Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 26-10-2016 Executado por Herobrine (28-10-2016 19:43:32) Executando a partir de C:\Users\Herobrine\Downloads Windows 7 Ultimate Service Pack 1 (X64) (2016-01-22 03:35:04) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-2620735396-3580882381-3573613796-500 - Administrator - Disabled) Convidado (S-1-5-21-2620735396-3580882381-3573613796-501 - Limited - Disabled) Herobrine (S-1-5-21-2620735396-3580882381-3573613796-1000 - Administrator - Enabled) => C:\Users\Herobrine HomeGroupUser$ (S-1-5-21-2620735396-3580882381-3573613796-1002 - Limited - Enabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-2620735396-3580882381-3573613796-1000\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.) Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) AIDA64 Extreme v5.75 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.75 - FinalWire Ltd.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Atualizações da NVIDIA 2.13.0.21 (Version: 2.13.0.21 - NVIDIA Corporation) Hidden Bandicam (HKLM-x32\...\Bandicam) (Version: 3.1.1.1073 - Bandisoft.com) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com) Color Suite v11.1.4 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 11.1.4 - Red Giant, LLC) D-Link DWA-131 - V5.02b04 (HKLM-x32\...\{B7C11488-750D-4E48-A9A4-7207A335984D}) (Version: 5.00.0000 - D-Link) Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team) GenArts Sapphire Plug-ins 6.13 for After Effects and Compatible (HKLM\...\GenArts Sapphire AE_is1) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.) Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation) Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) NVIDIA Driver de controle do 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NVIDIA Driver de gráficos 341.98 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.98 - NVIDIA Corporation) NVIDIA Driver do 3D Vision 341.98 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.98 - NVIDIA Corporation) NVIDIA GeForce Experience 3.0.7.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.7.34 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NvNodejs (Version: 3.0.7.34 - NVIDIA Corporation) Hidden NvTelemetry (Version: 1.0.0.0 - NVIDIA Corporation) Hidden Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Client Profile PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Extended PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Painel de controle da NVIDIA 341.98 (Version: 341.98 - NVIDIA Corporation) Hidden Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.) QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) ReelSmart Motion Blur 4, After Effects-compatible plugin set (HKLM-x32\...\ReelSmart Motion Blur 4, After Effects-compatible plugin set) (Version: - ) SHIELD Streaming (Version: 7.1.0320 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.0.7.34 - NVIDIA Corporation) Hidden Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.) Suporte para Aplicativos Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Trapcode Suite v12.1.7 (HKLM-x32\...\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 12.1.7 - Red Giant, LLC) UmmyVideoDownloader (HKLM-x32\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.7.2.2 - ) <==== ATENÇÃO Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {01E1A5B9-2106-4624-BCF8-0974E5247019} - System32\Tasks\{AD4426F5-2D9F-46E9-9DB0-799D625A4FB8} => C:\Program Files (x86)\Bandicam\bdcam.exe [2016-06-21] (www.Bandisoft.com) Task: {0BEA4022-A5E9-4D07-BBDA-8BBE95443EA0} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> Nenhum Arquivo <==== ATENÇÃO Task: {18A3C097-D982-467B-B587-50C29339BC64} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-09-30] (NVIDIA Corporation) Task: {2AAE8CD2-41F1-4EFB-A764-9B7949952811} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation) Task: {313BF0C6-9E12-4BDE-8A7D-A4F194746616} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-22] (Google Inc.) Task: {35515DCA-17ED-42F4-B0BC-58BA6C312ABA} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe Task: {3B9C9403-52BF-442E-9CFF-592D77D3DDE2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-22] (Google Inc.) Task: {45684AF4-6F0C-48BA-886C-6AB5E7BDE172} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation) Task: {5FDF1BAC-E239-4785-83D3-7D59346F9339} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation) Task: {8F486370-EE01-4B80-9DA4-892181B4CC0B} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation) Task: {B669983C-4AA2-47B8-BE56-43F3BDFD002D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-09-30] (NVIDIA Corporation) Task: {D54B74D9-09BE-4AA7-89FB-F6DFA850313A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {E6F88716-1C6D-4F12-9F32-446163207499} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation) Task: {EE7DFCC9-4655-4343-85CF-E872B9F16516} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> Nenhum Arquivo <==== ATENÇÃO (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) Shortcut: C:\Users\Herobrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UmmyVideoDownloader\Help\ђусский.lnk -> C:\Users\Herobrine\AppData\Local\UmmyVideoDownloader\1.7.2.2\help\Ummy_rus.pdf () <===== Cyrillic ==================== Módulos Carregados (Whitelisted) ============== 2016-10-23 15:08 - 2016-09-12 18:00 - 00133568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-10-23 14:28 - 2016-09-30 02:22 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-10-23 14:28 - 2016-09-30 02:22 - 04490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll 2016-10-23 14:28 - 2016-09-30 02:22 - 00419896 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll 2016-01-22 02:45 - 2016-10-20 06:56 - 02367080 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libglesv2.dll 2016-01-22 02:45 - 2016-10-20 06:56 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libegl.dll 2016-10-23 14:28 - 2016-09-29 15:20 - 00500792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node 2016-10-23 14:28 - 2016-09-29 15:20 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2016-10-23 14:28 - 2016-09-29 15:20 - 02801208 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2016-10-23 14:28 - 2016-09-29 15:20 - 00244672 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2016-10-23 14:28 - 2016-09-29 15:20 - 00430648 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node 2016-10-23 14:28 - 2016-09-29 15:20 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2016-10-23 14:28 - 2016-09-29 15:20 - 00373696 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node 2016-10-23 14:28 - 2016-09-30 02:22 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-14 00:34 - 2016-10-23 18:07 - 00000864 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 validation.sls.microsoft.com ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-2620735396-3580882381-3573613796-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Herobrine\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: uTorrent => "C:\Users\Herobrine\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{16C2F495-B85B-448B-85D1-13DDDE8AF172}] => (Allow) LPort=48113 FirewallRules: [{CEBB9EF8-A9EC-4F15-B0EF-2DDA9F68272D}] => (Allow) C:\Program Files\DriversCloud.com\MCDetection.exe FirewallRules: [{DD00AAF7-037B-4587-BABA-BFB8D9413209}] => (Allow) C:\Program Files\DriversCloud.com\MCDetection.exe FirewallRules: [{5B086FE8-2B90-41A6-AC43-54812A7FDBCF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{A8A12016-32D8-492F-AC1D-99FD9D16A266}] => (Allow) C:\Program Files (x86)\D-Link\DWA-131 revE\IHV\RTLDHCP.exe FirewallRules: [{611BFBCC-81BA-4C62-9145-8E0E773EF2EA}] => (Allow) C:\Program Files (x86)\D-Link\DWA-131 revE\IHV\PortableWiFi.exe FirewallRules: [{29E71EC9-ED13-4AC0-9779-6ED934A22C44}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{F05ACFA8-E78E-46FB-8C5E-3C95A04947BF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{0166283A-BC1D-45DB-89DB-5893737D488A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{B3B804FA-F714-4036-8E36-C643A1CD8B91}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{A9891088-0ACD-45C8-BF07-37C64E1A1486}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{D1024606-4AE1-4B6E-AE92-F068352FA48A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{2FF08EA1-8D42-4D99-A08D-0C0AF60C1B33}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_111\bin\javaw.exe FirewallRules: [UDP Query User{ED3BB2E9-D66C-4AA6-857A-C1351ECE975A}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_111\bin\javaw.exe FirewallRules: [TCP Query User{6200912A-1E11-4A3D-A78C-D965CE71C3A7}C:\users\herobrine\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\herobrine\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{79564BDF-CB57-426F-9C46-08E4BD3347E9}C:\users\herobrine\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\herobrine\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{84B184C4-1EDF-483D-B062-4BA190EB56E1}C:\program files\adobe\adobe after effects cc 2015\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2015\support files\afterfx.exe FirewallRules: [UDP Query User{54864950-CB0B-4465-9331-5D8802061610}C:\program files\adobe\adobe after effects cc 2015\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2015\support files\afterfx.exe FirewallRules: [{7E1C0067-68EB-4157-8CBC-F2D0A22A08FD}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [TCP Query User{E72C24DA-50A3-42DD-881D-F157BAB9F955}C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe FirewallRules: [UDP Query User{B3D4578D-FCC1-4063-80E6-84BDDE42ED3B}C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe ==================== Pontos de Restauração ========================= ATENÇÃO: A Restauração do Sistema está desabilitada ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: Controlador de barramento SM Description: Controlador de barramento SM Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Controlador de comunicação PCI simples Description: Controlador de comunicação PCI simples Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (10/28/2016 01:03:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: SaberInstaller_1.0.38_Win.exe, versão: 0.0.0.0, carimbo de hora: 0x56da63e4 Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.17514, carimbo de hora: 0x4ce7c8f9 Código de exceção: 0xc0000374 Deslocamento com falha: 0x00000000000c40f2 Identificação do processo com falha: 0xdf8 Hora de início do aplicativo com falha: 0x01d2312c78de25e9 Caminho do aplicativo com falha: C:\Users\Herobrine\Downloads\Saber_1.0.38_win\SaberInstaller_1.0.38_Win.exe FCaminho do módulo de falhas: C:\Windows\SYSTEM32\ntdll.dll Identificação do Relatório: b9885437-9d1f-11e6-be8b-1078d2b3e872 Error: (10/28/2016 12:56:28 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: WinRAR.exe, versão: 5.40.0.0, carimbo de hora: 0x57b0c341 Nome do módulo de falhas: unknown, versão: 0.0.0.0, carimbo de hora: 0x00000000 Código de exceção: 0xc0000005 Deslocamento com falha: 0xffffffff65746167 Identificação do processo com falha: 0xebc Hora de início do aplicativo com falha: 0x01d2312b6e122a5c Caminho do aplicativo com falha: C:\Program Files\WinRAR\WinRAR.exe FCaminho do módulo de falhas: unknown Identificação do Relatório: b3e1894c-9d1e-11e6-be8b-1078d2b3e872 Error: (10/27/2016 11:52:08 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa AfterFX.exe versão 13.5.0.347 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: 904 Hora de Início: 01d230bd73ec0dff Hora de Término: 10 Caminho do Aplicativo: C:\Program Files\Adobe\Adobe After Effects CC 2015\Support Files\AfterFX.exe Id do Relatório: 13c26c0e-9cb1-11e6-b930-1078d2b3e872 Error: (10/27/2016 08:16:28 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: CINEMA 4D.exe, versão: 16.0.3.8, carimbo de hora: 0x54b68dec Nome do módulo de falhas: TurbulenceFD_R12.dll, versão: 0.0.0.0, carimbo de hora: 0x4f030f68 Código de exceção: 0xc0000005 Deslocamento com falha: 0x00000000002549b2 Identificação do processo com falha: 0x8cc Hora de início do aplicativo com falha: 0x01d2309faf24a9a6 Caminho do aplicativo com falha: C:\Program Files\CINEMA 4D R16\CINEMA 4D.exe FCaminho do módulo de falhas: C:\Program Files\CINEMA 4D R16\plugins\TurbulenceFD v1.0\TurbulenceFD\libs\x64\TurbulenceFD_R12.dll Identificação do Relatório: 00fcad9a-9c93-11e6-b930-1078d2b3e872 Error: (10/27/2016 07:56:26 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: CINEMA 4D.exe, versão: 16.0.3.8, carimbo de hora: 0x54b68dec Nome do módulo de falhas: TurbulenceFD_R12.dll, versão: 0.0.0.0, carimbo de hora: 0x4f030f68 Código de exceção: 0xc0000005 Deslocamento com falha: 0x00000000002549b2 Identificação do processo com falha: 0x11c8 Hora de início do aplicativo com falha: 0x01d2309caa60e314 Caminho do aplicativo com falha: C:\Program Files\CINEMA 4D R16\CINEMA 4D.exe FCaminho do módulo de falhas: C:\Program Files\CINEMA 4D R16\plugins\TurbulenceFD v1.0\TurbulenceFD\libs\x64\TurbulenceFD_R12.dll Identificação do Relatório: 347be30d-9c90-11e6-b930-1078d2b3e872 Error: (10/27/2016 07:52:45 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: CINEMA 4D.exe, versão: 16.0.3.8, carimbo de hora: 0x54b68dec Nome do módulo de falhas: TurbulenceFD_R12.dll, versão: 0.0.0.0, carimbo de hora: 0x4f030f68 Código de exceção: 0xc0000005 Deslocamento com falha: 0x00000000002549b2 Identificação do processo com falha: 0xe78 Hora de início do aplicativo com falha: 0x01d2309a87d9bde7 Caminho do aplicativo com falha: C:\Program Files\CINEMA 4D R16\CINEMA 4D.exe FCaminho do módulo de falhas: C:\Program Files\CINEMA 4D R16\plugins\TurbulenceFD v1.0\TurbulenceFD\libs\x64\TurbulenceFD_R12.dll Identificação do Relatório: b0c7f81f-9c8f-11e6-b930-1078d2b3e872 Error: (10/26/2016 09:49:56 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa Character Animator.exe versão 1.0.0.650 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: 6fc Hora de Início: 01d22fe38b4c7bf0 Hora de Término: 10 Caminho do Aplicativo: C:\Program Files\Adobe\Adobe Character Animator (Preview)\Support Files\Character Animator.exe Id do Relatório: e3ee965e-9bd6-11e6-acee-1078d2b3e872 Error: (10/26/2016 09:48:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: AfterFX.exe, versão: 13.5.0.347, carimbo de hora: 0x55642425 Nome do módulo de falhas: MSVCR120.dll, versão: 12.0.21005.1, carimbo de hora: 0x524f83ff Código de exceção: 