Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 02-06-2017 Executado por LARA (03-06-2017 21:16:19) Executando a partir de C:\Users\LARA\Desktop Windows 7 Professional Service Pack 1 (X64) (2015-11-23 14:05:25) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-2641812930-4032325216-1168265853-500 - Administrator - Disabled) Convidado (S-1-5-21-2641812930-4032325216-1168265853-501 - Limited - Disabled) LARA (S-1-5-21-2641812930-4032325216-1168265853-1000 - Administrator - Enabled) => C:\Users\LARA ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-2641812930-4032325216-1168265853-1000\...\uTorrent) (Version: 3.5.0.43804 - BitTorrent Inc.) Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated) Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.171 - Adobe Systems Incorporated) Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated) Any Video Converter 5.8.6 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com) Any Video Converter Professional 5.8.4 (HKLM-x32\...\Any Video Converter Professional_is1) (Version: - Any-Video-Converter.com) Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.4.2294 - AVAST Software) Estudo de melhoria do produto HP Deskjet 2050 J510 series (HKLM\...\{B4861B32-A6CD-4E01-BB79-3F19ED307B59}) (Version: 22.50.231.0 - Hewlett-Packard Co.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.) Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden HP Deskjet 2050 J510 series Ajuda (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3781 - HP Photo Creations Powered by RocketLife) HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard) iCloud (HKLM\...\{0493048C-CB1A-44B7-8BB3-8467AF7BA9E4}) (Version: 6.1.2.13 - Apple Inc.) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4252 - Intel Corporation) iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.) K-Lite Codec Pack 11.6.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.6.5 - ) Legendas 3.5 (HKLM-x32\...\{461C0377-D2EC-4FB0-B038-847BC6455432}_is1) (Version: 3.5 - LegendasBrasil.org) Media Player Codec Pack 4.4.1 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.4.1 - Media Player Codec Pack) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mozilla Firefox 53.0.3 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 pt-BR)) (Version: 53.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla) MV RegClean 7.0 (HKLM-x32\...\MV RegClean 7.0_is1) (Version: - ) Nero 7 Ultra Edition (HKLM-x32\...\{CF097717-F174-4144-954A-FBC4BF301046}) (Version: 7.02.9753 - Nero AG) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) Plex Media Server (HKLM-x32\...\{de82078e-91f7-4bd1-8ea5-182dc0b59de6}) (Version: 1.5.6.3790 - Plex, Inc.) Plex Media Server (x32 Version: 1.5.3790 - Plex, Inc.) Hidden Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.5.1.2 - Popcorn Time) <==== ATENÇÃO QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6410 - Realtek Semiconductor Corp.) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) SafeZone Stable 1.46.1990.139 (x32 Version: 1.46.1990.139 - Avast Software) Hidden SafeZone Stable 3.55.2393.607 (x32 Version: 3.55.2393.607 - Avast Software) Hidden Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.103 - Skype Technologies S.A.) Software básico do dispositivo HP Deskjet 2050 J510 series (HKLM\...\{9C957F82-7EE0-423D-A386-587C9A4A83FB}) (Version: 22.50.231.0 - Hewlett-Packard Co.) Songr (HKU\S-1-5-21-2641812930-4032325216-1168265853-1000\...\Songr) (Version: 2.1 - Xamasoft) Stopping Plex (x32 Version: 1.5.3790 - Plex, Inc.) Hidden Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.) Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.) WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - ) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-2641812930-4032325216-1168265853-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {3406FA3F-42BC-4873-8313-6D79CD3EFB62} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: {3D31002B-BBBC-412F-AF28-D9D9077AEA6D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-25] (Google Inc.) Task: {4450E323-5748-470C-B1D4-7D1B64707743} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.) Task: {5487C809-2CD1-4EBC-A2E0-8B6BC4C6B12E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe Task: {6495ECEE-39CD-4827-88F7-DF1B65AA047E} - System32\Tasks\{240C608D-CED8-44CF-AA38-1A5B124F08E6} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.26.0.101&LastError=12002 Task: {76D7E9B9-AAE8-4860-8771-BCDF20C6F57E} - \AVAST Software\Avast settings