Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Many Malwares installed on my pc
Message
<blockquote data-quote="gabriel soliva" data-source="post: 618996" data-attributes="member: 61056"><p>Tried to use Malwarebytes, found more than 1500 threads, but every second i went using chrome it appeared an annoying popup.</p><p></p><p>Downloaded Farbar Recovery Scan tool, but did not find anything, there is the log:</p><p></p><p>Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 15-03-2017</p><p>Executado por socer (14-04-2017 19:46:53)</p><p>Executando a partir de C:\Users\socer\Downloads</p><p>Windows 10 Home Single Language Versão 1703 (X64) (2017-04-14 07:55:41)</p><p>Modo da Inicialização: Normal</p><p>==========================================================</p><p></p><p></p><p>==================== Contas: =============================</p><p></p><p>Administrador (S-1-5-21-2673395217-1231913305-2213340989-500 - Administrator - Disabled)</p><p>Convidado (S-1-5-21-2673395217-1231913305-2213340989-501 - Limited - Disabled)</p><p>DefaultAccount (S-1-5-21-2673395217-1231913305-2213340989-503 - Limited - Disabled)</p><p>defaultuser0 (S-1-5-21-2673395217-1231913305-2213340989-1000 - Limited - Disabled) => C:\Users\defaultuser0</p><p>socer (S-1-5-21-2673395217-1231913305-2213340989-1001 - Administrator - Enabled) => C:\Users\socer</p><p></p><p>==================== Central de Segurança ========================</p><p></p><p>(Se uma entrada for incluída na fixlist, será removida.)</p><p></p><p>AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</p><p>AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}</p><p>AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</p><p>AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}</p><p></p><p>==================== Programas Instalados ======================</p><p></p><p>(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)</p><p></p><p>µTorrent (HKU\S-1-5-21-2673395217-1231913305-2213340989-1001\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.)</p><p>Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)</p><p>Ajuda e Suporte da Dell (HKLM-x32\...\InstallShield_{7E780845-303D-4B46-9746-9D49D94D16AB}) (Version: 2.3.22.0 - Dell Inc.)</p><p>Ajuda e Suporte da Dell (Version: 2.3.22.0 - Dell Inc.) Hidden</p><p>Ansel (Version: 381.65 - NVIDIA Corporation) Hidden</p><p>Atualizações da NVIDIA 23.23.30.0 (Version: 23.23.30.0 - NVIDIA Corporation) Hidden</p><p>Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)</p><p>Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)</p><p>Dell Data Vault (Version: 4.4.0.0 - Dell Inc.) Hidden</p><p>Dell Digital Delivery (HKLM-x32\...\{99B7C4B5-DC14-441D-A5B6-7340F682BC81}) (Version: 3.1.1117.0 - Dell Products, LP)</p><p>Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.)</p><p>Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.72 - Dell)</p><p>Dell SupportAssist Remediation (HKLM-x32\...\{56e3476e-a4e0-418b-926c-8be09f6c37ce}) (Version: 2.0.2.1818 - Dell Inc.)</p><p>Dell SupportAssist Remediation (Version: 2.0.2.1818 - Dell Inc.) Hidden</p><p>Dell SupportAssistAgent (HKLM-x32\...\{CD2DF2B3-01E7-47FF-AF9C-725FC5FF6409}) (Version: 1.3.2.3 - Dell)</p><p>Dell Update - SupportAssist Update Plugin (HKLM\...\{92F651D9-4431-469E-9B11-299D007AF656}) (Version: 2.0.2.1835 - Dell Inc.)</p><p>Dell Update (HKLM-x32\...\{49655877-33CF-4C8A-B07C-9694935431E4}) (Version: 1.9.7.0 - Dell Inc.)</p><p>Discord (HKU\S-1-5-21-2673395217-1231913305-2213340989-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)</p><p>Dropbox (HKLM-x32\...\Dropbox) (Version: 23.4.19 - Dropbox, Inc.)</p><p>Dropbox 20 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.)</p><p>Dropbox Update Helper (x32 Version: 1.3.65.1 - Dropbox, Inc.) Hidden</p><p>FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)</p><p>Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)</p><p>Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden</p><p>Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)</p><p>Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)</p><p>Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4590 - Intel Corporation)</p><p>Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.9.1053 - Intel Corporation)</p><p>Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)</p><p>Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)</p><p>League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)</p><p>League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden</p><p>Maxx Audio Installer (x64) (Version: 2.6.8627.1 - Waves Audio Ltd.) Hidden</p><p>McAfee AntiVirus (HKLM-x32\...\MSC) (Version: 14.0 R13 - McAfee, Inc.)</p><p>McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.124 - McAfee, Inc.)</p><p>Microsoft Office 365 - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 16.0.7870.2031 - Microsoft Corporation)</p><p>Microsoft Office Home and Student 2016 - pt-br (HKLM\...\HomeStudentRetail - pt-br) (Version: 16.0.7870.2031 - Microsoft Corporation)</p><p>Microsoft OneDrive (HKU\S-1-5-21-2673395217-1231913305-2213340989-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)</p><p>Mozilla Firefox 52.0.2 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 52.0.2 (x86 pt-BR)) (Version: 52.0.2 - Mozilla)</p><p>Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.2.6291 - Mozilla)</p><p>NVIDIA Driver de gráficos 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 381.65 - NVIDIA Corporation)</p><p>NVIDIA Driver do 3D Vision 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 381.65 - NVIDIA Corporation)</p><p>NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)</p><p>NVIDIA Software do sistema PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)</p><p>NvNodejs (Version: 3.4.0.70 - NVIDIA Corporation) Hidden</p><p>NvTelemetry (Version: 2.4.5.0 - NVIDIA Corporation) Hidden</p><p>NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden</p><p>Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7870.2024 - Microsoft Corporation) Hidden</p><p>Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7830.1018 - Microsoft Corporation) Hidden</p><p>Office 16 Click-to-Run Licensing Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden</p><p>Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden</p><p>Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)</p><p>Painel de controle da NVIDIA 381.65 (Version: 381.65 - NVIDIA Corporation) Hidden</p><p>PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - )</p><p>Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.0055 - Qualcomm Atheros)</p><p>Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.17.008 - Dell Inc.)</p><p>Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.302 - Nome de sua empresa<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /></p><p>Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)</p><p>Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7908 - Realtek Semiconductor Corp.)</p><p>Registro de produto (Version: 3.0.123.0 - Dell Inc.) Hidden</p><p>Registro de produto Dell (HKLM-x32\...\InstallShield_{85B14AE3-1624-45BE-942B-A528DF6F1CCE}) (Version: 3.0.123.0 - Dell Inc.)</p><p>SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden</p><p>SHIELD Wireless Controller Driver (Version: 3.4.0.70 - NVIDIA Corporation) Hidden</p><p>Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)</p><p>Software de dispositivo do Chipset Intel® (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden</p><p>Spotify (HKU\S-1-5-21-2673395217-1231913305-2213340989-1001\...