Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 30-11-2017
Executado por DELL (04-12-2017 22:16:42)
Executando a partir de C:\Users\DELL\Desktop
Windows 10 Pro Versão 1709 16299.98 (X64) (2017-12-04 22:30:36)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3553575867-2436204442-3326027068-500 - Administrator - Disabled)
Convidado (S-1-5-21-3553575867-2436204442-3326027068-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3553575867-2436204442-3326027068-503 - Limited - Disabled)
DELL (S-1-5-21-3553575867-2436204442-3326027068-1001 - Administrator - Enabled) => C:\Users\DELL
WDAGUtilityAccount (S-1-5-21-3553575867-2436204442-3326027068-504 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.2 - Synaptics Incorporated)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.38.221 - Digital Wave Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HP Deskjet 3510 series Ajuda (HKLM-x32\...\{949C49A5-91B7-40D2-AF9A-15681454074A}) (Version: 28.0.0 - Hewlett Packard)
HP Deskjet 3510 series Estudo de aprimoramento de produtos (HKLM\...\{34B5B8D3-4106-4713-AAE1-DAE898EEB21C}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3510 series Software básico do dispositivo (HKLM\...\{B332BF47-16DD-476D-AE00-31DC6DE5B87A}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
iTunes (HKLM\...\{6762A2B6-5042-4AE2-A81D-018EC2F07750}) (Version: 12.7.1.14 - Apple Inc.)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
Kaspersky Total Security (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3553575867-2436204442-3326027068-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.)
Update for Skype for Business 2016 (KB4011238) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{F26F0631-BD36-41CC-80B8-4E90A43A2EE0}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4011238) 64-Bit Edition (HKLM\...\{90160000-012B-0416-1000-0000000FF1CE}_Office16.PROPLUS_{F26F0631-BD36-41CC-80B8-4E90A43A2EE0}) (Version: - Microsoft)
Warsaw 2.2.0.43 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.2.0.43 - GAS Tecnologia)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2017-12-04] (AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2017-12-04] (AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2017-12-04] (AO Kaspersky Lab)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-02-24] (Intel Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2017-12-04] (AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {3BDD3E77-CD0C-4E79-9899-863FBB32D5BE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-26] (Google Inc.)
Task: {5EE1DA76-90F2-4FC4-837F-675E31175484} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {66612CD0-CD79-481A-BD36-BB760699D948} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-03-01] (Realtek Semiconductor)
Task: {6AF01F2C-A306-4F95-BF7D-B6545846029B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {805970EC-5B89-4F3D-94A9-208C82E60F80} - System32\Tasks\R@1n-KMS\Office16ProPlus => wmic [Argument = path SoftwareLicensingProduct where (ID="d450596f-894d-49e0-966a-fd39ed4c4c64") call Activate]
Task: {9F4671F6-7697-41FD-8E0B-E1455C85F0EF} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {A83BECDD-5285-474F-8807-BD504CE132DF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-26] (Google Inc.)
Task: {BD64BFD5-518E-4E1B-BD80-A5BCA5C5842C} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic [Argument = path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate]
Task: {C4969C57-69C6-47E0-8576-EE8057AFC3E0} - System32\Tasks\HPCustParticipation HP Deskjet 3510 series => C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {D5B97471-E14E-4118-BD87-484204268A87} - \Microsoft\Windows\UNP\RunCampaignManager -> Nenhum Arquivo <==== ATENÇÃO
Task: {DB1A1731-6986-4795-AC44-CE64C6D3D66E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {F7A9C328-8C9E-4387-981E-B5FC2632A4E1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2017-09-29 11:41 - 2017-09-29 11:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-01-13 14:56 - 2017-01-13 14:56 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-12-04 20:51 - 2017-12-04 20:51 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-04 20:51 - 2017-12-04 20:51 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-11-29 23:09 - 2017-11-29 23:09 - 000087040 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-11-29 23:09 - 2017-11-29 23:09 - 000202752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-11-29 23:09 - 2017-11-29 23:09 - 025600000 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-11-29 23:09 - 2017-11-29 23:09 - 002546176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\skypert.dll
