Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 21.11.2018 Executado por ALANN14 (22-11-2018 18:12:42) Executando a partir de C:\Users\ALANN14\Downloads Windows 10 Pro Versão 1809 17763.134 (X64) (2018-11-18 19:21:19) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-3997965842-1530657072-4056113902-500 - Administrator - Disabled) ALANN14 (S-1-5-21-3997965842-1530657072-4056113902-1001 - Administrator - Enabled) => C:\Users\ALANN14 Convidado (S-1-5-21-3997965842-1530657072-4056113902-501 - Limited - Disabled) DefaultAccount (S-1-5-21-3997965842-1530657072-4056113902-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3997965842-1530657072-4056113902-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Atualizações da NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.94 - NVIDIA Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.11001.20108 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3997965842-1530657072-4056113902-1001\...\OneDriveSetup.exe) (Version: 18.192.0920.0015 - Microsoft Corporation) Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.11001.20108 - Microsoft Corporation) Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.11001.20108 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation) MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden NVIDIA Driver de áudio HD 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation) NVIDIA Driver de controle do 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) NVIDIA Driver de gráficos 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.94 - NVIDIA Corporation) NVIDIA Driver do 3D Vision 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 416.94 - NVIDIA Corporation) NVIDIA GeForce Experience 3.16.0.122 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.122 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) Painel de controle da NVIDIA 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.94 - NVIDIA Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6597 - Realtek Semiconductor Corp.) RivaTuner Statistics Server 7.1.0 (HKLM-x32\...\RTSS) (Version: 7.1.0 - Unwinder) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft) WinRAR 5.61 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2018-09-30] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-11-12] (NVIDIA Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2018-09-30] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {06B9FDC8-65F0-4B2B-BF83-F359A48C002C} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation) Task: {16C9676E-FF85-4C76-B03D-87DC0ED22BC8} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache Task: {206B5133-D63B-4133-B78C-3B89FB4CA38F} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic [Argument = path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate] Task: {243F865A-8431-4E85-BD02-B8F34BFFEF5A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-11-21] (Microsoft Corporation) Task: {257C16F5-0544-4085-AC3E-2F92D0EE73AC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-11-18] (Microsoft Corporation) Task: {26DE4EE3-D624-4F76-8BA6-B895B0C1DE0E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-11-21] (Microsoft Corporation) Task: {282BD93D-8DAA-4F98-BE81-3AEAEA3503C2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-18] (Google Inc.) Task: {2E9BCCE6-57BE-4A29-A43B-E3C178CC456D} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives Task: {3E50A1A8-F5AA-48C2-A75D-EECEE4575DD5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-21] (Microsoft Corporation) Task: {41786287-245D-42C0-A7CA-DA609D24F9ED} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-11-16] (NVIDIA Corporation) Task: {557EC3A1-E0C7-4552-8934-314A5DB872AB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-11-21] (Microsoft Corporation) Task: {576C21EE-5B8F-430F-BA1B-45C760DFEB1C} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation) Task: {5CCD55F1-373D-43D8-B2B3-12A5CC9E78EE} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync Task: {5D14208C-4D41-4FB5-B27F-F5D3C34FBE9C} - System32\Tasks\R@1n-KMS\Office16ProPlus => wmic [Argument = path SoftwareLicensingProduct where (ID="d450596f-894d-49e0-966a-fd39ed4c4c64") call Activate] Task: {6E9EC788-CB1B-4E9C-B23A-7013D88FF190} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-11-16] (NVIDIA Corporation) Task: {6EF7AFE8-4188-4D2B-AB71-19948D03BECA} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation) Task: {70615200-2246-495E-889A-407FF39A4523} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-11-21] (Microsoft Corporation) Task: {7AFAF368-F345-411A-ADFD-29897573E914} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation) Task: {7E99D93A-B4C0-44D6-B7F9-D0ECF8DBC3C0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-18] (Google Inc.) Task: {870C6C2E-4FC2-4D54-91E3-240FC13FB565} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-21] (Microsoft Corporation) Task: {A0B15564-00EF-4235-A35D-5E55E23B2C4D} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-09-15] () Task: {B2B328C8-ED54-48DD-BF97-9083E676021E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-11-18] (Microsoft Corporation) Task: {B7DB36F3-DAE7-48FE-9194-C3FA1B7DAC57} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-11-16] (NVIDIA Corporation) Task: {BB1CF981-82B7-46B1-B7C0-8589E5714D86} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-11-16] (NVIDIA Corporation) Task: {BCD10E45-89F0-496A-9CC7-1FA9078E2927} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-11-16] (NVIDIA Corporation) Task: {C382FDC4-5C0E-4187-AA5B-A21DC441F79E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-11-16] (NVIDIA Corporation) Task: {D1C81F5F-7768-4022-BE01-E8139C758958} - System32\Tasks\R@1n-KMS\Office16VisioPro => wmic [Argument = path SoftwareLicensingProduct where (ID="6bf301c1-b94a-43e9-ba31-d494598c47fb") call Activate] Task: {ED1F3039-0B57-437C-A249-6DD8194CF051} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-11-18] (Microsoft Corporation) Task: {EFCCE441-C0BA-42F5-85D9-7B40218B69CB} - System32\Tasks\R@1n-KMS\Office16ProjectPro => wmic [Argument = path SoftwareLicensingProduct where (ID="4f414197-0fc2-4c01-b68a-86cbb9ac254c") call Activate] Task: {F4DA1BD7-E19A-4C09-ACFD-30404A598061} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-02] (Microsoft Corporation) Task: {F90D7A0E-A799-48AA-9FE4-67902FD04D20} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-11-16] (NVIDIA Corporation) Task: {FA79213D-66E6-46A0-BBD9-4C13AC5A4F77} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-02] (Microsoft Corporation) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Atalhos & WMI ======================== (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\ALANN14\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Área de trabalho remota do Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp ==================== Módulos Carregados (Whitelisted) ============== 2018-03-15 07:35 - 2018-03-15 07:35 - 000439912 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll 2018-09-15 05:28 - 2018-09-15 05:28 - 000834088 ____N () C:\WINDOWS\SYSTEM32\inputhost.dll 2018-11-21 12:33 - 2018-11-21 12:33 - 008932944 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll 2018-09-15 05:28 - 2018-09-15 05:28 - 000474624 ____N () C:\Windows\ShellExperiences\TileControl.dll 2018-09-15 05:28 - 2018-09-15 05:28 - 002801152 ____N () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-09-15 05:28 - 2018-09-15 05:28 - 001740288 ____N () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-04-23 13:16 - 2018-04-23 13:16 - 000739624 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe 2018-03-15 07:35 - 2018-03-15 07:35 - 000253032 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe 2018-03-15 07:35 - 2018-03-15 07:35 - 000035432 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe 2018-03-15 07:35 - 2018-03-15 07:35 - 000061032 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe 2018-11-18 17:36 - 2018-11-08 20:14 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\libglesv2.dll 2018-11-18 17:36 - 2018-11-08 20:14 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\libegl.dll 2018-11-18 17:43 - 2018-10-30 16:06 - 000879904 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2018-11-18 17:43 - 2016-08-31 23:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2018-11-18 17:43 - 2016-08-31 23:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2018-11-18 17:43 - 2016-08-31 23:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2018-11-18 17:43 - 2018-11-10 00:55 - 002649376 _____ () C:\Program Files (x86)\Steam\video.dll 2018-11-18 17:43 - 2017-12-19 23:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll 2018-11-18 17:43 - 2017-12-19 23:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll 2018-11-18 17:43 - 2017-12-19 23:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll 2018-11-18 17:43 - 2017-12-19 23:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll 2018-11-18 17:43 - 2017-12-19 23:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll 2018-11-18 17:43 - 2018-11-10 00:55 - 001028384 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2018-11-18 17:43 - 2016-07-04 20:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2018-03-15 07:35 - 2018-03-15 07:35 - 000408680 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll 2018-11-18 