Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 03-05-2017 01 Executado por user (04-05-2017 01:20:47) Executando a partir de C:\Users\user\Desktop Windows 10 Home Single Language Versão 1511 (X64) (2017-02-13 07:16:59) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-2113267365-3470643569-1527746635-500 - Administrator - Disabled) Convidado (S-1-5-21-2113267365-3470643569-1527746635-501 - Limited - Disabled) DefaultAccount (S-1-5-21-2113267365-3470643569-1527746635-503 - Limited - Disabled) user (S-1-5-21-2113267365-3470643569-1527746635-1001 - Administrator - Enabled) => C:\Users\user ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Kaspersky Anti-Virus (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Kaspersky Anti-Virus (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-2113267365-3470643569-1527746635-1001\...\uTorrent) (Version: 3.5.0.43580 - BitTorrent Inc.) Ansel (Version: 381.89 - NVIDIA Corporation) Hidden Atualizações da NVIDIA 24.0.0.0 (Version: 24.0.0.0 - NVIDIA Corporation) Hidden ColorEngine (HKLM-x32\...\{0B48E952-494A-408B-8D9D-5F3331F96659}) (Version: 4.3 - Samsung Electronics Co., Ltd.) DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated) ELAN Touchpad driver X64 15.7.5.2_WHQL (HKLM\...\Elantech) (Version: 15.7.5.2 - ELAN Microelectronic Corp.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.96 - Google Inc.) Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.11.1056 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation) Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Kaspersky Anti-Virus (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}) (Version: - Microsoft) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2113267365-3470643569-1527746635-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) NVIDIA Driver de gráficos 381.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 381.89 - NVIDIA Corporation) NVIDIA GeForce Experience 3.5.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.5.0.70 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation) NvNodejs (Version: 3.5.0.70 - NVIDIA Corporation) Hidden NvTelemetry (Version: 2.4.5.0 - NVIDIA Corporation) Hidden NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6001.1070 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.6001.1070 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6001.1070 - Microsoft Corporation) Hidden Painel de controle da NVIDIA 381.89 (Version: 381.89 - NVIDIA Corporation) Hidden Peak Time Power Manager (HKLM-x32\...\{64D42C63-02D5-4129-A546-42BEC0D5AA77}) (Version: 1.0.0 - Samsung Electronics Co., Ltd.) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.6 - Qualcomm Atheros) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7831 - Realtek Semiconductor Corp.) Revo Uninstaller Pro 3.1.9 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.9 - VS Revo Group, Ltd.) S Agent (Version: 1.1.58 - Samsung Electronics Co., Ltd.) Hidden Samsung Power Plan (HKLM-x32\...\{996EC895-5B1B-4A80-917F-85723A204C64}) (Version: 1.0.0 - Samsung Electronics Co., Ltd.) Samsung Recovery (HKLM\...\{D21EED26-59C0-4315-BDCC-D682496465E9}) (Version: 7.3.0 - Samsung Electronics Co., Ltd.) Samsung Settings (HKLM-x32\...\{CDADE666-B188-4406-9C0A-FF4CA1582D40}) (Version: 3.0.0 - Samsung Electronics Co., Ltd.) Samsung SideSync (HKLM-x32\...\Samsung SideSync) (Version: 4.5.0.86_2 - Samsung Electronics Co., Ltd.) Samsung Update (HKLM-x32\...\{0463F7A5-8953-4F41-B9A8-936CF68C00F5}) (Version: 2.2.47 - Samsung Electronics Co., Ltd.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.) SHIELD Streaming (Version: 7.1.0360 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.5.0.70 - NVIDIA Corporation) Hidden SlimDrivers (HKLM-x32\...\{746AB259-6474-4111-8966-1C62F9A6E063}) (Version: 2.3.1 - SlimWare Utilities, Inc.) Software de dispositivo do Chipset Intel® (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden User Manual (HKLM-x32\...\{DA11CC4A-5E90-4EA9-8E7B-29D5328E35F0}) (Version: 1.2.00 - Samsung Electronics Co., Ltd.) Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {01157CA6-F51F-420D-AC2C-854FA948EF45} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-03-05] (Microsoft Corporation) Task: {07FB02DD-6CED-4C76-B610-2C01011175DA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-04-19] (NVIDIA Corporation) Task: {10E67FAD-7C47-4445-8DE4-406F62AFB82D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-03] (Google Inc.) Task: {156474AF-1150-42CF-8AD8-6B7CB94B312C} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-03-05] (Microsoft Corporation) Task: {221CF3A6-AD5E-4EB9-9714-A2612B103C0C} - System32\Tasks\Samsung\Settings\LaunchSettings => C:\Program Files (x86)\Samsung\Settings\Settings.exe [2017-01-04] (Samsung Electronics Co., Ltd.) Task: {3C3ABD88-E0A0-41CE-9888-7547F851F1D3} - System32\Tasks\Samsung\Settings\SettingsPatternLoginMonitor => C:\Program Files (x86)\Samsung\Settings\SMessage.exe [2017-01-04] (Samsung Electronics Co., Ltd.) Task: {42E02AE5-29D1-4563-A7E1-9AA5A0EA0046} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-03-05] (Microsoft Corporation) Task: {53A00A4C-457F-4013-AAA1-336F2C37199F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-03] (Google Inc.) Task: {5E6D494C-EC3C-41DF-BFE2-C668551B1EF3} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe [2017-05-04] () Task: {657781A1-E9CB-4E11-956B-5053920974CA} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2015-08-19] (SlimWare Utilities, Inc.) Task: {6F404A2A-8A72-4F3F-8663-ED9F1219AA7F} - System32\Tasks\ColorEngine => C:\Program Files (x86)\Samsung\ColorEngine\ColorEngine.exe [2016-05-12] (Samsung Electronics Co., Ltd.) Task: {701331FC-23B1-46C8-BD8A-3B199E67E595} - System32\Tasks\SecTimeSync\TimeSyncInit => C:\Windows\SecTimeSync.exe [2013-08-23] (Samsung Electronics CO., LTD.) Task: {73BDA6BF-968C-4552-A6B0-70C8B6D996DC} - System32\Tasks\PowerManagement => C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlClient.exe [2016-07-17] (Samsung Electronics Co., Ltd.) Task: {79604533-BA29-4FCC-A318-6978271E00EA} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-04-19] (NVIDIA Corporation) Task: {7F65DE0B-7B1F-4366-8D36-D1A70A5336B5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-04-19] (NVIDIA Corporation) Task: {88EBF25A-360F-4FDF-8CBC-B8085A914BBC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-04-19] (NVIDIA Corporation) Task: {90D410B0-C8A5-4ABD-A8BC-8C2FDCB342B2} - System32\Tasks\Samsung\SRS\SRS Logon => C:\Program Files\Samsung\Recovery\SRSMessages.exe [2016-07-14] (Samsung Electronics) Task: {96D1F4F3-55E5-487A-B5AB-C5BDF78EFFC3} - System32\Tasks\Samsung\Settings\SettingsHibernateMonitor => C:\Program Files (x86)\Samsung\Settings\SettingsHibernateMonitor.exe [2017-01-04] (Samsung Electronics Co., Ltd.) Task: {975855A1-9D9E-4268-8D67-E398EDE1D698} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-04-19] (NVIDIA Corporation) Task: {A1CD2181-6AC8-4C21-AAF3-67F63225CBAE} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-04-19] (NVIDIA Corporation) Task: {BE784B63-789B-46DC-B7DF-0EA6DC9F885B} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2016-02-23] (Samsung Electronics Co., Ltd.) Task: {BF29C1BC-55C8-41FC-9C13-836AEDF2F324} - System32\Tasks\Samsung\Settings\SettingsPatternLoginAccountMonitor => C:\Program Files (x86)\Samsung\Settings\SMessage.exe [2017-01-04] (Samsung Electronics Co., Ltd.) Task: {C952F532-E7CB-4671-8FF9-20D0656CA63C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-04-19] (NVIDIA Corporation) Task: {DAE107A6-523D-45DD-8D44-323CE5FBBB32} - System32\Tasks\ACC => C:\Program Files\DriverSetupUtility\FUB\FUB_Send.bat [2015-06-22] () <==== ATENÇÃO Task: {E7CC01B5-2FEE-4A91-9276-EF856BCF634F} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-05-26] (Realtek Semiconductor) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\windows\Tasks\AutoKMS.job => C:\windows\AutoKMS.exe Task: C:\windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ==================== Módulos Carregados (Whitelisted) ============== 2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\windows\SYSTEM32\ism32k.dll 2017-05-04 00:33 - 2017-05-04 00:33 - 00008192 _____ () C:\windows\SysWOW64\srvany.exe 2017-05-03 23:25 - 2017-04-19 22:59 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-08-20 14:54 - 2016-08-20 14:54 - 02656952 _____ () C:\windows\system32\CoreUIComponents.dll 2016-08-20 14:54 - 2016-08-20 14:54 - 02656952 _____ () C:\windows\System32\CoreUIComponents.dll 2011-03-17 00:07 - 2011-03-17 00:07 - 04297568 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2016-08-20 14:54 - 2016-08-20 14:54 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-08-20 14:54 - 2016-08-20 14:54 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-08-20 14:54 - 2016-08-20 14:54 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-08-20 14:54 - 2016-08-20 14:54 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-08-20 14:54 - 2016-08-20 14:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-08-20 14:54 - 2016-08-20 14:54 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-07-10 01:08 - 2015-07-10 01:08 - 00098656 _____ () C:\Program Files\DriverSetupUtility\FUB\LiveUpdateChecker.exe 2015-07-10 01:08 - 2015-07-10 01:08 - 00232288 _____ () C:\Program Files\DriverSetupUtility\FUB\ManagedNativeUtilities.dll 2017-05-03 22:44 - 2017-05-01 22:03 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.96\libglesv2.dll 2017-05-03 22:44 - 