2017-09-29 11:41 - 2017-09-29 11:41 - 001909248 _____ () C:\Windows\ShellExperiences\PeopleCommonControls.dll
2017-09-29 11:41 - 2017-09-29 11:41 - 001266176 _____ () C:\Windows\ShellExperiences\PeopleBarFlyout.dll
2017-12-04 20:51 - 2017-12-04 20:51 - 002988032 _____ () C:\Windows\ShellExperiences\WindowsInternal.People.PeoplePicker.dll
2017-09-29 11:41 - 2017-09-29 11:41 - 002459648 _____ () C:\Windows\ShellExperiences\WindowsInternal.People.Relevance.dll
2017-11-13 22:20 - 2017-11-10 07:57 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libglesv2.dll
2017-11-13 22:20 - 2017-11-10 07:57 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libegl.dll
2017-11-15 07:39 - 2017-11-03 16:02 - 031229952 _____ () C:\Users\DELL\AppData\Local\Google\Chrome\User Data\PepperFlash\27.0.0.187\pepflashplayer.dll
2017-12-04 20:51 - 2017-12-04 20:51 - 003657624 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2017-12-04 20:51 - 2017-12-04 20:51 - 002470296 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2017-02-26 15:09 - 2017-02-26 15:09 - 000005120 _____ () C:\WINDOWS\KMS-R@1nHook.exe
2017-02-26 15:09 - 2017-02-26 15:09 - 000004096 _____ () C:\WINDOWS\KMS-R@1nHook.dll
2017-12-04 20:52 - 2017-12-04 20:52 - 000836968 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\kpcengine.2.3.dll
2017-12-04 20:53 - 2017-12-04 20:53 - 001105704 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\KasperskyLab.Ksde.NativeInterop.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-3553575867-2436204442-3326027068-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-3553575867-2436204442-3326027068-1001\...\bb.com.br -> aapj.bb.com.br
IE trusted site: HKU\S-1-5-21-3553575867-2436204442-3326027068-1001\...\gastecnologia.com.br -> cloud.gastecnologia.com.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2017-02-26 12:10 - 2017-02-26 12:06 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3553575867-2436204442-3326027068-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.25.1 - 198.153.192.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKU\S-1-5-21-3553575867-2436204442-3326027068-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3553575867-2436204442-3326027068-1001\...\StartupApproved\Run: => "Steam"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{9DE96455-2CBF-4C61-815E-18FADBB16AC9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C5E73B70-9168-44F4-A6C8-4183E3F9AF90}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9B599E5F-DD3E-4285-9B22-80BCE52F2183}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{81C04D3C-21B9-43F8-B256-47E46921350A}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{9FD33F02-C51D-4C8E-808B-082253239745}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\DeviceSetup.exe
FirewallRules: [{5170E420-E9E5-44E7-AB58-3B4EACB425AD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{14CD1E40-C05B-4AB2-A727-18447BCE37CA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{903463C6-29C8-4616-8493-584F13AD6848}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{DBB1555E-B5E5-481E-B2CF-2F2962E39B39}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E02CE2F8-98B0-4B0A-9AA9-4B403535DAAE}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{76454BDD-E52D-4071-8673-F5C43DB95BEC}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{0A1BC66C-2F59-4341-8388-8E1837328AEA}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{287E08FA-6041-4675-A40C-5C374E8574AA}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{7F7DB1CC-D2D4-4136-8446-B021222940E9}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{1CB8A922-E754-4AA8-BE2B-6A04E54E94D7}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [TCP Query User{F7A695F8-E76A-407A-9A82-9F66D91C4CB6}C:\program files (x86)\steam\steamapps\common\freestylefootball\fsefootball.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\freestylefootball\fsefootball.exe
FirewallRules: [UDP Query User{D39B4705-5269-49E2-96E9-B2BC03537E50}C:\program files (x86)\steam\steamapps\common\freestylefootball\fsefootball.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\freestylefootball\fsefootball.exe