backup -> Nenhum Arquivo <==== ATENÇÃO Task: {8908B077-8101-4B8D-AA57-91A16E1977A5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-25] (Google Inc.) Task: {8E785FD4-C221-4B21-8122-EA4ADD2C65C2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-31] (Adobe Systems Incorporated) Task: {8F762884-A9AC-4C91-93D0-A7F6B6B864D2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {9AD3686B-D0B1-4328-86A6-839276BA40C5} - System32\Tasks\SafeZone scheduled Autoupdate 1451303396 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-05-17] (Avast Software) Task: {B72488C1-8B2C-4964-9FFE-4DCA6EB80A4A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated) Task: {F38D4C68-1D22-47ED-898C-B487B0EEE83C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: {F98EFE44-3E01-4724-BE6A-376062B9E35D} - System32\Tasks\HP Deskjet 2050 J510 series.exe => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HP Deskjet 2050 J510 series.exe [2010-11-16] (Hewlett-Packard Co.) Task: {FED7F48A-5BD9-4F93-9094-3F95D9E66C37} - System32\Tasks\SafeZone scheduled Autoupdate 1460640296 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-05-17] (Avast Software) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\LARA\Desktop\Inicializador de aplicativos do Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list ShortcutWithArgument: C:\Users\LARA\AppData\Local\Google\Chrome\User Data\Inicializador de aplicativos do Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list ShortcutWithArgument: C:\Users\LARA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Inicializador de aplicativos do Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list ShortcutWithArgument: C:\Users\LARA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Lock for Plex.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=idckmoepkiifambodeekdjjemiailhkj ShortcutWithArgument: C:\Users\LARA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Plex.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=fpniocchabmgenibceglhnfeimmdhdfm ==================== Módulos Carregados (Whitelisted) ============== 2010-01-30 01:40 - 2010-01-30 01:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2015-11-25 07:14 - 2005-06-07 11:26 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll 2016-11-17 00:28 - 2016-11-17 00:28 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2017-01-13 12:56 - 2017-01-13 12:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-05-31 16:09 - 2017-05-31 16:09 - 00162024 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll 2017-05-31 16:10 - 2017-05-31 16:10 - 00825960 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll 2017-05-31 16:10 - 2017-05-31 16:10 - 00275776 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll 2017-06-01 15:06 - 2017-05-09 06:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll 2017-06-01 15:06 - 2017-05-09 06:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll 2016-09-10 18:24 - 2016-01-23 07:10 - 01855488 _____ () C:\Program Files (x86)\Legendas-3.5\srvlegendas.exe 2017-05-31 16:10 - 2017-05-31 16:10 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-05-31 16:10 - 2017-05-31 16:10 - 00176992 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll 2017-05-31 16:10 - 2017-05-31 16:10 - 00223224 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll 2017-06-03 14:07 - 2017-06-03 14:07 - 06101296 _____ () C:\Program Files\AVAST Software\Avast\defs\17060300\algo.dll 2017-05-31 16:10 - 2017-05-31 16:10 - 00684656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2017-05-31 16:10 - 2017-05-31 16:10 - 00230632 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll 2017-05-31 16:10 - 2017-05-31 16:10 - 00997896 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll 2017-05-31 16:10 - 2017-05-31 16:10 - 67717632 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-05-31 16:09 - 2017-05-31 16:09 - 00291824 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2009-07-13 23:34 - 2009-06-10 18:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-2641812930-4032325216-1168265853-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\LARA\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 201.17.128.239 - 201.17.128.247 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == MSCONFIG\Services: wscsvc => 2 MSCONFIG\Services: wuauserv => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodecPackTrayMenu.lnk => C:\Windows\pss\CodecPackTrayMenu.