17:43 - 2018-10-30 16:06 - 000879904 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll 2018-11-18 17:43 - 2018-09-22 22:00 - 088009504 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll 2018-11-18 17:43 - 2018-09-22 22:00 - 004083488 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libglesv2.dll 2018-11-18 17:43 - 2018-09-22 22:00 - 000097056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libegl.dll 2018-04-23 13:13 - 2018-04-23 13:13 - 000072704 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll 2018-04-23 13:13 - 2018-04-23 13:13 - 000057344 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll 2018-04-23 13:13 - 2018-04-23 13:13 - 000232448 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll 2018-04-23 13:13 - 2018-04-23 13:13 - 000357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll 2018-04-23 13:13 - 2018-04-23 13:13 - 000567808 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll 2018-03-15 07:31 - 2018-03-15 07:31 - 000055808 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll 2018-03-15 07:31 - 2018-03-15 07:31 - 000353792 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll 2018-03-15 07:31 - 2018-03-15 07:31 - 000072704 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\90603067.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DF60C0DC.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\90603067.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DF60C0DC.sys => ""="Driver" ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2018-11-18 17:20 - 2018-11-18 17:17 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-3997965842-1530657072-4056113902-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ALANN14\Downloads\r.jpg DNS Servers: 192.168.15.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == Se uma entrada for incluída na fixlist, será removida. MSCONFIG\Services: BEService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: KMS-R@1n => 2 MSCONFIG\Services: NvContainerLocalSystem => 2 MSCONFIG\Services: NvContainerNetworkService => 3 MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2 MSCONFIG\Services: NvTelemetryContainer => 2 MSCONFIG\Services: Steam Client Service => 3 HKLM\...\StartupApproved\Run: => "SecurityHealth" HKU\S-1-5-21-3997965842-1530657072-4056113902-1001\...\StartupApproved\Run: => "Steam" ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [Microsoft-Windows-DeviceManagement-OmaDmClient-TCP-Out] => (Allow) %SystemRoot%\system32\omadmclient.exe FirewallRules: [Microsoft-Windows-DeviceManagement-CertificateInstall-TCP-Out] => (Allow) %SystemRoot%\system32\dmcertinst.exe FirewallRules: [{B2669780-35E6-4180-9747-965AD51959AD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{D0F64F6F-35C7-48FC-85F1-33D36D575C24}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{56B2CE99-4328-471F-80DE-A155198EF8CF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{C3554A2E-26E8-42A6-903D-3B102456A084}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{5F07B20C-B6AF-457D-A61F-B60F5B9910A4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{DCC46DD2-0B77-44C6-BCA3-DD6E1D1E9271}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{FF2A6A82-DFA4-4AEB-9F58-2F860BC7F491}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{F64DC8D4-E5E9-4F6B-869F-2A4ADF531FBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{535665F1-4012-4714-B49A-80C54E3CC3AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{6787D802-1FFC-4794-95CD-21C30AEEA204}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{A92BD4F4-70C8-45BA-8AA6-7CF235CF4F78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{5D61F28A-7E41-4E24-A984-A774C8EA0013}] => (Allow) E:\raimbow six\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{BD0E5784-3A81-4238-A940-8AB6CE2693B3}] => (Allow) E:\raimbow six\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{D41F954B-ABF6-4143-A3AD-DF7FE6D9467A}] => (Allow) E:\raimbow six\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe FirewallRules: [{2AABB9B9-E684-48E9-B512-36AD439E3E5A}] => (Allow) E:\raimbow six\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe FirewallRules: [{4330CF64-478F-45B8-BD0E-4B202370DEAD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{3DB8A7D3-538B-4F5C-98D2-165BD582F3C8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{463CFA08-CC85-401E-B342-C3830D2BBB51}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{695D8DA4-502E-4B2E-A6AA-9840AEDF7D7C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{A0B4659A-ACD2-4B2A-95CA-20D9639B2040}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{7D8C8305-6CE9-43FC-B396-234C8137038B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [TCP