FirewallRules: [{DD66BE5A-9F96-46FF-9A2C-DBC77BB33CE8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{144ED267-0E5F-47EF-9251-06F82ED764FE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{281E24ED-C04D-4772-9850-D3E4B43CCA11}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CEC15DC2-0304-40FE-B0CB-D71A88FE3C34}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6B53625C-9208-4059-8A65-3D169DE4D0E6}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [TCP Query User{15DFD4EA-552C-4C81-B841-B8F4CB3BA6B8}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [UDP Query User{FE34161C-090E-4121-927B-F740FC40505B}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
==================== Pontos de Restauração =========================
ATENÇÃO: A Restauração do Sistema está desabilitada
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (12/04/2017 08:35:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: ShellExperienceHost.exe, versão: 10.0.16299.15, carimbo de data/hora: 0x59cda974
Nome do módulo com falha: twinapi.appcore.dll, versão: 10.0.16299.19, carimbo de data/hora: 0x63553d36
Código de exceção: 0xc000027b
Deslocamento da falha: 0x0000000000094ef5
ID do processo com falha: 0x1ff4
Hora de início do aplicativo com falha: 0x01d36d4fdcb73de5
Caminho do aplicativo com falha: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Caminho do módulo com falha: C:\Windows\System32\twinapi.appcore.dll
ID do Relatório: 749d8219-e4ba-41c5-98a3-db6ec5276f42
Nome completo do pacote com falha: Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy
ID do aplicativo relativo ao pacote com falha: App
Error: (12/04/2017 08:33:16 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent
Error: (12/04/2017 08:33:12 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (12/04/2017 08:32:34 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent
Error: (12/04/2017 08:26:17 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Falha ao tentar obter o estado do nó do cluster: .Código de erro retornado: 0x8007085A
Error: (12/04/2017 08:24:04 PM) (Source: ESENT) (EventID: 455) (User: )
Description: mighost (1836,R,0) TILEREPOSITORYS-1-0-0: Erro -1023 (0xfffffc01) ao abrir o arquivo de log C:\Users\Default\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/04/2017 08:23:40 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Falha ao tentar obter o estado do nó do cluster: .Código de erro retornado: 0x8007085A
Error: (12/04/2017 08:23:40 PM) (Source: MSDTC 2) (EventID: 4104) (User: )
Description: Falha ao tentar obter o estado do nó do cluster: .Código de erro retornado: 0x8007085A
Error: (12/04/2017 08:23:40 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Falha ao tentar obter o estado do nó do cluster: .Código de erro retornado: 0x8007085A
Error: (12/04/2017 08:20:57 PM) (Source: KMS-QAD) (EventID: 1001) (User: )
Description: Event-ID 1001
Erros de Sistema:
=============
Error: (12/04/2017 10:00:55 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-MTOTQPM)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário DESKTOP-MTOTQPM\DELL SID (S-1-5-21-3553575867-2436204442-3326027068-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/04/2017 08:45:52 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/04/2017 08:38:42 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-MTOTQPM)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário DESKTOP-MTOTQPM\DELL SID (S-1-5-21-3553575867-2436204442-3326027068-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/04/2017 08:36:33 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-MTOTQPM)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário DESKTOP-MTOTQPM\DELL SID (S-1-5-21-3553575867-2436204442-3326027068-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/04/2017 08:31:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Windows Presentation Foundation Font Cache 3.0.0.0 devido ao seguinte erro:
O serviço não respondeu à requisição de início ou controle em tempo hábil.
Error: (12/04/2017 08:31:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço FontCache3.0.0.0.
Error: (12/04/2017 08:30:55 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/04/2017 08:30:55 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/04/2017 08:28:45 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: O serviço BranchCache terminou com o seguinte erro específico de serviço:
Este programa está bloqueado por uma política de grupo. Para obter mais informações contate o administrador do sistema.
Error: (12/04/2017 08:28:39 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Este computador foi configurado como membro de
um grupo de trabalho e não como membro de um domínio. Não é necessário
executar o serviço de logon de rede nesta configuração.
