Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:05-03-2016 01 Executado por lucwa (2016-03-29 20:57:31) Executando a partir de C:\Users\lucwa\Downloads Windows 10 Pro (X64) (2016-03-29 17:20:59) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-534631778-1735202028-1662219502-500 - Administrator - Disabled) Convidado (S-1-5-21-534631778-1735202028-1662219502-501 - Limited - Disabled) DefaultAccount (S-1-5-21-534631778-1735202028-1662219502-503 - Limited - Disabled) lucwa (S-1-5-21-534631778-1735202028-1662219502-1001 - Administrator - Enabled) => C:\Users\lucwa ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-534631778-1735202028-1662219502-1001\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.) Atualizações da NVIDIA 2.11.2.46 (Version: 2.11.2.46 - NVIDIA Corporation) Hidden Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Dota 2 (HKLM\...\Steam App 570) (Version: - Valve) Driver Booster 3.2 (HKLM-x32\...\Driver Booster_is1) (Version: 3.2 - IObit) FrivLauncher 2.1 (HKLM-x32\...\FrivLauncher) (Version: 2.1 - Friv Launcher) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.110 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Java 8 Update 77 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418077F0}) (Version: 8.0.770.3 - Oracle Corporation) Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) NVIDIA Driver de áudio HD 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation) NVIDIA GeForce Experience 2.11.2.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.46 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.11.6.18139 - Electronic Arts, Inc.) Painel de controle da NVIDIA 364.72 (Version: 364.72 - NVIDIA Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7714 - Realtek Semiconductor Corp.) SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.2.46 - NVIDIA Corporation) Hidden Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1216 - SUPERAntiSpyware.com) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes) WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-534631778-1735202028-1662219502-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\lucwa\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {0349233D-DFE1-4F13-BDF1-0AB7D9828B6D} - \WinTaske -> Nenhum Arquivo <==== ATENÇÃO Task: {1A78F004-C8A6-495C-819E-01E73CF29D92} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd) Task: {2EA5F5E4-5E4A-4FDD-9FDA-B3E17E9666A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-29] (Google Inc.) Task: {C7B1128A-1B93-452F-A372-9EE082AC29BF} - System32\Tasks\SUPERAntiSpyware Scheduled Task d8e52d26-9c43-49d0-a639-6b4afa7a45d6 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com) Task: {D266FFC1-7707-4379-B6F0-B36C165007C7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-03-29] (AVAST Software) Task: {DE6FB049-A79D-4122-BD43-8146F6D6D5C5} - System32\Tasks\SUPERAntiSpyware Scheduled Task 4649b6ea-2b3b-46a3-8b08-5b3e11d5f603 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com) Task: {EC7BBF40-000D-4C09-AD6E-662CA7A0DE14} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-29] (Google Inc.) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 4649b6ea-2b3b-46a3-8b08-5b3e11d5f603.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d8e52d26-9c43-49d0-a639-6b4afa7a45d6.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ==================== Módulos Carregados (Whitelisted) ============== 2015-07-10 08:00 - 2015-07-10 08:00 - 00028160 _____ () C:\Windows\SYSTEM32\efsext.dll 2015-07-10 08:00 - 2015-07-10 08:00 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll 2016-03-29 14:35 - 2016-03-29 14:35 - 03587000 _____ () C:\ProgramData\System32\SafeGuard64.dll 2015-07-10 07:59 - 2015-07-10 07:59 - 00403968 _____ () C:\Windows\System32\diagtrack_wininternal.dll 2016-03-29 17:45 - 2016-03-24 02:35 - 00368184 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll 2016-03-29 17:45 - 2016-03-24 02:35 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2016-03-29 17:45 - 2016-03-24 02:35 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll 2016-03-29 17:45 - 2016-03-24 02:35 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll 2016-03-29 17:45 - 2016-03-24 02:35 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll 2016-03-29 17:45 - 2016-03-24 02:35 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll 2016-03-29 17:45 - 2016-03-24 02:35 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll 2016-03-29 17:45 - 2016-03-24 02:35 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll 2015-07-10 08:00 - 2015-07-10 08:00 - 02498296 _____ () C:\Windows\system32\CoreUIComponents.dll 2015-07-10 08:00 - 2015-07-10 08:00 - 02498296 _____ () C:\Windows\System32\CoreUIComponents.dll 2015-07-10 07:59 - 2015-07-10 07:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-07-10 07:59 - 2015-07-10 07:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll 2015-07-10 08:00 - 2015-07-10 13:49 - 06579712 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-07-10 08:00 - 2015-07-10 13:49 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-07-10 08:00 - 2015-07-10 13:49 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-07-10 08:00 - 2015-07-10 13:49 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll 2016-03-29 17:45 - 2016-03-24 02:35 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll 2016-03-29 17:45 - 2016-03-24 02:35 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll 2016-03-29 15:03 - 2016-03-21 23:37 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-01-21 16:54 - 2014-01-21 16:54 - 01301688 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe 2016-03-29 17:35 - 2016-03-29 17:35 - 02309632 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.13\deploy\LoLLauncher.exe 2016-03-29 17:47 - 2016-03-29 17:47 - 04225024 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.53\deploy\LoLPatcher.exe 2016-03-29 17:47 - 2016-03-29 17:47 - 02707968 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.53\deploy\LoLPatcherUx.exe 2016-03-29 20:34 - 2016-03-29 20:34 - 00162208 _____ () C:\Users\lucwa\Downloads\Antivirus_Free_Edition.exe 2016-03-29 14:35 - 2016-03-29 14:35 - 02771896 _____ () C:\ProgramData\System32\SafeGuard32.dll 2016-03-29 17:45 - 2016-03-24 02:35 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-03-29 14:46 - 2016-03-29 14:46 - 26065408 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7020\libcef.dll 2016-03-29 14:46 - 2016-03-29 14:46 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7020\libGLESv2.dll 2016-03-29 14:47 - 2016-03-29 14:47 - 00293040 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7020\ortp.dll 2016-03-29 14:47 - 2016-03-29 14:47 - 00909312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7020\platforms\qwindows.dll 2016-03-29 14:47 - 2016-03-29 14:47 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7020\libEGL.dll 2016-03-29 14:46 - 2016-03-29 14:46 - 00020992 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7020\imageformats\qgif.dll 2016-03-29 14:46 - 2016-03-29 14:46 - 00021504 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7020\imageformats\qico.dll 2016-03-29 14:46 - 2016-03-29 14:46 - 00205312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7020\imageformats\qjpeg.dll 2016-03-29 14:46 - 2016-03-29 14:46 - 00225792 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7020\imageformats\qmng.dll 2016-03-29 14:46 - 2016-03-29 14:46 - 00015872 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7020\imageformats\qsvg.dll 2016-03-29 14:46 - 2016-03-29 14:46 - 00312832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7020\imageformats\qtiff.dll 2016-03-29 14:47 - 2016-03-29 14:47 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7020\qml\QtQuick.2\qtquick2plugin.dll 2016-03-29 14:47 - 2016-03-29 14:47 - 00054272 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7020\qml\QtQuick\Layouts\qquicklayoutsplugin.dll 2016-03-29 14:47 - 2016-03-29 14:47 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7020\qml\QtQml\Models.2\modelsplugin.dll 2016-03-29 17:47 - 2016-03-29 17:47 - 01396224 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.53\deploy\RiotLauncher.dll 2016-03-29 17:47 - 2016-03-29 17:47 - 34843648 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.53\deploy\libcef.dll 2016-03-29 17:47 - 2016-03-29 17:47 - 01375744 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.53\deploy\icui18n.dll 2016-03-29 17:47 - 2016-03-29 17:47 - 01134592 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.53\deploy\icuuc.dll 2016-03-29 17:47 - 2016-03-29 17:47 - 04374528 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.53\deploy\v8.dll 2016-03-29 17:47 - 2016-03-29 17:47 - 01332224 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.53\deploy\libglesv2.dll 2016-03-29 17:47 - 2016-03-29 17:47 - 00190976 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.53\deploy\libegl.dll 2016-03-29 17:47 - 2016-03-29 17:47 - 00945664 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.53\deploy\ffmpegsumo.