Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 08-05-2017 Executado por Lost (08-05-2017 18:05:13) Executando a partir de C:\Users\Lost\AppData\Local\Temp\scoped_dir1208_7222 Windows 7 Professional Service Pack 1 (X64) (2017-03-01 14:22:57) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-1110787435-78253891-1915777927-500 - Administrator - Disabled) Convidado (S-1-5-21-1110787435-78253891-1915777927-501 - Limited - Disabled) Lost (S-1-5-21-1110787435-78253891-1915777927-1000 - Administrator - Enabled) => C:\Users\Lost ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-1110787435-78253891-1915777927-1000\...\uTorrent) (Version: 3.5.0.43580 - BitTorrent Inc.) Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated) Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) ffdshow [rev 3154] [2009-12-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - ) Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.5 - IObit) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.) Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Microsoft .NET Framework 4.6.1 (PTB) (HKLM\...\{A4CA54C9-68EE-393F-B10F-9C44884312B0}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 Hotfix Rollup (KB3146716) (HKLM\...\{E026AF51-E2EB-33CF-AC15-09308053FAA7}) (Version: 4.6.01078 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Microsoft Visual C++ 2017 x64 Additional Runtime - 14.10.24930 (HKLM\...\{A8755EE8-AD62-37FE-B106-243DC209CF52}) (Version: 14.10.24930 - Microsoft Corporation) Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.10.24930 (HKLM\...\{9F50D497-02C0-3BBB-9103-BFE6204FA318}) (Version: 14.10.24930 - Microsoft Corporation) Microsoft Visual C++ 2017 x86 Additional Runtime - 14.10.24930 (HKLM-x32\...\{9AAEB713-D24D-37A4-8FBC-7A24739D3156}) (Version: 14.10.24930 - Microsoft Corporation) Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.10.24930 (HKLM-x32\...\{984D10BE-0781-3A9D-80FB-03540E0C3B42}) (Version: 14.10.24930 - Microsoft Corporation) NVIDIA Software do sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) Opera Stable 43.0.2442.1144 (HKLM-x32\...\Opera 43.0.2442.1144) (Version: 43.0.2442.1144 - Opera Software) Overwolf.Setup.VC100CRTx86.Dist (x32 Version: 1.0.0 - Overwolf) Hidden Pacote de Driver do Windows - Qualcomm Atheros Communications Inc. (athr) Net (08/14/2015 10.0.0.326) (HKLM\...\56B1A735BC0841E802E7BB371D433BD236941875) (Version: 08/14/2015 10.0.0.326 - Qualcomm Atheros Communications Inc.) ParkControl (HKLM-x32\...\ParkControl) (Version: 1.2.5.8 - Bitsum) Path of Exile (HKLM-x32\...\{d084fef3-b708-4cfa-92d9-9d31376003fd}) (Version: 2.6.0.7854 - Grinding Gear Games) Path of Exile (x32 Version: 2.6.0.7854 - Grinding Gear Games) Hidden Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {428F37A9-A7C1-4CF9-8542-44716A786B0B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_127_pepper.exe [2017-04-06] (Adobe Systems Incorporated) Task: {4E9F7976-2988-4A29-96CC-1AF4332C209A} - System32\Tasks\ParkControl => C:\Program Files\ParkControl\parkcontrol.exe [2017-04-14] (Bitsum LLC) Task: {53259E24-7FEA-4264-AC02-A66FE5799396} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2017-03-01] () Task: {96A1F658-FE21-4CBE-98AE-459E862CCF72} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {C6C2273A-23A9-4A62-AC15-C45AC6E1EA0E} - System32\Tasks\Opera scheduled Autoupdate 1488386529 => C:\Program Files\Opera\launcher.exe [2017-02-27] (Opera Software) Task: {FB82F1CD-89FE-4D70-9852-2DD2C4645A75} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ==================== Módulos Carregados (Whitelisted) ============== 2015-05-26 20:50 - 2015-05-26 20:50 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2017-03-01 13:43 - 2017-02-27 05:19 - 53908056 _____ () C:\Program Files\Opera\43.0.2442.1144\opera_browser.dll 2017-03-01 13:43 - 2017-02-27 05:19 - 59948632 _____ () C:\Program Files\Opera\43.0.2442.1144\opera_child.dll 