Query User{2132C8D9-1B2D-4140-9529-357CB9099F15}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [UDP Query User{F3180079-E37E-45B7-8D82-E0D325596734}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe ==================== Pontos de Restauração ========================= ATENÇÃO: A Restauração do Sistema está desabilitada ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (11/22/2018 03:28:31 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-11-28T16:06:31Z. Código de Erro: 0x80070005. Error: (11/22/2018 03:27:46 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-11-28T16:06:46Z. Código de Erro: 0x80070005. Error: (11/22/2018 03:27:16 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-11-28T16:06:16Z. Código de Erro: 0x80070005. Error: (11/22/2018 03:26:46 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-11-28T16:06:46Z. Código de Erro: 0x80070005. Error: (11/22/2018 03:26:16 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-11-28T16:06:16Z. Código de Erro: 0x80070005. Error: (11/22/2018 03:25:46 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-11-28T16:06:46Z. Código de Erro: 0x80070005. Error: (11/22/2018 03:25:16 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-11-28T16:06:16Z. Código de Erro: 0x80070005. Error: (11/22/2018 03:24:46 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Falha ao agendar o reinício do serviço Proteção de Software 2018-11-28T16:06:46Z. Código de Erro: 0x80070005. Erros de Sistema: ============= Error: (11/22/2018 06:05:47 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-3IPETQ6) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} e APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} ao usuário DESKTOP-3IPETQ6\ALANN14 SID (S-1-5-21-3997965842-1530657072-4056113902-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (11/22/2018 05:11:43 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-3IPETQ6) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} e APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} ao usuário DESKTOP-3IPETQ6\ALANN14 SID (S-1-5-21-3997965842-1530657072-4056113902-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (11/22/2018 05:01:37 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-3IPETQ6) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} e APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} ao usuário DESKTOP-3IPETQ6\ALANN14 SID (S-1-5-21-3997965842-1530657072-4056113902-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (11/22/2018 04:17:20 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-3IPETQ6) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} e APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} ao usuário DESKTOP-3IPETQ6\ALANN14 SID (S-1-5-21-3997965842-1530657072-4056113902-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (11/22/2018 04:16:44 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-3IPETQ6) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} e APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} ao usuário DESKTOP-3IPETQ6\ALANN14 SID (S-1-5-21-3997965842-1530657072-4056113902-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (11/22/2018 04:04:54 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-3IPETQ6) Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço dps com argumentos "Não Disponível" para executar o servidor: {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} Error: (11/22/2018 04:04:54 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-3IPETQ6) Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço dps com argumentos "Não Disponível" para executar o servidor: {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} Error: (11/22/2018 04:04:54 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-3IPETQ6) Description: O DCOM obteve o erro "1084" ao tentar iniciar o serviço dps com argumentos "Não Disponível" para executar o servidor: {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} Windows Defender: =================================== Date: 2018-11-22 02:07:11.113 Description: O Windows Defender Antivirus detectou malware ou outros softwares potencialmente indesejados. Para obter mais informações, consulte: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Skeeyah.A!rfn&threatid=2147694182&enterprise=0 Nome: Trojan:Win32/Skeeyah.A!rfn ID: 2147694182 Severidade: Grave Categoria: Cavalo de Tróia Caminho: file:_C:\WINDOWS\Re-Loader.exe Origem da Detecção: Computador local Tipo de Detecção: Concreto Origem da Detecção: Sistema Usuário: AUTORIDADE NT\SISTEMA Nome do Processo: Unknown Versão da Assinatura: AV: 1.281.569.0, AS: 1.281.569.0, NIS: 1.281.569.0 