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== EXE Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) ==================== Hosts Conteúdo: ========================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2015-07-10 08:04 - 2015-08-24 01:01 - 00351149 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 localhost.localdomain 255.255.255.255 broadcasthost 127.0.0.1 local127.0.0.1 goatse.cx # More information on sites such as 127.0.0.1 www.goatse.cx # these can be found in this article 127.0.0.1 oralse.cx # en.wikipedia.org/wiki/List_of_shock_sites 127.0.0.1 www.oralse.cx 127.0.0.1 goatse.ca 127.0.0.1 www.goatse.ca 127.0.0.1 oralse.ca 127.0.0.1 www.oralse.ca 127.0.0.1 goat.cx 127.0.0.1 www.goat.cx 127.0.0.1 goatse.ru 127.0.0.1 www.goatse.ru127.0.0.1 1girl1pitcher.com 127.0.0.1 1girl1pitcher.org 127.0.0.1 1guy1cock.com 127.0.0.1 1man1jar.org 127.0.0.1 1man2needles.com 127.0.0.1 1priest1nun.com 127.0.0.1 2girls1cup.com 127.0.0.1 2girls1cup-free.com 127.0.0.1 2girls1cup.nl 127.0.0.1 2girls1cup.ws 127.0.0.1 2girls1finger.com 127.0.0.1 2girls1finger.org 127.0.0.1 2guys1stump.org 127.0.0.1 3guys1hammer.ws 127.0.0.1 4girlsfingerpaint.com 127.0.0.1 4girlsfingerpaint.org Existem ainda 11325 mais linhas. ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-534631778-1735202028-1662219502-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\lucwa\Desktop\Backup\Backup\Fotos Backup\menes\illidan_1600x.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) HKLM\...\StartupApproved\Run: => "NvBackend" HKLM\...\StartupApproved\Run: => "ShadowPlay" HKU\S-1-5-21-534631778-1735202028-1662219502-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-534631778-1735202028-1662219502-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-534631778-1735202028-1662219502-1001\...\StartupApproved\Run: => "Steam" ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{294DFFD1-0E11-4402-B140-4E6C8F03DD1B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{B670A074-3C8C-4CED-AD48-5A775EEB4590}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{7D0B7C84-B8CA-4880-A8A7-7FEC18CE7AD9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{496B0C38-7ED4-4911-97CC-D4F013AF8FAE}] => (Allow) C:\Users\lucwa\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{5FDDAF76-4948-4983-9136-9342E505FCBF}] => (Allow) C:\Users\lucwa\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6A3D33BD-5560-4105-9BE0-84AF7D3982EA}] => (Allow) C:\Users\lucwa\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6ABA1608-FE21-457F-835A-C27B847218EE}] => (Allow) C:\Users\lucwa\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{DDCB793C-0098-41E0-8BBD-9EEB53C02FAE}] => (Allow) C:\Users\lucwa\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{50DBB73B-1609-4AF5-8D69-B8CAF205E5FC}] => (Allow) C:\Users\lucwa\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{49E24BF0-E5D3-48BD-BDCC-D29BE768AFDE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{84DC5ECF-4752-4396-A7AA-4760CCF7F08B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{5F45883B-9594-4FE7-86C2-969536D482F8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{8A1FC7BD-A362-462E-BD98-A16DE558393A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{63219CCE-3DC2-490F-B656-173668ACCA49}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{106C745F-151F-4711-90DA-CFF8893D1896}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{D192EC15-9A3F-46D8-9C85-92A4AD29EDAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{F388702F-5175-4770-9F14-AE59A50B7290}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{7189F7F1-2E8B-457E-9CBC-D97E17C94B67}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{F01998C2-DC3C-49F2-A755-47F11EA2D60A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe ==================== Pontos de Restauração ========================= 29-03-2016 14:19:20 Instalador de Módulos do Windows 29-03-2016 15:31:52 Driver Booster : Controlador de canal duplo padrão PCI IDE 29-03-2016 18:48:30 JRT Pre-Junkware Removal ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (03/29/2016 07:32:00 PM) (Source: ESENT) (EventID: 455) (User: ) Description: DllHost (3884) Microsoft.Windows.Cortana_cw5n1h2txyewy_NOEDP_LEGACY_IDB: Erro -1032 (0xfffffbf8) ao abrir o arquivo de log C:\Users\lucwa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\Indexed DB\edb.log. Error: (03/29/2016 07:32:00 PM) (Source: ESENT) (EventID: 489) (User: ) Description: DllHost (3884) Microsoft.Windows.Cortana_cw5n1h2txyewy_NOEDP_LEGACY_IDB: Uma tentativa de abrir o arquivo "C:\Users\lucwa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\Indexed DB\edb.log" para acesso somente leitura falhou com o erro de sistema 32 (0x00000020): "O arquivo já está sendo usado por outro processo. ". A operação para abrir o arquivo falhará com o erro -1032 (0xfffffbf8). Error: (03/29/2016 07:31:50 PM) (Source: ESENT) (EventID: 455) (User: ) Description: DllHost (3884) Microsoft.Windows.Cortana_cw5n1h2txyewy_NOEDP_LEGACY_IDB: Erro -1032 (0xfffffbf8) ao abrir o arquivo de log C:\Users\lucwa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\Indexed DB\edb.log. Error: (03/29/2016 07:31:50 PM) (Source: ESENT) (EventID: 489) (User: ) Description: DllHost (3884) Microsoft.Windows.Cortana_cw5n1h2txyewy_NOEDP_LEGACY_IDB: Uma tentativa de abrir o