2017-03-01 13:42 - 2017-02-27 05:19 - 02559576 _____ () C:\Program Files\Opera\43.0.2442.1144\libglesv2.dll 2017-03-01 13:42 - 2017-02-27 05:19 - 00100952 _____ () C:\Program Files\Opera\43.0.2442.1144\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-13 23:34 - 2009-06-10 18:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-1110787435-78253891-1915777927-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lost\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está desabilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{CBA14F0A-8E48-4E4D-8B2D-C3DCB3184713}] => (Allow) C:\Program Files\Opera\43.0.2442.1144\opera.exe FirewallRules: [{DA880B71-CD76-4691-85C2-8F88F57C0B95}] => (Allow) C:\Users\Lost\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{1BA18E4A-E9C5-47B9-B0ED-19CAB3598E08}] => (Allow) C:\Users\Lost\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{CF4D855E-9394-44DA-A816-79CF0F5E9E1F}] => (Allow) C:\Users\Lost\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{A98D347E-B2DC-4565-9AAC-FFCF9F3E4B80}] => (Allow) C:\Users\Lost\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{15AF1193-73A4-43FD-B294-A7675FB36886}] => (Allow) C:\Users\Lost\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{383102C6-CC24-4A45-82B6-DC2D9C797275}] => (Allow) C:\Users\Lost\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{311628FA-66A6-4D15-8D6B-D47CF94787D8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{EC49B74D-CBD8-4F33-BEA0-3B598E241E33}] => (Allow) E:\Steam\Steam.exe FirewallRules: [{CEAF0BDA-FB4C-4E3C-8957-4B60AE048C78}] => (Allow) E:\Steam\Steam.exe FirewallRules: [{50BF9824-6FDE-4D0E-9D06-4BC54A73A7A8}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{1D95A737-24C4-40B0-BF5E-CAC412B7D182}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{AB237034-76FD-4A9B-8071-91EF555F0552}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{8743C962-615F-4C82-9436-33E5FF5DB28C}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe ==================== Pontos de Restauração ========================= ATENÇÃO: A Restauração do Sistema está desabilitada ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: Dispositivo do sistema básico Description: Dispositivo do sistema básico Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Controlador de barramento SM Description: Controlador de barramento SM Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Controlador de comunicação PCI simples Description: Controlador de comunicação PCI simples Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Controlador Ethernet Description: Controlador Ethernet Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Dispositivo do sistema básico Description: Dispositivo do sistema básico Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (05/08/2017 05:42:14 PM) (Source: Windows Search Service) (EventID: 1006) (User: ) Description: O Serviço de Pesquisa do Windows não pôde criar o novo índice de pesquisa. Erro interno <1, 0x80040d66, Falha ao adicionar Aplicativo de Coleta: Windows>. Error: (05/08/2017 03:32:55 PM) (Source: Windows Search Service) (EventID: 1006) (User: ) Description: O Serviço de Pesquisa do Windows não pôde criar o novo índice de pesquisa. Erro interno <1, 0x80040d66, Falha ao adicionar Aplicativo de Coleta: Windows>. Error: (05/08/2017 03:30:45 PM) (Source: Windows Search Service) (EventID: 1006) (User: ) Description: O Serviço de Pesquisa do Windows não pôde criar o novo índice de pesquisa. Erro interno <1, 0x80040d66, Falha ao adicionar Aplicativo de Coleta: Windows>. Error: (05/08/2017 01:04:43 PM) (Source: Windows Search Service) (EventID: 1006) (User: ) Description: O Serviço de Pesquisa do Windows não pôde criar o novo índice de pesquisa. Erro interno <1, 0x80040d66, Falha ao adicionar Aplicativo de Coleta: Windows>. Error: (05/08/2017 01:04:28 PM) (Source: Windows Search Service) (EventID: 1006) (User: ) Description: O Serviço de Pesquisa do Windows não pôde criar o novo índice de pesquisa. Erro interno <1, 0x80040d66, Falha ao adicionar Aplicativo de Coleta: Windows>. Error: (05/08/2017 01:04:25 PM) (Source: Windows Search Service) (EventID: 1006) (User: ) Description: O Serviço de Pesquisa do Windows não pôde criar o novo índice de pesquisa. Erro interno <1, 0x80040d66, Falha ao adicionar Aplicativo de Coleta: Windows>. Error: (05/08/2017 01:04:08 PM) (Source: Windows Search Service) (EventID: 1006) (User: ) Description: O Serviço de Pesquisa do Windows não pôde criar o novo índice de pesquisa. Erro interno <1, 0x80040d66, Falha ao adicionar Aplicativo de Coleta: Windows>. Error: (05/08/2017 01:03:58 PM) (Source: Windows Search Service) (EventID: 1006) (User: ) Description: O Serviço de Pesquisa do Windows não pôde criar o novo índice de pesquisa. Erro interno <1, 0x80040d66, Falha ao adicionar Aplicativo de Coleta: Windows>. Error: (05/08/2017 01:02:52 PM) (Source: Windows Search Service) (EventID: 1006) (User: ) Description: O Serviço de Pesquisa do Windows não pôde criar o novo índice de pesquisa. Erro interno <1, 0x80040d66, Falha ao adicionar Aplicativo de Coleta: Windows>. Error: (05/08/2017 01:02:39 PM) (Source: Windows Search Service) (EventID: 1006) (User: ) Description: O Serviço de Pesquisa do Windows não pôde criar o novo índice de pesquisa. Erro interno <1, 0x80040d66, Falha ao adicionar Aplicativo de Coleta: Windows>. Erros de Sistema: ============= Error: (05/08/2017 05:42:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Windows Search foi encerrado inesperadamente. Isso aconteceu 18 vez(es). Error: (05/08/2017 05:42:15 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: O serviço Windows Search terminou com o erro específico de serviço %%-2147218074. Error: (05/08/2017 03:32:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Windows Search foi encerrado inesperadamente. Isso aconteceu 17 vez(es). Error: (05/08/2017 03:32:55 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: O serviço Windows Search terminou com o erro específico de serviço %%-2147218074. Error: (05/08/2017 03:30:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Windows Search foi encerrado inesperadamente. Isso aconteceu 16 vez(es). Error: (05/08/2017 03:30:45 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: O serviço Windows Search terminou com o erro específico de serviço %%-2147218074. Error: (05/08/2017 01:04:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Windows Search foi encerrado inesperadamente. Isso aconteceu 15 vez(es). Error: (05/08/2017 01:04:44 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: O serviço Windows Search terminou com o erro específico de serviço %%-2147218074. Error: (05/08/2017 01:04:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Windows Search foi encerrado inesperadamente. Isso aconteceu 14 vez(es). Error: (05/08/2017 01:04:28 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: O serviço Windows Search terminou com o erro específico de serviço %%-2147218074. ==================== Informações da Memória =========================== Processador: Intel(R) Celeron(R) CPU B820 @ 1.70GHz Percentagem de memória em uso: 40% RAM física total: 3932.36 MB RAM física disponível: 2339.77 MB Virtual Total: 3930.55 MB Virtual disponível: 2361.69 MB ==================== Drives ================================ Drive c: (WinToUSB) (Removable) (Total:29.8 GB) (Free:6.61 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)] Drive e: () (Fixed) (Total:14.91 GB) (Free:9.19 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (Size: 29.8 GB) (Disk ID: 00003ABC) Partition 1: (Active) - (Size=29.8 GB) - (Type=0B) ======================================================== Disk: 1 (Size: 14.9 GB) (Disk ID: 008A2953) Partition 1: (Active) - (Size=14.9 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================