CodeIntegrity:
===================================
Date: 2017-12-04 22:16:09.511
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-04 22:16:09.510
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-04 22:15:34.977
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-04 22:15:34.975
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-04 22:01:18.154
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-04 22:01:18.152
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-04 21:45:54.109
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-04 21:45:54.107
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-04 21:37:29.545
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-04 21:37:29.543
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentagem de memória em uso: 58%
RAM física total: 3984.36 MB
RAM física disponível: 1638.75 MB
Virtual Total: 5394.29 MB
Virtual disponível: 2581.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.54 GB) (Free:806.62 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 927DC82D)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=493 MB) - (Type=27)
==================== Fim de Addition.txt ============================
Executado por DELL (04-12-2017 22:16:42)
Executando a partir de C:\Users\DELL\Desktop
Windows 10 Pro Versão 1709 16299.98 (X64) (2017-12-04 22:30:36)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3553575867-2436204442-3326027068-500 - Administrator - Disabled)
Convidado (S-1-5-21-3553575867-2436204442-3326027068-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3553575867-2436204442-3326027068-503 - Limited - Disabled)
DELL (S-1-5-21-3553575867-2436204442-3326027068-1001 - Administrator - Enabled) => C:\Users\DELL
WDAGUtilityAccount (S-1-5-21-3553575867-2436204442-3326027068-504 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.2 - Synaptics Incorporated)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.38.221 - Digital Wave Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HP Deskjet 3510 series Ajuda (HKLM-x32\...\{949C49A5-91B7-40D2-AF9A-15681454074A}) (Version: 28.0.0 - Hewlett Packard)
HP Deskjet 3510 series Estudo de aprimoramento de produtos (HKLM\...\{34B5B8D3-4106-4713-AAE1-DAE898EEB21C}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3510 series Software básico do dispositivo (HKLM\...\{B332BF47-16DD-476D-AE00-31DC6DE5B87A}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
iTunes (HKLM\...\{6762A2B6-5042-4AE2-A81D-018EC2F07750}) (Version: 12.7.1.14 - Apple Inc.)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
Kaspersky Total Security (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3553575867-2436204442-3326027068-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.)
Update for Skype for Business 2016 (KB4011238) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{F26F0631-BD36-41CC-80B8-4E90A43A2EE0}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4011238) 64-Bit Edition (HKLM\...\{90160000-012B-0416-1000-0000000FF1CE}_Office16.PROPLUS_{F26F0631-BD36-41CC-80B8-4E90A43A2EE0}) (Version: - Microsoft)
Warsaw 2.2.0.43 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.2.0.43 - GAS Tecnologia)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2017-12-04] (AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2017-12-04] (AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2017-12-04] (AO Kaspersky Lab)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-02-24] (Intel Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2017-12-04] (AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {3BDD3E77-CD0C-4E79-9899-863FBB32D5BE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-26] (Google Inc.)
Task: {5EE1DA76-90F2-4FC4-837F-675E31175484} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {66612CD0-CD79-481A-BD36-BB760699D948} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-03-01] (Realtek Semiconductor)
Task: {6AF01F2C-A306-4F95-BF7D-B6545846029B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {805970EC-5B89-4F3D-94A9-208C82E60F80} - System32\Tasks\R@1n-KMS\Office16ProPlus => wmic [Argument = path SoftwareLicensingProduct where (ID="d450596f-894d-49e0-966a-fd39ed4c4c64") call Activate]
Task: {9F4671F6-7697-41FD-8E0B-E1455C85F0EF} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {A83BECDD-5285-474F-8807-BD504CE132DF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-26] (Google Inc.)
Task: {BD64BFD5-518E-4E1B-BD80-A5BCA5C5842C} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic [Argument = path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate]
Task: {C4969C57-69C6-47E0-8576-EE8057AFC3E0} - System32\Tasks\HPCustParticipation HP Deskjet 3510 series => C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {D5B97471-E14E-4118-BD87-484204268A87} - \Microsoft\Windows\UNP\RunCampaignManager -> Nenhum Arquivo <==== ATENÇÃO
Task: {DB1A1731-6986-4795-AC44-CE64C6D3D66E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {F7A9C328-8C9E-4387-981E-B5FC2632A4E1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2017-09-29 11:41 - 2017-09-29 11:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-01-13 14:56 - 2017-01-13 14:56 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-12-04 20:51 - 2017-12-04 20:51 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-04 20:51 - 2017-12-04 20:51 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-11-29 23:09 - 2017-11-29 23:09 - 000087040 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-11-29 23:09 - 2017-11-29 23:09 - 000202752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-11-29 23:09 - 2017-11-29 23:09 - 025600000 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-11-29 23:09 - 2017-11-29 23:09 - 002546176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\skypert.dll