\Spotify) (Version: 1.0.52.725.g943b26a8 - Spotify AB)</p><p>TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.1 - TeamSpeak Systems GmbH)</p><p>Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)</p><p>WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)</p><p></p><p>==================== Exame Personalizado CLSID (Whitelisted): ==========================</p><p></p><p>(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)</p><p></p><p></p><p>==================== Tarefas Agendadas (Whitelisted) =============</p><p></p><p>(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)</p><p></p><p>Task: {0983848A-664C-4388-8E21-227B9B9BCAFF} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe </p><p>Task: {1BA1CAE4-F055-487C-BDCD-185DFD7BE6E0} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-26] (Microsoft Corporation)</p><p>Task: {273956DD-0345-49D9-A3D8-B3A161D1C223} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)</p><p>Task: {28FC5046-8704-4357-8802-E9D475C161D2} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe </p><p>Task: {2BB59E86-EC55-4208-93EB-A2CB7B9F9914} - System32\Tasks\{B62F2D05-9CCB-8077-D5AA-D3B448BDAB1B} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\2f2dbe2\51e50ad8.dll" <==== ATENÇÃO</p><p>Task: {2E6A867A-816E-4979-BBFC-1DA6E457268F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)</p><p>Task: {316905EA-A6B5-451F-9A01-AC688699C747} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_148_pepper.exe [2017-04-11] (Adobe Systems Incorporated)</p><p>Task: {31BC773F-2083-47E8-96F6-7B2C348B64C5} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent</p><p>Task: {380AE6E7-5E4E-461F-87A8-E130066F883C} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2016-10-24] (Dell Inc.)</p><p>Task: {394DB385-FDEA-4819-9AD1-87A30CF948C1} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\WINDOWS\system32\ClipRenew.exe [2017-03-20] (Microsoft Corporation)</p><p>Task: {453A40A8-E7A1-4143-8096-0404F9F34596} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-02-17] (PC-Doctor, Inc.)</p><p>Task: {46D9074A-A629-4360-A2F2-735D3B7BE738} - System32\Tasks\Microsoft\Windows\UNP\RunCampaignManager => C:\WINDOWS\System32\UNP\UNPCampaignManager.exe [2017-04-02] (Microsoft Corporation) <==== ATENÇÃO</p><p>Task: {4F0651E9-74DA-472A-B6EF-A29487D5EA89} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)</p><p>Task: {51B97139-D307-41BB-A4D1-D6EDEE5106CD} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)</p><p>Task: {64D227A1-CAF2-4F62-893C-CB71B7F5593F} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task</p><p>Task: {66D54AD0-44E9-41B1-8BD1-B7E214085E27} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-26] (Microsoft Corporation)</p><p>Task: {693F02EA-12F7-4661-8730-A5DF1AFD642F} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh</p><p>Task: {6BD9FDA3-C8EE-4C02-95CB-1B221BF24F79} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged</p><p>Task: {74636CD1-4C8D-4966-B793-D90583CA9E10} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-08-16] (Realtek Semiconductor)</p><p>Task: {7E48EB16-2459-437A-B3B5-DD91866302CC} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task</p><p>Task: {85322B96-631E-49BD-9C68-902414B88E0C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-11] (Adobe Systems Incorporated)</p><p>Task: {8986B566-F62E-45DD-BDC7-36ADC7DA8841} - \{0E0A7E47-0E7A-0C78-0911-057F7F7E1104} -> Nenhum Arquivo <==== ATENÇÃO</p><p>Task: {8A8CBC0F-3B85-47AE-BEF7-D86570A1FAEB} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)</p><p>Task: {9012427F-08A9-4EBE-95EC-489BFA49A597} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)</p><p>Task: {95061B7E-8FA4-44F8-9615-9D4657403248} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\WINDOWS\system32\ClipRenew.exe [2017-03-20] (Microsoft Corporation)</p><p>Task: {96B6CC3C-3F1D-4892-9628-B013246C7CBA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-14] (Google Inc.)</p><p>Task: {97525474-692E-413A-BDA3-F8B3FD778ED5} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [2017-02-22] (McAfee, Inc.)</p><p>Task: {991C1705-01EB-4AF4-85E1-C4744DF6FEB9} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-02-06] (Dropbox, Inc.)</p><p>Task: {9BFBFF63-27D1-4C7C-ADFA-AE5B98B90F78} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask</p><p>Task: {9CCA48B5-B88C-440F-9B9F-3E8B741347C4} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-11-30] (DropboxOEM)</p><p>Task: {A25D498F-B8FF-4F37-857F-A981109C6E3F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-03-26] (Microsoft Corporation)</p><p>Task: {A9236B54-CFC3-4CF2-A8CD-3297D0B29365} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-08] (McAfee, Inc.)</p><p>Task: {B0CD1232-B852-4671-BD59-7DD9A85FFE7B} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)</p><p>Task: {B79BABF2-D6FC-47EF-BAC4-90EE0818473F} - System32\Tasks\Dell Cleanup => c:\windows\system32\oem\startmenufix.vbs [2016-09-14] ()</p><p>Task: {B7E1DFD5-9405-4892-B1CB-F246ACAEACBA} - System32\Tasks\{351EEC6E-82B5-5BC5-01D8-ECAA8E9886E6} => C:\ProgramData\{DC910B18-6B3A-BCB3-FB18-015290FE3EA5}\D7AFA5C7-6004-126C-2B67-D525BEE2715C.exe <==== ATENÇÃO</p><p>Task: {BFA82F68-86F2-4852-B753-0C5B93EB34EA} - System32\Tasks\McAfee\McAfee Idle Detection Task</p><p>Task: {E34B2B4A-74EB-4A0D-AF54-44047629DCF6} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-02-06] (Dropbox, Inc.)</p><p>Task: {F1A0311E-05F4-49D5-AEEF-40B9BF82DF77} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-02-17] (PC-Doctor, Inc.)</p><p>Task: {F8754329-3D61-4E38-A971-E6799376CBC3} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-08] (McAfee, Inc.)</p><p>Task: {FA865EDE-C2C6-4108-A8C4-7DFC6DA47AAB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-14] (Google Inc.)</p><p></p><p>(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)</p><p></p><p>Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe</p><p>Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe</p><p>Task: C:\WINDOWS\Tasks\RunDLC.job => cmd /c sc start Dell Help Support WORKGROUP DESKTOP JEE8QGE</p><p></p><p>==================== Atalhos =============================</p><p></p><p>(As entradas podem ser listadas para serem restauradas ou removidas.)</p><p></p><p>ShortcutWithArgument: C:\Users\socer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData</p><p></p><p>==================== Módulos Carregados (Whitelisted) ==============</p><p></p><p>2015-05-19 08:11 - 2015-05-19 08:11 - 00007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe</p><p>2016-09-24 19:20 - 2016-09-24 19:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe</p><p>2017-02-06 09:32 - 2017-02-23 15:35 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll</p><p>2017-02-06 09:32 - 2017-02-23 15:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll</p><p>2017-03-18 17:58 - 2017-03-18 17:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll</p><p>2017-03-18 17:59 - 2017-03-20 01:02 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll</p><p>2017-04-04 10:42 - 2017-03-29 05:47 - 02885464 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libglesv2.dll</p><p>2017-04-04 10:42 - 2017-03-29 05:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libegl.dll</p><p>2017-01-19 00:22 - 2017-01-19 00:22 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe</p><p>2016-12-21 09:24 - 2016-12-21 09:24 - 00134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll</p><p>2016-09-22 07:56 - 2016-09-22 07:56 - 00133992 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll</p><p>2015-10-16 05:14 - 2015-10-16 05:14 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll</p><p>2017-02-06 09:32 - 2017-02-23 15:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll</p><p>2017-02-06 09:32 - 2017-02-23 15:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll</p><p>2017-02-06 09:32 - 2017-02-23 15:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll</p><p>2017-01-16 08:40 - 2017-01-16 08:40 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll</p><p>2017-03-09 19:51 - 2016-10-08 04:13 - 50656768 _____ () C:\Users\socer\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll</p><p>2017-03-09 19:51 - 2016-10-08 04:13 - 01874944 _____ () C:\Users\socer\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll</p><p>2017-03-09 19:51 - 2016-10-08 04:13 - 00075264 _____ () C:\Users\socer\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll</p><p>2017-02-06 09:32 - 2017-02-23 11:30 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node</p><p>2017-02-06 09:32 - 2017-02-23 11:30 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node</p><p>2017-02-06 09:32 - 2017-02-23 11:30 - 02443320 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node</p><p>2017-02-06 09:32 - 2017-02-23 11:30 - 00385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node</p><p>2017-02-06 09:32 - 2017-02-23 11:30 - 00543288 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node</p><p>2017-02-06 09:32 - 2017-02-23 11:30 - 00468536 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node</p><p></p><p>==================== Alternate Data Streams (Whitelisted) =========</p><p></p><p>(Se uma entrada for incluída na fixlist, somente o ADS será removido.)</p><p></p><p></p><p>==================== Modo de Segurança (Whitelisted) ===================</p><p></p><p>(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)</p><p></p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service"</p><p></p><p>==================== Associação (Whitelisted) ===============</p><p></p><p>(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)</p><p></p><p></p><p>==================== Internet Explorer confiável/restrito ===============</p><p></p><p>(Se uma entrada for incluída na fixlist, será removida do Registro.)</p><p></p><p></p><p>==================== Hosts Conteúdo: ===============================</p><p></p><p>(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)</p><p></p><p>2016-07-16 08:47 - 2016-07-16 08:45 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts</p><p></p><p></p><p>==================== Outras Áreas ============================</p><p></p><p>(Atualmente não há nenhuma correção automática para esta seção.)</p><p></p><p>HKU\S-1-5-21-2673395217-1231913305-2213340989-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win LTBLUE 1920x1200.jpg</p><p>DNS Servers: 8.8.8.8</p><p>HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)</p><p>Firewall do Windows está habilitado.</p><p></p><p>==================== MSCONFIG/TASK MANAGER ítens desabilitados ==</p><p></p><p>HKLM\...\StartupApproved\Run: => "SecurityHealth"</p><p>HKLM\...\StartupApproved\Run32: => "Dropbox"</p><p>HKU\S-1-5-21-2673395217-1231913305-2213340989-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"</p><p>HKU\S-1-5-21-2673395217-1231913305-2213340989-1001\...\StartupApproved\Run: => "OneDrive"</p><p>HKU\S-1-5-21-2673395217-1231913305-2213340989-1001\...\StartupApproved\Run: => "Skype"</p><p>HKU\S-1-5-21-2673395217-1231913305-2213340989-1001\...\StartupApproved\Run: => "Spotify"</p><p>HKU\S-1-5-21-2673395217-1231913305-2213340989-1001\...\StartupApproved\Run: => "Spotify Web Helper"</p><p>HKU\S-1-5-21-2673395217-1231913305-2213340989-1001\...\StartupApproved\Run: => "BlueStacks Agent"</p><p>HKU\S-1-5-21-2673395217-1231913305-2213340989-1001\...\StartupApproved\Run: => "Discord"</p><p></p><p>==================== Regras do Firewall (Whitelisted) ===============</p><p></p><p>(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)</p><p></p><p>FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139</p><p>FirewallRules: [{EAC5CFEE-BADF-44BA-8B25-8FCC9827CF37}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>FirewallRules: [{FBF1898A-9F38-4E4C-9E36-184AC6BDCB94}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe</p><p>FirewallRules: [{A189F115-8438-42B8-8D79-B4459E11923E}] => (Allow) C:\Users\socer\AppData\Roaming\uTorrent\uTorrent.exe</p><p>FirewallRules: [{6FE7C3B6-255D-4B10-894E-9C15B36DE765}] => (Allow) C:\Users\socer\AppData\Roaming\uTorrent\uTorrent.exe</p><p>FirewallRules: [{405AE310-B843-4BF6-9765-C380754B3751}] => (Allow) C:\Users\socer\AppData\Roaming\uTorrent\uTorrent.exe</p><p>FirewallRules: [{7BA08570-C3B6-421E-8923-AAB4CFA837EC}] => (Allow) C:\Users\socer\AppData\Roaming\uTorrent\uTorrent.exe</p><p>FirewallRules: [{CCF8D01F-AA56-49C9-B118-D0E8CCCA4B08}] => (Allow) C:\Users\socer\AppData\Roaming\uTorrent\uTorrent.exe</p><p>FirewallRules: [{01280FEC-91AE-4AF4-9D74-9618DBB3E27E}] => (Allow) C:\Users\socer\AppData\Roaming\uTorrent\uTorrent.exe</p><p>FirewallRules: [{9F70CC47-B463-417B-B622-872F4A3F6FF8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe</p><p>FirewallRules: [{D30461AD-C130-45C2-9531-AA2CEA943921}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe</p><p>FirewallRules: [UDP Query User{5EA3EAF8-148F-433B-9919-2924FEF90708}C:\users\socer\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\socer\appdata\roaming\spotify\spotify.exe</p><p>FirewallRules: [TCP Query User{5A897F05-D9A2-4164-97EE-465990492C4A}C:\users\socer\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\socer\appdata\roaming\spotify\spotify.exe</p><p>FirewallRules: [UDP Query User{326DCC21-FFE9-4AD7-A9AC-5E72982587E0}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe</p><p>FirewallRules: [TCP Query User{A4BB856A-26FA-4969-9066-5CD9F9FAF05C}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe</p><p>FirewallRules: [{95F5571C-F0A2-4DFE-9F08-100C5564899B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe</p><p>FirewallRules: [{082A025D-BA6C-42E2-B907-F0CF07090702}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe</p><p>FirewallRules: [{5CBCB14B-C956-44EE-B06D-5ABB114EBFC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe</p><p>FirewallRules: [{4AF6B681-08DE-4D62-9F67-85627D98D042}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe</p><p>FirewallRules: [{6CEDB281-D5E5-499C-A04D-934DD2598541}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe</p><p>FirewallRules: [{D4EAA8A5-5C8E-45EA-BC81-065F51BFAECA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe</p><p>FirewallRules: [{E69470D0-7BBD-458D-ACA8-CA490689537A}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe</p><p>FirewallRules: [{A1FFC7D4-43FD-4B46-9A79-44B95761FC50}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe</p><p>FirewallRules: [{1CC6F598-4E60-4AED-BCFB-57B846AE141D}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe</p><p>FirewallRules: [{ACA253D2-550D-4DE7-813D-CB580D172058}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe</p><p>FirewallRules: [{4CE28A75-B398-49AC-B25D-382A505BC75B}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe</p><p>FirewallRules: [{53D9DEA3-0E76-4487-A343-888ECD1F89A3}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe</p><p></p><p>==================== Pontos de Restauração =========================</p><p></p><p>14-04-2017 12:08:55 Windows Update</p><p></p><p>==================== Dispositivos Apresentando Falhas No Gerenciador =============</p><p></p><p></p><p>==================== Erros no Log de eventos: =========================</p><p></p><p>Erros em Aplicativos:</p><p>==================</p><p>Error: (04/14/2017 07:25:29 PM) (Source: Dell System Detect) (EventID: 0) (User: )</p><p>Description: <Exception><Type>System.Xml.XmlException</Type><Message><![CDATA[O caractere '/', valor hexadecimal 0x2F, não pode ser incluído em um nome.]]