2017-05-01 22:03 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.96\libegl.dll 2015-10-30 04:18 - 2015-10-30 04:18 - 00218456 _____ () c:\windows\system32\WerEtw.dll 2017-05-03 23:42 - 2017-05-03 23:43 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-08-19 22:38 - 2016-03-05 23:34 - 00171712 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll 2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kpcengine.2.3.dll 2016-07-17 22:26 - 2016-07-17 22:26 - 00023360 _____ () C:\Program Files (x86)\Samsung\PowerCtrlManager\WSABI.dll 2017-05-03 23:25 - 2017-04-19 22:59 - 00901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-05-12 23:03 - 2016-05-12 23:03 - 00217776 _____ () C:\Program Files (x86)\Samsung\ColorEngine\WinMove.dll 2017-05-03 23:26 - 2017-04-19 22:59 - 02442176 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2017-05-03 23:26 - 2017-04-19 22:59 - 00363576 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2017-05-03 23:26 - 2017-04-19 22:59 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2017-05-03 23:26 - 2017-04-19 22:59 - 00385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2017-05-03 23:26 - 2017-04-19 22:59 - 00469048 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node 2017-05-03 23:26 - 2017-04-19 22:59 - 00571840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node 2017-01-02 17:06 - 2017-01-02 17:06 - 00032432 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WSABI.dll 2017-05-03 23:42 - 2017-05-03 23:43 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2017-05-03 23:42 - 2017-05-03 23:43 - 02941440 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingNativeCore.dll 2017-05-03 23:42 - 2017-05-03 23:43 - 00583168 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingEntityExtractionProxy.dll 2017-05-03 23:42 - 2017-05-03 23:43 - 01300992 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingNativeBase.dll 2017-05-03 23:42 - 2017-05-03 23:43 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2015-10-30 04:24 - 2015-10-30 04:21 - 00000824 _____ C:\windows\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-2113267365-3470643569-1527746635-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\Samsung\Samsung_wallpaper.jpg DNS Servers: 187.103.48.1 - 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{B09CA62D-70CD-43B7-9AF4-AC1B59565A54}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe FirewallRules: [{4FBDDF8A-3BC6-4C16-9525-557E82402786}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe FirewallRules: [{5CDF2F3D-1B94-4B49-B82D-E8F46977889A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{FBBEAF78-03DE-4C03-95DD-6EA1E80966B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{5DF808B7-3499-4DC0-A8E1-F3A742FA002E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{D7ED1576-EEE9-4661-9BF3-423C4507137A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{1BA2A09A-D9F0-408E-B8F5-7F10832DADEC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{393ACC1C-4FE1-4AAE-8614-B4DE6B84866A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{3BA4F96A-0D1E-4DA6-8DFB-10101C8C731B}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C9810E3F-8C05-49F2-8C80-4944A4FEB71D}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{4EB92A50-DED8-4E42-AEF7-49CF83F30379}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe FirewallRules: [UDP Query User{97DFFED5-A845-4D8C-8FD1-7871FA2CCB04}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe ==================== Pontos de Restauração ========================= 03-05-2017 22:51:33 Installed Microsoft Office Professional Plus 2010 04-05-2017 00:22:14 Revo Uninstaller Pro's restore point - Norton Security 04-05-2017 00:44:59 Revo Uninstaller Pro's restore point - KMSpico 04-05-2017 00:54:11 Installed Samsung Update 04-05-2017 00:56:44 IIF_MSI 04-05-2017 00:58:44 Installed Samsung Settings 04-05-2017 01:00:27 Installed Microsoft Office Professional Plus 2010 04-05-2017 01:02:49 Revo Uninstaller Pro's restore point - Microsoft Office 365 - en-us 04-05-2017 01:07:54 Revo Uninstaller Pro's restore point - Microsoft Office 365 - es-es 04-05-2017 01:13:27 Revo Uninstaller Pro's restore point - Microsoft Office 365 - pt-br 04-05-2017 01:14:50 Revo Uninstaller Pro's restore point - KMSpico ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (05/04/2017 01:14:54 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP. System Error: Acesso negado. . Error: (05/04/2017 01:13:35 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP. System Error: Acesso negado. . Error: (05/04/2017 01:11:21 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: OfficeClickToRun.exe, versão: 16.0.6001.1070, carimbo de data/hora: 0x56dab158 Nome do módulo com