Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 12-03-2017 Executado por kely (12-03-2017 12:41:46) Executando a partir de C:\Users\kely\Downloads Windows 7 Home Basic (X64) (2016-06-27 20:05:37) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-3459328756-1267631139-1081520435-500 - Administrator - Disabled) Convidado (S-1-5-21-3459328756-1267631139-1081520435-501 - Limited - Enabled) Guilherme (S-1-5-21-3459328756-1267631139-1081520435-1001 - Limited - Enabled) => C:\Users\Guilherme kely (S-1-5-21-3459328756-1267631139-1081520435-1000 - Administrator - Enabled) => C:\Users\kely ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AV: AVG AntiVirus Free Edition (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated) Arquivo do WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software) AVG (Version: 16.101.7752 - AVG Technologies) Hidden AVG 2016 (Version: 16.0.4756 - AVG Technologies) Hidden AVG Protection (HKLM\...\AVG) (Version: 2016.101.7752 - AVG Technologies) CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform) doPDF 5.3 printer (HKLM\...\doPDF 5 printer_is1) (Version: - Softland) FMW 1 (Version: 1.112.3 - AVG Technologies) Hidden Google Chrome (HKU\S-1-5-21-3459328756-1267631139-1081520435-1000\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2372 - Intel Corporation) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3459328756-1267631139-1081520435-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{62619e9f-b847-4ca0-90a1-430ddb2dc054}) (Version: 14.10.25008.0 - Microsoft Corporation) Mozilla Firefox 51.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 pt-BR)) (Version: 51.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla) Nero 7 Ultra Edition (HKLM-x32\...\{C6115A28-F277-4E82-B067-84D28BF21046}) (Version: 7.03.1357 - Nero AG) PointBlank (HKU\S-1-5-21-3459328756-1267631139-1081520435-1000\...\PointBlank) (Version: 2.1.0 - Ongame S.A & Zepetto) <==== ATENÇÃO RaidCall (HKLM-x32\...\RaidCall) (Version: 8.1.8-1.0.3132.149 - raidcall.com.ru) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6403 - Realtek Semiconductor Corp.) rOx Games versão 2.0 (HKLM-x32\...\{53A5DECD-EADC-46C4-9E74-3F04972D90DB}_is1) (Version: 2.0 - rOx Games, Inc.) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.1 - TeamSpeak Systems GmbH) Versão de 64 bits do Microsoft Outlook Hotmail Connector (HKLM\...\{95140000-007A-0416-1000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) Warsaw 1.14.2.35 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.14.2.35 - GAS Tecnologia) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-3459328756-1267631139-1081520435-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\kely\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3459328756-1267631139-1081520435-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\kely\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3459328756-1267631139-1081520435-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\kely\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3459328756-1267631139-1081520435-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\kely\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3459328756-1267631139-1081520435-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\kely\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {0B1FFBBE-A012-4423-BAA4-59BE74444275} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3459328756-1267631139-1081520435-1000UA => C:\Users\kely\AppData\Local\Google\Update\GoogleUpdate.exe [2016-06-30] (Google Inc.) Task: {14488B32-00F7-4AA5-A9A6-EE7E5AAA18C9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-14] (Adobe Systems Incorporated) Task: {231C3939-E831-4EC0-AF98-10AE5A92B786} - System32\Tasks\{597C2603-649A-4B68-8311-01E319BE6D0E} => C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe [2017-02-21] (TeamSpeak Systems GmbH) Task: {363FD031-4739-4BB7-9816-7D77A649F166} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3459328756-1267631139-1081520435-1000Core => C:\Users\kely\AppData\Local\Google\Update\GoogleUpdate.exe [2016-06-30] (Google Inc.) Task: {44FB11B5-882A-4364-B530-6D3420C29AA0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software) Task: {4516F6A7-E653-45AB-9E8B-5BFD3E1E1F17} - System32\Tasks\{BDE8C20E-0D07-469D-BBA0-D9DF9D30DD02} => C:\Users\kely\Downloads\TeamSpeak3-Client-win64-3.1.1.1.exe [2017-03-11] (TeamSpeak Systems GmbH) Task: {46362640-4A16-4C55-8AA8-443831E570DE} - System32\Tasks\{240C361F-064A-47B2-879C-A62FCA88C2BD} => C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe [2017-02-21] (TeamSpeak Systems GmbH) Task: {53D7F141-E0A5-4CC9-834B-DACC1FB5C30C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated) Task: {5AD68611-E64E-46B3-A275-B3906A9B7DA2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd) Task: {84647578-0690-42DE-AAE6-7E68BDF902A0} - System32\Tasks\{17354D85-19BD-489E-B473-BF3A9CD9CDA7} => C:\Users\kely\Downloads\TeamSpeak3-Client-win64-3.1.1.1.exe [2017-03-11] (TeamSpeak Systems GmbH) Task: {B01319CC-1EA9-4AAF-93B5-0D853A3AFBCE} - System32\Tasks\{7833AC70-20C7-4721-9483-88E259A0131E} => C:\Users\kely\Downloads\TeamSpeak3-Client-win64-3.1.1.1.exe [2017-03-11] (TeamSpeak Systems GmbH) Task: {B5456DEF-0888-44EB-B9B6-3EA1E3CD8825} - System32\Tasks\{B298A786-D6A7-4633-9437-117E32771855} => C:\Users\kely\Downloads\TeamSpeak3-Client-win64-3.1.1.1.exe [2017-03-11] (TeamSpeak Systems GmbH) Task: {BC5D10C7-4F86-4297-94B4-BA194DCBC40D} - System32\Tasks\{8EF8BFF6-4221-48C8-BF5E-BE0375C05983} => pcalua.exe -a "C:\Users\kely\Downloads\wlsetup-web (1).exe" -d C:\Users\kely\Downloads Task: {C5905E0E-6614-4F76-8EEA-2FC7AC0251F2} - System32\Tasks\{E5647981-4ADD-4FE9-B8BB-07C91E2010BD} => C:\Users\kely\Downloads\TeamSpeak3-Client-win64-3.1.1.1.exe [2017-03-11] (TeamSpeak Systems GmbH) Task: {C5A7E300-4532-4AF6-8F09-0B4E2FCD6281} - System32\Tasks\{74DDE4CB-402C-4D19-A6AE-525F8D101730} => C:\Users\kely\Downloads\TeamSpeak3-Client-win64-3.1.1.1.exe [2017-03-11] (TeamSpeak Systems GmbH) Task: {D8F5F6EC-DD86-4085-88B2-6FA72A8F6218} - System32\Tasks\{464F01D7-DAA7-463F-96D3-570AB8F40B91} => pcalua.exe -a C:\Users\kely\Desktop\QMacro\444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444.exe -d C:\Users\kely\Desktop\QMacro Task: {DCDB2EA9-5064-46E8-BD82-F3DA6C790EB9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-16] (AVAST Software) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ==================== Módulos Carregados (Whitelisted) ============== 2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2016-06-30 15:21 - 2011-04-15 14:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2016-09-16 12:40 - 2016-09-16 12:40 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-03-11 15:23 - 2017-03-11 15:23 - 05883392 _____ () C:\Program Files\AVAST Software\Avast\defs\17031100\algo.dll 2016-09-16 12:40 - 2016-09-16 12:40 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2017-03-12 11:54 - 2017-03-12 11:54 - 05883392 _____ () C:\Program Files\AVAST Software\Avast\defs\17031200\algo.dll 2016-06-30 16:37 - 2016-06-30 16:36 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll 2016-09-16 12:40 - 2016-09-16 12:40 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2017-02-06 22:43 - 2017-02-01 06:01 - 01870168 _____ () C:\Users\kely\AppData\Local\Google\Chrome\Application\56.0.2924.87\libglesv2.dll 2017-02-06 22:43 - 2017-02-01 06:01 - 00085848 _____ () C:\Users\kely\AppData\Local\Google\Chrome\Application\56.0.2924.87\libegl.dll 2017-01-26 08:45 - 2013-04-16 12:03 - 00349696 _____ () C:\rOx Games\mss32.dll 2017-01-26 08:45 - 2013-04-16 12:03 - 01806336 _____ () C:\rOx Games\SpeedTreeRT.dll 2017-01-26 08:46 - 2013-04-16 12:03 - 00125952 _____ () C:\rOx Games\miles\mssmp3.asi 2017-01-26 08:46 - 2013-04-16 12:03 - 00197120 _____ () C:\rOx Games\miles\mssvoice.asi 2017-01-26 08:46 - 2013-04-16 12:03 - 00083456 _____ () C:\rOx Games\miles\mssa3d.m3d 2017-01-26 08:46 - 2013-04-16 12:03 - 00070656 _____ () C:\rOx Games\miles\mssds3d.m3d 2017-01-26 08:46 - 2013-04-16 12:03 - 00080896 _____ () C:\rOx Games\miles\mssdx7.m3d 2017-01-26 08:46 - 2013-04-16 12:03 - 00103424 _____ () C:\rOx Games\miles\msseax.m3d 2017-01-26 08:46 - 2013-04-16 12:03 - 00354816 _____ () C:\rOx Games\miles\mssrsx.m3d 2017-01-26 08:46 - 2013-04-16 12:03 - 00067072 _____ () C:\rOx Games\miles\msssoft.m3d 2017-01-26 08:46 - 2013-04-16 12:03 - 00093696 _____ () C:\rOx Games\miles\mssdsp.flt ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10] AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32] AlternateDataStreams: C:\Windows\System32:D1180F80_Bb.gbp [2] AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [2022] AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410] AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10] AlternateDataStreams: C:\Users\Todos os Usuários\GbPlugin:IncompleteStartGbprcm.cnt [10] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-3459328756-1267631139-1081520435-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br IE trusted site: HKU\S-1-5-21-3459328756-1267631139-1081520435-1000\...\bb.com.br -> aapj.bb.com.br IE trusted site: HKU\S-1-5-21-3459328756-1267631139-1081520435-1000\...\gastecnologia.com.br -> cloud.gastecnologia.com.br ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-13 23:34 - 2009-06-10 18:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-3459328756-1267631139-1081520435-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\kely\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 177.73.240.253 - 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está desabilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{0D0E83C8-E186-4CAD-AFB4-4A1E87BC909F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{DA58C8B5-D05B-4347-AFF6-DD7AAA8DC752}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{7CD961CB-5B4D-4793-8842-0E7B5FF3B1A9}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{13C5340A-A53B-4181-83E1-22D03EA68E20}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{8C52389A-DE52-4964-8854-B2245BE5B585}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{9747CEC9-160D-4218-AA01-6815CA6A4E32}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{8E290E5E-92ED-425B-9A64-07866D42BE5A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{63562599-179F-4AD1-8D9E-53AC18B03F61}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{BB42EC41-AA7B-4CD0-9783-9F68EF8EFF8B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{BA0B99C9-EA09-4B1F-9783-2B9FC518DCE7}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{0B48B369-72A0-47F3-BFBD-935B0D365681}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{323FE72D-1DF3-4BCC-B2F6-F4C63703EE44}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{E9408272-8DF1-4E25-9333-CECCA0946F1D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{D7949F62-3663-412D-AC29-2F4DDC3DEEB7}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{711B610C-17D2-48DC-8EB6-1FF1385AC58F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{AEEB0A86-1BB0-4403-BCFA-0C9FD16CDFAA}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [TCP Query User{2C531AAA-DF70-454A-B74F-C1028CE913B3}C:\users\kely\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\kely\appdata\local\google\chrome\application\chrome.exe FirewallRules: [UDP Query User{F0FBAD73-94A9-4648-8FB7-EA655A873F4B}C:\users\kely\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\kely\appdata\local\google\chrome\application\chrome.exe FirewallRules: [TCP Query User{2801FB14-B4A9-4752-93DA-1A474627E603}C:\users\kely\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\kely\appdata\local\google\chrome\application\chrome.exe FirewallRules: [UDP Query User{C7E7983A-D6D0-4DAB-B2AD-C9B3DD196ABB}C:\users\kely\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\kely\appdata\local\google\chrome\application\chrome.exe FirewallRules: [{023C1133-8108-4E4B-A30C-5994BC765D26}] => (Allow) C:\Users\kely\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{6D728FDA-6CCD-4188-87A9-27DB5FE6E37E}] => (Allow) C:\Program Files (x86)\RaidCall.RU\rcplugin.exe FirewallRules: [{45903459-05C2-4ECD-8827-1ABD424F93C6}] => (Allow) C:\Program Files (x86)\RaidCall.RU\rcplugin.exe FirewallRules: [{9E31ABA5-7E5C-4917-A67E-444CA4DF3C5A}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe FirewallRules: [{4067B5FF-ACE6-46A4-9222-DD17003A4F71}] => (Allow) C:\Users\kely\Desktop\Pointblank\PointBlank.exe FirewallRules: [{87CB82B7-8DAA-4D2D-A7B9-4E2AE1595A48}] => (Allow) C:\Users\kely\Desktop\Pointblank\PointBlank.exe ==================== Pontos de Restauração ========================= 28-02-2017 16:46:05 Ponto de Verificação Agendado 08-03-2017 13:04:26 Ponto de Verificação Agendado 11-03-2017 11:50:48 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 11-03-2017 11:53:57 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 11-03-2017 13:24:24 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 11-03-2017 13:25:57 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 11-03-2017 14:25:04 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 11-03-2017 14:25:44 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 11-03-2017 15:06:49 Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 11-03-2017 15:07:37 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 11-03-2017 15:46:32 Windows Update 11-03-2017 22:31:37 Operação de restauração ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (03/11/2017 11:05:39 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa avastui.exe versão 12.3.3154.23 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: 10e4 Hora de Início: 01d29ad4bd0b7bb4 Hora de Término: 60000 Caminho do Aplicativo: C:\Program Files\AVAST Software\Avast\avastui.exe Id do Relatório: 33200683-06c8-11e7-8f0c-0008ca88a5f7 Error: (03/11/2017 11:02:16 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Falha na geração de contexto de ativação para "C:\Users\kely\AppData\Local\chromium\Application\chrome.exe". Assembly dependente 51.0.2683.0,language="*",type="win32",version="51.0.2683.0" não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado. Error: (03/11/2017 10:46:11 PM) (Source: System Restore) (EventID: 8210) (User: ) Description: Erro não especificado durante a Restauração do Sistema: (Ponto de Verificação Agendado). Informações adicionais: 0x80070005. Error: (03/11/2017 10:45:49 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Falha na geração de contexto de ativação para "C:\Users\kely\AppData\Local\chromium\Application\chrome.exe". Assembly dependente 51.0.2683.0,language="*",type="win32",version="51.0.2683.0" não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado. Error: (03/11/2017 10:32:10 PM) (Source: EventSystem) (EventID: 4621) (User: ) Description: O Sistema de Eventos COM+ não pôde remover o EventSystem.EventSubscription objeto {7EEBE500-4C1B-4797-A005-3410E99F3149}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. Nome do objeto: Explorer Descrição do objeto: O HRESULT foi 80070005. Error: (03/11/2017 07:19:04 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome de aplicativo com falha: svchost.exe_SysMain, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bc3c1 Nome do módulo de falhas: sysmain.dll, versão: 6.1.7600.16385, carimbo de hora: 0x4a5be07e Código de exceção: 0xc0000005 Deslocamento com falha: 0x0000000000004abe Identificação do processo com falha: 0x4fc Hora de início do aplicativo com falha: 0x01d298b8757213fc Caminho do aplicativo com falha: C:\Windows\System32\svchost.exe FCaminho do módulo de falhas: c:\windows\system32\sysmain.dll Identificação do Relatório: 26a29798-0644-11e7-9cd8-0008ca88a5f7 Error: (03/10/2017 08:53:10 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Falha na geração de contexto de ativação para "C:\Users\kely\AppData\Local\chromium\Application\chrome.exe". Assembly dependente 51.0.2683.0,language="*",type="win32",version="51.0.2683.0" não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado. Error: (03/10/2017 08:52:45 PM) (Source: EventSystem) (EventID: 4622) (User: ) Description: O Sistema de Eventos COM+ não pôde realizar marshaling no assinante para a inscrição {7EEBE500-4C1B-4797-A005-3410E99F3149}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. O HRESULT era 80070005. Error: (03/10/2017 12:19:09 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Falha na geração de contexto de ativação para "C:\Users\kely\AppData\Local\chromium\Application\chrome.exe". Assembly dependente 51.0.2683.0,language="*",type="win32",version="51.0.2683.0" não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado. Error: (03/09/2017 06:37:47 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Falha na geração de contexto de