2017-09-29 11:41 - 2017-09-29 11:41 - 001909248 _____ () C:\Windows\ShellExperiences\PeopleCommonControls.dll
2017-09-29 11:41 - 2017-09-29 11:41 - 001266176 _____ () C:\Windows\ShellExperiences\PeopleBarFlyout.dll
2017-12-04 20:51 - 2017-12-04 20:51 - 002988032 _____ () C:\Windows\ShellExperiences\WindowsInternal.People.PeoplePicker.dll
2017-09-29 11:41 - 2017-09-29 11:41 - 002459648 _____ () C:\Windows\ShellExperiences\WindowsInternal.People.Relevance.dll
2017-11-13 22:20 - 2017-11-10 07:57 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libglesv2.dll
2017-11-13 22:20 - 2017-11-10 07:57 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libegl.dll
2017-11-15 07:39 - 2017-11-03 16:02 - 031229952 _____ () C:\Users\DELL\AppData\Local\Google\Chrome\User Data\PepperFlash\27.0.0.187\pepflashplayer.dll
2017-12-04 20:51 - 2017-12-04 20:51 - 003657624 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2017-12-04 20:51 - 2017-12-04 20:51 - 002470296 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2017-02-26 15:09 - 2017-02-26 15:09 - 000005120 _____ () C:\WINDOWS\KMS-R@1nHook.exe
2017-02-26 15:09 - 2017-02-26 15:09 - 000004096 _____ () C:\WINDOWS\KMS-R@1nHook.dll
2017-12-04 20:52 - 2017-12-04 20:52 - 000836968 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\kpcengine.2.3.dll
2017-12-04 20:53 - 2017-12-04 20:53 - 001105704 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\KasperskyLab.Ksde.NativeInterop.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-3553575867-2436204442-3326027068-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-3553575867-2436204442-3326027068-1001\...\bb.com.br -> aapj.bb.com.br
IE trusted site: HKU\S-1-5-21-3553575867-2436204442-3326027068-1001\...\gastecnologia.com.br -> cloud.gastecnologia.com.br
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2017-02-26 12:10 - 2017-02-26 12:06 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3553575867-2436204442-3326027068-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.25.1 - 198.153.192.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKU\S-1-5-21-3553575867-2436204442-3326027068-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3553575867-2436204442-3326027068-1001\...\StartupApproved\Run: => "Steam"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{9DE96455-2CBF-4C61-815E-18FADBB16AC9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C5E73B70-9168-44F4-A6C8-4183E3F9AF90}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9B599E5F-DD3E-4285-9B22-80BCE52F2183}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{81C04D3C-21B9-43F8-B256-47E46921350A}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{9FD33F02-C51D-4C8E-808B-082253239745}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\DeviceSetup.exe
FirewallRules: [{5170E420-E9E5-44E7-AB58-3B4EACB425AD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{14CD1E40-C05B-4AB2-A727-18447BCE37CA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{903463C6-29C8-4616-8493-584F13AD6848}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{DBB1555E-B5E5-481E-B2CF-2F2962E39B39}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E02CE2F8-98B0-4B0A-9AA9-4B403535DAAE}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{76454BDD-E52D-4071-8673-F5C43DB95BEC}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{0A1BC66C-2F59-4341-8388-8E1837328AEA}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{287E08FA-6041-4675-A40C-5C374E8574AA}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{7F7DB1CC-D2D4-4136-8446-B021222940E9}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{1CB8A922-E754-4AA8-BE2B-6A04E54E94D7}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [TCP Query User{F7A695F8-E76A-407A-9A82-9F66D91C4CB6}C:\program files (x86)\steam\steamapps\common\freestylefootball\fsefootball.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\freestylefootball\fsefootball.exe
FirewallRules: [UDP Query User{D39B4705-5269-49E2-96E9-B2BC03537E50}C:\program files (x86)\steam\steamapps\common\freestylefootball\fsefootball.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\freestylefootball\fsefootball.exe
FirewallRules: [{DD66BE5A-9F96-46FF-9A2C-DBC77BB33CE8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{144ED267-0E5F-47EF-9251-06F82ED764FE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{281E24ED-C04D-4772-9850-D3E4B43CCA11}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CEC15DC2-0304-40FE-B0CB-D71A88FE3C34}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6B53625C-9208-4059-8A65-3D169DE4D0E6}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [TCP Query User{15DFD4EA-552C-4C81-B841-B8F4CB3BA6B8}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [UDP Query User{FE34161C-090E-4121-927B-F740FC40505B}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
==================== Pontos de Restauração =========================
