Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 15-03-2017 Executado por Flayson & Lailana (10-04-2017 15:34:01) Executando a partir de C:\Users\Flayson & Lailana\Desktop Windows 10 Pro Versão 1511 (X64) (2016-07-25 11:54:51) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-3365952320-3481356937-2799727596-500 - Administrator - Disabled) Convidado (S-1-5-21-3365952320-3481356937-2799727596-501 - Limited - Disabled) DefaultAccount (S-1-5-21-3365952320-3481356937-2799727596-503 - Limited - Disabled) Flayson & Lailana (S-1-5-21-3365952320-3481356937-2799727596-1000 - Administrator - Enabled) => C:\Users\Flayson & Lailana ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated) Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated) aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform) Corel Graphics - Windows Shell Extension (HKLM\...\_{3CAAE169-6001-48ED-B2C6-5B6F511552FD}) (Version: 18.0.0.448 - Corel Corporation) Corel Graphics - Windows Shell Extension (Version: 18.0.448 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit Keys (Version: 18.0.448 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - BR (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Capture (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Common (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Connect (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - CS (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - CT (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Custom Data (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - CZ (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - DE (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Draw (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - EN (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - ES (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Filters (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Font Manager (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - FR (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - IPM (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - IPM Content (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - IT (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - JP (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - NL (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - PHOTO-PAINT (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - PL (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Redist (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - RU (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Setup Files (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - VBA (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - VideoBrowser (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Workspaces (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Writing Tools (x64) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 (64-Bit) (HKLM\...\_{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.0.0.448 - Corel Corporation) CorelDRAW Graphics Suite X8 (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 -TR (x64) (Version: 18.0 - Corel Corporation) Hidden Driver Easy 5.0.9 (HKLM\...\DriverEasy_is1) (Version: 5.0.9 - Easeware) Estudo de aprimoramento de produto para HP Deskjet 2540 series (HKLM\...\{44FE0FDF-E044-4EA9-AC22-325CDD4C3241}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) FormatFactory 4.0.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.0.0.0 - Free Time) Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.110 - Google Inc.) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden HP Deskjet 2540 series Ajuda (HKLM-x32\...\{70B5D5B2-8014-4C22-9963-361B1F07B81A}) (Version: 30.0.0 - Hewlett Packard) HP Deskjet 2540 series Software básico do dispositivo (HKLM\...\{A4BA74B3-3DCB-47CC-9C80-C2CBAC26C6EB}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation) IPM_Installer (Version: 2.1 - Your Company Name) Hidden Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation) Kaspersky Cleaner (HKLM-x32\...\{7DDC11A1-C25C-4090-AC3F-0330955593BA}) (Version: 1.0.1.150 - Kaspersky Lab) Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab) Kaspersky Internet Security (x32 Version: 16.0.1.445 - Kaspersky Lab) Hidden K-Lite Mega Codec Pack 12.1.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.1.5 - KLCP) Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.4266.1003 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3365952320-3481356937-2799727596-1000\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation) Mozilla Firefox 50.0.2 (x64 pt-BR) (HKLM\...\Mozilla Firefox 50.0.2 (x64 pt-BR)) (Version: 50.0.2 - Mozilla) Mozilla Firefox 52.0.2 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 52.0.2 (x86 pt-BR)) (Version: 52.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.2 - Mozilla) Nero 2016 (HKLM-x32\...\{4297E807-5633-466A-8AC0-5AC48D310471}) (Version: 17.0.02000 - Nero AG) Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG) Office 16 Click-to-Run Extensibility Component (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (Version: 16.0.4266.1003 - Microsoft Corporation) Hidden Prerequisite installer (x32 Version: 17.0.0002 - Nero AG) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.) Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.) Stashimi Stub Installer (x32 Version: 18.001.1 - Nero AG) Hidden WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {0DCD5109-19EA-43F6-B8DE-1871E52F94F7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-08-16] (Microsoft Corporation) Task: {3668C8E7-FD24-4DCB-9FE2-B94AF2DD49E1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-29] (Google Inc.) Task: {378BE946-53D0-4C46-AFD8-AF544C53ADEE} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic Task: {487B5A50-B467-456A-A41E-1ABCC56B7EE7} - System32\Tasks\R@1n-KMS\Office16ProPlus => wmic Task: {6A3818E6-148B-4A9E-A589-83728C06AD08} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd) Task: {745F940F-D420-466A-972F-10EDFD0037A6} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2016-02-26] (Corel Corporation) Task: {78770502-B273-42C9-8375-2887334C4500} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-03-29] (Microsoft Corporation) Task: {8B42B0A4-1979-4BD0-BAC4-42E092363ABE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-03-29] (Microsoft Corporation) Task: {982DD533-2285-40FA-819F-277AD2070E45} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated) Task: {B6F9A828-3303-4F00-B186-F0375CFF2C2B} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-05-24] () Task: {CC308409-CDB2-4F5E-AF80-FE75C5C9470A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-08-16] (Microsoft Corporation) Task: {CF6CF89E-190A-4F9A-B2A0-C77BEC7C4588} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-22] (Adobe Systems Incorporated) Task: {D45AA486-221A-44E4-89C2-544E1288CFCA} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.) Task: {E6145E2E-9043-49D1-A6F2-65F83C4A6ACB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-29] (Google Inc.) Task: {FBCC14A6-DDE6-4B9B-9FCA-73656102AF49} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-06-04] (Nero AG) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ==================== Módulos Carregados (Whitelisted) ============== 2015-10-30 04:17 - 2015-10-30 04:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll 2017-03-29 15:17 - 2015-08-16 00:21 - 00162880 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll 2017-03-29 00:04 - 2017-03-04 02:31 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2017-03-29 00:04 - 2017-03-04 05:12 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2017-03-29 00:04 - 2017-03-04 05:12 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-04-27 03:29 - 2016-04-27 03:29 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-07-25 16:39 - 2016-07-01 00:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2017-03-29 00:04 - 2017-03-04 00:19 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-29 00:04 - 2017-03-04 00:14 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-29 00:04 - 2017-03-04 00:15 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-03-29 00:04 - 2017-03-04 00:17 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-07-25 13:02 - 2016-07-25 15:41 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-12-22 02:47 - 2015-12-22 02:47 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\kpcengine.2.3.dll 2016-07-25 13:02 - 2016-07-25 15:41 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-07-25 13:02 - 2016-07-25 15:41 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-3365952320-3481356937-2799727596-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Flayson & Lailana\Desktop\Nova pasta (2)\Minhas imagens\702223225_17132.jpg DNS Servers: 8.8.8.8 - 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == HKLM\...\StartupApproved\Run: => "IgfxTray" HKLM\...\StartupApproved\Run: => "HotKeysCmds" HKLM\...\StartupApproved\Run: => "Persistence" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "BCSSync" HKU\S-1-5-21-3365952320-3481356937-2799727596-1000\...\StartupApproved\StartupFolder: => "Monitorar alertas de tinta - HP Deskjet 2540 series.lnk" HKU\S-1-5-21-3365952320-3481356937-2799727596-1000\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-3365952320-3481356937-2799727596-1000\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3365952320-3481356937-2799727596-1000\...\StartupApproved\Run: => "OfficeSyncProcess" ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{F92D5C26-E7FC-4FCE-85B3-FAD88977128D}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{2D81601E-0B1C-413D-8F55-1768A1E2829D}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe FirewallRules: [{A3293E0D-88B0-48DA-806C-37129F26A074}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe FirewallRules: [{ADDC7DD9-F60F-4B7F-A29F-9D042F82DC68}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{8F63696A-7DDB-465F-9108-8C7DC019BE4B}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDrw.exe FirewallRules: [{3D6E9C75-7411-4688-93D3-083F92036663}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelPP.exe FirewallRules: [{4D3B2EB9-0923-480D-B2F1-33FE9282B777}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\StartNBR.exe FirewallRules: [{5320005E-6CAB-431B-8AF9-A61D3DB2C263}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe FirewallRules: [{40FD7D1C-9E0F-48AF-8A5F-07C9D1D0AE0C}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\nero.exe FirewallRules: [{63746F50-7E1C-4066-9E9F-A7B7DC88CA99}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe FirewallRules: [{D13E50AE-64CB-44A3-B2DD-0187AEC7280C}] => (Allow) LPort=5357 FirewallRules: [{D7A190D6-D797-4C51-9BBA-8DD19D950D16}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{4E793951-183E-44BD-B231-F4AA1778B597}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe FirewallRules: [{9696C1DE-493D-45F1-BF52-382B7077E714}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{50B3A7EC-5A46-4AA3-86B4-1617DC6AB8D6}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe FirewallRules: [{94623625-AFBA-4DD1-88EA-DDD1F0A00160}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{4002360C-E17B-4AF2-B11B-4524444300D2}] => (Allow) C:\Windows\KMS-R@1n.exe FirewallRules: [{B5BF7172-6E9B-4C6C-8B21-EA471F49AA3D}] => (Allow) C:\Windows\KMS-R@1n.exe FirewallRules: [{22782CEA-CF56-42D9-B68B-CE2FC282BDAB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{7BD694E5-F283-4606-A0D5-C77003DB0170}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{F3ABFEA5-79BB-4044-B098-150E53397E97}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{C4EDF637-1943-4597-97A1-325F4185A0B6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{25C33B32-600F-4B24-99FE-B7C1D0552952}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{5640BDDE-D1B7-4194-8FF7-B483C09F9B78}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{02D57353-A6C1-4F83-8BC2-308D80123B14}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{06CBD7BB-C985-459D-B0EE-264A32386B82}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{49D32D85-555D-49D9-A922-563F15064F2B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{2F0EFF5C-434D-45AE-B2EC-CECC924FA674}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Pontos de Restauração ========================= 30-03-2017 17:03:09 Fim da desinfecção 03-04-2017 07:05:46 Windows Update 03-04-2017 07:06:38 Windows Update ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (04/10/2017 03:18:32 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Falha na Ativação de Licença (slui.exe). Código de erro: hr=0xC004F074 Argumento de linha de comando: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkQuarantineRetry Error: (04/10/2017 03:14:36 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Falha na Ativação de Licença (slui.exe). Código de erro: hr=0xC004F074 Argumento de linha de comando: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (04/10/2017 03:13:53 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Falha na Ativação de Licença (slui.exe). Código de erro: hr=0xC004F074 Argumento de linha de comando: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (04/10/2017 03:10:41 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Falha na Ativação de Licença (slui.exe). Código de erro: hr=0xC004F074 Argumento de linha de comando: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=2 Error: (04/09/2017 07:26:27 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Falha na Ativação de Licença (slui.exe). Código de erro: hr=0xC004F074 Argumento de linha de comando: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (04/09/2017 07:26:22 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Falha na Ativação de Licença (slui.exe). Código de erro: hr=0xC004F074 Argumento de linha de comando: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (04/09/2017 07:26:14 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Falha na Ativação de Licença (slui.exe). Código de erro: hr=0xC004F074 Argumento de linha de comando: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (04/09/2017 07:25:57 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Falha na Ativação de Licença (slui.exe). Código de erro: hr=0xC004F074 Argumento de linha de comando: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (04/09/2017 07:25:52 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Falha na Ativação de Licença (slui.exe). Código de erro: hr=0xC004F074 Argumento de linha de comando: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (04/09/2017 07:19:06 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Falha na Ativação de Licença (slui.exe). Código de erro: hr=0xC004F074 Argumento de linha de comando: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Erros de Sistema: ============= Error: (04/10/2017 03:11:04 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C} e APPID {50E1C3FD-EC35-490E-9CCF-C68F9AE91919} ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (04/10/2017 03:10:43 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C} e APPID {50E1C3FD-EC35-490E-9CCF-C68F9AE91919} ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (04/10/2017 03:10:43 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C} e APPID {50E1C3FD-EC35-490E-9CCF-C68F9AE91919} ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (04/10/2017 03:10:43 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C} e APPID {50E1C3FD-EC35-490E-9CCF-C68F9AE91919} ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (04/09/2017 07:27:18 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 5 Error: (04/09/2017 07:27:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Host de Sincronização_24c31 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço. Error: (04/09/2017 07:25:53 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT) Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais. Error: (04/09/2017 07:25:48 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C} e APPID {50E1C3FD-EC35-490E-9CCF-C68F9AE91919} ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (04/09/2017 07:21:35 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C} e APPID {50E1C3FD-EC35-490E-9CCF-C68F9AE91919} ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (04/09/2017 07:21:30 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C} e APPID {50E1C3FD-EC35-490E-9CCF-C68F9AE91919} ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. CodeIntegrity: =================================== Date: 2017-04-03 07:09:19.442 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-29 15:46:52.902 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-29 15:44:23.422 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-29 15:28:43.277 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-29 14:49:22.308 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-29 14:45:33.792 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-29 14:31:54.075 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-29 14:13:10.422 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-29 09:34:09.441 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-29 09:05:40.231 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz Percentagem de memória em uso: 41% RAM física total: 5990.5 MB RAM física disponível: 3512.45 MB Virtual Total: 6950.5 MB Virtual disponível: 4613.5 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.22 GB) (Free:286.42 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 23ADC27F) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=449 MB) - (Type=27) ==================== Fim de Addition.txt ============================