ativação para "C:\Users\kely\AppData\Local\chromium\Application\chrome.exe". Assembly dependente 51.0.2683.0,language="*",type="win32",version="51.0.2683.0" não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado. Erros de Sistema: ============= Error: (03/11/2017 10:42:19 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: AUTORIDADE NT) Description: Falha na inicialização do Cliente CBS. Último erro: 0x8007045b Error: (03/11/2017 10:39:32 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: AUTORIDADE NT) Description: Falha na inicialização do Cliente CBS. Último erro: 0x8007045b Error: (03/11/2017 01:49:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço xspirit devido ao seguinte erro: Não foi possível encontrar o procedimento especificado. Error: (03/11/2017 07:19:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Windows Driver Foundation - Estrutura do Driver de Modo de Usuário foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 120000 milissegundos: Reiniciar o serviço. Error: (03/11/2017 07:19:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Configuração Automática de WLAN foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 120000 milissegundos: Reiniciar o serviço. Error: (03/11/2017 07:19:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Gerenciador de Sessão do Gerenciador de Janelas da Área de Trabalho foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 120000 milissegundos: Reiniciar o serviço. Error: (03/11/2017 07:19:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Cliente de rastreamento de link distribuído foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 120000 milissegundos: Reiniciar o serviço. Error: (03/11/2017 07:19:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Superfetch foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço. Error: (03/11/2017 07:19:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Serviço Auxiliar de Compatibilidade de Programas foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço. Error: (03/11/2017 07:19:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Conexões de Rede foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 100 milissegundos: Reiniciar o serviço. CodeIntegrity: =================================== Date: 2017-01-21 22:19:49.111 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\xspirit.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-21 22:19:49.086 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\xspirit.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-20 23:54:18.801 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\xspirit.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-20 23:54:18.791 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\xspirit.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-20 23:02:54.897 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\xspirit.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-20 23:02:54.866 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\xspirit.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-20 17:26:20.580 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\xspirit.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-20 17:26:20.574 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\xspirit.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-17 21:43:42.826 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\xspirit.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-17 21:43:42.817 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\xspirit.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz Percentagem de memória em uso: 60% RAM física total: 4043.84 MB RAM física disponível: 1594.77 MB Virtual Total: 8085.84 MB Virtual disponível: 5353.31 MB ==================== Drives ================================ Drive c: (SISTEMA) (Fixed) (Total:195.21 GB) (Free:123.65 GB) NTFS Drive d: (DADOS) (Fixed) (Total:270.45 GB) (Free:267.96 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F1997DF2) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=195.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=270.4 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================