ATENÇÃO: A Restauração do Sistema está desabilitada
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (12/04/2017 08:35:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: ShellExperienceHost.exe, versão: 10.0.16299.15, carimbo de data/hora: 0x59cda974
Nome do módulo com falha: twinapi.appcore.dll, versão: 10.0.16299.19, carimbo de data/hora: 0x63553d36
Código de exceção: 0xc000027b
Deslocamento da falha: 0x0000000000094ef5
ID do processo com falha: 0x1ff4
Hora de início do aplicativo com falha: 0x01d36d4fdcb73de5
Caminho do aplicativo com falha: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Caminho do módulo com falha: C:\Windows\System32\twinapi.appcore.dll
ID do Relatório: 749d8219-e4ba-41c5-98a3-db6ec5276f42
Nome completo do pacote com falha: Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy
ID do aplicativo relativo ao pacote com falha: App
Error: (12/04/2017 08:33:16 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent
Error: (12/04/2017 08:33:12 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (12/04/2017 08:32:34 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0xC004F074
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent
Error: (12/04/2017 08:26:17 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Falha ao tentar obter o estado do nó do cluster: .Código de erro retornado: 0x8007085A
Error: (12/04/2017 08:24:04 PM) (Source: ESENT) (EventID: 455) (User: )
Description: mighost (1836,R,0) TILEREPOSITORYS-1-0-0: Erro -1023 (0xfffffc01) ao abrir o arquivo de log C:\Users\Default\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/04/2017 08:23:40 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Falha ao tentar obter o estado do nó do cluster: .Código de erro retornado: 0x8007085A
Error: (12/04/2017 08:23:40 PM) (Source: MSDTC 2) (EventID: 4104) (User: )
Description: Falha ao tentar obter o estado do nó do cluster: .Código de erro retornado: 0x8007085A
Error: (12/04/2017 08:23:40 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Falha ao tentar obter o estado do nó do cluster: .Código de erro retornado: 0x8007085A
Error: (12/04/2017 08:20:57 PM) (Source: KMS-QAD) (EventID: 1001) (User: )
Description: Event-ID 1001
Erros de Sistema:
=============
Error: (12/04/2017 10:00:55 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-MTOTQPM)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário DESKTOP-MTOTQPM\DELL SID (S-1-5-21-3553575867-2436204442-3326027068-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/04/2017 08:45:52 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/04/2017 08:38:42 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-MTOTQPM)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário DESKTOP-MTOTQPM\DELL SID (S-1-5-21-3553575867-2436204442-3326027068-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/04/2017 08:36:33 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-MTOTQPM)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
ao usuário DESKTOP-MTOTQPM\DELL SID (S-1-5-21-3553575867-2436204442-3326027068-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/04/2017 08:31:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Windows Presentation Foundation Font Cache 3.0.0.0 devido ao seguinte erro:
O serviço não respondeu à requisição de início ou controle em tempo hábil.
Error: (12/04/2017 08:31:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço FontCache3.0.0.0.
Error: (12/04/2017 08:30:55 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/04/2017 08:30:55 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
Error: (12/04/2017 08:28:45 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: O serviço BranchCache terminou com o seguinte erro específico de serviço:
Este programa está bloqueado por uma política de grupo. Para obter mais informações contate o administrador do sistema.
Error: (12/04/2017 08:28:39 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Este computador foi configurado como membro de
um grupo de trabalho e não como membro de um domínio. Não é necessário
executar o serviço de logon de rede nesta configuração.
CodeIntegrity:
===================================
Date: 2017-12-04 22:16:09.511
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-04 22:16:09.510
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-04 22:15:34.977
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-04 22:15:34.975
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-04 22:01:18.154
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-04 22:01:18.152
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-04 21:45:54.109
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-04 21:45:54.107
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-04 21:37:29.545
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-04 21:37:29.543
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentagem de memória em uso: 58%
RAM física total: 3984.36 MB
RAM física disponível: 1638.75 MB
Virtual Total: 5394.29 MB
Virtual disponível: 2581.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.54 GB) (Free:806.62 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 927DC82D)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=493 MB) - (Type=27)
==================== Fim de Addition.txt ============================