></Message><Source><![CDATA[System.Xml]]></Source><StackTrace><![CDATA[ em System.Xml.XmlDocument.CheckName(String name)</p><p> em System.Xml.XmlElement..ctor(XmlName name, Boolean empty, XmlDocument doc)</p><p> em System.Xml.XmlDocument.CreateElement(String prefix, String localName, String namespaceURI)</p><p> em System.Xml.XmlDocument.CreateElement(String name)</p><p> em eSupport.Common.Client.Core.LastUpdatedHelper.SetLastUpdatedValue(String type, String value)]]></StackTrace><SysInfo STag="3WRZ1H2" SMBIOSMajVer="2" SMBIOSMinVer="8" SMBIOSBIOSVer="1.1.9" SMBIOSPresent="True" Rel_Date="20160425000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="Inspiron 5457" Ident_Num="DESKTOP-JEE8QGE" TimeZone="(UTC-03:00) Brasília" OSName="Microsoft Windows 10 Home Single Language"/><Method>UpdateLastUpdatedConfig</Method><HostIP>192.168.0.15</HostIP></Exception></p><p></p><p>Error: (04/14/2017 07:25:29 PM) (Source: Dell System Detect) (EventID: 0) (User: )</p><p>Description: <Exception><Type>System.Xml.XmlException</Type><Message><![CDATA[O caractere '/', valor hexadecimal 0x2F, não pode ser incluído em um nome.]]></Message><Source><![CDATA[System.Xml]]></Source><StackTrace><![CDATA[ em System.Xml.XmlDocument.CheckName(String name)</p><p> em System.Xml.XmlElement..ctor(XmlName name, Boolean empty, XmlDocument doc)</p><p> em System.Xml.XmlDocument.CreateElement(String prefix, String localName, String namespaceURI)</p><p> em System.Xml.XmlDocument.CreateElement(String name)</p><p> em eSupport.Common.Client.Core.LastUpdatedHelper.SetLastUpdatedValue(String type, String value)]]></StackTrace><SysInfo STag="3WRZ1H2" SMBIOSMajVer="2" SMBIOSMinVer="8" SMBIOSBIOSVer="1.1.9" SMBIOSPresent="True" Rel_Date="20160425000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="Inspiron 5457" Ident_Num="DESKTOP-JEE8QGE" TimeZone="(UTC-03:00) Brasília" OSName="Microsoft Windows 10 Home Single Language"/><Method>UpdateLastUpdatedConfig</Method><HostIP>192.168.0.15</HostIP></Exception></p><p></p><p>Error: (04/14/2017 07:25:29 PM) (Source: Dell System Detect) (EventID: 0) (User: )</p><p>Description: <Exception><Type>System.Xml.XmlException</Type><Message><![CDATA[O caractere '/', valor hexadecimal 0x2F, não pode ser incluído em um nome.]]></Message><Source><![CDATA[System.Xml]]></Source><StackTrace><![CDATA[ em System.Xml.XmlDocument.CheckName(String name)</p><p> em System.Xml.XmlElement..ctor(XmlName name, Boolean empty, XmlDocument doc)</p><p> em System.Xml.XmlDocument.CreateElement(String prefix, String localName, String namespaceURI)</p><p> em System.Xml.XmlDocument.CreateElement(String name)</p><p> em eSupport.Common.Client.Core.LastUpdatedHelper.SetLastUpdatedValue(String type, String value)]]></StackTrace><SysInfo STag="3WRZ1H2" SMBIOSMajVer="2" SMBIOSMinVer="8" SMBIOSBIOSVer="1.1.9" SMBIOSPresent="True" Rel_Date="20160425000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="Inspiron 5457" Ident_Num="DESKTOP-JEE8QGE" TimeZone="(UTC-03:00) Brasília" OSName="Microsoft Windows 10 Home Single Language"/><Method>UpdateLastUpdatedConfig</Method><HostIP>192.168.0.15</HostIP></Exception></p><p></p><p>Error: (04/14/2017 07:25:28 PM) (Source: Dell System Detect) (EventID: 0) (User: )</p><p>Description: <Exception><Type>System.Xml.XmlException</Type><Message><![CDATA[O caractere '/', valor hexadecimal 0x2F, não pode ser incluído em um nome.]]></Message><Source><![CDATA[System.Xml]]></Source><StackTrace><![CDATA[ em System.Xml.XmlDocument.CheckName(String name)</p><p> em System.Xml.XmlElement..ctor(XmlName name, Boolean empty, XmlDocument doc)</p><p> em System.Xml.XmlDocument.CreateElement(String prefix, String localName, String namespaceURI)</p><p> em System.Xml.XmlDocument.CreateElement(String name)</p><p> em eSupport.Common.Client.Core.LastUpdatedHelper.SetLastUpdatedValue(String type, String value)]]></StackTrace><SysInfo STag="3WRZ1H2" SMBIOSMajVer="2" SMBIOSMinVer="8" SMBIOSBIOSVer="1.1.9" SMBIOSPresent="True" Rel_Date="20160425000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="Inspiron 5457" Ident_Num="DESKTOP-JEE8QGE" TimeZone="(UTC-03:00) Brasília" OSName="Microsoft Windows 10 Home Single Language"/><Method>UpdateLastUpdatedConfig</Method><HostIP>192.168.0.15</HostIP></Exception></p><p></p><p>Error: (04/14/2017 07:06:22 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Nome do aplicativo com falha: SDUpdSvc.exe, versão: 2.5.44.79, carimbo de data/hora: 0x57e24e33</p><p>Nome do módulo com falha: rtl150.bpl, versão: 15.0.3953.35171, carimbo de data/hora: 0x4cca139f</p><p>Código de exceção: 0xc0000005</p><p>Deslocamento da falha: 0x0000a116</p><p>ID do processo com falha: 0xfb0</p><p>Hora de início do aplicativo com falha: 0x01d2b4f2dc5fed70</p><p>Caminho do aplicativo com falha: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe</p><p>Caminho do módulo com falha: C:\Program Files (x86)\Spybot - Search & Destroy 2\rtl150.bpl</p><p>ID do Relatório: e9915b7f-bff7-4a1c-8e00-7ae2715b3ab3</p><p>Nome completo do pacote com falha: </p><p>ID do aplicativo relativo ao pacote com falha:</p><p></p><p>Error: (04/14/2017 12:09:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )</p><p>Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..</p><p></p><p>Details:</p><p>AddWin32ServiceFiles: Unable to back up image of service Razer Wizard Service since OpenService API failed</p><p></p><p>System Error:</p><p>O serviço especificado não existe como serviço instalado.</p><p>.</p><p></p><p>Error: (04/14/2017 09:12:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-JEE8QGE)</p><p>Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.</p><p></p><p>Error: (04/14/2017 08:52:06 AM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )</p><p>Description: [10] ERROR- Failed to create user process to collect profile from Service. Exception:System.Exception: ProcessUtilities->CreateUIProcessFromLocalSystem->An unhandled exception was caught spawning the process, the exception was: Can't create user process since no one logged in! WTSQueryUserToken() failed</p><p> em utilities.ProcessHelper.CreateUIProcessFromLocalSystem(String in_strTarget, String in_strArguments, Boolean createOnlyForActiveUser, Boolean shouldHidden)</p><p> em MailboxAgent.OSProfileCollector.collectProfiles() #StackInfo#</p><p></p><p>Error: (04/14/2017 08:52:06 AM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )</p><p>Description: [10] ERROR- ProcessUtilities.CreateUIProcessFromLocalSystem() exception:System.Exception: Can't create user process since no one logged in! WTSQueryUserToken() failed</p><p> em utilities.ProcessHelper.CreateUIProcessFromLocalSystem(String in_strTarget, String in_strArguments, Boolean createOnlyForActiveUser, Boolean shouldHidden) #StackInfo#</p><p></p><p>Error: (04/14/2017 06:52:06 AM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )</p><p>Description: [10] ERROR- Failed to create user process to collect profile from Service. Exception:System.Exception: ProcessUtilities->CreateUIProcessFromLocalSystem->An unhandled exception was caught spawning the process, the exception was: Can't create user process since no one logged in! WTSQueryUserToken() failed</p><p> em utilities.ProcessHelper.CreateUIProcessFromLocalSystem(String in_strTarget, String in_strArguments, Boolean createOnlyForActiveUser, Boolean shouldHidden)</p><p> em MailboxAgent.OSProfileCollector.collectProfiles() #StackInfo#</p><p></p><p></p><p>Erros de Sistema:</p><p>=============</p><p>Error: (04/14/2017 07:30:45 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)</p><p>Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID </p><p>{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}</p><p> e APPID </p><p>{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}</p><p> ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.