Versão do Mecanismo: AM: 1.1.15400.5, NIS: 1.1.15400.5 Date: 2018-11-21 19:04:19.840 Description: O exame do Windows Defender Antivirus foi interrompido antes da conclusão. ID do Exame: {AC26DDEA-A1FC-44A9-AD5F-AC8CDBC2874F} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2018-11-21 14:11:08.464 Description: O Windows Defender Antivirus detectou malware ou outros softwares potencialmente indesejados. Para obter mais informações, consulte: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0 Nome: HackTool:MSIL/AutoKMS ID: 2147711767 Severidade: Alto Categoria: Ferramenta Caminho: file:_C:\Windows\KMS-R@1nhook.exe Origem da Detecção: Computador local Tipo de Detecção: Concreto Origem da Detecção: Proteção em Tempo Real Usuário: AUTORIDADE NT\SERVIÇO DE REDE Nome do Processo: C:\Windows\System32\svchost.exe Versão da Assinatura: AV: 1.281.487.0, AS: 1.281.487.0, NIS: 1.281.487.0 Versão do Mecanismo: AM: 1.1.15400.5, NIS: 1.1.15400.5 Date: 2018-11-21 14:11:08.177 Description: O Windows Defender Antivirus detectou malware ou outros softwares potencialmente indesejados. Para obter mais informações, consulte: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0 Nome: HackTool:MSIL/AutoKMS ID: 2147711767 Severidade: Alto Categoria: Ferramenta Caminho: file:_C:\Windows\KMS-R@1nhook.exe; imagefileexecoptions:_HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\OSppSvc.exe; imagefileexecoptions:_HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SppExtComObj.exe; imagefileexecoptions:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\OSppSvc.exe; imagefileexecoptions:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SppExtComObj.exe; process:_pid:10612,ProcessStart:131872902057339753; regkey:_HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\OSppSvc.exe; regkey:_HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SppExtComObj.exe; regkey:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\OSppSvc.exe; regkey:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SppExtComObj.exe Origem da Detecção: Computador local Tipo de Detecção: Concreto Origem da Detecção: Sistema Usuário: AUTORIDADE NT\SISTEMA Nome do Processo: C:\Windows\KMS-R@1nhook.exe Versão da Assinatura: AV: 1.281.487.0, AS: 1.281.487.0, NIS: 1.281.487.0 Versão do Mecanismo: AM: 1.1.15400.5, NIS: 1.1.15400.5 Date: 2018-11-21 14:11:07.480 Description: O Windows Defender Antivirus detectou malware ou outros softwares potencialmente indesejados. Para obter mais informações, consulte: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0 Nome: HackTool:MSIL/AutoKMS ID: 2147711767 Severidade: Alto Categoria: Ferramenta Caminho: file:_C:\Windows\KMS-R@1nhook.exe Origem da Detecção: Computador local Tipo de Detecção: Concreto Origem da Detecção: Proteção em Tempo Real Usuário: AUTORIDADE NT\SERVIÇO DE REDE Nome do Processo: C:\Windows\System32\svchost.exe Versão da Assinatura: AV: 1.281.487.0, AS: 1.281.487.0, NIS: 1.281.487.0 Versão do Mecanismo: AM: 1.1.15400.5, NIS: 1.1.15400.5 Date: 2018-11-22 14:47:21.589 Description: O Windows Defender Antivirus encontrou um erro ao atualizar assinaturas. Versão da Nova Assinatura: Versão da Assinatura Anterior: 1.281.569.0 Origem da Atualização: Servidor do Microsoft Update Tipo de Assinatura: Antivírus Tipo de Atualização: Completa Usuário: AUTORIDADE NT\SISTEMA Versão do Mecanismo Atual: Versão do Mecanismo Anterior: 1.1.15400.5 Código de erro: 0x80070422 Descrição do erro: O serviço não pode ser iniciado porque está desativado ou não tem dispositivos ativados associados. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i3-2130 CPU @ 3.40GHz Percentagem de memória em uso: 28% RAM física total: 8154.37 MB RAM física disponível: 5839.91 MB Virtual Total: 11994.37 MB Virtual disponível: 9288.71 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:73.17 GB) (Free:8.37 GB) NTFS Drive d: (Reservado pelo Sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)] Drive e: () (Fixed) (Total:297.99 GB) (Free:126.93 GB) NTFS \\?\Volume{f33978a8-0000-0000-0000-100000000000}\ (Reservado pelo Sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS \\?\Volume{f33978a8-0000-0000-0000-505112000000}\ () (Fixed) (Total:0.82 GB) (Free:0.34 GB) NTFS \\?\Volume{f33978a8-0000-0000-0000-b08512000000}\ () (Fixed) (Total:0.44 GB) (Free:0.13 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 74.5 GB) (Disk ID: F33978A8) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=73.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=837 MB) - (Type=27) Partition 4: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 0003F59A) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================