de diretiva UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2", na linha UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Use o arquivo sxstrace.exe para obter um dignóstico detalhado.

Error: (08/13/2016 08:30:37 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Skype.exe versão 7.26.0.101 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: f90

Hora de Início: 01d1f55598c056c9

Hora de Término: 10

Caminho do Aplicativo: C:\Program Files (x86)\Skype\Phone\Skype.exe

Id do Relatório: 53e6fd73-6149-11e6-bc90-00e04c3f3c2a

Error: (08/08/2016 09:08:13 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 


Erros de Sistema:
=============
Error: (08/13/2016 09:59:59 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {9B1F122C-2982-4E91-AA8B-E071D54F2A4D}

Error: (08/13/2016 08:56:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Service KMSELDI devido ao seguinte erro: 
%%1053 = O serviço não respondeu à requisição de início ou controle em tempo hábil.

Error: (08/13/2016 08:56:33 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Service KMSELDI.

Error: (08/13/2016 08:55:26 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento anterior do sistema em 08:53:48 às ‎13/‎08/‎2016 não era esperado.

Error: (08/13/2016 08:49:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Service KMSELDI devido ao seguinte erro: 
%%1053 = O serviço não respondeu à requisição de início ou controle em tempo hábil.

Error: (08/13/2016 08:49:11 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Service KMSELDI.

Error: (08/13/2016 08:47:05 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: O serviço Windows Update não foi desligado corretamente após receber um controle de pré-desligamento.

Error: (08/13/2016 08:28:43 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.

Error: (08/08/2016 09:08:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Service KMSELDI devido ao seguinte erro: 
%%1053 = O serviço não respondeu à requisição de início ou controle em tempo hábil.

Error: (08/08/2016 09:08:08 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Service KMSELDI.


CodeIntegrity:
===================================
  Date: 2016-08-13 09:00:37.702
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso64.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-13 08:57:16.220
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbprcm64.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-13 08:57:06.980
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\PROGRA~2\GbPlugin\wsftprp64.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-13 08:55:02.285
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-13 08:55:02.176
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wsddpp.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-13 08:55:01.880
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-13 08:55:01.864
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-13 08:55:01.583
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1609042.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-13 08:54:57.636
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-13 08:49:38.875
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\PROGRA~2\GbPlugin\wsftprp64.sys because the set of per-page image hashes could not be found on the system.


==================== Informações da Memória =========================== 

Processador: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Percentagem de memória em uso: 36%
RAM física total: 8105.99 MB
RAM física disponível: 5167.42 MB
Virtual Total: 16210.17 MB
Virtual disponível: 12762.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:244.04 GB) (Free:191.46 GB) NTFS
Drive d: () (Fixed) (Total:454.49 GB) (Free:431.49 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 2C076F95)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=244 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=454.5 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================