0xc000041d Deslocamento com falha: 0x000000000003c64a Identificação do processo com falha: 0x92c Hora de início do aplicativo com falha: 0x01d22fe2c3d78c60 Caminho do aplicativo com falha: C:\Program Files\Adobe\Adobe After Effects CC 2015\Support Files\AfterFX.exe FCaminho do módulo de falhas: C:\Program Files\Adobe\Adobe After Effects CC 2015\Support Files\MSVCR120.dll Identificação do Relatório: bfa340ab-9bd6-11e6-acee-1078d2b3e872 Error: (10/26/2016 09:39:30 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: CINEMA 4D.exe, versão: 16.0.3.8, carimbo de hora: 0x54b68dec Nome do módulo de falhas: TurbulenceFD_R12.dll, versão: 0.0.0.0, carimbo de hora: 0x4f030f68 Código de exceção: 0xc0000005 Deslocamento com falha: 0x00000000002549b2 Identificação do processo com falha: 0xdfc Hora de início do aplicativo com falha: 0x01d22fe1bac92f0a Caminho do aplicativo com falha: C:\Program Files\CINEMA 4D R16\CINEMA 4D.exe FCaminho do módulo de falhas: C:\Program Files\CINEMA 4D R16\plugins\TurbulenceFD v1.0\TurbulenceFD\libs\x64\TurbulenceFD_R12.dll Identificação do Relatório: 7060d0b3-9bd5-11e6-acee-1078d2b3e872 Error: (10/26/2016 09:25:22 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa javaw.exe versão 8.0.1110.14 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: d70 Hora de Início: 01d22fdf1bcb8fe4 Hora de Término: 80 Caminho do Aplicativo: C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe Id do Relatório: 7557dd24-9bd3-11e6-acee-1078d2b3e872 Erros de Sistema: ============= Error: (10/28/2016 07:24:13 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: O servidor {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} não se registrou com o DCOM dentro do tempo limite requerido. Error: (10/28/2016 07:20:42 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: O servidor {E60687F7-01A1-40AA-86AC-DB1CBF673334} não se registrou com o DCOM dentro do tempo limite requerido. Error: (10/28/2016 06:47:12 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: AUTORIDADE NT) Description: Falha na inicialização do Módulo de Extensibilidade de WLAN. Caminho do Módulo: C:\Windows\system32\Rtlihvs.dll Código de Erro: 126 Error: (10/28/2016 02:51:52 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Serviço Windows Defender suspenso ao iniciar. Error: (10/28/2016 02:48:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: O serviço Enumerador de Barramento PnP-X IP depende do serviço Host de Provedor da Descoberta de Função, mas não foi possível iniciá-lo devido ao seguinte erro: Após iniciar, o serviço permaneceu em estado pendente de início. Error: (10/28/2016 02:48:41 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Serviço Host de Provedor da Descoberta de Função suspenso ao iniciar. Error: (10/28/2016 02:44:37 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: AUTORIDADE NT) Description: Falha na inicialização do Módulo de Extensibilidade de WLAN. Caminho do Módulo: C:\Windows\system32\Rtlihvs.dll Código de Erro: 126 Error: (10/28/2016 06:38:40 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: O servidor {5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C} não se registrou com o DCOM dentro do tempo limite requerido. Error: (10/28/2016 06:35:36 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: AUTORIDADE NT) Description: Falha na inicialização do Módulo de Extensibilidade de WLAN. Caminho do Módulo: C:\Windows\system32\Rtlihvs.dll Código de Erro: 126 Error: (10/27/2016 03:32:29 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: AUTORIDADE NT) Description: Falha na inicialização do Módulo de Extensibilidade de WLAN. Caminho do Módulo: C:\Windows\system32\Rtlihvs.dll Código de Erro: 126 CodeIntegrity: =================================== Date: 2016-01-22 02:29:45.348 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-01-22 02:29:45.348 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-01-22 02:09:10.991 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-01-22 02:09:10.991 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz Percentagem de memória em uso: 81% RAM física total: 2030.64 MB RAM física disponível: 368.95 MB Virtual Total: 4061.28 MB Virtual disponível: 1250.36 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.76 GB) (Free:409.05 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)] Drive e: (DISCO LOCAL) (Fixed) (Total:14.89 GB) (Free:14.09 GB) FAT32 Drive f: () (Removable) (Total:14.54 GB) (Free:6.33 GB) FAT32 ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 46E437B7) Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 14.6 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 14.9 GB) (Disk ID: DFFEA578) Partition 1: (Not Active) - (Size=14.9 GB) - (Type=0C) ==================== Fim de Addition.txt ============================