arquivo "C:\Users\lucwa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\Indexed DB\edb.log" para acesso somente leitura falhou com o erro de sistema 32 (0x00000020): "O arquivo já está sendo usado por outro processo. ". A operação para abrir o arquivo falhará com o erro -1032 (0xfffffbf8). Error: (03/29/2016 07:28:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: setup.exe_NVIDIA Install Application, versão: 2.1002.198.1679, carimbo de data/hora: 0x56f09fd1 Nome do módulo com falha: SafeGuard32.dll_unloaded, versão: 2.2.0.40, carimbo de data/hora: 0x568382a8 Código de exceção: 0xc0000005 Deslocamento da falha: 0x0004221c ID do processo com falha: 0x14c4 Hora de início do aplicativo com falha: 0xsetup.exe_NVIDIA Install Application0 Caminho do aplicativo com falha: setup.exe_NVIDIA Install Application1 Caminho do módulo com falha: setup.exe_NVIDIA Install Application2 ID do Relatório: setup.exe_NVIDIA Install Application3 Nome completo do pacote com falha: setup.exe_NVIDIA Install Application4 ID do aplicativo relativo ao pacote com falha: setup.exe_NVIDIA Install Application5 Error: (03/29/2016 07:28:21 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: setup.exe_NVIDIA Install Application, versão: 2.1002.198.1679, carimbo de data/hora: 0x56f09fd1 Nome do módulo com falha: SafeGuard32.dll_unloaded, versão: 2.2.0.40, carimbo de data/hora: 0x568382a8 Código de exceção: 0xc00001a5 Deslocamento da falha: 0x001442c3 ID do processo com falha: 0x14c4 Hora de início do aplicativo com falha: 0xsetup.exe_NVIDIA Install Application0 Caminho do aplicativo com falha: setup.exe_NVIDIA Install Application1 Caminho do módulo com falha: setup.exe_NVIDIA Install Application2 ID do Relatório: setup.exe_NVIDIA Install Application3 Nome completo do pacote com falha: setup.exe_NVIDIA Install Application4 ID do aplicativo relativo ao pacote com falha: setup.exe_NVIDIA Install Application5 Error: (03/29/2016 07:26:04 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: taskhostw.exe, versão: 10.0.10240.16384, carimbo de data/hora: 0x559f3982 Nome do módulo com falha: SafeGuard64.dll_unloaded, versão: 2.2.0.40, carimbo de data/hora: 0x5683828f Código de exceção: 0xc0000005 Deslocamento da falha: 0x000000000005827b ID do processo com falha: 0x1fb4 Hora de início do aplicativo com falha: 0xtaskhostw.exe0 Caminho do aplicativo com falha: taskhostw.exe1 Caminho do módulo com falha: taskhostw.exe2 ID do Relatório: taskhostw.exe3 Nome completo do pacote com falha: taskhostw.exe4 ID do aplicativo relativo ao pacote com falha: taskhostw.exe5 Error: (03/29/2016 07:24:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: setup.exe_NVIDIA Install Application, versão: 2.1002.198.1679, carimbo de data/hora: 0x56f09fd1 Nome do módulo com falha: SafeGuard32.dll_unloaded, versão: 2.2.0.40, carimbo de data/hora: 0x568382a8 Código de exceção: 0xc0000005 Deslocamento da falha: 0x0004221c ID do processo com falha: 0x174c Hora de início do aplicativo com falha: 0xsetup.exe_NVIDIA Install Application0 Caminho do aplicativo com falha: setup.exe_NVIDIA Install Application1 Caminho do módulo com falha: setup.exe_NVIDIA Install Application2 ID do Relatório: setup.exe_NVIDIA Install Application3 Nome completo do pacote com falha: setup.exe_NVIDIA Install Application4 ID do aplicativo relativo ao pacote com falha: setup.exe_NVIDIA Install Application5 Error: (03/29/2016 07:24:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: setup.exe_NVIDIA Install Application, versão: 2.1002.198.1679, carimbo de data/hora: 0x56f09fd1 Nome do módulo com falha: SafeGuard32.dll_unloaded, versão: 2.2.0.40, carimbo de data/hora: 0x568382a8 Código de exceção: 0xc00001a5 Deslocamento da falha: 0x001442c3 ID do processo com falha: 0x174c Hora de início do aplicativo com falha: 0xsetup.exe_NVIDIA Install Application0 Caminho do aplicativo com falha: setup.exe_NVIDIA Install Application1 Caminho do módulo com falha: setup.exe_NVIDIA Install Application2 ID do Relatório: setup.exe_NVIDIA Install Application3 Nome completo do pacote com falha: setup.exe_NVIDIA Install Application4 ID do aplicativo relativo ao pacote com falha: setup.exe_NVIDIA Install Application5 Error: (03/29/2016 07:15:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: GfExperienceService.exe, versão: 2.11.2.46, carimbo de data/hora: 0x56f2748f Nome do módulo com falha: SafeGuard64.dll_unloaded, versão: 2.2.0.40, carimbo de data/hora: 0x5683828f Código de exceção: 0xc0000005 Deslocamento da falha: 0x000000000005827b ID do processo com falha: 0x730 Hora de início do aplicativo com falha: 0xGfExperienceService.exe0 Caminho do aplicativo com falha: GfExperienceService.exe1 Caminho do módulo com falha: GfExperienceService.exe2 ID do Relatório: GfExperienceService.exe3 Nome completo