</p><p></p><p>Error: (04/14/2017 07:30:45 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)</p><p>Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID </p><p>{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}</p><p> e APPID </p><p>{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}</p><p> ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.</p><p></p><p>Error: (04/14/2017 07:27:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: Não foi possível iniciar o serviço CldFlt devido ao seguinte erro: </p><p>Não há suporte para o pedido.</p><p></p><p>Error: (04/14/2017 07:25:41 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JEE8QGE)</p><p>Description: O servidor {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} não se registrou no DCOM dentro do tempo limite necessário.</p><p></p><p>Error: (04/14/2017 07:25:40 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JEE8QGE)</p><p>Description: O servidor {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} não se registrou no DCOM dentro do tempo limite necessário.</p><p></p><p>Error: (04/14/2017 07:03:26 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)</p><p>Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID </p><p>{D63B10C5-BB46-4990-A94F-E40B9D520160}</p><p> e APPID </p><p>{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}</p><p> ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.</p><p></p><p>Error: (04/14/2017 07:03:10 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)</p><p>Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID </p><p>{D63B10C5-BB46-4990-A94F-E40B9D520160}</p><p> e APPID </p><p>{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}</p><p> ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.</p><p></p><p>Error: (04/14/2017 05:29:29 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)</p><p>Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID </p><p>{D63B10C5-BB46-4990-A94F-E40B9D520160}</p><p> e APPID </p><p>{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}</p><p> ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.</p><p></p><p>Error: (04/14/2017 12:49:24 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)</p><p>Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID </p><p>{D63B10C5-BB46-4990-A94F-E40B9D520160}</p><p> e APPID </p><p>{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}</p><p> ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.</p><p></p><p>Error: (04/14/2017 12:48:48 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)</p><p>Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID </p><p>{D63B10C5-BB46-4990-A94F-E40B9D520160}</p><p> e APPID </p><p>{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}</p><p> ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.</p><p></p><p></p><p>==================== Informações da Memória =========================== </p><p></p><p>Processador: Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz</p><p>Percentagem de memória em uso: 25%</p><p>RAM física total: 16275.82 MB</p><p>RAM física disponível: 12203.18 MB</p><p>Virtual Total: 19219.82 MB</p><p>Virtual disponível: 15016.77 MB</p><p></p><p>==================== Drives ================================</p><p></p><p>Drive c: (OS) (Fixed) (Total:918.55 GB) (Free:806.16 GB) NTFS</p><p></p><p>==================== MBR & Tabela de Partições ==================</p><p></p><p>========================================================</p><p>Disk: 0 (Size: 931.5 GB) (Disk ID: B4C0C1FE)</p><p></p><p>Partition: GPT.</p><p></p><p>==================== Fim de Addition.txt ============================</p></blockquote><p></p>
[QUOTE="gabriel soliva, post: 618996, member: 61056"] Tried to use Malwarebytes, found more than 1500 threads, but every second i went using chrome it appeared an annoying popup. Downloaded Farbar Recovery Scan tool, but did not find anything, there is the log: Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 15-03-2017 Executado por socer (14-04-2017 19:46:53) Executando a partir de C:\Users\socer\Downloads Windows 10 Home Single Language Versão 1703 (X64) (2017-04-14 07:55:41) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-2673395217-1231913305-2213340989-500 - Administrator - Disabled) Convidado (S-1-5-21-2673395217-1231913305-2213340989-501 - Limited - Disabled) DefaultAccount (S-1-5-21-2673395217-1231913305-2213340989-503 - Limited - Disabled) defaultuser0 (S-1-5-21-2673395217-1231913305-2213340989-1000 - Limited - Disabled) => C:\Users\defaultuser0 socer (S-1-5-21-2673395217-1231913305-2213340989-1001 - Administrator - Enabled) => C:\Users\socer ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-2673395217-1231913305-2213340989-1001\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.) Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated) Ajuda e Suporte da Dell (HKLM-x32\...\InstallShield_{7E780845-303D-4B46-9746-9D49D94D16AB}) (Version: 2.3.22.0 - Dell Inc.) Ajuda e Suporte da Dell (Version: 2.3.22.0 - Dell Inc.) Hidden Ansel (Version: 381.65 - NVIDIA Corporation) Hidden Atualizações da NVIDIA 23.23.30.0 (Version: 23.23.30.0 - NVIDIA Corporation) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.) Dell Data Vault (Version: 4.4.0.0 - Dell Inc.) Hidden Dell Digital Delivery (HKLM-x32\...\{99B7C4B5-DC14-441D-A5B6-7340F682BC81}) (Version: 3.1.1117.0 - Dell Products, LP) Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.) Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.72 - Dell) Dell SupportAssist Remediation (HKLM-x32\...\{56e3476e-a4e0-418b-926c-8be09f6c37ce}) (Version: 2.0.2.1818 - Dell Inc.) Dell SupportAssist Remediation (Version: 2.0.2.1818 - Dell Inc.) Hidden Dell SupportAssistAgent (HKLM-x32\...\{CD2DF2B3-01E7-47FF-AF9C-725FC5FF6409}) (Version: 1.3.2.3 - Dell) Dell Update - SupportAssist Update Plugin (HKLM\...\{92F651D9-4431-469E-9B11-299D007AF656}) (Version: 2.0.2.1835 - Dell Inc.) Dell Update (HKLM-x32\...\{49655877-33CF-4C8A-B07C-9694935431E4}) (Version: 1.9.7.0 - Dell Inc.) Discord (HKU\S-1-5-21-2673395217-1231913305-2213340989-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.) Dropbox (HKLM-x32\...\Dropbox) (Version: 23.4.19 - Dropbox, Inc.) Dropbox 20 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.65.1 - Dropbox, Inc.) Hidden FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.) Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4590 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.9.1053 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games) League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden Maxx Audio Installer (x64) (Version: 2.6.8627.1 - Waves Audio Ltd.) Hidden McAfee AntiVirus (HKLM-x32\...\MSC) (Version: 14.0 R13 - McAfee, Inc.) McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.124 - McAfee, Inc.) Microsoft Office 365 - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 16.0.7870.2031 - Microsoft Corporation) Microsoft Office Home and Student 2016 - pt-br (HKLM\...\HomeStudentRetail - pt-br) (Version: 16.0.7870.2031 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2673395217-1231913305-2213340989-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mozilla Firefox 52.0.2 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 52.0.2 (x86 pt-BR)) (Version: 52.