falha: ucrtbase.dll, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d193 Código de exceção: 0xc0000409 Deslocamento da falha: 0x00000000000698fe ID do processo com falha: 0x5fc Hora de início do aplicativo com falha: 0x01d2c48ab0086d7a Caminho do aplicativo com falha: C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe Caminho do módulo com falha: C:\windows\SYSTEM32\ucrtbase.dll ID do Relatório: 1650c64e-5ad7-4e52-996c-75c1c0e0cf03 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (05/04/2017 01:08:03 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP. System Error: Acesso negado. . Error: (05/04/2017 01:02:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP. System Error: Acesso negado. . Error: (05/04/2017 01:00:27 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP. System Error: Acesso negado. . Error: (05/04/2017 12:58:44 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP. System Error: Acesso negado. . Error: (05/04/2017 12:57:25 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: DESKTOP-V074MOB) Description: O aplicativo ou serviço 'KMS GUI ELDI' não pôde ser encerrado. Error: (05/04/2017 12:56:52 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: DESKTOP-V074MOB) Description: O aplicativo ou serviço 'KMS GUI ELDI' não pôde ser encerrado. Error: (05/04/2017 12:56:44 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP. System Error: Acesso negado. . Erros de Sistema: ============= Error: (05/04/2017 01:18:40 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Microsoft Office Click-to-Run Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço. Error: (05/04/2017 12:59:11 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: O serviço Settings Launcher está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente. Error: (05/04/2017 12:52:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço SW Update Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (05/04/2017 12:48:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço ClickToRunSvc devido ao seguinte erro: O serviço não respondeu à requisição de início ou controle em tempo hábil. Error: (05/04/2017 12:48:41 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço ClickToRunSvc. Error: (05/04/2017 12:47:04 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Host de Sincronização_13849a. Error: (05/04/2017 12:47:04 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-V074MOB) Description: O servidor {D63B10C5-BB46-4990-A94F-E40B9D520160} não se registrou no DCOM dentro do tempo limite necessário. Error: (05/04/2017 12:47:04 AM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT) Description: O servidor {7006698D-2974-4091-A424-85DD0B909E23} não se registrou no DCOM dentro do tempo limite necessário. Error: (05/04/2017 12:46:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80248007: Atualização de Definição Windows Defender – KB2267602 (Definição 1.241.1104.0). Error: (05/04/2017 12:46:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80248007: Atualização de Definição Windows Defender – KB2267602 (Definição 1.241.1104.0). CodeIntegrity: =================================== Date: 2017-05-04 01:09:38.900 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2017-05-04 01:03:11.971 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2017-05-04 00:58:09.887 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2017-05-04 00:55:06.834 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2017-05-04 00:54:16.270 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2017-05-04 00:44:11.766 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2017-05-04 00:35:41.669 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2017-05-04 00:30:51.068 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2017-05-04 00:06:09.117 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2017-05-04 00:05:47.011 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz Percentagem de memória em uso: 35% RAM física total: 8094.49 MB RAM física disponível: 5224.04 MB Virtual Total: 10014.49 MB Virtual disponível: 6726.42 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:917.98 GB) (Free:868.13 GB) NTFS Drive d: () (Removable) (Total:14.9 GB) (Free:14.88 GB) FAT32 Drive e: () (Fixed) (Total:232.43 GB) (Free:67.57 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)] ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 26EA9241) Partition: GPT. ======================================================== Disk: 1 (Size: 14.9 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: F0B1EBB0) Partition 1: (Active) - (Size=232.4 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=458 MB) - (Type=27) ==================== Fim de Addition.txt ============================