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" MSCONFIG\startupreg: Codec Pack Update Checker => "C:\Windows\system32\Codecs\UpdateChecker.exe" MSCONFIG\startupreg: Codec Settings UAC Manager => "C:\Windows\system32\Codecs\CodecUACManager.exe" MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: iCloudServices => "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: Plex Media Server => "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe" MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{E825696D-AADA-4DCD-8462-1A037355508D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{100210CB-1C56-4078-9B78-DE6BC1DEADE6}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe FirewallRules: [UDP Query User{547312E3-244D-4C9D-9D8C-7941A806F2F3}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe FirewallRules: [{AEDDAEA8-31C9-40DF-9974-5C973386A7C3}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe FirewallRules: [{36A5E94F-EF4D-433B-98EB-4B87621E7317}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe FirewallRules: [TCP Query User{E45B842C-98EB-4D05-A4A4-40E7207E37FA}C:\users\lara\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\lara\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{B28699C5-68BC-4EDE-B191-75CB8EF2B473}C:\users\lara\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\lara\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{0E2909F1-D0D6-4936-ABB4-AAE8BDCABD49}C:\users\lara\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\lara\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{D83F36A2-7D18-4C3D-9085-7C35158CF606}C:\users\lara\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\lara\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{51456A59-5754-4E71-B9D7-8C30F9CCA596}C:\users\lara\appdata\roaming\utorrent\updates\3.4.6_42094.exe] => (Allow) C:\users\lara\appdata\roaming\utorrent\updates\3.4.6_42094.exe FirewallRules: [UDP Query User{D83F97FD-0542-46CB-A3EA-0680A3BA769A}C:\users\lara\appdata\roaming\utorrent\updates\3.4.6_42094.exe] => (Allow) C:\users\lara\appdata\roaming\utorrent\updates\3.4.6_42094.exe FirewallRules: [TCP Query User{BAF00604-C701-45DD-9331-D922877A3067}C:\users\lara\appdata\roaming\utorrent\updates\3.4.7_42330.exe] => (Allow) C:\users\lara\appdata\roaming\utorrent\updates\3.4.7_42330.exe FirewallRules: [UDP Query User{98AB2F9E-28B3-48F7-A35C-D7B740093C98}C:\users\lara\appdata\roaming\utorrent\updates\3.4.7_42330.exe] => (Allow) C:\users\lara\appdata\roaming\utorrent\updates\3.4.7_42330.exe FirewallRules: [{A1158CFA-6D80-428F-8A18-5A99CA4B7582}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{27E16473-5412-4CF4-A793-EE8812D1700F}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{58878029-E1E0-4404-9C14-55E1DD9DCC21}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe FirewallRules: [{92A510BA-136D-40B3-B50E-CAE152F27E6A}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe FirewallRules: [{F412E44E-0DF1-4F2E-BEF4-BE087E4D826F}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe FirewallRules: [{8A9B6241-E525-4DFA-A3AC-9DEDBD48B773}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe FirewallRules: [{CEC5B70B-AB3E-420A-853B-09F89C9DD77B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{9B79D05A-73A1-4D6A-8064-0BDC3C0044D1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{52A40F1A-BD15-4818-A355-46888826A341}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{B086A548-A769-4243-9901-9B2E2FAA0509}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe FirewallRules: [{930C48FD-F2FB-48F3-8A37-6835F68AEE97}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.607\SZBrowser.exe FirewallRules: [{90AC9B16-3259-4365-A63A-1212F57C2D1E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{0C815F57-78AC-45BB-B4F7-081D58369B1D}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe FirewallRules: [{9A6CF14C-A0E8-4E0F-9A30-A9CA3F6FF2F5}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe FirewallRules: [{4299E927-1D4B-420D-8CF7-6708E4748445}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe FirewallRules: [{6801904D-3203-4B74-AE25-7FEE8BDBF4D5}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe ==================== Pontos de Restauração ========================= 31-05-2017 15:16:32 Installed Rapport 31-05-2017 15:39:32 Revo Uninstaller's restore point - Avast Free Antivirus 31-05-2017 15:46:57 Revo Uninstaller's restore point - Barra do Bing 31-05-2017 15:51:11 Revo Uninstaller's restore point - Google Toolbar for Internet Explorer 31-05-2017 15:53:34 Revo Uninstaller's restore