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.2.6291 - Mozilla) NVIDIA Driver de gráficos 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 381.65 - NVIDIA Corporation) NVIDIA Driver do 3D Vision 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 381.65 - NVIDIA Corporation) NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation) NvNodejs (Version: 3.4.0.70 - NVIDIA Corporation) Hidden NvTelemetry (Version: 2.4.5.0 - NVIDIA Corporation) Hidden NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7870.2024 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7830.1018 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) Painel de controle da NVIDIA 381.65 (Version: 381.65 - NVIDIA Corporation) Hidden PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - ) Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.0055 - Qualcomm Atheros) Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.17.008 - Dell Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.302 - Nome de sua empresa:) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7908 - Realtek Semiconductor Corp.) Registro de produto (Version: 3.0.123.0 - Dell Inc.) Hidden Registro de produto Dell (HKLM-x32\...\InstallShield_{85B14AE3-1624-45BE-942B-A528DF6F1CCE}) (Version: 3.0.123.0 - Dell Inc.) SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.4.0.70 - NVIDIA Corporation) Hidden Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.) Software de dispositivo do Chipset Intel® (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden Spotify (HKU\S-1-5-21-2673395217-1231913305-2213340989-1001\...\Spotify) (Version: 1.0.52.725.g943b26a8 - Spotify AB) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.1 - TeamSpeak Systems GmbH) Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation) WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {0983848A-664C-4388-8E21-227B9B9BCAFF} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {1BA1CAE4-F055-487C-BDCD-185DFD7BE6E0} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-26] (Microsoft Corporation) Task: {273956DD-0345-49D9-A3D8-B3A161D1C223} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation) Task: {28FC5046-8704-4357-8802-E9D475C161D2} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe Task: {2BB59E86-EC55-4208-93EB-A2CB7B9F9914} - System32\Tasks\{B62F2D05-9CCB-8077-D5AA-D3B448BDAB1B} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\2f2dbe2\51e50ad8.dll" <==== ATENÇÃO Task: {2E6A867A-816E-4979-BBFC-1DA6E457268F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation) Task: {316905EA-A6B5-451F-9A01-AC688699C747} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_148_pepper.exe [2017-04-11] (Adobe Systems Incorporated) Task: {31BC773F-2083-47E8-96F6-7B2C348B64C5} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent Task: {380AE6E7-5E4E-461F-87A8-E130066F883C} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2016-10-24] (Dell Inc.) Task: {394DB385-FDEA-4819-9AD1-87A30CF948C1} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\WINDOWS\system32\ClipRenew.exe [2017-03-20] (Microsoft Corporation) Task: {453A40A8-E7A1-4143-8096-0404F9F34596} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-02-17] (PC-Doctor, Inc.) Task: {46D9074A-A629-4360-A2F2-735D3B7BE738} - System32\Tasks\Microsoft\Windows\UNP\RunCampaignManager => C:\WINDOWS\System32\UNP\UNPCampaignManager.exe [2017-04-02] (Microsoft Corporation) <==== ATENÇÃO Task: {4F0651E9-74DA-472A-B6EF-A29487D5EA89} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation) Task: {51B97139-D307-41BB-A4D1-D6EDEE5106CD} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation) Task: {64D227A1-CAF2-4F62-893C-CB71B7F5593F} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task Task: {66D54AD0-44E9-41B1-8BD1-B7E214085E27} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-26] (Microsoft Corporation) Task: {693F02EA-12F7-4661-8730-A5DF1AFD642F} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh Task: {6BD9FDA3-C8EE-4C02-95CB-1B221BF24F79} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged Task: {74636CD1-4C8D-4966-B793-D90583CA9E10} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-08-16] (Realtek Semiconductor) Task: {7E48EB16-2459-437A-B3B5-DD91866302CC} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task Task: {85322B96-631E-49BD-9C68-902414B88E0C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-11] (Adobe Systems Incorporated) Task: {8986B566-F62E-45DD-BDC7-36ADC7DA8841} - \{0E0A7E47-0E7A-0C78-0911-057F7F7E1104} -> Nenhum Arquivo <==== ATENÇÃO Task: {8A8CBC0F-3B85-47AE-BEF7-D86570A1FAEB} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation) Task: {9012427F-08A9-4EBE-95EC-489BFA49A597} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation) Task: {95061B7E-8FA4-44F8-9615-9D4657403248} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\WINDOWS\system32\ClipRenew.exe [2017-03-20] (Microsoft Corporation) Task: {96B6CC3C-3F1D-4892-9628-B013246C7CBA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-14] (Google Inc.) Task: {97525474-692E-413A-BDA3-F8B3FD778ED5} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [2017-02-22] (McAfee, Inc.) Task: {991C1705-01EB-4AF4-85E1-C4744DF6FEB9} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-02-06] (Dropbox, Inc.) Task: {9BFBFF63-27D1-4C7C-ADFA-AE5B98B90F78} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask Task: {9CCA48B5-B88C-440F-9B9F-3E8B741347C4} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-11-30] (DropboxOEM) Task: {A25D498F-B8FF-4F37-857F-A981109C6E3F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-03-26] (Microsoft Corporation) Task: {A9236B54-CFC3-4CF2-A8CD-3297D0B29365} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-08] (McAfee, Inc.) Task: {B0CD1232-B852-4671-BD59-7DD9A85FFE7B} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation) Task: {B79BABF2-D6FC-47EF-BAC4-90EE0818473F} - System32\Tasks\Dell Cleanup => c:\windows\system32\oem\startmenufix.vbs [2016-09-14] () Task: {B7E1DFD5-9405-4892-B1CB-F246ACAEACBA} - System32\Tasks\{351EEC6E-82B5-5BC5-01D8-ECAA8E9886E6} => C:\ProgramData\{DC910B18-6B3A-BCB3-FB18-015290FE3EA5}\D7AFA5C7-6004-126C-2B67-D525BEE2715C.exe <==== ATENÇÃO Task: {BFA82F68-86F2-4852-B753-0C5B93EB34EA} - System32\Tasks\McAfee\McAfee Idle Detection Task Task: {E34B2B4A-74EB-4A0D-AF54-44047629DCF6} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-02-06] (Dropbox, Inc.) Task: {F1A0311E-05F4-49D5-AEEF-40B9BF82DF77} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-02-17] (PC-Doctor, Inc.) Task: {F8754329-3D61-4E38-A971-E6799376CBC3} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-08] (McAfee, Inc.) Task: {FA865EDE-C2C6-4108-A8C4-7DFC6DA47AAB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-14] (Google Inc.) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\RunDLC.job => cmd /c sc start Dell Help Support WORKGROUP DESKTOP JEE8QGE ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\socer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData ==================== Módulos Carregados (Whitelisted) ============== 2015-05-19 08:11 - 2015-05-19 08:11 - 00007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe 2016-09-24 19:20 - 2016-09-24 19:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2017-02-06 09:32 - 2017-02-23 15:35 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll 2017-02-06 09:32 - 2017-02-23 15:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-03-18 17:58 - 2017-03-18 17:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-03-18 17:59 - 2017-03-20 01:02 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-04-04 10:42 - 2017-03-29 05:47 - 02885464 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libglesv2.dll 2017-04-04 10:42 - 2017-03-29 05:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libegl.dll 2017-01-19 00:22 - 2017-01-19 00:22 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe 2016-12-21 09:24 - 2016-12-21 09:24 - 00134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll 2016-09-22 07:56 - 2016-09-22 07:56 - 00133992 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll 2015-10-16 05:14 - 2015-10-16 05:14 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2017-02-06 09:32 - 2017-02-23 15:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2017-02-06 09:32 - 2017-02-23 15:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-02-06 09:32 - 2017-02-23 15:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll 2017-01-16 08:40 - 2017-01-16 08:40 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll 2017-03-09 19:51 - 2016-10-08 04:13 - 50656768 _____ () C:\Users\socer\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll 2017-03-09 19:51 - 2016-10-08 04:13 - 01874944 _____ () C:\Users\socer\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll 2017-03-09 19:51 - 2016-10-08 04:13 - 00075264 _____ () C:\Users\socer\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll 2017-02-06 09:32 - 2017-02-23 11:30 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2017-02-06 09:32 - 2017-02-23 11:30 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2017-02-06 09:32 - 2017-02-23 11:30 - 02443320 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2017-02-06 09:32 - 2017-02-23 11:30 - 00385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2017-02-06 09:32 - 2017-02-23 11:30 - 00543288 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node 2017-02-06 09:32 - 2017-02-23 11:30 - 00468536 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service" ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) ==================== Hosts Conteúdo: =============================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2016-07-16 08:47 - 2016-07-16 08:45 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-2673395217-1231913305-2213340989-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win LTBLUE 1920x1200.jpg DNS Servers: 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run32: => "Dropbox" HKU\S-1-5-21-2673395217-1231913305-2213340989-1001\...\StartupApproved\StartupFolder: => "Curse.lnk" HKU\S-1-5-21-2673395217-1231913305-2213340989-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2673395217-1231913305-2213340989-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-2673395217-1231913305-2213340989-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-2673395217-1231913305-2213340989-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-2673395217-1231913305-2213340989-1001\...\StartupApproved\Run: => "BlueStacks Agent" HKU\S-1-5-21-2673395217-1231913305-2213340989-1001\...\StartupApproved\Run: => "Discord" ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{EAC5CFEE-BADF-44BA-8B25-8FCC9827CF37}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{FBF1898A-9F38-4E4C-9E36-184AC6BDCB94}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{A189F115-8438-42B8-8D79-B4459E11923E}] => (Allow) C:\Users\socer\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6FE7C3B6-255D-4B10-894E-9C15B36DE765}] => (Allow) C:\Users\socer\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{405AE310-B843-4BF6-9765-C380754B3751}] => (Allow) C:\Users\socer\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7BA08570-C3B6-421E-8923-AAB4CFA837EC}] => (Allow) C:\Users\socer\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{CCF8D01F-AA56-49C9-B118-D0E8CCCA4B08}] => (Allow) C:\Users\socer\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{01280FEC-91AE-4AF4-9D74-9618DBB3E27E}] => (Allow) C:\Users\socer\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{9F70CC47-B463-417B-B622-872F4A3F6FF8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{D30461AD-C130-45C2-9531-AA2CEA943921}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{5EA3EAF8-148F-433B-9919-2924FEF90708}C:\users\socer\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\socer\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{5A897F05-D9A2-4164-97EE-465990492C4A}C:\users\socer\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\socer\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{326DCC21-FFE9-4AD7-A9AC-5E72982587E0}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [TCP Query User{A4BB856A-26FA-4969-9066-5CD9F9FAF05C}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [{95F5571C-F0A2-4DFE-9F08-100C5564899B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{082A025D-BA6C-42E2-B907-F0CF07090702}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{5CBCB14B-C956-44EE-B06D-5ABB114EBFC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{4AF6B681-08DE-4D62-9F67-85627D98D042}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{6CEDB281-D5E5-499C-A04D-934DD2598541}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{D4EAA8A5-5C8E-45EA-BC81-065F51BFAECA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{E69470D0-7BBD-458D-ACA8-CA490689537A}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe FirewallRules: [{A1FFC7D4-43FD-4B46-9A79-44B95761FC50}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe FirewallRules: [{1CC6F598-4E60-4AED-BCFB-57B846AE141D}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe FirewallRules: [{ACA253D2-550D-4DE7-813D-CB580D172058}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe FirewallRules: [{4CE28A75-B398-49AC-B25D-382A505BC75B}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe FirewallRules: [{53D9DEA3-0E76-4487-A343-888ECD1F89A3}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ==================== Pontos de Restauração ========================= 14-04-2017 12:08:55 Windows Update ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (04/14/2017 07:25:29 PM) (Source: Dell System Detect) (EventID: 0) (User: ) Description: <Exception><Type>System.Xml.XmlException</Type><Message><![CDATA[O caractere '/', valor hexadecimal 0x2F, não pode ser incluído em um nome.]]></Message><Source><![CDATA[System.Xml]]></Source><StackTrace><![CDATA[ em System.Xml.XmlDocument.CheckName(String name) em System.Xml.XmlElement..ctor(XmlName name, Boolean empty, XmlDocument doc) em System.Xml.XmlDocument.CreateElement(String prefix, String localName, String namespaceURI) em System.Xml.XmlDocument.CreateElement(String name) em eSupport.Common.Client.Core.LastUpdatedHelper.SetLastUpdatedValue(String type, String value)]]></StackTrace><SysInfo STag="3WRZ1H2" SMBIOSMajVer="2" SMBIOSMinVer="8" SMBIOSBIOSVer="1.1.9" SMBIOSPresent="True" Rel_Date="20160425000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="Inspiron 5457" Ident_Num="DESKTOP-JEE8QGE" TimeZone="(UTC-03:00) Brasília" OSName="Microsoft Windows 10 Home Single Language"/><Method>UpdateLastUpdatedConfig</Method><HostIP>192.168.0.15</HostIP></Exception> Error: (04/14/2017 07:25:29 PM) (Source: Dell System Detect) (EventID: 0) (User: ) Description: <Exception><Type>System.Xml.XmlException</Type><Message><![CDATA[O caractere '/', valor hexadecimal 0x2F, não pode ser incluído em um nome.]]