do pacote com falha: GfExperienceService.exe4 ID do aplicativo relativo ao pacote com falha: GfExperienceService.exe5 Erros de Sistema: ============= Error: (03/29/2016 07:30:38 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8H0EUGR) Description: {3EB3C877-1F16-487C-9050-104DBCD66683} Error: (03/29/2016 07:16:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço SkypeUpdateEx foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (03/29/2016 07:16:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Xbox Live Network Manager Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (03/29/2016 07:15:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço NVIDIA GeForce Experience Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (03/29/2016 07:12:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Serviço do Google Update (gupdate) devido ao seguinte erro: %%1053 Error: (03/29/2016 07:12:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Serviço do Google Update (gupdate). Error: (03/29/2016 07:09:35 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: AUTORIDADE NT) Description: Recursos de gerenciamento do consumo de energia em desempenho no processador lógico 7 Hyper-V estão desabilitados devido a um problema de firmware. Verifique com o fabricante do computador se há um firmware atualizado. Error: (03/29/2016 07:09:35 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: AUTORIDADE NT) Description: Recursos de gerenciamento do consumo de energia em desempenho no processador lógico 6 Hyper-V estão desabilitados devido a um problema de firmware. Verifique com o fabricante do computador se há um firmware atualizado. Error: (03/29/2016 07:09:35 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: AUTORIDADE NT) Description: Recursos de gerenciamento do consumo de energia em desempenho no processador lógico 5 Hyper-V estão desabilitados devido a um problema de firmware. Verifique com o fabricante do computador se há um firmware atualizado. Error: (03/29/2016 07:09:35 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: AUTORIDADE NT) Description: Recursos de gerenciamento do consumo de energia em desempenho no processador lógico 4 Hyper-V estão desabilitados devido a um problema de firmware. Verifique com o fabricante do computador se há um firmware atualizado. CodeIntegrity: =================================== Date: 2016-03-29 20:40:41.784 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\ProgramData\System32\SafeGuard64.dll that did not meet the security requirements for Shared Sections. Date: 2016-03-29 20:40:41.784 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\ProgramData\System32\SafeGuard64.dll that did not meet the security requirements for Shared Sections. Date: 2016-03-29 20:38:27.866 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\ProgramData\System32\SafeGuard64.dll that did not meet the security requirements for Shared Sections. Date: 2016-03-29 20:38:27.866 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\ProgramData\System32\SafeGuard64.dll that did not meet the security requirements for Shared Sections. Date: 2016-03-29 20:38:25.535 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\ProgramData\System32\SafeGuard64.dll that did not meet the security requirements for Shared Sections. Date: 2016-03-29 20:38:25.534 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\ProgramData\System32\SafeGuard64.dll that did not meet the security requirements for Shared Sections. Date: 2016-03-29 20:38:22.997 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\ProgramData\System32\SafeGuard64.dll that did not meet the security requirements for Shared Sections. Date: 2016-03-29 20:38:22.996 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\ProgramData\System32\SafeGuard64.dll that did not meet the security requirements for Shared Sections. Date: 2016-03-29 20:38:22.741 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\ProgramData\System32\SafeGuard64.dll that did not meet the security requirements for Shared Sections. Date: 2016-03-29 20:38:22.741 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\ProgramData\System32\SafeGuard64.dll that did not meet the security requirements for Shared Sections. ==================== Informações da Memória =========================== Processador: AMD FX(tm)-8120 Eight-Core Processor Percentagem de memória em uso: 46% RAM física total: 8189.55 MB RAM física disponível: 4346.61 MB Virtual Total: 10109.55 MB Virtual disponível: 5790.06 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.51 GB) (Free:732.22 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)] ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DC0AB0EE) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt ============================