point - Dropbox 31-05-2017 15:57:18 Revo Uninstaller's restore point - Proteção de Terminal Trusteer 31-05-2017 15:57:34 Removed Rapport 31-05-2017 16:03:52 Removed Bonjour 31-05-2017 16:29:59 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 02-06-2017 20:20:40 Plex Media Server 02-06-2017 20:21:09 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 02-06-2017 20:23:10 Plex Media Server 02-06-2017 20:52:29 Plex Media Server 02-06-2017 20:52:57 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 02-06-2017 21:47:54 Plex Media Server 02-06-2017 21:48:16 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 02-06-2017 23:00:59 Windows Update 03-06-2017 00:05:20 Windows Update 03-06-2017 00:08:18 Windows Update 03-06-2017 00:10:44 Windows Update 03-06-2017 00:12:30 Windows Update 03-06-2017 14:26:38 Windows Update 03-06-2017 16:44:14 Windows Update 03-06-2017 20:14:25 Windows Update 03-06-2017 20:20:30 Plex Media Server 03-06-2017 20:22:28 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 03-06-2017 20:25:03 Windows Update 03-06-2017 21:00:38 Windows Update ==================== Dispositivos Apresentando Falhas No Gerenciador ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (06/03/2017 08:11:54 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (06/03/2017 05:08:26 PM) (Source: MsiInstaller) (EventID: 11935) (User: AUTORIDADE NT) Description: Product: MSXML 4.0 SP2 (KB973688) -- Error 1935. An error occured during the installation of assembly component {7B2B4EA5-1028-B7E6-A06B-D6B9ABF34537}. HRESULT: 0x800736B3. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.MSXML2,type="win32",version="4.20.9876.0",publicKeyToken="6bd6b9abf345378f",processorArchitecture="x86" Error: (06/03/2017 05:06:07 PM) (Source: MsiInstaller) (EventID: 11935) (User: AUTORIDADE NT) Description: Product: MSXML 4.0 SP2 (KB954430) -- Error 1935. An error occured during the installation of assembly component {7B30B69B-0E6C-B7E0-A06B-D6B9ABF34537}. HRESULT: 0x800736B3. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.MSXML2,type="win32",version="4.20.9870.0",publicKeyToken="6bd6b9abf345378f",processorArchitecture="x86" Error: (06/03/2017 03:01:22 PM) (Source: MsiInstaller) (EventID: 11935) (User: LARA-PC) Description: Product: MSXML 4.0 SP2 (KB973688) -- Error 1935. An error occured during the installation of assembly component {7B2B4EA5-1028-B7E6-A06B-D6B9ABF34537}. HRESULT: 0x800736B3. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.MSXML2,type="win32",version="4.20.9876.0",publicKeyToken="6bd6b9abf345378f",processorArchitecture="x86" Error: (06/03/2017 02:58:16 PM) (Source: MsiInstaller) (EventID: 11935) (User: LARA-PC) Description: Product: MSXML 4.0 SP2 (KB954430) -- Error 1935. An error occured during the installation of assembly component {7B30B69B-0E6C-B7E0-A06B-D6B9ABF34537}. HRESULT: 0x800736B3. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.MSXML2,type="win32",version="4.20.9870.0",publicKeyToken="6bd6b9abf345378f",processorArchitecture="x86" Error: (06/03/2017 02:29:38 PM) (Source: MsiInstaller) (EventID: 11714) (User: LARA-PC) Description: Produto: Skype™ 7.36 -- Erro 1714. A versão antiga do Skype™ 7.36 não pôde ser removida. Entre em contato com seu administrador de sistemas. System Error 1612. Error: (06/03/2017 02:06:21 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (06/03/2017 12:57:07 AM) (Source: MsiInstaller) (EventID: 11935) (User: LARA-PC) Description: Product: MSXML 4.0 SP2 (KB973688) -- Error 1935. An error occured during the installation of assembly component {7B2B4EA5-1028-B7E6-A06B-D6B9ABF34537}. HRESULT: 0x800736B3. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.MSXML2,type="win32",version="4.20.9876.0",publicKeyToken="6bd6b9abf345378f",processorArchitecture="x86" Error: (06/03/2017 12:53:39 AM) (Source: MsiInstaller) (EventID: 11935) (User: LARA-PC) Description: Product: MSXML 4.0 SP2 (KB954430) -- Error 1935. An error occured during the installation of assembly component {7B30B69B-0E6C-B7E0-A06B-D6B9ABF34537}. HRESULT: 0x800736B3. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.MSXML2,type="win32",version="4.20.9870.0",publicKeyToken="6bd6b9abf345378f",processorArchitecture="x86" Error: (06/02/2017 11:43:55 PM) (Source: MsiInstaller) (EventID: 11714) (User: LARA-PC) Description: Produto: Skype™ 7.36 -- Erro 1714. A versão antiga do Skype™ 7.36 não pôde ser removida. Entre em contato com seu administrador de sistemas. System Error 1612. Erros de Sistema: ============= Error: (06/03/2017 09:18:15 PM) (Source: Ntfs) (EventID: 137) (User: ) Description: O gerenciador de recursos de transações no volume \Device\HarddiskVolume2 encontrou um erro sem nova tentativa e não pôde ser iniciado. Os dados contêm o código de erro. Error: (06/03/2017 09:18:09 PM) (Source: Ntfs) (EventID: 137) (User: ) Description: O gerenciador de recursos de transações no volume \Device\HarddiskVolume2 encontrou um erro sem nova tentativa e não pôde ser iniciado. Os dados contêm o código de erro. Error: (06/03/2017 09:18:04 PM) (Source: Ntfs) (EventID: 137) (User: ) Description: O gerenciador de recursos de transações no volume \Device\HarddiskVolume2 encontrou um erro sem nova tentativa e não pôde ser iniciado. Os dados contêm o código de erro. Error: (06/03/2017 09:17:59 PM) (Source: Ntfs) (EventID: 137) (User: ) Description: O gerenciador de recursos de transações no volume \Device\HarddiskVolume2 encontrou um erro sem nova tentativa e não pôde ser iniciado. Os dados contêm o código de erro. Error: (06/03/2017 09:17:54 PM) (Source: Ntfs) (EventID: 137) (User: ) Description: O gerenciador de recursos de transações no volume \Device\HarddiskVolume2 encontrou um erro sem nova tentativa e não pôde ser iniciado. Os dados contêm o código de erro. Error: (06/03/2017 09:17:49 PM) (Source: Ntfs) (EventID: 137) (User: ) Description: O gerenciador de recursos de transações no volume C: encontrou um erro sem nova tentativa e não pôde ser iniciado. Os dados contêm o código de erro. Error: (06/03/2017 09:17:44 PM) (Source: Ntfs) (EventID: 137) (User: ) Description: O gerenciador de recursos de transações no volume \Device\HarddiskVolume2 encontrou um erro sem nova tentativa e não pôde ser iniciado. Os dados contêm o código de erro. Error: (06/03/2017 09:17:39 PM) (Source: Ntfs) (EventID: 137) (User: ) Description: O gerenciador de recursos de transações no volume \Device\HarddiskVolume2 encontrou um erro sem nova tentativa e não pôde ser iniciado. Os dados contêm o código de erro. Error: (06/03/2017 09:17:33 PM) (Source: Ntfs) (EventID: 137) (User: ) Description: O gerenciador de recursos de transações no volume C: encontrou um erro sem nova tentativa e não pôde ser iniciado. Os dados contêm o código de erro. Error: (06/03/2017 09:17:28 PM) (Source: Ntfs) (EventID: 137) (User: ) Description: O gerenciador de recursos de transações no volume C: encontrou um erro sem nova tentativa e não pôde ser iniciado. Os dados contêm o código de erro. CodeIntegrity: =================================== Date: 2016-09-09 07:37:31.878 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso64.sys because the set of per-page image hashes could not be found on the system. Date: 2016-09-09 07:32:07.220 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys because the set of per-page image hashes could not be found on the system. Date: 2016-09-09 07:32:07.033 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system. Date: 2016-09-09 07:32:07.033 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys because the set of per-page image hashes could not be found on the system. Date: 2016-09-09 07:32:06.861 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1609042.sys because the set of per-page image hashes could not be found on the system. Date: 2016-09-09 07:32:04.740 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system. Date: 2016-09-08 10:07:14.061 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso64.sys because the set of per-page image hashes could not be found on the system. Date: 2016-09-08 10:01:49.407 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys because the set of per-page image hashes could not be found on the system. Date: 2016-09-08 10:01:49.220 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system. Date: 2016-09-08 10:01:49.220 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: Intel(R) Pentium(R) CPU G2020 @ 2.90GHz Percentagem de memória em uso: 65% RAM física total: 3994 MB RAM física disponível: 1374.52 MB Virtual Total: 7986.2 MB Virtual disponível: 5122.88 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:540.78 GB) (Free:295.66 GB) NTFS Drive d: (PARTIÇÃO DE BKPS) (Fixed) (Total:390.63 GB) (Free:16.13 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1FBD1FBC) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=540.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=390.6 GB) - (Type=OF Extended) ==================== Fim de Addition.txt ============================