></Message><Source><![CDATA[System.Xml]]></Source><StackTrace><![CDATA[ em System.Xml.XmlDocument.CheckName(String name) em System.Xml.XmlElement..ctor(XmlName name, Boolean empty, XmlDocument doc) em System.Xml.XmlDocument.CreateElement(String prefix, String localName, String namespaceURI) em System.Xml.XmlDocument.CreateElement(String name) em eSupport.Common.Client.Core.LastUpdatedHelper.SetLastUpdatedValue(String type, String value)]]></StackTrace><SysInfo STag="3WRZ1H2" SMBIOSMajVer="2" SMBIOSMinVer="8" SMBIOSBIOSVer="1.1.9" SMBIOSPresent="True" Rel_Date="20160425000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="Inspiron 5457" Ident_Num="DESKTOP-JEE8QGE" TimeZone="(UTC-03:00) Brasília" OSName="Microsoft Windows 10 Home Single Language"/><Method>UpdateLastUpdatedConfig</Method><HostIP>192.168.0.15</HostIP></Exception> Error: (04/14/2017 07:25:29 PM) (Source: Dell System Detect) (EventID: 0) (User: ) Description: <Exception><Type>System.Xml.XmlException</Type><Message><![CDATA[O caractere '/', valor hexadecimal 0x2F, não pode ser incluído em um nome.]]></Message><Source><![CDATA[System.Xml]]></Source><StackTrace><![CDATA[ em System.Xml.XmlDocument.CheckName(String name) em System.Xml.XmlElement..ctor(XmlName name, Boolean empty, XmlDocument doc) em System.Xml.XmlDocument.CreateElement(String prefix, String localName, String namespaceURI) em System.Xml.XmlDocument.CreateElement(String name) em eSupport.Common.Client.Core.LastUpdatedHelper.SetLastUpdatedValue(String type, String value)]]></StackTrace><SysInfo STag="3WRZ1H2" SMBIOSMajVer="2" SMBIOSMinVer="8" SMBIOSBIOSVer="1.1.9" SMBIOSPresent="True" Rel_Date="20160425000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="Inspiron 5457" Ident_Num="DESKTOP-JEE8QGE" TimeZone="(UTC-03:00) Brasília" OSName="Microsoft Windows 10 Home Single Language"/><Method>UpdateLastUpdatedConfig</Method><HostIP>192.168.0.15</HostIP></Exception> Error: (04/14/2017 07:25:28 PM) (Source: Dell System Detect) (EventID: 0) (User: ) Description: <Exception><Type>System.Xml.XmlException</Type><Message><![CDATA[O caractere '/', valor hexadecimal 0x2F, não pode ser incluído em um nome.]]></Message><Source><![CDATA[System.Xml]]></Source><StackTrace><![CDATA[ em System.Xml.XmlDocument.CheckName(String name) em System.Xml.XmlElement..ctor(XmlName name, Boolean empty, XmlDocument doc) em System.Xml.XmlDocument.CreateElement(String prefix, String localName, String namespaceURI) em System.Xml.XmlDocument.CreateElement(String name) em eSupport.Common.Client.Core.LastUpdatedHelper.SetLastUpdatedValue(String type, String value)]]></StackTrace><SysInfo STag="3WRZ1H2" SMBIOSMajVer="2" SMBIOSMinVer="8" SMBIOSBIOSVer="1.1.9" SMBIOSPresent="True" Rel_Date="20160425000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="Inspiron 5457" Ident_Num="DESKTOP-JEE8QGE" TimeZone="(UTC-03:00) Brasília" OSName="Microsoft Windows 10 Home Single Language"/><Method>UpdateLastUpdatedConfig</Method><HostIP>192.168.0.15</HostIP></Exception> Error: (04/14/2017 07:06:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: SDUpdSvc.exe, versão: 2.5.44.79, carimbo de data/hora: 0x57e24e33 Nome do módulo com falha: rtl150.bpl, versão: 15.0.3953.35171, carimbo de data/hora: 0x4cca139f Código de exceção: 0xc0000005 Deslocamento da falha: 0x0000a116 ID do processo com falha: 0xfb0 Hora de início do aplicativo com falha: 0x01d2b4f2dc5fed70 Caminho do aplicativo com falha: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe Caminho do módulo com falha: C:\Program Files (x86)\Spybot - Search & Destroy 2\rtl150.bpl ID do Relatório: e9915b7f-bff7-4a1c-8e00-7ae2715b3ab3 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (04/14/2017 12:09:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddWin32ServiceFiles: Unable to back up image of service Razer Wizard Service since OpenService API failed System Error: O serviço especificado não existe como serviço instalado. . Error: (04/14/2017 09:12:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-JEE8QGE) Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais. Error: (04/14/2017 08:52:06 AM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: ) Description: [10] ERROR- Failed to create user process to collect profile from Service. Exception:System.Exception: ProcessUtilities->CreateUIProcessFromLocalSystem->An unhandled exception was caught spawning the process, the exception was: Can't create user process since no one logged in! WTSQueryUserToken() failed em utilities.ProcessHelper.CreateUIProcessFromLocalSystem(String in_strTarget, String in_strArguments, Boolean createOnlyForActiveUser, Boolean shouldHidden) em MailboxAgent.OSProfileCollector.collectProfiles() #StackInfo# Error: (04/14/2017 08:52:06 AM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: ) Description: [10] ERROR- ProcessUtilities.CreateUIProcessFromLocalSystem() exception:System.Exception: Can't create user process since no one logged in! WTSQueryUserToken() failed em utilities.ProcessHelper.CreateUIProcessFromLocalSystem(String in_strTarget, String in_strArguments, Boolean createOnlyForActiveUser, Boolean shouldHidden) #StackInfo# Error: (04/14/2017 06:52:06 AM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: ) Description: [10] ERROR- Failed to create user process to collect profile from Service. Exception:System.Exception: ProcessUtilities->CreateUIProcessFromLocalSystem->An unhandled exception was caught spawning the process, the exception was: Can't create user process since no one logged in! WTSQueryUserToken() failed em utilities.ProcessHelper.CreateUIProcessFromLocalSystem(String in_strTarget, String in_strArguments, Boolean createOnlyForActiveUser, Boolean shouldHidden) em MailboxAgent.OSProfileCollector.collectProfiles() #StackInfo# Erros de Sistema: ============= Error: (04/14/2017 07:30:45 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} e APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (04/14/2017 07:30:45 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} e APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} ao usuário AUTORIDADE NT\SERVIÇO LOCAL SID (S-1-5-19) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (04/14/2017 07:27:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço CldFlt devido ao seguinte erro: Não há suporte para o pedido. Error: (04/14/2017 07:25:41 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JEE8QGE) Description: O servidor {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} não se registrou no DCOM dentro do tempo limite necessário. Error: (04/14/2017 07:25:40 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JEE8QGE) Description: O servidor {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} não se registrou no DCOM dentro do tempo limite necessário. Error: (04/14/2017 07:03:26 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} e APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (04/14/2017 07:03:10 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} e APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (04/14/2017 05:29:29 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} e APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (04/14/2017 12:49:24 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} e APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (04/14/2017 12:48:48 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} e APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz Percentagem de memória em uso: 25% RAM física total: 16275.82 MB RAM física disponível: 12203.18 MB Virtual Total: 19219.82 MB Virtual disponível: 15016.77 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:918.55 GB) (Free:806.16 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: B4C0C1FE) Partition: GPT. ==================== Fim de Addition.txt ============================ [/QUOTE]
Insert quotes…
Verification
Post reply
Top
